Skip to:: Content

BuddyPress.org

Context Navigation

Back to Ticket #5694

Ticket #5694: 5694.patch

File 5694.patch, 1.0 KB (added by imath, 12 years ago)

src/bp-members/bp-members-template.php

diff --git src/bp-members/bp-members-template.php src/bp-members/bp-members-template.php
index 16bb997..9024586 100644

  function bp_has_members( $args = '' ) {
         // Pass a filter if ?s= is set.
         if ( is_null( $search_terms ) ) {
                 if ( !empty( $_REQUEST['s'] ) )
                         $search_terms = $_REQUEST['s'];
+                        $search_terms = esc_html( $_REQUEST['s'] );
                 else
                         $search_terms = false;
+        }

src/bp-templates/bp-legacy/js/buddypress.js

diff --git src/bp-templates/bp-legacy/js/buddypress.js src/bp-templates/bp-legacy/js/buddypress.js
index 63eb97f..0327a31 100644

  function bp_filter_request( object, filter, scope, target, search_terms, page, e
                 search_terms = bp_get_querystring('s');
+        }
+        // "JS sanitize" search terms
+        if ( search_terms.length ) {
+                search_terms = escape( search_terms.split( '&' ).join( '&amp;' ) );
+        }
         if ( null === scope ) {
                 scope = 'all';
+        }

Trac UI Preferences

Download in other formats:

Original Format