[buddypress-trac] [BuddyPress] #5180: groups_update_groupmeta() mangles line breaks
buddypress-trac
noreply at wordpress.org
Fri Sep 20 10:45:53 UTC 2013
#5180: groups_update_groupmeta() mangles line breaks
--------------------------+-----------------------------
Reporter: rogercoathup | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Core | Version: 1.8.1
Severity: normal | Keywords:
--------------------------+-----------------------------
In wp3.6.1:
Attempting to store text with line breaks using groups_update_groupmeta()
results in the line breaks being removed and replaced with 'rn'.
This is caused by the esc_sql call in lines 1047-1048 of bp-groups-
functions.php:
if ( is_string( $meta_value ) )
$meta_value = stripslashes( esc_sql( $meta_value ) );
Which is removing slashes before the r and n, and hence destroying the
line breaks.
To Fix:
groups_update_groupmeta should be reworked to use the same stripping
function as WordPress's update_metadata -
Replace 1047-1048 with:
$meta_value = wp_unslash($meta_value);
$meta_value = sanitize_meta( $meta_key, $meta_value, 'group' );
Note: sanitize_meta just applies any filters that have been defined on the
type (group) and the specific meta_key.
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/5180>
BuddyPress <http://buddypress.org/>
BuddyPress
More information about the buddypress-trac
mailing list