[buddypress-trac] [BuddyPress Trac] #5694: Issue with the ampersand character in members search

buddypress-trac noreply at wordpress.org
Thu Aug 14 22:07:50 UTC 2014


#5694: Issue with the ampersand character in members search
--------------------------+------------------
 Reporter:  dontdream     |       Owner:
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  2.1
Component:  Members       |     Version:
 Severity:  normal        |  Resolution:
 Keywords:  has-patch     |
--------------------------+------------------
Changes (by imath):

 * keywords:  needs-unit-tests needs-patch => has-patch


Comment:

 Ok i've explored it a bit more.

 When a profile field is saved, the filter
 {{{xprofile_sanitize_data_value_before_save}}} enters in action.

 It uses {{{xprofile_filter_kses}}} which is using {{{wp_kses}}} which is
 using {{{wp_kses_normalize_entities()}}} which is replacing {{{&}}} by
 {{{&}}} see in [https://core.trac.wordpress.org/browser/trunk/src/wp-
 includes/kses.php#L1140 kses.php] at line 1150

 So i'm suggesting this new version of the patch : {{{5694.04.patch}}},
 where i use wp_kses_normalize_entities() directly in
 {{{bp_xprofile_bp_user_query_search()}}} and {{{BP_User_Query}}}. This way
 the search in group members will also benefit of it.

 I've tested the patch with javascript enabled and not enabled, it's
 working.
 I've built unit tests and tested it and it's also working.

--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/5694#comment:11>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac


More information about the buddypress-trac mailing list