Index: bp-core/bp-core-templatetags.php
===================================================================
--- bp-core/bp-core-templatetags.php	(revision 3508)
+++ bp-core/bp-core-templatetags.php	(working copy)
@@ -456,7 +456,7 @@
 
 	$search_value = __( 'Search anything...', 'buddypress' );
 	if ( !empty( $_GET['s'] ) )
-	 	$search_value = $_GET['s'];
+	 	$search_value = stripslashes( $_GET['s'] );
 
 	?>
 	<form action="" method="get" id="search-members-form">
Index: bp-blogs/bp-blogs-templatetags.php
===================================================================
--- bp-blogs/bp-blogs-templatetags.php	(revision 3508)
+++ bp-blogs/bp-blogs-templatetags.php	(working copy)
@@ -502,9 +502,15 @@
 }
 
 function bp_directory_blogs_search_form() {
-	global $bp; ?>
+	global $bp;
+
+	$search_value = __( 'Search anything...', 'buddypress' );
+	if ( !empty( $_GET['s'] ) )
+	 	$search_value = stripslashes( $_GET['s'] );
+
+	?>
 	<form action="" method="get" id="search-blogs-form">
-		<label><input type="text" name="s" id="blogs_search" value="<?php if ( isset( $_GET['s'] ) ) { echo $_GET['s']; } else { _e( 'Search anything...', 'buddypress' ); } ?>"  onfocus="if (this.value == '<?php _e( 'Search anything...', 'buddypress' ) ?>') {this.value = '';}" onblur="if (this.value == '') {this.value = '<?php _e( 'Search anything...', 'buddypress' ) ?>';}" /></label>
+		<label><input type="text" name="s" id="blogs_search" value="<?php echo esc_attr( $search_value ) ?>"  onfocus="if (this.value == '<?php _e( 'Search anything...', 'buddypress' ) ?>') {this.value = '';}" onblur="if (this.value == '') {this.value = '<?php _e( 'Search anything...', 'buddypress' ) ?>';}" /></label>
 		<input type="submit" id="blogs_search_submit" name="blogs_search_submit" value="<?php _e( 'Search', 'buddypress' ) ?>" />
 	</form>
 <?php
Index: bp-forums/bp-forums-templatetags.php
===================================================================
--- bp-forums/bp-forums-templatetags.php	(revision 3508)
+++ bp-forums/bp-forums-templatetags.php	(working copy)
@@ -1030,11 +1030,11 @@
 
 	$search_value = __( 'Search anything...', 'buddypress' );
 	if ( !empty( $_REQUEST['fs'] ) )
-	 	$search_value = $_REQUEST['fs'];
+	 	$search_value = stripslashes( $_REQUEST['fs'] );
 
 ?>
 	<form action="" method="get" id="search-forums-form">
-		<label><input type="text" name="s" id="forums_search" value="<?php echo esc_attr($search_value) ?>"  onfocus="if (this.value == '<?php _e( 'Search anything...', 'buddypress' ) ?>') {this.value = '';}" onblur="if (this.value == '') {this.value = '<?php _e( 'Search anything...', 'buddypress' ) ?>';}" /></label>
+		<label><input type="text" name="s" id="forums_search" value="<?php echo esc_attr( $search_value ) ?>"  onfocus="if (this.value == '<?php _e( 'Search anything...', 'buddypress' ) ?>') {this.value = '';}" onblur="if (this.value == '') {this.value = '<?php _e( 'Search anything...', 'buddypress' ) ?>';}" /></label>
 		<input type="submit" id="forums_search_submit" name="forums_search_submit" value="<?php _e( 'Search', 'buddypress' ) ?>" />
 	</form>
 <?php
Index: bp-core.php
===================================================================
--- bp-core.php	(revision 3508)
+++ bp-core.php	(working copy)
@@ -1678,40 +1678,48 @@
  *
  * @package BuddyPress Core
  * @global $bp The global BuddyPress settings variable created in bp_core_setup_globals()
- * @param $slug The slug to redirect to for searching.
+ * @param string $slug The slug to redirect to for searching.
  */
-function bp_core_action_search_site( $slug = false ) {
+function bp_core_action_search_site( $slug = '' ) {
 	global $bp;
 
-	if ( $bp->current_component == BP_SEARCH_SLUG ) {
-		$search_terms = $_POST['search-terms'];
-		$search_which = $_POST['search-which'];
+	if ( BP_SEARCH_SLUG != $bp->current_component )
+		return;
 
-		if ( !$slug || empty( $slug ) ) {
-			switch ( $search_which ) {
-				case 'members': default:
-					$slug = $bp->members->slug;
-					$var = '/?s=';
-					break;
-				case 'groups':
-					$slug = BP_GROUPS_SLUG;
-					$var = '/?s=';
-					break;
-				case 'forums':
-					$slug = BP_FORUMS_SLUG;
-					$var = '/?fs=';
-					break;
-				case 'blogs':
-					$slug = BP_BLOGS_SLUG;
-					$var = '/?s=';
-					break;
-			}
+	if ( empty( $_POST['search-terms'] ) ) {
+		bp_core_redirect( $bp->root_domain );
+		return;
+	}
+
+	$search_terms = stripslashes( $_POST['search-terms'] );
+	$search_which = !empty( $_POST['search-which'] ) ? $_POST['search-which'] : '';
+	$query_string = '/?s=';
+
+	if ( empty( $slug ) ) {
+		switch ( $search_which ) {
+			case 'blogs':
+				$slug = bp_is_active( 'blogs' )  ? $bp->blogs->slug  : '';
+				break;
+			case 'forums':
+				$slug = bp_is_active( 'forums' ) ? $bp->forums->slug : '';
+				$query_string = '/?fs=';
+				break;
+			case 'groups':
+				$slug = bp_is_active( 'groups' ) ? $bp->groups->slug : '';
+				break;
+			case 'members':
+			default:
+				$slug = $bp->members->slug;
+				break;
 		}
 
-		$search_url = apply_filters( 'bp_core_search_site', site_url( $slug . $var . urlencode($search_terms) ), $search_terms );
+		if ( empty( $slug ) ) {
+			bp_core_redirect( $bp->root_domain );
+			return;
+		}
+	}
 
-		bp_core_redirect( $search_url );
-	}
+	bp_core_redirect( apply_filters( 'bp_core_search_site', site_url( $slug . $query_string . urlencode( $search_terms ) ), $search_terms ) );
 }
 add_action( 'init', 'bp_core_action_search_site', 5 );
 
Index: bp-groups/bp-groups-templatetags.php
===================================================================
--- bp-groups/bp-groups-templatetags.php	(revision 3508)
+++ bp-groups/bp-groups-templatetags.php	(working copy)
@@ -1835,12 +1835,12 @@
 	global $bp;
 
 	$search_value = __( 'Search anything...', 'buddypress' );
-	if ( isset( $_REQUEST['s'] ) && !empty( $_REQUEST['s'] ) )
-	 	$search_value = $_REQUEST['s'];
+	if ( !empty( $_REQUEST['s'] ) )
+	 	$search_value = stripslashes( $_REQUEST['s'] );
 
 ?>
 	<form action="" method="get" id="search-groups-form">
-		<label><input type="text" name="s" id="groups_search" value="<?php echo esc_attr($search_value) ?>"  onfocus="if (this.value == '<?php _e( 'Search anything...', 'buddypress' ) ?>') {this.value = '';}" onblur="if (this.value == '') {this.value = '<?php _e( 'Search anything...', 'buddypress' ) ?>';}" /></label>
+		<label><input type="text" name="s" id="groups_search" value="<?php echo esc_attr( $search_value ) ?>"  onfocus="if (this.value == '<?php _e( 'Search anything...', 'buddypress' ) ?>') {this.value = '';}" onblur="if (this.value == '') {this.value = '<?php _e( 'Search anything...', 'buddypress' ) ?>';}" /></label>
 		<input type="submit" id="groups_search_submit" name="groups_search_submit" value="<?php _e( 'Search', 'buddypress' ) ?>" />
 	</form>
 <?php
