Changeset 7026
- Timestamp:
- 05/08/2013 08:59:47 PM (11 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/bp-friends/bp-friends-classes.php
r6574 r7026 145 145 $user_id = bp_loggedin_user_id(); 146 146 147 $filter = like_escape( $wpdb->escape( $filter ) );147 $filter = esc_sql( like_escape( $filter ) ); 148 148 149 149 if ( !empty( $limit ) && !empty( $page ) ) … … 154 154 155 155 // Get all the user ids for the current user's friends. 156 $fids = implode( ',', $friend_ids);156 $fids = implode( ',', wp_parse_id_list( $friend_ids ) ); 157 157 158 158 if ( empty( $fids ) ) … … 199 199 global $wpdb; 200 200 201 $user_ids = implode( ',', wp_parse_id_list( $user_ids ) ); 202 201 203 return $wpdb->get_results( $wpdb->prepare( "SELECT meta_value as last_activity, user_id FROM {$wpdb->usermeta} WHERE meta_key = %s AND user_id IN ( {$user_ids} ) ORDER BY meta_value DESC", bp_get_user_meta_key( 'last_activity' ) ) ); 202 204 } … … 223 225 global $wpdb, $bp; 224 226 225 $filter = like_escape( $wpdb->escape( $filter ) );227 $filter = esc_sql( like_escape( $filter ) ); 226 228 227 229 $usermeta_table = $wpdb->base_prefix . 'usermeta'; … … 249 251 global $wpdb, $bp; 250 252 251 $filter = like_escape( $wpdb->escape( $filter ) );253 $filter = esc_sql( like_escape( $filter ) ); 252 254 253 255 $usermeta_table = $wpdb->prefix . 'usermeta'; … … 274 276 if ( !bp_is_active( 'xprofile' ) ) 275 277 return false; 278 279 $user_ids = implode( ',', wp_parse_id_list( $user_ids ) ); 276 280 277 281 return $wpdb->get_results( $wpdb->prepare( "SELECT user_id FROM {$bp->profile->table_name_data} pd, {$bp->profile->table_name_fields} pf WHERE pf.id = pd.field_id AND pf.name = %s AND pd.user_id IN ( {$user_ids} ) ORDER BY pd.value ASC", bp_xprofile_fullname_field_name() ) );
Note: See TracChangeset
for help on using the changeset viewer.