Skip to:

Opened 9 years ago

Closed 9 years ago

#6106 closed defect (bug)

Xprofile admin groups desc not stripping slashes

Reported by: hnla's profile hnla Owned by:
Milestone: Priority: normal
Severity: minor Version:
Component: Extended Profile Keywords: has-patch
Cc: hnla


In the group description on an xprofile admin edit screen we are not handling escapes, rendering back \'s etc

Patch wraps $group->description in stripslashes() before we esc_attr() it (not sure esc_attr is correct here? rather than esc_html if we are pushing out to an html element rather than to a html attr? )

Also to note in checking the field description for same issue, they are handled differently in echoing a function bp_the_profile_field_name which is handling the stripping elsewhere so we have a slight variance in approaches here!

Attachments (1)

6106-01.patch (488 bytes) - added by hnla 9 years ago.
stripslashes from group field description

Download all attachments as: .zip

Change History (2)

9 years ago

stripslashes from group field description

#1 @imath
9 years ago

  • Milestone 2.2 deleted
  • Status changed from new to closed

Hi hnla i've posted the same patch a while ago on #6081
Closing this as a duplicate.

Note: See TracTickets for help on using tickets.