Home › Forums › Bug Reports › ACF_Form() Security Issues › Reply To: ACF_Form() Security Issues
I can tell you how I worked around this issue.
The docs for acf_form have you add a function called acf_form_head() right before the get_header() function on pages where you want to use acf_form().
Instead of adding that function, I added my own variant of acf_form_head(). In my variant, it doesn’t use that base_64 encoded string to figure out the settings. Instead I have a hard-coded array with the setting that I want to enforce with this form.
Here is some example code that might get you started:
I hope this helps you in the meantime while this hopefully gets resolved more officially in a future ACF update.
Welcome to the Advanced Custom Fields community forum.
Browse through ideas, snippets of code, questions and answers between fellow ACF users
Helping others is a great way to earn karma, gain badges and help ACF development!
The most recent ACF Chat Friday featured a live demo of how to register CPTs directly in the plugin, one of our most requested features. Check out the summary below for a replay of the demo, and don’t forget to register for the next session! https://t.co/k2KQ3WWBAz— Advanced Custom Fields (@wp_acf) March 9, 2023
© 2023 Advanced Custom Fields.