Sanitize user input to prevent SQL Injection
Permalink
I am using form helper class to make a form for block admin interface.
But I am not sure whether user input in the textarea or text field will be sanitized automatically by form helper to prevent SQL Injection.
Thank you very much.
But I am not sure whether user input in the textarea or text field will be sanitized automatically by form helper to prevent SQL Injection.
Thank you very much.
not by default as far as I can see.
E.g. take a look at the concrete/single_pages/register and the related controller concrete/controllers/register.
This should be a good start, how to validate user inputs.
Regards
Ron