Skip to:
Content

BuddyPress.org

Changeset 11149


Ignore:
Timestamp:
09/22/2016 12:16:30 AM (3 years ago)
Author:
r-a-y
Message:

Members: Escape various URL output functions.

Props espellcaste.

See #7132.

Location:
trunk/src
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-members/bp-members-template.php

    r11033 r11149  
    830830 */
    831831function bp_member_permalink() {
    832     echo bp_get_member_permalink();
     832    echo esc_url( bp_get_member_permalink() );
    833833}
    834834    /**
     
    857857     * @since 1.2.0
    858858     */
    859     function bp_member_link() { echo bp_get_member_permalink(); }
     859    function bp_member_link() { echo esc_url( bp_get_member_permalink() ); }
    860860
    861861    /**
     
    17581758 */
    17591759function bp_loggedin_user_link() {
    1760     echo bp_get_loggedin_user_link();
     1760    echo esc_url( bp_get_loggedin_user_link() );
    17611761}
    17621762    /**
     
    17851785 */
    17861786function bp_displayed_user_link() {
    1787     echo bp_get_displayed_user_link();
     1787    echo esc_url( bp_get_displayed_user_link() );
    17881788}
    17891789    /**
  • trunk/src/bp-templates/bp-legacy/buddypress/members/index.php

    r11148 r11149  
    6262
    6363                <?php if ( is_user_logged_in() && bp_is_active( 'friends' ) && bp_get_total_friend_count( bp_loggedin_user_id() ) ) : ?>
    64                     <li id="members-personal"><a href="<?php echo bp_loggedin_user_domain() . bp_get_friends_slug() . '/my-friends/'; ?>"><?php printf( __( 'My Friends %s', 'buddypress' ), '<span>' . bp_get_total_friend_count( bp_loggedin_user_id() ) . '</span>' ); ?></a></li>
     64                    <li id="members-personal"><a href="<?php echo esc_url( bp_loggedin_user_domain() . bp_get_friends_slug() . '/my-friends/' ); ?>"><?php printf( __( 'My Friends %s', 'buddypress' ), '<span>' . bp_get_total_friend_count( bp_loggedin_user_id() ) . '</span>' ); ?></a></li>
    6565                <?php endif; ?>
    6666
Note: See TracChangeset for help on using the changeset viewer.