I'm new to elgg and double if there is necessary to clean every text input by htmlentities() and mysql_real_escape_string().And,in get_input(),elgg read var from $_REQUEST rather than $_POST,is it safe?
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.