Changeset 7349
- Timestamp:
- 08/12/2013 10:53:30 PM (12 years ago)
- Location:
- trunk
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/bp-activity/bp-activity-functions.php
r7338 r7349 1525 1525 * 1526 1526 * @param string $content The content to work with 1527 * @param string $link Optional. The URL that the image should link to1527 * @param string $link Optional. The unescaped URL that the image should link to 1528 1528 * @param array $activity_args Optional. The args passed to the activity 1529 1529 * creation function (eg bp_blogs_record_activity()) … … 1562 1562 $new_height = (int) $height >= 100 ? 100 : $height; 1563 1563 $new_width = $new_height * $ratio; 1564 1565 $image = '<img src="' . esc_attr( $src ) . '" width="' . $new_width . '" height="' . $new_height . '" alt="' . __( 'Thumbnail', 'buddypress' ) . '" class="align-left thumbnail" />'; 1564 $image = '<img src="' . esc_url( $src ) . '" width="' . absint( $new_width ) . '" height="' . absint( $new_height ) . '" alt="' . __( 'Thumbnail', 'buddypress' ) . '" class="align-left thumbnail" />'; 1566 1565 1567 1566 if ( !empty( $link ) ) { 1568 $image = '<a href="' . $link. '">' . $image . '</a>';1567 $image = '<a href="' . esc_url( $link ) . '">' . $image . '</a>'; 1569 1568 } 1570 1569 -
trunk/bp-blogs/bp-blogs-functions.php
r7338 r7349 361 361 // Get activity related links 362 362 $post_permalink = get_permalink( $recorded_comment->comment_post_ID ); 363 $comment_link = htmlspecialchars( get_comment_link( $recorded_comment->comment_ID ));363 $comment_link = get_comment_link( $recorded_comment->comment_ID ); 364 364 365 365 // Prepare to record in activity streams -
trunk/bp-groups/bp-groups-template.php
r7339 r7349 522 522 /* Fetch the avatar from the folder, if not provide backwards compat. */ 523 523 if ( !$avatar = bp_core_fetch_avatar( array( 'item_id' => $groups_template->group->id, 'object' => 'group', 'type' => $type, 'avatar_dir' => 'group-avatars', 'alt' => $alt, 'css_id' => $id, 'class' => $class, 'width' => $width, 'height' => $height, 'title' => $groups_template->group->name, 'alt' => $alt ) ) ) 524 $avatar = '<img src="' . esc_ attr( $groups_template->group->avatar_thumb ) . '" class="avatar" alt="' . esc_attr( $groups_template->group->name ) . '" />';524 $avatar = '<img src="' . esc_url( $groups_template->group->avatar_thumb ) . '" class="avatar" alt="' . esc_attr( $groups_template->group->name ) . '" />'; 525 525 526 526 return apply_filters( 'bp_get_group_avatar', $avatar ); … … 2605 2605 if ( $bp->groups->current_group->avatar_full ) { ?> 2606 2606 2607 <img src="<?php echo esc_ attr( $bp->groups->current_group->avatar_full )?>" alt="<?php _e( 'Group Avatar', 'buddypress' ) ?>" class="avatar" />2607 <img src="<?php echo esc_url( $bp->groups->current_group->avatar_full ); ?>" alt="<?php _e( 'Group Avatar', 'buddypress' ) ?>" class="avatar" /> 2608 2608 2609 2609 <?php } else { ?> 2610 2610 2611 <img src="<?php echo $bp->groups->image_base . '/none.gif'?>" alt="<?php _e( 'No Group Avatar', 'buddypress' ) ?>" class="avatar" />2611 <img src="<?php echo esc_url( $bp->groups->image_base . '/none.gif' ); ?>" alt="<?php _e( 'No Group Avatar', 'buddypress' ) ?>" class="avatar" /> 2612 2612 2613 2613 <?php }
Note: See TracChangeset
for help on using the changeset viewer.