[wp-hackers] Security: Using slugs as ID

Ryan Frankel ryan.frankel at gmail.com
Thu Dec 8 17:56:17 UTC 2011

In one of my plugins I use a term slug as part of the ID for a link and I have run into an issue with Crylic characters.  It seems when Crylic is used the slug gets outputted in some encoded form.  

I am wondering if there is any reason that it wouldn't be safe to do:

------> $post_category_slug = urldecode($term->slug);

This fixes my issue with the Crylic characters.


More information about the wp-hackers mailing list