Answer the question
In order to leave comments, you need to log in
How to safely output {$smarty.get.sort} via smarty?
A parameter is passed to GET, let's say sort. How to safely withdraw through smarty {$smarty.get.sort}
?
Answer the question
In order to leave comments, you need to log in
If you don't have an explicit type for this variable, it's dangerous. If there is a rigid typing, then there should be no questions about safe.
In the code, check either is_int and others or with a type ghost ( int ) $_GET['sort'];
in smarty this is {if $smarty.get.sort|is_int} TRUE {/if}
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question