I submitted a plugin to wordpress and I got a feedback that I have to escape this one
$active_tab = isset( $_GET[ 'tab' ] ) ? $_GET[ 'tab' ] : 'front_page_options';
If I do like
$get_the_param = esc_html($_GET[ 'tab' ] );
$active_tab = isset( $get_the_param ) ? $get_the_param : 'front_page_options';
Seems to work but as isset ( Cannot use isset() on the result of an expression )
as $_GET is not set it will throw a notice? What can be the possible solution?
Thanks
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
The proper way to do that is using filter_input(). Here is an example for using a custom sanitize function:
$tab = filter_input(
INPUT_GET,
'tab',
FILTER_CALLBACK,
['options' => 'esc_html']
);
$tab = $tab ?: 'front_page_options';
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0