Security issues and checking of data

This topic contains 6 replies, has 3 voices, and was last updated by  Alex Rollin 4 years, 7 months ago.

We have moved to a support ticketing system and our forums are now closed.

Open Support Ticket
  • Author
    Posts
  • August 11, 2019 at 4:09 pm #502570

    Matthias Schmieder
    Full Member
    Post count: 94

    Hello together,
    if you enter a new listing then you enter in every text field or text area <script> </script> Coding and also Links.
    Is it possible to supress this tags? Because there could be destructive scipts entered by this way.
    When I enter a phone number, there is no checking routine if only numbers and some special characters are entered. Is it possible to enter a check routine for these fields?

    Kind regards
    Georg

    August 11, 2019 at 4:10 pm #502571

    Matthias Schmieder
    Full Member
    Post count: 94

    Also HTML Code can be added.

    August 11, 2019 at 9:58 pm #502596

    Alex Rollin
    Moderator
    Post count: 27815

    Text and phone fields can have validation rules, as explained here:
    https://wpgeodirectory.com/docs-v2/places/custom/#validation

    Textareas are designed to accept HTML, and with the “Embed media” advanced option can also be used to execute shortcodes.

    If you do not want users to insert HTML or shortcodes, do not use those options or field types.

    August 19, 2019 at 9:46 am #503639

    Matthias Schmieder
    Full Member
    Post count: 94

    Hi Alex,
    thank you for the hint for data validation, great.
    On the other hand what we see is that e.g. script coding is accepted in pure text fields. Please see the attached files. Can you please check.
    Thank you for your reply.
    Kind regards
    Georg

    September 6, 2019 at 1:43 pm #506761

    Kiran
    Moderator
    Post count: 7069

    Hi Matthias,

    This has been already fixed and it will be in next release.

    Thanks for spotting.

    Kiran

    September 7, 2019 at 1:13 pm #506901

    Matthias Schmieder
    Full Member
    Post count: 94
    This reply has been marked as private.
    September 9, 2019 at 8:25 am #507131

    Alex Rollin
    Moderator
    Post count: 27815
    This reply has been marked as private.
  • Author
    Posts
Viewing 7 posts - 1 through 7 (of 7 total)

We have moved to a support ticketing system and our forums are now closed.

Open Support Ticket