BP blogmeta update routine incorrectly overwrites 'post_title' for unrelated activities

[r-a-y]

When a blog post is updated, a few things are synced if there is a corresponding activity item.

@boonebgorges discovered a bug if:

• the WP site is using multisite; and
• if the blog post contains comments; and
• if there are corresponding 'new_blog_comment' activity items; and
• if the post title has changed

What happens is the post title activity meta entry is updated for each 'new_blog_comment' activity item where the post comment ID is the same across the entire network.

The problem occurs here:
​https://buddypress.trac.wordpress.org/browser/tags/3.2.0/src/bp-blogs/bp-blogs-functions.php?marks=662-666#L634.

When querying for old-style activity comment items, the activity query only does a search on the 'action', 'object', and 'secondary_id' - but not 'primary_id'. As such, it returns a large number of activity items associated with posts on different sites (bad) and then proceeds to update the metadata on them (worse).

I've attached a unit test exhibiting the bug, as well as the patch that fixes the issue.

This bug was introduced as part of #5609.

[DJPaul]

Nice simple patch, I like it.

[boonebgorges]

Fix looks right to me. Thanks!

[boonebgorges]

In 12311:

Blogs: Ensure activity data integrity when updating post title.

Previously, a missing primary_id could cause the post_title activity meta
value to be updated for activity items unrelated to the one linked to the
updated blog post.

Props r-a-y.
Fixes #8007.

[boonebgorges]

This didn't get merged to the 4.0 branch.

[boonebgorges]

In 12333:

Blogs: Ensure activity data integrity when updating post title.

Previously, a missing primary_id could cause the post_title activity meta
value to be updated for activity items unrelated to the one linked to the
updated blog post.

Merges [12311] to the 4.0.x branch.

Props r-a-y.
Fixes #8007.