Skip to:
Content

BuddyPress.org

Changeset 9062


Ignore:
Timestamp:
10/05/2014 09:54:53 PM (10 years ago)
Author:
djpaul
Message:

Activity: when redirecting unauthenticated users away from a single activity permalink, make sure the value of the redirect_to parameter has been URL encoded.

Also improves the readability of this section of code by moving it out of the ternary operator.

See #5926

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-activity/bp-activity-screens.php

    r8682 r9062  
    232232
    233233        // Redirect based on logged in status
    234         is_user_logged_in() ?
    235             bp_core_redirect( bp_loggedin_user_domain() ) :
    236             bp_core_redirect( site_url( 'wp-login.php?redirect_to=' . esc_url( bp_get_root_domain() . '/' . bp_get_activity_root_slug() . '/p/' . bp_current_action() . '/' ) ) );
     234        if ( is_user_logged_in() ) {
     235            $url = bp_loggedin_user_domain();
     236
     237        } else {
     238            $url = sprintf(
     239                site_url( 'wp-login.php?redirect_to=%s' ),
     240                urlencode( esc_url_raw( bp_activity_get_permalink( (int) bp_current_action() ) ) )
     241            );
     242        }
     243
     244        bp_core_redirect( $url );
    237245    }
    238246
Note: See TracChangeset for help on using the changeset viewer.