PHP 8.1: FILTER_SANITIZE_STRING is deprecated, use htmlspecialchars() instead

[redflitzi]

This filter is being used in admin/inc/security_functions.php, function var_out($var, $filter = "special").

To avoid using (and even mentioning) it, my suggestion for a small change inside the function:
Omit key "string" in $aryFilter, and in this case, go to htmlspecialchars() instead.
admin/inc/security_functions.php (lines 315 - 329):

       if(function_exists( "filter_var") && ($filter !== "string" )){
		$aryFilter = array(
			"int"     => FILTER_SANITIZE_NUMBER_INT,
			"float"   => FILTER_SANITIZE_NUMBER_FLOAT,
			"url"     => FILTER_SANITIZE_URL,
			"email"   => FILTER_SANITIZE_EMAIL,
			"special" => FILTER_SANITIZE_SPECIAL_CHARS,
			"full"    => FILTER_SANITIZE_FULL_SPECIAL_CHARS
		);
		if(isset($aryFilter[$filter])) return filter_var( $var, $aryFilter[$filter]);
		return filter_var( $var, FILTER_SANITIZE_SPECIAL_CHARS);
	}
	else if ($filter === "string") {
		return htmlspecialchars($var);
	}
	else {
		return htmlentities($var);
	}

See also https://www.php.net/manual/en/filter.filters.sanitize.php