Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Facebook App ID Sanitization #96

Closed
zanematthew opened this issue Mar 17, 2015 · 0 comments
Closed

Facebook App ID Sanitization #96

zanematthew opened this issue Mar 17, 2015 · 0 comments
Assignees
Labels
bug
Milestone

Comments

@zanematthew
Copy link
Owner

@zanematthew zanematthew commented Mar 17, 2015

Reported via email:

First of all, there is a bug in the Facebook App ID sanitization:
By casting the entered App ID as Integer you are limiting the App ID to numbers below >2147483647+1 (maximum Int value on 32bit systems). That results in every App ID > >2147483647 being saved as 2147483647 and therefore Facebook Connect will fail.

The following needs to be done:

  1. The app id as seen in the markup needs quote wrapped around it. Without quotes when you enter a app id that has letters and numbers you'll see a JS error.
  2. The facebook sanitize needs to allow for numbers and letters only. You can probably just use the WordPress function esc_attr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.