[buddypress-trac] [BuddyPress] #1551: 's' search term breaks groups search

buddypress-trac at lists.automattic.com buddypress-trac at lists.automattic.com
Mon Jan 11 03:29:39 UTC 2010 

#1551: 's' search term breaks groups search
----------------------------------+-----------------------------------------
Reporter:  dpolant                |       Owner:     
    Type:  defect                 |      Status:  new
Priority:  major                  |   Milestone:  1.2
Keywords:  letter, group, search  |  
----------------------------------+-----------------------------------------

Comment(by dpolant):

 Changing the search_groups method as shown below solved this problem for
 me. I had to take out $wpdb->prepare(), but I think it is still secure
 code because of $wpdb->escape on the $filter variable. Essentially it
 mirrors the search_users method found in bp-core-classes.

 {{{
 function search_groups( $filter, $limit = null, $page = null, $sort_by =
 false, $order = false ) {
                 global $wpdb, $bp;

                 $filter = like_escape( $wpdb->escape( $filter ) );

                 if ( $limit && $page )
                         $pag_sql = $wpdb->prepare( " LIMIT %d, %d",
 intval( ( $page - 1 ) * $limit), intval( $limit ) );

                 if ( $sort_by && $order ) {
                         $sort_by = $wpdb->escape( $sort_by );
                         $order = $wpdb->escape( $order );
                         $order_sql = "ORDER BY $sort_by $order";
                 }

                 if ( !is_site_admin() )
                         $hidden_sql = "AND status != 'hidden'";

                 $paged_groups_sql = apply_filters(
 'bp_groups_search_groups_paged_sql', "SELECT id as group_id FROM
 {$bp->groups->table_name} WHERE ( name LIKE '%%$filter%%' OR description
 LIKE '%%$filter%%' ) {$hidden_sql} {$order_sql} {$pag_sql}", $filter );
                 $total_groups_sql = apply_filters(
 'bp_groups_search_groups_total_sql', "SELECT COUNT(id) FROM
 {$bp->groups->table_name} WHERE ( name LIKE '%%$filter%%' OR description
 LIKE '%%$filter%%' ) {$hidden_sql}", $filter );

                 $paged_groups = $wpdb->get_results( $paged_groups_sql );
                 $total_groups = $wpdb->get_var( $total_groups_sql );

                 return array( 'groups' => $paged_groups, 'total' =>
 $total_groups );
         }
 }}}

 Does everyone agree that this is secure enough?

-- 
Ticket URL: <http://trac.buddypress.org/ticket/1551#comment:1>
BuddyPress <http://buddypress.org/>
BuddyPress

More information about the buddypress-trac mailing list