function _coder_security_post_get_request_filter_warning in Coder 6.2
1 string reference to '_coder_security_post_get_request_filter_warning'
- coder_security_reviews in includes/
coder_security.inc - Implementation of hook_reviews().
File
- includes/
coder_security.inc, line 581 - This include file implements coder functionality for Drupal Standards.
Code
function _coder_security_post_get_request_filter_warning() {
return array(
'#warning' => t('Potential problem: use the Form API to prevent against CSRF attacks. If you need to use $_POST variables, ensure they are fully sanitized if displayed by using !check_plain(), !filter_xss() or similar.', array(
'!check_plain' => theme('drupalapi', 'check_plain'),
'!filter_xss' => theme('drupalapi', 'filter_xss'),
)),
'#link' => 'http://drupal.org/node/178896',
);
}