nf_field_textarea_pre_process

Make sure we strip nested script tags from our values.

Description

nf_field_textarea_pre_process( $field_id, $user_value ); 

Parameters (2)

0. $field_id
The field id.
1. $user_value
The user value.

Usage

  1. if ( !function_exists( 'nf_field_textarea_pre_process' ) ) { 
  2. require_once ABSPATH . PLUGINDIR . 'ninja-forms/deprecated/includes/fields/textarea.php'; 
  3.  
  4. // The field id. 
  5. $field_id = null; 
  6.  
  7. // The user value. 
  8. $user_value = null; 
  9.  
  10. // NOTICE! Understand what this does before running. 
  11. $result = nf_field_textarea_pre_process($field_id, $user_value); 
  12.  

Defined (1)

The function is defined in the following location(s).

/deprecated/includes/fields/textarea.php  
  1. function nf_field_textarea_pre_process( $field_id, $user_value ) { 
  2. global $ninja_forms_processing; 
  3.  
  4. if( is_string( $user_value ) ) { 
  5. while (false !== strpos($user_value, '<script') 
  6. || false !== strpos($user_value, '<script') 
  7. || false !== strpos($user_value, '</script') 
  8. || false !== strpos($user_value, '</script') 
  9. || false !== strpos($user_value, '<textarea') 
  10. || false !== strpos($user_value, '<textarea') 
  11. || false !== strpos($user_value, '</textarea') 
  12. || false !== strpos($user_value, '</textarea') 
  13. ) { 
  14.  
  15. $user_value = str_replace('<script', '', $user_value); 
  16. $user_value = str_replace('<script', '', $user_value); 
  17. $user_value = str_replace('</script', '', $user_value); 
  18. $user_value = str_replace('</script', '', $user_value); 
  19.  
  20. $user_value = str_replace('<textarea', '', $user_value); 
  21. $user_value = str_replace('<textarea', '', $user_value); 
  22. $user_value = str_replace('</textarea', '', $user_value); 
  23. $user_value = str_replace('</textarea', '', $user_value); 
  24.  
  25. $ninja_forms_processing->update_field_value( $field_id, $user_value );