- Timestamp:
- 02/20/2019 03:06:18 PM (7 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/bp-templates/bp-nouveau/includes/messages/ajax.php
r12175 r12338 163 163 $reply = array( 164 164 'id' => bp_get_the_thread_message_id(), 165 'content' => html_entity_decode( do_shortcode( bp_get_the_thread_message_content()) ),165 'content' => do_shortcode( bp_get_the_thread_message_content() ), 166 166 'sender_id' => bp_get_the_thread_message_sender_id(), 167 167 'sender_name' => esc_html( bp_get_the_thread_message_sender_name() ), 168 168 'sender_link' => bp_get_the_thread_message_sender_link(), 169 'sender_avatar' => htmlspecialchars_decode( bp_core_fetch_avatar( array(169 'sender_avatar' => esc_url( bp_core_fetch_avatar( array( 170 170 'item_id' => bp_get_the_thread_message_sender_id(), 171 171 'object' => 'user', … … 270 270 'id' => bp_get_message_thread_id(), 271 271 'message_id' => (int) $last_message_id, 272 'subject' => html_entity_decode( bp_get_message_thread_subject() ),273 'excerpt' => html_entity_decode( bp_get_message_thread_excerpt() ),274 'content' => html_entity_decode( do_shortcode( bp_get_message_thread_content()) ),272 'subject' => strip_tags( bp_get_message_thread_subject() ), 273 'excerpt' => strip_tags( bp_get_message_thread_excerpt() ), 274 'content' => do_shortcode( bp_get_message_thread_content() ), 275 275 'unread' => bp_message_thread_has_unread(), 276 276 'sender_name' => bp_core_get_user_displayname( $messages_template->thread->last_sender_id ), 277 277 'sender_link' => bp_core_get_userlink( $messages_template->thread->last_sender_id, false, true ), 278 'sender_avatar' => htmlspecialchars_decode( bp_core_fetch_avatar( array(278 'sender_avatar' => esc_url( bp_core_fetch_avatar( array( 279 279 'item_id' => $messages_template->thread->last_sender_id, 280 280 'object' => 'user', … … 292 292 foreach ( $messages_template->thread->recipients as $recipient ) { 293 293 $threads->threads[ $i ]['recipients'][] = array( 294 'avatar' => htmlspecialchars_decode( bp_core_fetch_avatar( array(294 'avatar' => esc_url( bp_core_fetch_avatar( array( 295 295 'item_id' => $recipient->user_id, 296 296 'object' => 'user', … … 430 430 $thread->thread = array( 431 431 'id' => bp_get_the_thread_id(), 432 'subject' => html_entity_decode( bp_get_the_thread_subject() ),432 'subject' => strip_tags( bp_get_the_thread_subject() ), 433 433 ); 434 434 … … 436 436 foreach ( $thread_template->thread->recipients as $recipient ) { 437 437 $thread->thread['recipients'][] = array( 438 'avatar' => htmlspecialchars_decode( bp_core_fetch_avatar( array(438 'avatar' => esc_url( bp_core_fetch_avatar( array( 439 439 'item_id' => $recipient->user_id, 440 440 'object' => 'user', … … 457 457 $thread->messages[ $i ] = array( 458 458 'id' => bp_get_the_thread_message_id(), 459 'content' => html_entity_decode( do_shortcode( bp_get_the_thread_message_content()) ),459 'content' => do_shortcode( bp_get_the_thread_message_content() ), 460 460 'sender_id' => bp_get_the_thread_message_sender_id(), 461 461 'sender_name' => esc_html( bp_get_the_thread_message_sender_name() ), 462 462 'sender_link' => bp_get_the_thread_message_sender_link(), 463 'sender_avatar' => htmlspecialchars_decode( bp_core_fetch_avatar( array(463 'sender_avatar' => esc_url( bp_core_fetch_avatar( array( 464 464 'item_id' => bp_get_the_thread_message_sender_id(), 465 465 'object' => 'user',
Note: See TracChangeset
for help on using the changeset viewer.