Changeset 7016
- Timestamp:
- 05/08/2013 12:29:59 AM (12 years ago)
- Location:
- branches/1.7
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/1.7/bp-core/bp-core-classes.php
r7014 r7016 837 837 838 838 if ( !empty( $search_terms ) && bp_is_active( 'xprofile' ) ) { 839 $search_terms = esc_sql( like_escape( trim( $search_terms )) );839 $search_terms = esc_sql( like_escape( $search_terms ) ); 840 840 $sql['where_searchterms'] = "AND spd.value LIKE '%%$search_terms%%'"; 841 841 } … … 954 954 } 955 955 956 $letter = esc_sql( like_escape( trim( $letter )) );956 $letter = esc_sql( like_escape( $letter ) ); 957 957 $status_sql = bp_core_get_status_sql( 'u.' ); 958 958 … … 1052 1052 $pag_sql = $limit && $page ? $wpdb->prepare( " LIMIT %d, %d", intval( ( $page - 1 ) * intval( $limit ) ), intval( $limit ) ) : ''; 1053 1053 1054 $search_terms = esc_sql( like_escape( trim( $search_terms )) );1054 $search_terms = esc_sql( like_escape( $search_terms ) ); 1055 1055 $status_sql = bp_core_get_status_sql( 'u.' ); 1056 1056 -
branches/1.7/bp-groups/bp-groups-classes.php
r7014 r7016 479 479 480 480 if ( !empty( $search_terms ) ) { 481 $search_terms = esc_sql( like_escape( trim( $search_terms )) );481 $search_terms = esc_sql( like_escape( $search_terms ) ); 482 482 $search_sql = " AND ( g.name LIKE '%%{$search_terms}%%' OR g.description LIKE '%%{$search_terms}%%' )"; 483 483 } … … 521 521 522 522 if ( !empty( $search_terms ) ) { 523 $search_terms = esc_sql( like_escape( trim( $search_terms )) );523 $search_terms = esc_sql( like_escape( $search_terms ) ); 524 524 $search_sql = " AND ( g.name LIKE '%%{$search_terms}%%' OR g.description LIKE '%%{$search_terms}%%' )"; 525 525 } … … 604 604 605 605 if ( !empty( $search_terms ) ) { 606 $search_terms = esc_sql( like_escape( trim( $search_terms )) );606 $search_terms = esc_sql( like_escape( $search_terms ) ); 607 607 $search_sql = " AND ( g.name LIKE '%%{$search_terms}%%' OR g.description LIKE '%%{$search_terms}%%' )"; 608 608 } … … 1049 1049 1050 1050 if ( !empty( $filter ) ) { 1051 $filter = esc_sql( like_escape( trim( $filter )) );1051 $filter = esc_sql( like_escape( $filter ) ); 1052 1052 $filter_sql = " AND ( g.name LIKE '%%{$filter}%%' OR g.description LIKE '%%{$filter}%%' )"; 1053 1053 }
Note: See TracChangeset
for help on using the changeset viewer.