Ticket #1728: 1728.004.diff
File 1728.004.diff, 4.4 KB (added by , 14 years ago) |
---|
-
bp-activity.php
172 172 if ( is_user_logged_in() ) 173 173 bp_core_redirect( $bp->loggedin_user->domain ); 174 174 else 175 bp_core_redirect( site_url( 'wp-login.php?redirect_to=' . clean_url( $bp->root_domain . '/' . $bp->activity->slug . '/p/' . $bp->current_action ) ) );175 bp_core_redirect( site_url( 'wp-login.php?redirect_to=' . esc_url( $bp->root_domain . '/' . $bp->activity->slug . '/p/' . $bp->current_action ) ) ); 176 176 } 177 177 178 178 bp_core_load_template( apply_filters( 'bp_activity_template_profile_activity_permalink', 'members/single/activity/permalink' ) ); -
bp-core/bp-core-signup.php
531 531 532 532 function bp_core_signup_send_validation_email( $user_id, $user_email, $key ) { 533 533 $activate_url = bp_get_activation_page() ."?key=$key"; 534 $activate_url = clean_url( $activate_url );534 $activate_url = esc_url( $activate_url ); 535 535 $admin_email = get_site_option( "admin_email" ); 536 536 537 537 if ( empty( $admin_email ) ) -
bp-core/bp-core-filters.php
174 174 175 175 // Send email with activation link. 176 176 $activate_url = bp_get_activation_page() ."?key=$key"; 177 $activate_url = clean_url($activate_url);177 $activate_url = esc_url($activate_url); 178 178 179 179 $admin_email = get_site_option( "admin_email" ); 180 180 … … 183 183 184 184 $from_name = ( '' == get_site_option( "site_name" ) ) ? 'WordPress' : wp_specialchars( get_site_option( "site_name" ) ); 185 185 $message_headers = "MIME-Version: 1.0\n" . "From: \"{$from_name}\" <{$admin_email}>\n" . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n"; 186 $message = sprintf(__("Thanks for registering! To complete the activation of your account and blog, please click the following link:\n\n%1$s\n\n\n\nAfter you activate, you can visit your blog here:\n\n%2$s", 'buddypress' ), $activate_url, clean_url("http://{$domain}{$path}" ) );187 $subject = '[' . $from_name . '] ' . sprintf(__('Activate %s', 'buddypress' ), clean_url('http://' . $domain . $path));186 $message = sprintf(__("Thanks for registering! To complete the activation of your account and blog, please click the following link:\n\n%1$s\n\n\n\nAfter you activate, you can visit your blog here:\n\n%2$s", 'buddypress' ), $activate_url, esc_url("http://{$domain}{$path}" ) ); 187 $subject = '[' . $from_name . '] ' . sprintf(__('Activate %s', 'buddypress' ), esc_url('http://' . $domain . $path)); 188 188 189 189 /* Send the message */ 190 190 $to = apply_filters( 'bp_core_activation_signup_blog_notification_to', $user_email ); … … 203 203 global $current_site; 204 204 205 205 $activate_url = bp_get_activation_page() ."?key=$key"; 206 $activate_url = clean_url($activate_url);206 $activate_url = esc_url($activate_url); 207 207 $admin_email = get_site_option( "admin_email" ); 208 208 209 209 if ( empty( $admin_email ) ) … … 215 215 216 216 $from_name = ( '' == get_site_option( "site_name" ) ) ? 'WordPress' : wp_specialchars( get_site_option( "site_name" ) ); 217 217 $message_headers = "MIME-Version: 1.0\n" . "From: \"{$from_name}\" <{$admin_email}>\n" . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n"; 218 $message = sprintf( __( "Thanks for registering! To complete the activation of your account please click the following link:\n\n%s\n\n", 'buddypress' ), $activate_url . $email, clean_url("http://{$domain}{$path}" ) );218 $message = sprintf( __( "Thanks for registering! To complete the activation of your account please click the following link:\n\n%s\n\n", 'buddypress' ), $activate_url . $email, esc_url("http://{$domain}{$path}" ) ); 219 219 $subject = '[' . $from_name . '] ' . __( 'Activate Your Account', 'buddypress' ); 220 220 221 221 /* Send the message */ -
bp-core/bp-core-catchuri.php
45 45 if ( strpos( $_SERVER['REQUEST_URI'], 'wp-load.php' ) ) 46 46 $path = bp_core_referrer(); 47 47 else 48 $path = clean_url( $_SERVER['REQUEST_URI'] );48 $path = esc_url( $_SERVER['REQUEST_URI'] ); 49 49 50 50 $path = apply_filters( 'bp_uri', $path ); 51 51