[buddypress-trac] [BuddyPress Trac] #8316: Multisite: Marking a user as a spammer can unintentionally mark legitimate sites as spam as well
buddypress-trac
noreply at wordpress.org
Fri Jun 12 21:24:56 UTC 2020
#8316: Multisite: Marking a user as a spammer can unintentionally mark legitimate
sites as spam as well
--------------------------+-----------------------
Reporter: r-a-y | Owner: (none)
Type: defect (bug) | Status: new
Priority: high | Milestone: 6.1.0
Component: Members | Version: 1.6
Severity: major | Keywords: has-patch
--------------------------+-----------------------
The problem occurs in `bp_core_process_spammer_status()`.
The call to fetch a user's sites via `get_blogs_of_user()` doesn't take
into account whether other users might be an administrator of the site.
If the site has more than one admin, we shouldn't mark the site as spam
since the site might be active.
----
Attached patch includes a fix and unit test.
I opted to replace the call to `get_blogs_of_user()` with a lighter
version that doesn't pull up the site object for each site. This logic is
pulled from `get_blogs_of_user()`:
https://github.com/WordPress/WordPress/blob/5.4-branch/wp-
includes/user.php#L654-L669.
To determine if the site has more than one admin, I'm using
`count_users()`.
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/8316>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list