Changeset 12338
- Timestamp:
- 02/20/2019 03:06:18 PM (6 years ago)
- Location:
- trunk/src
- Files:
-
- 4 edited
-
bp-core/bp-core-avatars.php (modified) (3 diffs)
-
bp-templates/bp-legacy/buddypress/assets/_attachments/avatars/crop.php (modified) (1 diff)
-
bp-templates/bp-nouveau/buddypress/assets/_attachments/avatars/crop.php (modified) (1 diff)
-
bp-templates/bp-nouveau/includes/messages/ajax.php (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/bp-core/bp-core-avatars.php
r11858 r12338 836 836 if ( bp_core_delete_existing_avatar( array( 'item_id' => $avatar_data['item_id'], 'object' => $avatar_data['object'] ) ) ) { 837 837 $return = array( 838 'avatar' => html_entity_decode( bp_core_fetch_avatar( array(838 'avatar' => esc_url( bp_core_fetch_avatar( array( 839 839 'object' => $avatar_data['object'], 840 840 'item_id' => $avatar_data['item_id'], … … 1274 1274 } else { 1275 1275 $return = array( 1276 'avatar' => html_entity_decode( bp_core_fetch_avatar( array(1276 'avatar' => esc_url( bp_core_fetch_avatar( array( 1277 1277 'object' => $avatar_data['object'], 1278 1278 'item_id' => $avatar_data['item_id'], … … 1331 1331 if ( bp_core_avatar_handle_crop( $r ) ) { 1332 1332 $return = array( 1333 'avatar' => html_entity_decode( bp_core_fetch_avatar( array(1333 'avatar' => esc_url( bp_core_fetch_avatar( array( 1334 1334 'object' => $avatar_data['object'], 1335 1335 'item_id' => $avatar_data['item_id'], -
trunk/src/bp-templates/bp-legacy/buddypress/assets/_attachments/avatars/crop.php
r12082 r12338 15 15 <script id="tmpl-bp-avatar-item" type="text/html"> 16 16 <div id="avatar-to-crop"> 17 <img src="{{ data.url}}"/>17 <img src="{{{data.url}}}"/> 18 18 </div> 19 19 <div class="avatar-crop-management"> 20 20 <div id="avatar-crop-pane" class="avatar" style="width:{{data.full_w}}px; height:{{data.full_h}}px"> 21 <img src="{{ data.url}}" id="avatar-crop-preview"/>21 <img src="{{{data.url}}}" id="avatar-crop-preview"/> 22 22 </div> 23 23 <div id="avatar-crop-actions"> -
trunk/src/bp-templates/bp-nouveau/buddypress/assets/_attachments/avatars/crop.php
r12156 r12338 12 12 <script id="tmpl-bp-avatar-item" type="text/html"> 13 13 <div id="avatar-to-crop"> 14 <img src="{{ data.url}}"/>14 <img src="{{{data.url}}}"/> 15 15 </div> 16 16 <div class="avatar-crop-management"> 17 17 <div id="avatar-crop-pane" class="avatar" style="width:{{data.full_w}}px; height:{{data.full_h}}px"> 18 <img src="{{ data.url}}" id="avatar-crop-preview"/>18 <img src="{{{data.url}}}" id="avatar-crop-preview"/> 19 19 </div> 20 20 <div id="avatar-crop-actions"> -
trunk/src/bp-templates/bp-nouveau/includes/messages/ajax.php
r12175 r12338 163 163 $reply = array( 164 164 'id' => bp_get_the_thread_message_id(), 165 'content' => html_entity_decode( do_shortcode( bp_get_the_thread_message_content()) ),165 'content' => do_shortcode( bp_get_the_thread_message_content() ), 166 166 'sender_id' => bp_get_the_thread_message_sender_id(), 167 167 'sender_name' => esc_html( bp_get_the_thread_message_sender_name() ), 168 168 'sender_link' => bp_get_the_thread_message_sender_link(), 169 'sender_avatar' => htmlspecialchars_decode( bp_core_fetch_avatar( array(169 'sender_avatar' => esc_url( bp_core_fetch_avatar( array( 170 170 'item_id' => bp_get_the_thread_message_sender_id(), 171 171 'object' => 'user', … … 270 270 'id' => bp_get_message_thread_id(), 271 271 'message_id' => (int) $last_message_id, 272 'subject' => html_entity_decode( bp_get_message_thread_subject() ),273 'excerpt' => html_entity_decode( bp_get_message_thread_excerpt() ),274 'content' => html_entity_decode( do_shortcode( bp_get_message_thread_content()) ),272 'subject' => strip_tags( bp_get_message_thread_subject() ), 273 'excerpt' => strip_tags( bp_get_message_thread_excerpt() ), 274 'content' => do_shortcode( bp_get_message_thread_content() ), 275 275 'unread' => bp_message_thread_has_unread(), 276 276 'sender_name' => bp_core_get_user_displayname( $messages_template->thread->last_sender_id ), 277 277 'sender_link' => bp_core_get_userlink( $messages_template->thread->last_sender_id, false, true ), 278 'sender_avatar' => htmlspecialchars_decode( bp_core_fetch_avatar( array(278 'sender_avatar' => esc_url( bp_core_fetch_avatar( array( 279 279 'item_id' => $messages_template->thread->last_sender_id, 280 280 'object' => 'user', … … 292 292 foreach ( $messages_template->thread->recipients as $recipient ) { 293 293 $threads->threads[ $i ]['recipients'][] = array( 294 'avatar' => htmlspecialchars_decode( bp_core_fetch_avatar( array(294 'avatar' => esc_url( bp_core_fetch_avatar( array( 295 295 'item_id' => $recipient->user_id, 296 296 'object' => 'user', … … 430 430 $thread->thread = array( 431 431 'id' => bp_get_the_thread_id(), 432 'subject' => html_entity_decode( bp_get_the_thread_subject() ),432 'subject' => strip_tags( bp_get_the_thread_subject() ), 433 433 ); 434 434 … … 436 436 foreach ( $thread_template->thread->recipients as $recipient ) { 437 437 $thread->thread['recipients'][] = array( 438 'avatar' => htmlspecialchars_decode( bp_core_fetch_avatar( array(438 'avatar' => esc_url( bp_core_fetch_avatar( array( 439 439 'item_id' => $recipient->user_id, 440 440 'object' => 'user', … … 457 457 $thread->messages[ $i ] = array( 458 458 'id' => bp_get_the_thread_message_id(), 459 'content' => html_entity_decode( do_shortcode( bp_get_the_thread_message_content()) ),459 'content' => do_shortcode( bp_get_the_thread_message_content() ), 460 460 'sender_id' => bp_get_the_thread_message_sender_id(), 461 461 'sender_name' => esc_html( bp_get_the_thread_message_sender_name() ), 462 462 'sender_link' => bp_get_the_thread_message_sender_link(), 463 'sender_avatar' => htmlspecialchars_decode( bp_core_fetch_avatar( array(463 'sender_avatar' => esc_url( bp_core_fetch_avatar( array( 464 464 'item_id' => bp_get_the_thread_message_sender_id(), 465 465 'object' => 'user',
Note: See TracChangeset
for help on using the changeset viewer.