Changeset 9773 for branches/2.2/src/bp-members/bp-members-admin.php

Timestamp:

04/20/2015 04:08:00 PM (11 years ago)

Author:

johnjamesjacoby

Message:

All: make sure URLs are escaped (2.2 branch)

File:

• branches/2.2/src/bp-members/bp-members-admin.php (modified) (2 diffs)

branches/2.2/src/bp-members/bp-members-admin.php

@@ -1175 +1175 @@
             // Add query args and setup the Extended link
             $edit_profile      = add_query_arg( $args, $this->edit_profile_url );
-            $edit_profile_link = sprintf( '<a href="%1$s">%2$s</a>',  esc_url( $edit_profile ), esc_html__( 'Extended', 'buddypress' ) );
+            $edit_profile_link = sprintf( '<a href="%1$s">%2$s</a>', esc_url( $edit_profile ), esc_html__( 'Extended', 'buddypress' ) );
 
             /**
@@ -1330 +1330 @@
         $text    = sprintf( _x( 'Pending %s', 'signup users', 'buddypress' ), '<span class="count">(' . number_format_i18n( $signups ) . ')</span>' );
 
-        $views['registered'] = sprintf( '<a href="%1$s" class="%2$s">%3$s</a>', $url, $class, $text );
+        $views['registered'] = sprintf( '<a href="%1$s" class="%2$s">%3$s</a>', esc_url( $url ), $class, $text );
 
         return $views;