buddypress

mirror of https://gh.wpcy.net/https://github.com/buddypress/buddypress.git synced 2026-05-31 05:04:29 +08:00

History

Boone B Gorges 094ef178e5 Sanitize more gently in component *_update_meta() functions Previous sanitization techniques resulted in double-sanitization. Recent changes in how WP's SQL sanitization routines work have surfaced this problem, in particular as regards line breaks. By removing the extraneous call to esc_sql(), we ensure that line breaks are preserved, and sanitization is left to $wpdb->prepare(). Change applied in update_meta() functions through bp-groups, bp-activity, and bp-xprofile. Also adds corresponding unit tests. Fixes #5180 git-svn-id: https://buddypress.svn.wordpress.org/trunk@7469 cdf35c40-ae34-48e0-9cc9-0c9da1808c22	2013-10-23 18:47:16 +00:00
..
class-bp-xprofile-field.php	Respect can_delete setting when saving profile field	2013-10-11 18:36:03 +00:00
functions.php	Sanitize more gently in component *_update_meta() functions	2013-10-23 18:47:16 +00:00

Boone B Gorges 094ef178e5 Sanitize more gently in component *_update_meta() functions

Previous sanitization techniques resulted in double-sanitization. Recent
changes in how WP's SQL sanitization routines work have surfaced this problem,
in particular as regards line breaks. By removing the extraneous call to
esc_sql(), we ensure that line breaks are preserved, and sanitization is left
to $wpdb->prepare().

Change applied in update_meta() functions through bp-groups, bp-activity, and
bp-xprofile. Also adds corresponding unit tests.

Fixes #5180

git-svn-id: https://buddypress.svn.wordpress.org/trunk@7469 cdf35c40-ae34-48e0-9cc9-0c9da1808c22

2013-10-23 18:47:16 +00:00

class-bp-xprofile-field.php

Respect can_delete setting when saving profile field

2013-10-11 18:36:03 +00:00

functions.php

Sanitize more gently in component *_update_meta() functions

2013-10-23 18:47:16 +00:00

菲码源库

快速导航

产品服务

生态伙伴