my reviewer commenting but i don't understand.

my online script link is: https://salon.hnaxes.com, i have to submitted and codecanyon soft rejected with this comment and i don’t understand what it means…! comment bellow. can any one please explain? thanks in advance.
comment:
Data Validation issues have been found. Do a global search for “echo $”.
All dynamic data must be correctly escaped for the context where it is rendered.

https://forums.envato.com/search?q=Data%20Validation%20issues

thank you so much for reply, i just need confirmation like this i need to do?
echo html_entity_decode($mydata);
or
echo htmlentities($mydata, ENT_QUOTES, ‘UTF-8’);

??

you should validate and escape all data before render. To escape the output you can use the PHP function htmlentities().
echo htmlentities($mydata, ENT_QUOTES, ‘UTF-8’);

1 Like