XF 2.0 How to secure fetch $_POST when $this->filter does not exist?

Marcus

Marcus

Well-known member
Currently I grab the content_id perfectly like this in XF\Spam\Checker\SpamPhrases which looks a bit funny but is the most straight forward way I could achieve:
PHP: 
$contentId = array_values(json_decode($_POST['attachment_hash_combined'],true)['context'])[0]

But it is usually a good idea to not directly work with POST and GET, I tried to directly go to the XF filter but it did not really work out.
 
PHP: 
$inputFilterer = \XF::app()->inputFilterer();
$hashCombined = $inputFilterer->filter('attachment_hash_combined', 'json-array');
 
You must log in or register to reply here.
Top Bottom