Opened 15 years ago
Closed 15 years ago
#1551 closed defect (bug) (fixed)
's' search term breaks groups search
Reported by: | dpolant | Owned by: | |
---|---|---|---|
Milestone: | 1.2 | Priority: | major |
Severity: | Version: | ||
Component: | Keywords: | letter, group, search | |
Cc: |
Description
Search terms in the group search that start with 's' are breaking the search. I believe what is happening is that the part that on line 285 %%$filter%% is becoming %s and so $wpdb->prepare() is breaking when it can't find an argument to throw into that string placeholder.
I have detected this problem on testbp.org and what I believe is a clean installation of 1.1.3.
Change History (4)
Note: See
TracTickets for help on using
tickets.
Changing the search_groups method as shown below solved this problem for me. I had to take out $wpdb->prepare(), but I think it is still secure code because of $wpdb->escape on the $filter variable. Essentially it mirrors the search_users method found in bp-core-classes.
Does everyone agree that this is secure enough?