Changeset 4362 for trunk/bp-xprofile/bp-xprofile-template.php

Timestamp:

05/15/2011 05:23:50 PM (15 years ago)

Author:

boonebgorges

Message:

Applies pre-save filters to permitted xprofile options before comparing with submitted values, to account for special characters. Fixes #3213

File:

• trunk/bp-xprofile/bp-xprofile-template.php (modified) (3 diffs)

trunk/bp-xprofile/bp-xprofile-template.php

@@ -433 +433 @@
                     $selected = '';
                     
+                    // Run the allowed option name through the before_save
+                    // filter, so we'll be sure to get a match
+                    $allowed_options = xprofile_sanitize_data_value_before_save( $options[$k]->name, false, false );
+                    
                     // First, check to see whether the user-entered value
                     // matches
-                    if ( in_array( $options[$k]->name, (array) $option_values ) )
+                    if ( in_array( $allowed_options, (array) $option_values ) )
                         $selected = ' selected="selected"';
 
@@ -459 +463 @@
                     }
                     
+                    // Run the allowed option name through the before_save
+                    // filter, so we'll be sure to get a match
+                    $allowed_options = xprofile_sanitize_data_value_before_save( $options[$k]->name, false, false );
+                    
                     $selected = ''; 
-                    if ( $option_value == $options[$k]->name || !empty( $value ) && $value == $options[$k]->name || ( empty( $option_value ) && $options[$k]->is_default_option ) )
+                    if ( $option_value == $allowed_options || !empty( $value ) && $value == $allowed_options || ( empty( $option_value ) && $options[$k]->is_default_option ) )
                         $selected = ' checked="checked"';
 
@@ -486 +494 @@
                     // match the option
                     for ( $j = 0; $j < count($option_values); $j++ ) {
-                        if ( $option_values[$j] == $options[$k]->name || @in_array( $options[$k]->name, $value ) ) {
+                        
+                        // Run the allowed option name through the
+                        // before_save filter, so we'll be sure to get a
+                        // match
+                        $allowed_options = xprofile_sanitize_data_value_before_save( $options[$k]->name, false, false );
+                        
+                        if ( $option_values[$j] == $allowed_options || @in_array( $allowed_options, $value ) ) {
                             $selected = ' checked="checked"';
                             break;