Skip to:
Content

BuddyPress.org

Changeset 7073


Ignore:
Timestamp:
05/15/2013 06:10:14 PM (7 years ago)
Author:
r-a-y
Message:

Use ->prepare() on 'user_id' parameter. See r7072.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/bp-groups/bp-groups-classes.php

    r7072 r7073  
    443443
    444444        if ( ! empty( $r['user_id'] ) ) {
    445             $total_sql['where'][] = "m.group_id = g.id AND m.user_id = {$r['user_id']} AND m.is_confirmed = 1 AND m.is_banned = 0";
     445            $total_sql['where'][] = $wpdb->prepare( "m.group_id = g.id AND m.user_id = %d AND m.is_confirmed = 1 AND m.is_banned = 0", $r['user_id'] );
    446446        }
    447447
Note: See TracChangeset for help on using the changeset viewer.