[buddypress-trac] [BuddyPress Trac] #5971: Usage of wp_filter_kses is inconsistent for XProfile fields

buddypress-trac noreply at wordpress.org
Sun Nov 16 13:41:01 UTC 2014


#5971: Usage of wp_filter_kses is inconsistent for XProfile fields
--------------------------+-----------------------------
 Reporter:  thomaslhotta  |       Owner:
     Type:  enhancement   |      Status:  new
 Priority:  normal        |   Milestone:  Future Release
Component:  XProfile      |     Version:  2.1
 Severity:  normal        |  Resolution:
 Keywords:                |
--------------------------+-----------------------------
Changes (by DJPaul):

 * milestone:  Awaiting Review => Future Release


Comment:

 > Wouldn't it be better from an encapsulation perspective to do all the
 input sanitizing in the save function of the BP_XProfile_Field class?

 I agree. :)

 The change doesn't look too complicated to make. Since we're messing with
 kses, I would like us to add an integration test here, but I don't know if
 that's possible as the function is messy. Perhaps we just document a list
 of things on this ticket that we need test manually before/after making
 the change. Maybe @boonebgorges has thoughts on if/how/should we be
 testing this.

--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/5971#comment:1>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac


More information about the buddypress-trac mailing list