• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 2.0 How to secure fetch $_POST when $this->filter does not exist?

Marcus

Well-known member
#1
Currently I grab the content_id perfectly like this in XF\Spam\Checker\SpamPhrases which looks a bit funny but is the most straight forward way I could achieve:
PHP:
$contentId = array_values(json_decode($_POST['attachment_hash_combined'],true)['context'])[0]
But it is usually a good idea to not directly work with POST and GET, I tried to directly go to the XF filter but it did not really work out.
 

Chris D

XenForo developer
Staff member
#2
PHP:
$inputFilterer = \XF::app()->inputFilterer();
$hashCombined = $inputFilterer->filter('attachment_hash_combined', 'json-array');