When callable string (e.g. PHP built-in function names, Laravel helper function names, etc) in database, and that string shows in edit form (like /cms/users/1/edit), that string called as function unintentionally.
This behavior may be slightly vulnerable.
PR fixes this behavior, but I don't know if this method is appropriate.
When callable string (e.g. PHP built-in function names, Laravel helper function names, etc) in database, and that string shows in edit form (like /cms/users/1/edit), that string called as function unintentionally.
This behavior may be slightly vulnerable.
PR fixes this behavior, but I don't know if this method is appropriate.
Related #46