[buddypress-trac] [BuddyPress] #5180: groups_update_groupmeta() mangles line breaks
buddypress-trac
noreply at wordpress.org
Wed Oct 23 18:47:17 UTC 2013
#5180: groups_update_groupmeta() mangles line breaks
--------------------------+---------------------------
Reporter: rogercoathup | Owner: boonebgorges
Type: defect (bug) | Status: closed
Priority: high | Milestone: 1.9
Component: Core | Version: 1.8.1
Severity: normal | Resolution: fixed
Keywords: has-patch |
--------------------------+---------------------------
Changes (by boonebgorges):
* owner: => boonebgorges
* status: new => closed
* resolution: => fixed
Comment:
In [changeset:"7469"]:
{{{
#!CommitTicketReference repository="" revision="7469"
Sanitize more gently in component *_update_meta() functions
Previous sanitization techniques resulted in double-sanitization. Recent
changes in how WP's SQL sanitization routines work have surfaced this
problem,
in particular as regards line breaks. By removing the extraneous call to
esc_sql(), we ensure that line breaks are preserved, and sanitization is
left
to $wpdb->prepare().
Change applied in update_meta() functions through bp-groups, bp-activity,
and
bp-xprofile. Also adds corresponding unit tests.
Fixes #5180
}}}
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/5180#comment:4>
BuddyPress <http://buddypress.org/>
BuddyPress
More information about the buddypress-trac
mailing list