Member - Settings - Email - radio buttons

[slaFFik]

Seems, BuddyPress trusts radio-buttons values on save, which is not good.
Just change the value field of any checked radio button, and click save - in my case yes-or-no was saved successfully into DB.

In source code we have:

foreach ( (array) $_POST['notifications'] as $key => $value ) {
	bp_update_user_meta( (int) bp_displayed_user_id(), $key, $value );
}

So any js script or user can pass any string. I believe this is a bad approach, when application doesn't control the data that is saved.

[r-a-y]

Yeah, this isn't great. This code has been in place since v1.0!

On the other hand though, the majority of plugins do direct checks for 'yes' or 'no' values only; this value is never outputted.

6707.01.patch just sets the value of the notification setting before saving it into user meta.

Filtering bp_get_user_meta( $user_id, 'notification_XXX' ) might be overkill here, so I haven't done this in 01.patch. If we feel it is necessary, then we could do it.

[boonebgorges]

In 10329:

Improve sanitization of email notification settings.

Props boonebgorges, johnjamesjacoby, imath, dcavins.
See #6707.

[boonebgorges]

In 10330:

Improve sanitization of email notification settings.

Port of [10329] to the 2.3 branch.

Props boonebgorges, johnjamesjacoby, imath, dcavins.
See #6707.

[boonebgorges]

In 10332:

Improve sanitization of email notification settings.

Port of [10329] to the 2.2 branch.

Props boonebgorges, johnjamesjacoby, imath, dcavins.
See #6707.

[boonebgorges]

In 10334:

Improve sanitization of email notification settings.

Port of [10329] to the 2.1 branch.

Props boonebgorges, johnjamesjacoby, imath, dcavins.
See #6707.

[boonebgorges]

In 10336:

Improve sanitization of email notification settings.

Port of [10329] to the 2.0 branch.

Props boonebgorges, johnjamesjacoby, imath, dcavins.
See #6707.