Skip to:
Content

BuddyPress.org

Changeset 3144


Ignore:
Timestamp:
07/22/2010 10:56:33 AM (14 years ago)
Author:
johnjamesjacoby
Message:

Fixes #2526 props cnorris23

Location:
branches/1.2
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • branches/1.2/bp-activity.php

    r3142 r3144  
    252252            bp_core_redirect( $bp->loggedin_user->domain );
    253253        else
    254             bp_core_redirect( site_url( 'wp-login.php?redirect_to=' . clean_url( $bp->root_domain . '/' . $bp->activity->slug . '/p/' . $bp->current_action ) ) );
     254            bp_core_redirect( site_url( 'wp-login.php?redirect_to=' . esc_url( $bp->root_domain . '/' . $bp->activity->slug . '/p/' . $bp->current_action ) ) );
    255255    }
    256256
  • branches/1.2/bp-core/bp-core-catchuri.php

    r3117 r3144  
    4242        $path = bp_core_referrer();
    4343    else
    44         $path = clean_url( $_SERVER['REQUEST_URI'] );
     44        $path = esc_url( $_SERVER['REQUEST_URI'] );
    4545
    4646    $path = apply_filters( 'bp_uri', $path );
  • branches/1.2/bp-core/bp-core-filters.php

    r2997 r3144  
    166166    // Send email with activation link.
    167167    $activate_url = bp_get_activation_page() ."?key=$key";
    168     $activate_url = clean_url($activate_url);
     168    $activate_url = esc_url($activate_url);
    169169
    170170    $admin_email = get_site_option( "admin_email" );
     
    175175    $from_name = ( '' == get_site_option( "site_name" ) ) ? 'WordPress' : wp_specialchars( get_site_option( "site_name" ) );
    176176    $message_headers = "MIME-Version: 1.0\n" . "From: \"{$from_name}\" <{$admin_email}>\n" . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n";
    177     $message = sprintf(__("Thanks for registering! To complete the activation of your account and blog, please click the following link:\n\n%s\n\n\n\nAfter you activate, you can visit your blog here:\n\n%s", 'buddypress' ), $activate_url, clean_url("http://{$domain}{$path}" ) );
    178     $subject = '[' . $from_name . '] ' . sprintf(__('Activate %s', 'buddypress' ), clean_url('http://' . $domain . $path));
     177    $message = sprintf(__("Thanks for registering! To complete the activation of your account and blog, please click the following link:\n\n%s\n\n\n\nAfter you activate, you can visit your blog here:\n\n%s", 'buddypress' ), $activate_url, esc_url("http://{$domain}{$path}" ) );
     178    $subject = '[' . $from_name . '] ' . sprintf(__('Activate %s', 'buddypress' ), esc_url('http://' . $domain . $path));
    179179
    180180    /* Send the message */
     
    195195
    196196    $activate_url = bp_get_activation_page() ."?key=$key";
    197     $activate_url = clean_url($activate_url);
     197    $activate_url = esc_url($activate_url);
    198198    $admin_email = get_site_option( "admin_email" );
    199199
     
    207207    $from_name = ( '' == get_site_option( "site_name" ) ) ? 'WordPress' : wp_specialchars( get_site_option( "site_name" ) );
    208208    $message_headers = "MIME-Version: 1.0\n" . "From: \"{$from_name}\" <{$admin_email}>\n" . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n";
    209     $message = sprintf( __( "Thanks for registering! To complete the activation of your account please click the following link:\n\n%s\n\n", 'buddypress' ), $activate_url . $email, clean_url("http://{$domain}{$path}" ) );
     209    $message = sprintf( __( "Thanks for registering! To complete the activation of your account please click the following link:\n\n%s\n\n", 'buddypress' ), $activate_url . $email, esc_url( "http://{$domain}{$path}" ) );
    210210    $subject = '[' . $from_name . '] ' . __( 'Activate Your Account', 'buddypress' );
    211211
  • branches/1.2/bp-core/bp-core-signup.php

    r3142 r3144  
    575575function bp_core_signup_send_validation_email( $user_id, $user_email, $key ) {
    576576    $activate_url = bp_get_activation_page() ."?key=$key";
    577     $activate_url = clean_url( $activate_url );
     577    $activate_url = esc_url( $activate_url );
    578578    $admin_email = get_site_option( "admin_email" );
    579579
Note: See TracChangeset for help on using the changeset viewer.