Opened 10 months ago
Closed 10 months ago
#9017 closed defect (bug) (fixed)
`BP_Activity_Query::get_sql_for_clause()` can wrongly use `$wpdb->prepare()`
Reported by: | imath | Owned by: | imath |
---|---|---|---|
Milestone: | 12.0.0 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Activity | Keywords: | has-patch |
Cc: |
Description
I wasn't able to find which part of the code is trying to query activities comparing hide_sitewide
to [ 0, 1 ]
, but this is causing a doing it wrong notice with $wpdb->prepare()
.
To avoid it, I believe we simply need to make sure the placeholder used with $wpdb->prepare()
is an integer as expected.
I'll suggest a PR asap.
Change History (2)
Note: See
TracTickets for help on using
tickets.
Avoid wrong usage of
$wpdb->prepare()
inBP_Activity_Query::get_sql_for_clause()
Trac ticket: https://buddypress.trac.wordpress.org/ticket/9017