Skip to:
Content

BuddyPress.org

Opened 8 years ago

Last modified 8 years ago

#6155 new defect (bug)

bp_core_get_active_member_count() multisite query does not exclude 'spam' status

Reported by: johnjamesjacoby's profile johnjamesjacoby Owned by:
Milestone: Awaiting Contributions Priority: normal
Severity: normal Version:
Component: Members Keywords: needs-unit-tests needs-patch
Cc:

Description (last modified by johnjamesjacoby)

If multisite, it's possible for spam users to be included in the active member count query.

The query was introduced in r5987:

"SELECT ID FROM {$wpdb->users} WHERE (user_status != 0 OR deleted != 0 OR user_status != 0)"

It should likely be:

"SELECT ID FROM {$wpdb->users} WHERE (user_status != 0 OR deleted != 0 OR spam != 0)"

Attachments (2)

6155.unittests.patch (1.0 KB) - added by imath 8 years ago.
Unit tests for bp_core_get_active_member_count()
6155.02.unittests.patch (1.8 KB) - added by imath 8 years ago.

Download all attachments as: .zip

Change History (8)

#1 @johnjamesjacoby
8 years ago

  • Description modified (diff)

This ticket was mentioned in Slack in #buddypress by jjj. View the logs.


8 years ago

#3 @imath
8 years ago

Just wrote a unit test to check. Actually the count is ok because of this part of the query user_status != 0. In multisite, as we also add a value in the user_status field of the users table, there's no problem.

But we should fix it :)

#4 follow-up: @johnjamesjacoby
8 years ago

What happens if users are marked as spam in WordPress multisite but not via BuddyPress? Does the user_status change to 1 also?

@imath
8 years ago

Unit tests for bp_core_get_active_member_count()

#5 in reply to: ↑ 4 @imath
8 years ago

Replying to johnjamesjacoby:

What happens if users are marked as spam in WordPress multisite but not via BuddyPress? Does the user_status change to 1 also?

In multisite, BuddyPress is adding a row action "Spam/Unspam" that uses bp_core_process_spammer_status().
In network Administration, WordPress is adding 2 bulk actions "Spam/Unspam" that uses update_user_status(). We're hooking it using ''make_spam_user' and ''make_ham_user' so that it passes in bp_core_process_spammer_status().

6155.02.unittests.patch is 6155.unittests.patch + a unit tests for multite bulk spam action.

#6 @DJPaul
8 years ago

  • Keywords needs-patch added; needs-testing removed
  • Milestone changed from 2.3 to Future Release
Note: See TracTickets for help on using tickets.