Context Navigation

← Previous Ticket
Next Ticket →

#5432 closed defect (bug) (fixed)

Members search & WP 3.9 since WP changeset 27257

Reported by:	imath	Owned by:	boonebgorges
Milestone:	2.0	Priority:	normal
Severity:	normal	Version:
Component:	Members	Keywords:	has-patch 2nd-opinion
Cc:

Description

With latest WordPress trunk, if you perform a member search, this will trigger a warning error and will break the search.

Reason is the use of mysql_real_escape_string to escape the search_terms in BP_User_Query. Seems the mysql connexion is not available when using this function, so the second argument is necessary.

We could use $wpdb->_real_escape() instead. But i think, esc_sql() can also do the job.

BP_Signup::get (#5374) will also be concerned.

Finally mysql_real_escape_string is deprecated as of PHP 5.5.0

Attachments (1)

5432.diff (784 bytes) - added by imath 12 years ago.

Download all attachments as: .zip

Change History (2)

@imath
12 years ago

Attachment 5432.diff added

#1 @boonebgorges
12 years ago

Owner set to boonebgorges
Resolution set to fixed
Status changed from new to closed

In 7993:

Don't use mysql_real_escape_string() in BP_User_Query

Fixes #5432

Props imath

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats:

BuddyPress.org