Skip to:
Content

BuddyPress.org

Changeset 2047


Ignore:
Timestamp:
10/22/2009 12:01:36 PM (15 years ago)
Author:
apeatling
Message:

Fixes #1223

Location:
branches/1.1
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • branches/1.1/bp-blogs/bp-blogs-classes.php

    r1905 r2047  
    181181            bp_blogs_setup_globals();
    182182       
    183         like_escape($letter);
     183        like_escape( $wpdb->escape( $letter ) );
    184184               
    185185        if ( $limit && $page ) {
     
    199199            bp_blogs_setup_globals();
    200200       
    201         like_escape($filter);
     201        like_escape( $wpdb->escape( $filter ) );
    202202       
    203203        if ( $limit && $page ) {
  • branches/1.1/bp-core.php

    r2035 r2047  
    6666if ( !defined( 'BP_HOME_BLOG_SLUG' ) )
    6767    define( 'BP_HOME_BLOG_SLUG', 'blog' );
     68   
     69/* Register BuddyPress themes contained within the theme folder */
     70if ( function_exists( 'register_theme_folder' ) )
     71    register_theme_folder( 'buddypress/bp-themes' );
    6872
    6973
  • branches/1.1/bp-core/bp-core-classes.php

    r2005 r2047  
    220220            return false;
    221221       
    222         like_escape($letter);
     222        like_escape( $wpdb->escape( $letter ) );
    223223
    224224        $total_users_sql = apply_filters( 'bp_core_users_by_letter_count_sql', $wpdb->prepare( "SELECT DISTINCT count(u.ID) FROM " . CUSTOM_USER_TABLE . " u LEFT JOIN {$bp->profile->table_name_data} pd ON u.ID = pd.user_id LEFT JOIN {$bp->profile->table_name_fields} pf ON pd.field_id = pf.id WHERE u.spam = 0 AND u.deleted = 0 AND u.user_status = 0 AND pf.name = %s AND pd.value LIKE '$letter%%' ORDER BY pd.value ASC", BP_XPROFILE_FULLNAME_FIELD_NAME ), $letter );
     
    240240            $pag_sql = $wpdb->prepare( " LIMIT %d, %d", intval( ( $page - 1 ) * $limit), intval( $limit ) );
    241241       
    242         like_escape($search_terms);
     242        like_escape( $wpdb->escape( $search_terms ) ); 
    243243
    244244        $total_users_sql = apply_filters( 'bp_core_search_users_count_sql', "SELECT DISTINCT count(u.ID) as user_id FROM " . CUSTOM_USER_TABLE . " u LEFT JOIN {$bp->profile->table_name_data} pd ON u.ID = pd.user_id WHERE u.spam = 0 AND u.deleted = 0 AND u.user_status = 0 AND pd.value LIKE '%%$search_terms%%' ORDER BY pd.value ASC", $search_terms );
  • branches/1.1/bp-friends/bp-friends-classes.php

    r1905 r2047  
    150150            $user_id = $bp->loggedin_user->id;
    151151       
    152         like_escape($filter);
     152        like_escape( $wpdb->escape( $filter ) );
    153153       
    154154        if ( $limit && $page )
     
    222222        global $wpdb, $bp;
    223223       
    224         like_escape($filter);
     224        like_escape( $wpdb->escape( $filter ) );
    225225        $usermeta_table = $wpdb->base_prefix . 'usermeta';
    226226        $users_table = $wpdb->base_prefix . 'users';
     
    247247        global $wpdb, $bp;
    248248       
    249         like_escape($filter);
     249        like_escape( $wpdb->escape( $filter ) );
    250250        $usermeta_table = $wpdb->prefix . 'usermeta';
    251251        $users_table = $wpdb->base_prefix . 'users';
  • branches/1.1/bp-groups/bp-groups-classes.php

    r1929 r2047  
    247247            $user_id = $bp->displayed_user->id;
    248248       
    249         like_escape($filter);
     249        like_escape( $wpdb->escape( $filter ) );
    250250       
    251251        if ( $limit && $page )
     
    269269        global $wpdb, $bp;
    270270       
    271         like_escape($filter);
     271        like_escape( $wpdb->escape( $filter ) );
    272272       
    273273        if ( $limit && $page )
     
    463463            $hidden_sql = $wpdb->prepare( " AND status != 'hidden'");
    464464       
    465         like_escape($letter);
     465        like_escape( $wpdb->escape( $letter ) );
    466466               
    467467        if ( $limit && $page ) {
     
    699699
    700700        if ( $filter ) {
    701             like_escape($filter);
     701            like_escape( $wpdb->escape( $filter ) );
    702702            $filter_sql = " AND ( g.name LIKE '{$filter}%%' OR g.description LIKE '{$filter}%%' )";         
    703703        }
     
    719719
    720720        if ( $filter ) {
    721             like_escape($filter);
     721            like_escape( $wpdb->escape( $filter ) );
    722722            $filter_sql = " AND ( g.name LIKE '{$filter}%%' OR g.description LIKE '{$filter}%%' )";         
    723723        }
     
    739739           
    740740        if ( $filter ) {
    741             like_escape($filter);
     741            like_escape( $wpdb->escape( $filter ) );
    742742            $filter_sql = " AND ( g.name LIKE '{$filter}%%' OR g.description LIKE '{$filter}%%' )";         
    743743        }
     
    759759
    760760        if ( $filter ) {
    761             like_escape($filter);
     761            like_escape( $wpdb->escape( $filter ) );
    762762            $filter_sql = " AND ( g.name LIKE '{$filter}%%' OR g.description LIKE '{$filter}%%' )";         
    763763        }
     
    779779
    780780        if ( $filter ) {
    781             like_escape($filter);
     781            like_escape( $wpdb->escape( $filter ) );
    782782            $filter_sql = " AND ( g.name LIKE '{$filter}%%' OR g.description LIKE '{$filter}%%' )";         
    783783        }
     
    799799
    800800        if ( $filter ) {
    801             like_escape($filter);
     801            like_escape( $wpdb->escape( $filter ) );
    802802            $filter_sql = " AND ( g.name LIKE '{$filter}%%' OR g.description LIKE '{$filter}%%' )";         
    803803        }
Note: See TracChangeset for help on using the changeset viewer.