Skip to:
Content

BuddyPress.org

Changeset 6203


Ignore:
Timestamp:
07/27/2012 03:01:10 AM (12 years ago)
Author:
johnjamesjacoby
Message:

XProfile:

  • Properly escape xprofile_filter_link_profile_data() output.
  • See r6201, r6202.
  • For 1.6 branch.
  • Props vnd.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/bp-xprofile/bp-xprofile-filters.php

    r5929 r6203  
    4949add_filter( 'bp_get_the_profile_field_value',           'xprofile_filter_format_field_value', 1, 2 );
    5050add_filter( 'bp_get_the_site_member_profile_data',      'xprofile_filter_format_field_value', 1, 2 );
    51 add_filter( 'bp_get_the_profile_field_value',           'xprofile_filter_link_profile_data', 9, 2 );
     51add_filter( 'bp_get_the_profile_field_value',           'xprofile_filter_link_profile_data',  9, 2 );
    5252
    5353add_filter( 'xprofile_data_value_before_save',          'xprofile_sanitize_data_value_before_save', 1, 2 );
     
    169169            if ( preg_match( '@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', $value ) ) {
    170170                $new_values[] = make_clickable( $value );
     171
     172            // Is not clickable
    171173            } else {
     174
     175                // More than 5 commas
    172176                if ( count( explode( ' ', $value ) ) > 5 ) {
    173177                    $new_values[] = $value;
     178
     179                // Less than 5 commas
    174180                } else {
    175                     $new_values[] = '<a href="' . site_url( bp_get_members_root_slug() ) . '/?s=' . strip_tags( $value ) . '" rel="nofollow">' . $value . '</a>';
     181                    $search_url   = add_query_arg( array( 's' => urlencode( $value ) ), bp_get_members_directory_permalink() );
     182                    $new_values[] = '<a href="' . $search_url . '" rel="nofollow">' . esc_html( $value ) . '</a>';
    176183                }
    177184            }
Note: See TracChangeset for help on using the changeset viewer.