Follow us on

Codestar Support Forum » WordPress Plugins » Codestar Framework

sanitization issue


  1. abdulawal

    Please see the secret message section

    Posted 2 years ago #

  2. Codestar
    Admin

    Hi,

    Welcome to support forum and thanks for purchasing.

    wp_kses_post_deep makes deep array sanitize. why it's not correct way ? for eg. I understand it is a sanitize method from here: https://developer.wordpress.org/reference/functions/wp_kses_post_deep/ shortly this function makes array_map, array_walk both already. If you have better idea, I can try to implement. Actually no body report this issue before, some popular plugin using it on wordpress.org

    https://tr.wordpress.org/plugins/speed-booster-pack/
    https://tr.wordpress.org/plugins/wp-ulike/

    The $options variable doesn't save directly. It extracts and sanitizes here $data[$field_id] = wp_kses_post_deep( $field_value ); as you know.

    The $transient is not a data progress. No needed sanitize.

    Btw, If you share to reviewer message, we can understand clearly, where is the issue. You know this subject on Envato. Some people/reviewer think own thoughts is correct always. We must explain the subject clearly. maybe I am wrong

    Regards, Codestar

    Posted 2 years ago #

  3. abdulawal

    Posted 2 years ago #

  4. Codestar
    Admin

    Hi,

    Yes, Let's wait what happen, write to me if any problem again.

    Regards, Codestar

    Posted 2 years ago #

  5. abdulawal

    Hi,
    Just FYI, I got it approved finally without any changes.

    Thank You

    Posted 2 years ago #

  6. Codestar
    Admin

    Hi,

    Oh nice news The reviewers doesn't checking it detailed. There is a comment "XSS ok, see below line number bla bla". but they only find all files as "$_POST, $_GET" and reject immediately. Ok nevermind.

    Thanks for return back

    Have a nice day.
    Regards, Codestar

    Posted 2 years ago #

  7. abdulawal

    Hi,
    Got a question, We're using the pro version of codestar framework. We had only premium version previously & now released a free version of the same plugin as well. Do we need 2 license for free and premium version or one is good?

    Thank You

    Posted 2 years ago #

  8. Codestar
    Admin

    Hi,

    One license purchasing is enough for all of free & premium projects. But more purchases motives me for develop (more features) the framework It's optional, no compulsion. I hope you understood me.

    Regards, Codestar

    Posted 2 years ago #

  9. abdulawal

    Great! I love the framework, it made life much easier. I have more plugins to release in the pipeline. Will purchase more licenses soon. Thank you so much for all the hard work you put in development of the framework.

    Posted 2 years ago #

  10. Codestar
    Admin

    Hi,

    Sounds good and thanks for nice words, I get motivated.

    Have a nice day,
    Regards, Codestar

    Posted 2 years ago #