3rd Party (Free)
2 downloads (last 90 days)
EE Version Support
- ExpressionEngine 2
If an item is crossed out, it might be untested, not applicable or incompatible. Contact the developer to be sure.
- Multi Site Manager
- Stand Alone Entry Form
- Low Variables
- Content Elements
- Better Workflow
- jQuery for the Control Panel
Provides variable escaping for SQL or HTML output
As a website developer, you ought to know that security is always important. ExpressionEngine automatically checks user input for certain attack characteristics but this is not always enough. As it is designed for use within a wide range of situations, it is impossible to plan the security for every website and every situation. If you watch your server logs for very long, you will see a bot attempting to exploit any and every possible hole on your site.
Suppose that you need to look up entries by week. You pass the date as a URL segment to your template and utilize the Query module, right? What happens when a bot comes along and inserts a quote mark in the middle of your date segment? That is where this little plugin comes in.
We offer you the ability to pull URL segments and escape them for use in SQL queries or HTML. Additionally, you can pull data from the GET, POST, COOKIE, SERVER, and ENV variables. You can provide a default value (for when there is no user input) or validate what has been entered. Check the documentation for examples.
|EE Support||Downloads||Add-On Version||Release Date|
This entry was created July 18, 2012, 3:12 pm.
This entry was last updated July 18, 2012, 10:15 am.
Disclaimer: Information about ExpressionEngine add-ons is provided as a service to you, the user, and every member of the ExpressionEngine community. devot:ee is not responsible if you hose, mangle, wreck, or otherwise destroy your EE website by installing an add-on that you found out about at this site, regardless of its rating, Favorites status, commercial or free status, or general popularity. Caveat EEmptor!
Returns: devot:ee has a 30-day return policy on all commercial add-ons sold through devot-ee.com. If you need to return an add-on, do not go to the developer or the developer's site, but rather visit our returns page at https://devot-ee.com/returns to initiate your return. If you have questions, email email@example.com.
There are no reviews for this add-on yet.
What are you waiting for? Rate it and review it!