Ticket #5742: 5742.02.patch

bp-xprofile/bp-xprofile-classes.php

@@ -1097 +1097 @@
 
                 $this->user_id      = apply_filters( 'xprofile_data_user_id_before_save',      $this->user_id,         $this->id );
                 $this->field_id     = apply_filters( 'xprofile_data_field_id_before_save',     $this->field_id,        $this->id );
-                $this->value        = apply_filters( 'xprofile_data_value_before_save',        $this->value,           $this->id );
+                $this->value        = apply_filters( 'xprofile_data_value_before_save',        $this->value,           $this->id, true, $this );
                 $this->last_updated = apply_filters( 'xprofile_data_last_updated_before_save', bp_core_current_time(), $this->id );
 
                 do_action_ref_array( 'xprofile_data_before_save', array( $this ) );

bp-xprofile/bp-xprofile-filters.php

@@ -51 +51 @@
 add_filter( 'xprofile_get_field_data',                  'stripslashes' );
 add_filter( 'xprofile_get_field_data',                  'xprofile_filter_format_field_value_by_field_id', 5, 2 );
 
-add_filter( 'xprofile_data_value_before_save',          'xprofile_sanitize_data_value_before_save', 1, 2 );
+add_filter( 'xprofile_data_value_before_save',          'xprofile_sanitize_data_value_before_save', 1, 4 );
 add_filter( 'xprofile_filtered_data_value_before_save', 'trim', 2 );
 
 /**
@@ -60 +60 @@
  * Run profile field values through kses with filterable allowed tags.
  *
  * @param string $content
+ * @param object $data_obj The BP_XProfile_ProfileData object
  * @return string $content
  */
-function xprofile_filter_kses( $content ) {
+function xprofile_filter_kses( $content, $data_obj = null ) {
         global $allowedtags;
 
         $xprofile_allowedtags             = $allowedtags;
         $xprofile_allowedtags['a']['rel'] = array();
 
-        $xprofile_allowedtags = apply_filters( 'xprofile_allowed_tags', $xprofile_allowedtags );
+        $xprofile_allowedtags = apply_filters( 'xprofile_allowed_tags', $xprofile_allowedtags, $data_obj );
         return wp_kses( $content, $xprofile_allowedtags );
 }
 
@@ -78 +79 @@
  * @param string $field_value
  * @param int $field_id
  * @param bool $reserialize Whether to reserialize arrays before returning. Defaults to true
+ * @param object $data_obj The BP_XProfile_ProfileData object
  * @return string
  */
-function xprofile_sanitize_data_value_before_save( $field_value, $field_id = 0, $reserialize = true ) {
+function xprofile_sanitize_data_value_before_save( $field_value, $field_id = 0, $reserialize = true, $data_obj = null ) {
 
         // Return if empty
         if ( empty( $field_value ) ) {
@@ -92 +94 @@
 
         // Filter single value
         if ( !is_array( $field_value ) ) {
-                $kses_field_value     = xprofile_filter_kses( $field_value );
+                $kses_field_value     = xprofile_filter_kses( $field_value, $data_obj );
                 $filtered_field_value = wp_rel_nofollow( force_balance_tags( $kses_field_value ) );
-                $filtered_field_value = apply_filters( 'xprofile_filtered_data_value_before_save', $filtered_field_value, $field_value );
+                $filtered_field_value = apply_filters( 'xprofile_filtered_data_value_before_save', $filtered_field_value, $field_value, $data_obj );
 
         // Filter each array item independently
         } else {
                 $filtered_values = array();
                 foreach ( (array) $field_value as $value ) {
-                        $kses_field_value       = xprofile_filter_kses( $value );
+                        $kses_field_value       = xprofile_filter_kses( $value, $data_obj );
                         $filtered_value         = wp_rel_nofollow( force_balance_tags( $kses_field_value ) );
-                        $filtered_values[] = apply_filters( 'xprofile_filtered_data_value_before_save', $filtered_value, $value );
+                        $filtered_values[] = apply_filters( 'xprofile_filtered_data_value_before_save', $filtered_value, $value, $data_obj );
 
                 }