Skip to:
Content

Opened 12 months ago

Closed 9 months ago

Last modified 9 months ago

#7894 closed defect (bug) (fixed)

Broken Login Link after activation

Reported by: vapvarun Owned by: imath
Milestone: 3.2.0 Priority: normal
Severity: normal Version: 3.0.0
Component: Templates Keywords: has-screenshots has-patch reporter-feedback
Cc:

Description

With BP 3.1.0, after new account activation

Your account was activated successfully! You can now <a href="https://wbcomdesigns.com/test-buddypress/wp-login.php?redirect_to=https%3A%2F%2Fwbcomdesigns.com%2Ftest-buddypress">log in</a> with the username and password you provided when you signed up.

Attachments (6)

Activate Your Account – BuddyPress Playground.png (722.7 KB) - added by vapvarun 12 months ago.
7894.patch (1.1 KB) - added by imath 12 months ago.
7894.2.patch (1.0 KB) - added by imath 11 months ago.
7894.3.patch (2.3 KB) - added by spdustin 10 months ago.
Apply escaped Gravatar URL patch when avatar uploads are enabled as well as disabled
7894.4.patch (1.1 KB) - added by imath 9 months ago.
7894.05.patch (1.3 KB) - added by imath 9 months ago.

Download all attachments as: .zip

Change History (27)

#1 @vapvarun
12 months ago

Inside bp-templates/bp-nouveau/buddypress/members/activate.php

<?php
sprintf(
                                                        __( 'Your account was activated successfully! You can now <a href="%s">log in</a> with the username and password you provided when you signed up.', 'buddypress' ),
                                                        wp_login_url( bp_get_root_domain() )
                                                )

with

<?php
printf(
                                                        __( 'Your account was activated successfully! You can now <a href="%s">log in</a> with the username and password you provided when you signed up.', 'buddypress' ),
                                                        wp_login_url( bp_get_root_domain() )
                                                )

#2 @DJPaul
12 months ago

  • Milestone changed from Awaiting Review to 3.2.0

#3 @imath
12 months ago

  • Owner set to imath
  • Status changed from new to assigned

Thanks for the suggestion @vapvarun using printf should fix the issue, I agree. I’ll look into it asap.

@imath
12 months ago

#4 @imath
12 months ago

  • Keywords has-patch added
  • Version set to 3.0.0

I suggest 7894.patch. It needs 7895.patch as it uses the same function to sanitize the output.

Again another way to fix it is to remove esc_html()...

Last edited 12 months ago by imath (previous) (diff)

#5 follow-up: @Venutius
12 months ago

This is probably related to a number of the strings used in BP showing <p> tags that I'm seeing. For example the group description displayed in the group header in bp-nouveau.

#6 @DJPaul
11 months ago

How about removing the link from this string, and simply putting a "Log In" button below it?

#7 @hnla
11 months ago

@imath Lets commit your patches, we need to fix - one way or another - the issue of the esc_html filters added in r12104 because as pointed out they are messing up text areas where html is allowed such as the group descriptions.

@DJPaul I think this is a larger issue than just the login link, we need better escaping for certain areas which I think imaths patches cover, not sure though whether we should break out to a new ticket that is less specific and more generic to the issue causing this problem?

I realise that really this is two issues and the translation issues in this & #7895 might not be necessarily addressed by these patches but we need to fix the display of markup elements.

Last edited 11 months ago by hnla (previous) (diff)

#8 @imath
11 months ago

@hnla Sure, I'll do it tonight (6 to 7 hours from now), unless someone has a strong opinion about it ;)

#9 @DJPaul
11 months ago

Please do not introduce the bp_nouveau_sanitize_feedback() patches. I'm not convinced that is a good approach, see my comment in https://buddypress.trac.wordpress.org/ticket/7895#comment:7 -- sorry.

#10 @imath
11 months ago

Thanks @DJPaul for your feedback. It's on me to be sorry I've missed the comment on #7895

@imath
11 months ago

#11 @imath
11 months ago

7894.2.patch is using a %s placeholder for the login link

#12 @hnla
11 months ago

We need to deal with the esc_html functions i.e remove them where content may be formatted, can't have what we have now out in the wild.

#13 in reply to: ↑ 5 @r-a-y
10 months ago

Replying to Venutius:

This is probably related to a number of the strings used in BP showing <p> tags that I'm seeing. For example the group description displayed in the group header in bp-nouveau.

Replying to hnla:

We need to deal with the esc_html functions i.e remove them where content may be formatted, can't have what we have now out in the wild.

See #7923.

#14 @macsgv
10 months ago

Hello, I have tried the patch 7894.2.patch and I get a blank page.

Last edited 9 months ago by imath (previous) (diff)

@spdustin
10 months ago

Apply escaped Gravatar URL patch when avatar uploads are enabled as well as disabled

#15 @paaljoachim
9 months ago

This is a very obvious error. Can someone suggest a work around that we can use until this has been fixed?

#16 @imath
9 months ago

@spdustin correct me if I'm wrong but your patch is about #7895 ?

#17 @imath
9 months ago

  • Component changed from Core to Templates
  • Keywords reporter-feedback added

I've just updated the patch to change the @version doc tag.

@macsgv If you want to test the patch, you can use this file https://cloudup.com/c8pbDoYch-7 (The download button is at the top right of the screen). FYI I've removed

@paaljoachim and @macsgv you can use the file for testing or as a workaround thanks to the BuddyPress Template Hierarchy : copy it within a /buddypress/members subfolder of your active theme. Once copied you should have /wp-content/themes/NameOfYourTheme/buddypress/members/activate.php

Version 1, edited 9 months ago by imath (previous) (next) (diff)

@imath
9 months ago

@imath
9 months ago

#18 follow-up: @imath
9 months ago

.05 replaces echo sprintf() by printf. I've also updated this file https://cloudup.com/c8pbDoYch-7 for the testers :)

#19 in reply to: ↑ 18 @spdustin
9 months ago

Replying to imath:

My fault on the earlier patch; I had a patch for this bug as well but uploaded the wrong one. #7895 is the correct bug for my patch.

Last edited 9 months ago by spdustin (previous) (diff)

#20 @djpaul
9 months ago

  • Resolution set to fixed
  • Status changed from assigned to closed

In 12220:

Users, Registration: fix Log In link on account activation screen.

Refactoring the message to remove HTML from the original sentance has made it
easier to keep the correct HTML escaping and keep the link.

Props imath

Fixes #7894 (trunk)

#21 @djpaul
9 months ago

In 12221:

Users, Registration: fix Log In link on account activation screen.

Refactoring the message to remove HTML from the original sentance has made it
easier to keep the correct HTML escaping and keep the link.

Props imath

Fixes #7894 (branch 3.0)

Note: See TracTickets for help on using tickets.