Skip to:
Content

BuddyPress.org

Changeset 12916


Ignore:
Timestamp:
04/28/2021 11:49:56 PM (3 months ago)
Author:
dcavins
Message:

BP_Invitation_Manager: Verify passed email addresses.

Ensure that incoming email addresses pass
an is_email() check.
Also fix a documentation error in BP_Invitation.

See #8139.

Location:
trunk/src/bp-core/classes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-core/classes/class-bp-invitation-manager.php

    r12915 r12916  
    9797        // Invitations must have an invitee and inviter.
    9898        if ( ! ( ( $r['user_id'] || $r['invitee_email'] ) && $r['inviter_id'] ) ) {
     99            return false;
     100        }
     101
     102        // If an email address is specified, it must be a valid email address.
     103        if ( $r['invitee_email'] && ! is_email( $r['invitee_email'] ) ) {
    99104            return false;
    100105        }
  • trunk/src/bp-core/classes/class-bp-invitation.php

    r12874 r12916  
    661661     *     $per_page can be treated as filter values for get_where_sql()
    662662     *     and get_query_clauses(). All items are optional.
    663      *     @type int|array    $id                ID of invitation being updated.
     663     *     @type int|array    $id                ID of invitation being fetched.
    664664     *                                           Can be an array of IDs.
    665665     *     @type int|array    $user_id           ID of user being queried. Can be an
Note: See TracChangeset for help on using the changeset viewer.