Changeset 10394 for trunk/src/bp-groups/bp-groups-admin.php

Timestamp:

12/03/2015 04:51:24 PM (10 years ago)

Author:

djpaul

Message:

Groups: properly escape the action status message on the wp-admin management screen.

Props vnd

File:

• trunk/src/bp-groups/bp-groups-admin.php (modified) (1 diff)

trunk/src/bp-groups/bp-groups-admin.php

@@ -524 +524 @@
 
         if ( ! empty( $error_new ) ) {
-            $messages[] = sprintf( __( 'The following users could not be added to the group: %s', 'buddypress' ), '<em>' . implode( ', ', $error_new ) . '</em>' );
+            $messages[] = sprintf( __( 'The following users could not be added to the group: %s', 'buddypress' ), '<em>' . esc_html( implode( ', ', $error_new ) ) . '</em>' );
         }
 
         if ( ! empty( $success_new ) ) {
-            $messages[] = sprintf( __( 'The following users were successfully added to the group: %s', 'buddypress' ), '<em>' . implode( ', ', $success_new ) . '</em>' );
+            $messages[] = sprintf( __( 'The following users were successfully added to the group: %s', 'buddypress' ), '<em>' . esc_html( implode( ', ', $success_new ) ) . '</em>' );
         }
 
         if ( ! empty( $error_modified ) ) {
             $error_modified = bp_groups_admin_get_usernames_from_ids( $error_modified );
-            $messages[] = sprintf( __( 'An error occurred when trying to modify the following members: %s', 'buddypress' ), '<em>' . implode( ', ', $error_modified ) . '</em>' );
+            $messages[] = sprintf( __( 'An error occurred when trying to modify the following members: %s', 'buddypress' ), '<em>' . esc_html( implode( ', ', $error_modified ) ) . '</em>' );
         }
 
         if ( ! empty( $success_modified ) ) {
             $success_modified = bp_groups_admin_get_usernames_from_ids( $success_modified );
-            $messages[] = sprintf( __( 'The following members were successfully modified: %s', 'buddypress' ), '<em>' . implode( ', ', $success_modified ) . '</em>' );
+            $messages[] = sprintf( __( 'The following members were successfully modified: %s', 'buddypress' ), '<em>' . esc_html( implode( ', ', $success_modified ) ) . '</em>' );
         }
     }