BuddyPress - Version 1.8.1

Version Description

See: http://codex.buddypress.org/releases/version-1-8-1/

Download this release

Release Info

Developer boonebgorges
Plugin Icon 128x128 BuddyPress
Version 1.8.1
Comparing to
See all releases

Code changes from version 1.8 to 1.8.1

Files changed (16) hide show
  1. bp-activity/bp-activity-actions.php +14 -7
  2. bp-activity/bp-activity-classes.php +3 -3
  3. bp-activity/bp-activity-functions.php +1 -1
  4. bp-blogs/bp-blogs-functions.php +1 -1
  5. bp-core/bp-core-classes.php +1 -2
  6. bp-forums/bp-forums-functions.php +2 -2
  7. bp-groups/bp-groups-classes.php +73 -35
  8. bp-groups/bp-groups-functions.php +1 -1
  9. bp-languages/buddypress.pot +10 -10
  10. bp-loader.php +2 -2
  11. bp-members/bp-members-screens.php +3 -2
  12. bp-messages/bp-messages-classes.php +1 -1
  13. bp-themes/bp-default/rtl.css +1 -1
  14. bp-themes/bp-default/style.css +1 -1
  15. bp-xprofile/bp-xprofile-functions.php +1 -1
  16. readme.txt +7 -1
bp-activity/bp-activity-actions.php CHANGED
@@ -561,20 +561,27 @@ add_action( 'bp_actions', 'bp_activity_action_my_groups_feed' );
561
  * @return bool False on failure
562
  */
563
  function bp_activity_action_mentions_feed() {
564
- global $wp_query;
565
-
566
  if ( ! bp_activity_do_mentions() ) {
567
  return false;
568
  }
569
 
570
- if ( !bp_is_user_activity() || !bp_is_current_action( 'mentions' ) || !bp_is_action_variable( 'feed', 0 ) )
571
  return false;
 
 
 
 
 
572
 
573
- $wp_query->is_404 = false;
574
- status_header( 200 );
575
 
576
- include_once( 'feeds/bp-activity-mentions-feed.php' );
577
- die;
 
 
 
 
578
  }
579
  add_action( 'bp_actions', 'bp_activity_action_mentions_feed' );
580
 
561
  * @return bool False on failure
562
  */
563
  function bp_activity_action_mentions_feed() {
 
 
564
  if ( ! bp_activity_do_mentions() ) {
565
  return false;
566
  }
567
 
568
+ if ( !bp_is_user_activity() || ! bp_is_current_action( 'mentions' ) || ! bp_is_action_variable( 'feed', 0 ) ) {
569
  return false;
570
+ }
571
+
572
+ // setup the feed
573
+ buddypress()->activity->feed = new BP_Activity_Feed( array(
574
+ 'id' => 'mentions',
575
 
576
+ /* translators: User mentions activity RSS title - "[Site Name] | [User Display Name] | Mentions" */
577
+ 'title' => sprintf( __( '%1$s | %2$s | Mentions', 'buddypress' ), bp_get_site_name(), bp_get_displayed_user_fullname() ),
578
 
579
+ 'link' => bp_displayed_user_domain() . bp_get_activity_slug() . '/mentions/',
580
+ 'description' => sprintf( __( "Activity feed mentioning %s.", 'buddypress' ), bp_get_displayed_user_fullname() ),
581
+ 'activity_args' => array(
582
+ 'search_terms' => '@' . bp_core_get_username( bp_displayed_user_id() )
583
+ )
584
+ ) );
585
  }
586
  add_action( 'bp_actions', 'bp_activity_action_mentions_feed' );
587
 
bp-activity/bp-activity-classes.php CHANGED
@@ -155,7 +155,7 @@ class BP_Activity_Activity {
155
  extract( $r );
156
 
157
  // Select conditions
158
- $select_sql = "SELECT a.*, u.user_email, u.user_nicename, u.user_login, u.display_name";
159
 
160
  $from_sql = " FROM {$bp->activity->table_name} a LEFT JOIN {$wpdb->users} u ON a.user_id = u.ID";
161
 
@@ -172,7 +172,7 @@ class BP_Activity_Activity {
172
 
173
  // Searching
174
  if ( $search_terms ) {
175
- $search_terms = $wpdb->escape( $search_terms );
176
  $where_conditions['search_sql'] = "a.content LIKE '%%" . esc_sql( like_escape( $search_terms ) ) . "%%'";
177
  }
178
 
@@ -247,7 +247,7 @@ class BP_Activity_Activity {
247
  $activities = $wpdb->get_results( apply_filters( 'bp_activity_get_user_join_filter', "{$select_sql} {$from_sql} {$join_sql} {$where_sql} ORDER BY a.date_recorded {$sort}", $select_sql, $from_sql, $where_sql, $sort ) );
248
  }
249
 
250
- $total_activities_sql = apply_filters( 'bp_activity_total_activities_sql', "SELECT count(a.id) FROM {$bp->activity->table_name} a {$index_hint_sql} {$join_sql} {$where_sql} ORDER BY a.date_recorded {$sort}", $where_sql, $sort );
251
 
252
  $total_activities = $wpdb->get_var( $total_activities_sql );
253
 
155
  extract( $r );
156
 
157
  // Select conditions
158
+ $select_sql = "SELECT DISTINCT a.*, u.user_email, u.user_nicename, u.user_login, u.display_name";
159
 
160
  $from_sql = " FROM {$bp->activity->table_name} a LEFT JOIN {$wpdb->users} u ON a.user_id = u.ID";
161
 
172
 
173
  // Searching
174
  if ( $search_terms ) {
175
+ $search_terms = esc_sql( $search_terms );
176
  $where_conditions['search_sql'] = "a.content LIKE '%%" . esc_sql( like_escape( $search_terms ) ) . "%%'";
177
  }
178
 
247
  $activities = $wpdb->get_results( apply_filters( 'bp_activity_get_user_join_filter', "{$select_sql} {$from_sql} {$join_sql} {$where_sql} ORDER BY a.date_recorded {$sort}", $select_sql, $from_sql, $where_sql, $sort ) );
248
  }
249
 
250
+ $total_activities_sql = apply_filters( 'bp_activity_total_activities_sql', "SELECT count(DISTINCT a.id) FROM {$bp->activity->table_name} a {$index_hint_sql} {$join_sql} {$where_sql} ORDER BY a.date_recorded {$sort}", $where_sql, $sort );
251
 
252
  $total_activities = $wpdb->get_var( $total_activities_sql );
253
 
bp-activity/bp-activity-functions.php CHANGED
@@ -685,7 +685,7 @@ function bp_activity_update_meta( $activity_id, $meta_key, $meta_value ) {
685
 
686
  // Sanitize value
687
  if ( is_string( $meta_value ) )
688
- $meta_value = stripslashes( $wpdb->escape( $meta_value ) );
689
 
690
  // Maybe, just maybe... serialize
691
  $meta_value = maybe_serialize( $meta_value );
685
 
686
  // Sanitize value
687
  if ( is_string( $meta_value ) )
688
+ $meta_value = stripslashes( esc_sql( $meta_value ) );
689
 
690
  // Maybe, just maybe... serialize
691
  $meta_value = maybe_serialize( $meta_value );
bp-blogs/bp-blogs-functions.php CHANGED
@@ -708,7 +708,7 @@ function bp_blogs_update_blogmeta( $blog_id, $meta_key, $meta_value ) {
708
  $meta_key = preg_replace( '|[^a-z0-9_]|i', '', $meta_key );
709
 
710
  if ( is_string($meta_value) )
711
- $meta_value = stripslashes($wpdb->escape($meta_value));
712
 
713
  $meta_value = maybe_serialize($meta_value);
714
 
708
  $meta_key = preg_replace( '|[^a-z0-9_]|i', '', $meta_key );
709
 
710
  if ( is_string($meta_value) )
711
+ $meta_value = stripslashes( esc_sql( $meta_value ) );
712
 
713
  $meta_value = maybe_serialize($meta_value);
714
 
bp-core/bp-core-classes.php CHANGED
@@ -324,8 +324,7 @@ class BP_User_Query {
324
 
325
  // 'exclude' - User ids to exclude from the results
326
  if ( false !== $exclude ) {
327
- $exclude = wp_parse_id_list( $exclude );
328
- $exclude_ids = $wpdb->escape( implode( ',', (array) $exclude ) );
329
  $sql['where'][] = "u.{$this->uid_name} NOT IN ({$exclude_ids})";
330
  }
331
 
324
 
325
  // 'exclude' - User ids to exclude from the results
326
  if ( false !== $exclude ) {
327
+ $exclude_ids = implode( ',', wp_parse_id_list( $exclude ) );
 
328
  $sql['where'][] = "u.{$this->uid_name} NOT IN ({$exclude_ids})";
329
  }
330
 
bp-forums/bp-forums-functions.php CHANGED
@@ -456,7 +456,7 @@ function bp_forums_get_topic_extras( $topics ) {
456
 
457
  // Get the topic ids
458
  foreach ( (array) $topics as $topic ) $topic_ids[] = $topic->topic_id;
459
- $topic_ids = $wpdb->escape( join( ',', (array) $topic_ids ) );
460
 
461
  // Fetch the topic's last poster details
462
  $poster_details = $wpdb->get_results( "SELECT t.topic_id, t.topic_last_poster, u.user_login, u.user_nicename, u.user_email, u.display_name FROM {$wpdb->users} u, {$bbdb->topics} t WHERE u.ID = t.topic_last_poster AND t.topic_id IN ( {$topic_ids} )" );
@@ -590,7 +590,7 @@ function bp_forums_get_post_extras( $posts ) {
590
 
591
  // Get the user ids
592
  foreach ( (array) $posts as $post ) $user_ids[] = $post->poster_id;
593
- $user_ids = $wpdb->escape( join( ',', (array) $user_ids ) );
594
 
595
  // Fetch the poster's user_email, user_nicename and user_login
596
  $poster_details = $wpdb->get_results( "SELECT u.ID as user_id, u.user_login, u.user_nicename, u.user_email, u.display_name FROM {$wpdb->users} u WHERE u.ID IN ( {$user_ids} )" );
456
 
457
  // Get the topic ids
458
  foreach ( (array) $topics as $topic ) $topic_ids[] = $topic->topic_id;
459
+ $topic_ids = implode( ',', wp_parse_id_list( $topic_ids ) );
460
 
461
  // Fetch the topic's last poster details
462
  $poster_details = $wpdb->get_results( "SELECT t.topic_id, t.topic_last_poster, u.user_login, u.user_nicename, u.user_email, u.display_name FROM {$wpdb->users} u, {$bbdb->topics} t WHERE u.ID = t.topic_last_poster AND t.topic_id IN ( {$topic_ids} )" );
590
 
591
  // Get the user ids
592
  foreach ( (array) $posts as $post ) $user_ids[] = $post->poster_id;
593
+ $user_ids = implode( ',', wp_parse_id_list( $user_ids ) );
594
 
595
  // Fetch the poster's user_email, user_nicename and user_login
596
  $poster_details = $wpdb->get_results( "SELECT u.ID as user_id, u.user_login, u.user_nicename, u.user_email, u.display_name FROM {$wpdb->users} u WHERE u.ID IN ( {$user_ids} )" );
bp-groups/bp-groups-classes.php CHANGED
@@ -353,7 +353,7 @@ class BP_Groups_Group {
353
  $sql = array();
354
  $total_sql = array();
355
 
356
- $sql['select'] = "SELECT g.*, gm1.meta_value AS total_member_count, gm2.meta_value AS last_activity";
357
  $sql['from'] = " FROM {$bp->groups->table_name_groupmeta} gm1, {$bp->groups->table_name_groupmeta} gm2,";
358
 
359
  if ( ! empty( $r['user_id'] ) ) {
@@ -381,7 +381,6 @@ class BP_Groups_Group {
381
 
382
  if ( ! empty( $meta_query_sql['join'] ) ) {
383
  $sql['from'] .= $meta_query_sql['join'];
384
- $total_sql['select'] .= $meta_query_sql['join_total'];
385
  }
386
 
387
  if ( ! empty( $meta_query_sql['where'] ) ) {
@@ -393,14 +392,12 @@ class BP_Groups_Group {
393
  }
394
 
395
  if ( ! empty( $r['include'] ) ) {
396
- $include = wp_parse_id_list( $r['include'] );
397
- $include = $wpdb->escape( implode( ',', $include ) );
398
  $sql['include'] = " AND g.id IN ({$include})";
399
  }
400
 
401
  if ( ! empty( $r['exclude'] ) ) {
402
- $exclude = wp_parse_id_list( $r['exclude'] );
403
- $exclude = $wpdb->escape( implode( ',', $exclude ) );
404
  $sql['exclude'] = " AND g.id NOT IN ({$exclude})";
405
  }
406
 
@@ -469,11 +466,10 @@ class BP_Groups_Group {
469
  // See #5099
470
  if ( ! empty( $meta_query_sql['where'] ) ) {
471
  // Join the groupmeta table
472
- $total_sql['select'] .= ", {$bp->groups->table_name_groupmeta} gmmq";
473
 
474
  // Modify the meta_query clause from paged_sql for our syntax
475
  $meta_query_clause = preg_replace( '/^\s*AND/', '', $meta_query_sql['where'] );
476
- $meta_query_clause = str_replace( $bp->groups->table_name_groupmeta, 'gmmq', $meta_query_clause );
477
  $total_sql['where'][] = $meta_query_clause;
478
  }
479
 
@@ -508,7 +504,7 @@ class BP_Groups_Group {
508
 
509
  // Populate some extra information instead of querying each time in the loop
510
  if ( !empty( $r['populate_extras'] ) ) {
511
- $group_ids = $wpdb->escape( join( ',', (array) $group_ids ) );
512
  $paged_groups = BP_Groups_Group::get_group_extras( $paged_groups, $group_ids, $r['type'] );
513
  }
514
 
@@ -561,11 +557,19 @@ class BP_Groups_Group {
561
  // @todo It may be better in the long run to refactor
562
  // the more general query syntax to accord better with
563
  // BP/WP convention
564
- preg_match( '/INNER JOIN (.*) ON/', $meta_sql['join'], $matches_a );
565
- preg_match( '/ON \((.*)\)$/', $meta_sql['join'], $matches_b );
 
566
  if ( ! empty( $matches_a[1] ) && ! empty( $matches_b[1] ) ) {
567
- $sql_array['join'] = $matches_a[1] . ', ';
568
- $sql_array['where'] = preg_replace( '/^(\sAND\s+[\(\s]+)/', '$1' . $matches_b[1] . ' AND ', $meta_sql['where'] );
 
 
 
 
 
 
 
569
  }
570
  }
571
 
@@ -669,13 +673,12 @@ class BP_Groups_Group {
669
  }
670
 
671
  if ( !empty( $exclude ) ) {
672
- $exclude = wp_parse_id_list( $exclude );
673
- $exclude = $wpdb->escape( implode( ',', $exclude ) );
674
  $exclude_sql = " AND g.id NOT IN ({$exclude})";
675
  }
676
 
677
  if ( !empty( $user_id ) ) {
678
- $user_id = absint( $wpdb->escape( $user_id ) );
679
  $paged_groups = $wpdb->get_results( "SELECT DISTINCT g.*, gm1.meta_value as total_member_count, gm2.meta_value as last_activity FROM {$bp->groups->table_name_groupmeta} gm1, {$bp->groups->table_name_groupmeta} gm2, {$bp->groups->table_name_groupmeta} gm3, {$bp->groups->table_name_members} m, {$bbdb->forums} f, {$bp->groups->table_name} g WHERE g.id = m.group_id AND g.id = gm1.group_id AND g.id = gm2.group_id AND g.id = gm3.group_id AND gm2.meta_key = 'last_activity' AND gm1.meta_key = 'total_member_count' AND (gm3.meta_key = 'forum_id' AND gm3.meta_value = f.forum_id) AND f.topics > 0 {$hidden_sql} {$search_sql} AND m.user_id = {$user_id} AND m.is_confirmed = 1 AND m.is_banned = 0 {$exclude_sql} ORDER BY f.topics DESC {$pag_sql}" );
680
  $total_groups = $wpdb->get_var( "SELECT COUNT(DISTINCT g.id) FROM {$bp->groups->table_name_groupmeta} gm1, {$bp->groups->table_name_groupmeta} gm2, {$bp->groups->table_name_groupmeta} gm3, {$bbdb->forums} f, {$bp->groups->table_name} g WHERE g.id = gm1.group_id AND g.id = gm2.group_id AND g.id = gm3.group_id AND gm2.meta_key = 'last_activity' AND gm1.meta_key = 'total_member_count' AND (gm3.meta_key = 'forum_id' AND gm3.meta_value = f.forum_id) AND f.topics > 0 {$hidden_sql} {$search_sql} AND m.user_id = {$user_id} AND m.is_confirmed = 1 AND m.is_banned = 0 {$exclude_sql}" );
681
  } else {
@@ -685,7 +688,7 @@ class BP_Groups_Group {
685
 
686
  if ( !empty( $populate_extras ) ) {
687
  foreach ( (array) $paged_groups as $group ) $group_ids[] = $group->id;
688
- $group_ids = $wpdb->escape( join( ',', (array) $group_ids ) );
689
  $paged_groups = BP_Groups_Group::get_group_extras( $paged_groups, $group_ids, 'newest' );
690
  }
691
 
@@ -711,13 +714,12 @@ class BP_Groups_Group {
711
  }
712
 
713
  if ( !empty( $exclude ) ) {
714
- $exclude = wp_parse_id_list( $exclude );
715
- $exclude = $wpdb->escape( implode( ',', $exclude ) );
716
  $exclude_sql = " AND g.id NOT IN ({$exclude})";
717
  }
718
 
719
  if ( !empty( $user_id ) ) {
720
- $user_id = $wpdb->escape( $user_id );
721
  $paged_groups = $wpdb->get_results( "SELECT DISTINCT g.*, gm1.meta_value as total_member_count, gm2.meta_value as last_activity FROM {$bp->groups->table_name_groupmeta} gm1, {$bp->groups->table_name_groupmeta} gm2, {$bp->groups->table_name_groupmeta} gm3, {$bp->groups->table_name_members} m, {$bbdb->forums} f, {$bp->groups->table_name} g WHERE g.id = m.group_id AND g.id = gm1.group_id AND g.id = gm2.group_id AND g.id = gm3.group_id AND gm2.meta_key = 'last_activity' AND gm1.meta_key = 'total_member_count' AND (gm3.meta_key = 'forum_id' AND gm3.meta_value = f.forum_id) {$hidden_sql} {$search_sql} AND m.user_id = {$user_id} AND m.is_confirmed = 1 AND m.is_banned = 0 {$exclude_sql} ORDER BY f.posts ASC {$pag_sql}" );
722
  $total_groups = $wpdb->get_results( "SELECT COUNT(DISTINCT g.id) FROM {$bp->groups->table_name_groupmeta} gm1, {$bp->groups->table_name_groupmeta} gm2, {$bp->groups->table_name_groupmeta} gm3, {$bp->groups->table_name_members} m, {$bbdb->forums} f, {$bp->groups->table_name} g WHERE g.id = m.group_id AND g.id = gm1.group_id AND g.id = gm2.group_id AND g.id = gm3.group_id AND gm2.meta_key = 'last_activity' AND gm1.meta_key = 'total_member_count' AND (gm3.meta_key = 'forum_id' AND gm3.meta_value = f.forum_id) AND f.posts > 0 {$hidden_sql} {$search_sql} AND m.user_id = {$user_id} AND m.is_confirmed = 1 AND m.is_banned = 0 {$exclude_sql} " );
723
  } else {
@@ -727,7 +729,7 @@ class BP_Groups_Group {
727
 
728
  if ( !empty( $populate_extras ) ) {
729
  foreach ( (array) $paged_groups as $group ) $group_ids[] = $group->id;
730
- $group_ids = $wpdb->escape( join( ',', (array) $group_ids ) );
731
  $paged_groups = BP_Groups_Group::get_group_extras( $paged_groups, $group_ids, 'newest' );
732
  }
733
 
@@ -749,8 +751,7 @@ class BP_Groups_Group {
749
  }
750
 
751
  if ( !empty( $exclude ) ) {
752
- $exclude = wp_parse_id_list( $exclude );
753
- $exclude = $wpdb->escape( implode( ',', $exclude ) );
754
  $exclude_sql = " AND g.id NOT IN ({$exclude})";
755
  }
756
 
@@ -770,7 +771,7 @@ class BP_Groups_Group {
770
  foreach ( (array) $paged_groups as $group ) {
771
  $group_ids[] = $group->id;
772
  }
773
- $group_ids = $wpdb->escape( join( ',', (array) $group_ids ) );
774
  $paged_groups = BP_Groups_Group::get_group_extras( $paged_groups, $group_ids, 'newest' );
775
  }
776
 
@@ -795,12 +796,12 @@ class BP_Groups_Group {
795
 
796
  if ( !empty( $exclude ) ) {
797
  $exclude = wp_parse_id_list( $exclude );
798
- $exclude = $wpdb->escape( implode( ',', $exclude ) );
799
  $exclude_sql = " AND g.id NOT IN ({$exclude})";
800
  }
801
 
802
  if ( !empty( $user_id ) ) {
803
- $user_id = $wpdb->escape( $user_id );
804
  $paged_groups = $wpdb->get_results( "SELECT g.*, gm1.meta_value as total_member_count, gm2.meta_value as last_activity FROM {$bp->groups->table_name_groupmeta} gm1, {$bp->groups->table_name_groupmeta} gm2, {$bp->groups->table_name_members} m, {$bp->groups->table_name} g WHERE g.id = m.group_id AND g.id = gm1.group_id AND g.id = gm2.group_id AND gm2.meta_key = 'last_activity' AND gm1.meta_key = 'total_member_count' {$hidden_sql} {$search_sql} AND m.user_id = {$user_id} AND m.is_confirmed = 1 AND m.is_banned = 0 {$exclude_sql} ORDER BY rand() {$pag_sql}" );
805
  $total_groups = $wpdb->get_var( "SELECT COUNT(DISTINCT m.group_id) FROM {$bp->groups->table_name_members} m LEFT JOIN {$bp->groups->table_name_groupmeta} gm ON m.group_id = gm.group_id INNER JOIN {$bp->groups->table_name} g ON m.group_id = g.id WHERE gm.meta_key = 'last_activity'{$hidden_sql} {$search_sql} AND m.user_id = {$user_id} AND m.is_confirmed = 1 AND m.is_banned = 0 {$exclude_sql}" );
806
  } else {
@@ -810,7 +811,7 @@ class BP_Groups_Group {
810
 
811
  if ( !empty( $populate_extras ) ) {
812
  foreach ( (array) $paged_groups as $group ) $group_ids[] = $group->id;
813
- $group_ids = $wpdb->escape( join( ',', (array) $group_ids ) );
814
  $paged_groups = BP_Groups_Group::get_group_extras( $paged_groups, $group_ids, 'newest' );
815
  }
816
 
@@ -965,6 +966,14 @@ class BP_Groups_Group {
965
  * @since BuddyPress (1.8)
966
  */
967
  class BP_Group_Member_Query extends BP_User_Query {
 
 
 
 
 
 
 
 
968
  /**
969
  * Set up action hooks
970
  *
@@ -978,6 +987,9 @@ class BP_Group_Member_Query extends BP_User_Query {
978
  $this->query_vars_raw['type'] = 'last_modified';
979
  }
980
 
 
 
 
981
  // Set up our populate_extras method
982
  add_action( 'bp_user_query_populate_extras', array( $this, 'populate_group_member_extras' ), 10, 2 );
983
  }
@@ -1028,6 +1040,10 @@ class BP_Group_Member_Query extends BP_User_Query {
1028
  protected function get_group_member_ids() {
1029
  global $wpdb;
1030
 
 
 
 
 
1031
  $bp = buddypress();
1032
  $sql = array(
1033
  'select' => "SELECT user_id FROM {$bp->groups->table_name_members}",
@@ -1106,10 +1122,34 @@ class BP_Group_Member_Query extends BP_User_Query {
1106
  $sql['order'] = "DESC";
1107
 
1108
  /** LIMIT clause ******************************************************/
 
1109
 
1110
- $ids = $wpdb->get_col( "{$sql['select']} {$sql['where']} {$sql['orderby']} {$sql['order']} {$sql['limit']}" );
 
1111
 
1112
- return $ids;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1113
  }
1114
 
1115
  /**
@@ -1466,8 +1506,7 @@ class BP_Groups_Member {
1466
  $pag_sql = ( !empty( $limit ) && !empty( $page ) ) ? $wpdb->prepare( " LIMIT %d, %d", intval( ( $page - 1 ) * $limit), intval( $limit ) ) : '';
1467
 
1468
  if ( !empty( $exclude ) ) {
1469
- $exclude = wp_parse_id_list( $exclude );
1470
- $exclude = $wpdb->escape( implode( ',', $exclude ) );
1471
  $exclude_sql = " AND g.id NOT IN ({$exclude})";
1472
  } else {
1473
  $exclude_sql = '';
@@ -1628,8 +1667,7 @@ class BP_Groups_Member {
1628
 
1629
  $exclude_sql = '';
1630
  if ( !empty( $exclude ) ) {
1631
- $exclude = wp_parse_id_list( $exclude );
1632
- $exclude = $wpdb->escape( implode( ',', $exclude ) );
1633
  $exclude_sql = " AND m.user_id NOT IN ({$exclude})";
1634
  }
1635
 
@@ -2535,14 +2573,14 @@ class BP_Group_Extension {
2535
  $method = $context . '_' . $type;
2536
  $rmethod = $this->class_reflection->getMethod( $method );
2537
  if ( isset( $rmethod->class ) && $this->class_name === $rmethod->class ) {
2538
- $callback = array( $this->class_name, $method );
2539
  }
2540
 
2541
  if ( empty( $callback ) ) {
2542
  $fallback_method = 'settings_' . $type;
2543
  $rfallback_method = $this->class_reflection->getMethod( $fallback_method );
2544
  if ( isset( $rfallback_method->class ) && $this->class_name === $rfallback_method->class ) {
2545
- $callback = array( $this->class_name, $fallback_method );
2546
  }
2547
  }
2548
 
353
  $sql = array();
354
  $total_sql = array();
355
 
356
+ $sql['select'] = "SELECT DISTINCT g.id, g.*, gm1.meta_value AS total_member_count, gm2.meta_value AS last_activity";
357
  $sql['from'] = " FROM {$bp->groups->table_name_groupmeta} gm1, {$bp->groups->table_name_groupmeta} gm2,";
358
 
359
  if ( ! empty( $r['user_id'] ) ) {
381
 
382
  if ( ! empty( $meta_query_sql['join'] ) ) {
383
  $sql['from'] .= $meta_query_sql['join'];
 
384
  }
385
 
386
  if ( ! empty( $meta_query_sql['where'] ) ) {
392
  }
393
 
394
  if ( ! empty( $r['include'] ) ) {
395
+ $include = implode( ',', wp_parse_id_list( $r['include'] ) );
 
396
  $sql['include'] = " AND g.id IN ({$include})";
397
  }
398
 
399
  if ( ! empty( $r['exclude'] ) ) {
400
+ $exclude = implode( ',', wp_parse_id_list( $r['exclude'] ) );
 
401
  $sql['exclude'] = " AND g.id NOT IN ({$exclude})";
402
  }
403
 
466
  // See #5099
467
  if ( ! empty( $meta_query_sql['where'] ) ) {
468
  // Join the groupmeta table
469
+ $total_sql['select'] .= ", ". substr( $meta_query_sql['join'], 0, -2 );
470
 
471
  // Modify the meta_query clause from paged_sql for our syntax
472
  $meta_query_clause = preg_replace( '/^\s*AND/', '', $meta_query_sql['where'] );
 
473
  $total_sql['where'][] = $meta_query_clause;
474
  }
475
 
504
 
505
  // Populate some extra information instead of querying each time in the loop
506
  if ( !empty( $r['populate_extras'] ) ) {
507
+ $group_ids = implode( ',', wp_parse_id_list( $group_ids ) );
508
  $paged_groups = BP_Groups_Group::get_group_extras( $paged_groups, $group_ids, $r['type'] );
509
  }
510
 
557
  // @todo It may be better in the long run to refactor
558
  // the more general query syntax to accord better with
559
  // BP/WP convention
560
+ preg_match_all( '/INNER JOIN (.*) ON/', $meta_sql['join'], $matches_a );
561
+ preg_match_all( '/ON \((.*)\)/', $meta_sql['join'], $matches_b );
562
+
563
  if ( ! empty( $matches_a[1] ) && ! empty( $matches_b[1] ) ) {
564
+ $sql_array['join'] = implode( ',', $matches_a[1] ). ', ';
565
+
566
+ $sql_array['where'] = '';
567
+
568
+ $meta_query_where_clauses = explode( "\n", $meta_sql['where'] );
569
+ foreach( $matches_b[1] as $key => $group_id_clause ) {
570
+ $sql_array['where'] .= ' ' . preg_replace( '/^(AND\s+[\(\s]+)/', '$1' . $group_id_clause . ' AND ', ltrim( $meta_query_where_clauses[ $key ] ) );
571
+ }
572
+
573
  }
574
  }
575
 
673
  }
674
 
675
  if ( !empty( $exclude ) ) {
676
+ $exclude = implode( ',', wp_parse_id_list( $exclude ) );
 
677
  $exclude_sql = " AND g.id NOT IN ({$exclude})";
678
  }
679
 
680
  if ( !empty( $user_id ) ) {
681
+ $user_id = absint( esc_sql( $user_id ) );
682
  $paged_groups = $wpdb->get_results( "SELECT DISTINCT g.*, gm1.meta_value as total_member_count, gm2.meta_value as last_activity FROM {$bp->groups->table_name_groupmeta} gm1, {$bp->groups->table_name_groupmeta} gm2, {$bp->groups->table_name_groupmeta} gm3, {$bp->groups->table_name_members} m, {$bbdb->forums} f, {$bp->groups->table_name} g WHERE g.id = m.group_id AND g.id = gm1.group_id AND g.id = gm2.group_id AND g.id = gm3.group_id AND gm2.meta_key = 'last_activity' AND gm1.meta_key = 'total_member_count' AND (gm3.meta_key = 'forum_id' AND gm3.meta_value = f.forum_id) AND f.topics > 0 {$hidden_sql} {$search_sql} AND m.user_id = {$user_id} AND m.is_confirmed = 1 AND m.is_banned = 0 {$exclude_sql} ORDER BY f.topics DESC {$pag_sql}" );
683
  $total_groups = $wpdb->get_var( "SELECT COUNT(DISTINCT g.id) FROM {$bp->groups->table_name_groupmeta} gm1, {$bp->groups->table_name_groupmeta} gm2, {$bp->groups->table_name_groupmeta} gm3, {$bbdb->forums} f, {$bp->groups->table_name} g WHERE g.id = gm1.group_id AND g.id = gm2.group_id AND g.id = gm3.group_id AND gm2.meta_key = 'last_activity' AND gm1.meta_key = 'total_member_count' AND (gm3.meta_key = 'forum_id' AND gm3.meta_value = f.forum_id) AND f.topics > 0 {$hidden_sql} {$search_sql} AND m.user_id = {$user_id} AND m.is_confirmed = 1 AND m.is_banned = 0 {$exclude_sql}" );
684
  } else {
688
 
689
  if ( !empty( $populate_extras ) ) {
690
  foreach ( (array) $paged_groups as $group ) $group_ids[] = $group->id;
691
+ $group_ids = implode( ',', wp_parse_id_list( $group_ids ) );
692
  $paged_groups = BP_Groups_Group::get_group_extras( $paged_groups, $group_ids, 'newest' );
693
  }
694
 
714
  }
715
 
716
  if ( !empty( $exclude ) ) {
717
+ $exclude = implode( ',', wp_parse_id_list( $exclude ) );
 
718
  $exclude_sql = " AND g.id NOT IN ({$exclude})";
719
  }
720
 
721
  if ( !empty( $user_id ) ) {
722
+ $user_id = esc_sql( $user_id );
723
  $paged_groups = $wpdb->get_results( "SELECT DISTINCT g.*, gm1.meta_value as total_member_count, gm2.meta_value as last_activity FROM {$bp->groups->table_name_groupmeta} gm1, {$bp->groups->table_name_groupmeta} gm2, {$bp->groups->table_name_groupmeta} gm3, {$bp->groups->table_name_members} m, {$bbdb->forums} f, {$bp->groups->table_name} g WHERE g.id = m.group_id AND g.id = gm1.group_id AND g.id = gm2.group_id AND g.id = gm3.group_id AND gm2.meta_key = 'last_activity' AND gm1.meta_key = 'total_member_count' AND (gm3.meta_key = 'forum_id' AND gm3.meta_value = f.forum_id) {$hidden_sql} {$search_sql} AND m.user_id = {$user_id} AND m.is_confirmed = 1 AND m.is_banned = 0 {$exclude_sql} ORDER BY f.posts ASC {$pag_sql}" );
724
  $total_groups = $wpdb->get_results( "SELECT COUNT(DISTINCT g.id) FROM {$bp->groups->table_name_groupmeta} gm1, {$bp->groups->table_name_groupmeta} gm2, {$bp->groups->table_name_groupmeta} gm3, {$bp->groups->table_name_members} m, {$bbdb->forums} f, {$bp->groups->table_name} g WHERE g.id = m.group_id AND g.id = gm1.group_id AND g.id = gm2.group_id AND g.id = gm3.group_id AND gm2.meta_key = 'last_activity' AND gm1.meta_key = 'total_member_count' AND (gm3.meta_key = 'forum_id' AND gm3.meta_value = f.forum_id) AND f.posts > 0 {$hidden_sql} {$search_sql} AND m.user_id = {$user_id} AND m.is_confirmed = 1 AND m.is_banned = 0 {$exclude_sql} " );
725
  } else {
729
 
730
  if ( !empty( $populate_extras ) ) {
731
  foreach ( (array) $paged_groups as $group ) $group_ids[] = $group->id;
732
+ $group_ids = implode( ',', wp_parse_id_list( $group_ids ) );
733
  $paged_groups = BP_Groups_Group::get_group_extras( $paged_groups, $group_ids, 'newest' );
734
  }
735
 
751
  }
752
 
753
  if ( !empty( $exclude ) ) {
754
+ $exclude = implode( ',', wp_parse_id_list( $exclude ) );
 
755
  $exclude_sql = " AND g.id NOT IN ({$exclude})";
756
  }
757
 
771
  foreach ( (array) $paged_groups as $group ) {
772
  $group_ids[] = $group->id;
773
  }
774
+ $group_ids = implode( ',', wp_parse_id_list( $group_ids ) );
775
  $paged_groups = BP_Groups_Group::get_group_extras( $paged_groups, $group_ids, 'newest' );
776
  }
777
 
796
 
797
  if ( !empty( $exclude ) ) {
798
  $exclude = wp_parse_id_list( $exclude );
799
+ $exclude = esc_sql( implode( ',', $exclude ) );
800
  $exclude_sql = " AND g.id NOT IN ({$exclude})";
801
  }
802
 
803
  if ( !empty( $user_id ) ) {
804
+ $user_id = esc_sql( $user_id );
805
  $paged_groups = $wpdb->get_results( "SELECT g.*, gm1.meta_value as total_member_count, gm2.meta_value as last_activity FROM {$bp->groups->table_name_groupmeta} gm1, {$bp->groups->table_name_groupmeta} gm2, {$bp->groups->table_name_members} m, {$bp->groups->table_name} g WHERE g.id = m.group_id AND g.id = gm1.group_id AND g.id = gm2.group_id AND gm2.meta_key = 'last_activity' AND gm1.meta_key = 'total_member_count' {$hidden_sql} {$search_sql} AND m.user_id = {$user_id} AND m.is_confirmed = 1 AND m.is_banned = 0 {$exclude_sql} ORDER BY rand() {$pag_sql}" );
806
  $total_groups = $wpdb->get_var( "SELECT COUNT(DISTINCT m.group_id) FROM {$bp->groups->table_name_members} m LEFT JOIN {$bp->groups->table_name_groupmeta} gm ON m.group_id = gm.group_id INNER JOIN {$bp->groups->table_name} g ON m.group_id = g.id WHERE gm.meta_key = 'last_activity'{$hidden_sql} {$search_sql} AND m.user_id = {$user_id} AND m.is_confirmed = 1 AND m.is_banned = 0 {$exclude_sql}" );
807
  } else {
811
 
812
  if ( !empty( $populate_extras ) ) {
813
  foreach ( (array) $paged_groups as $group ) $group_ids[] = $group->id;
814
+ $group_ids = implode( ',', wp_parse_id_list( $group_ids ) );
815
  $paged_groups = BP_Groups_Group::get_group_extras( $paged_groups, $group_ids, 'newest' );
816
  }
817
 
966
  * @since BuddyPress (1.8)
967
  */
968
  class BP_Group_Member_Query extends BP_User_Query {
969
+ /**
970
+ * Array of group member ids, cached to prevent redundant lookups
971
+ *
972
+ * @var null|array Null if not yet defined, otherwise an array of ints
973
+ * @since BuddyPress (1.8.1)
974
+ */
975
+ protected $group_member_ids;
976
+
977
  /**
978
  * Set up action hooks
979
  *
987
  $this->query_vars_raw['type'] = 'last_modified';
988
  }
989
 
990
+ // Set the sort order
991
+ add_action( 'bp_pre_user_query', array( $this, 'set_orderby' ) );
992
+
993
  // Set up our populate_extras method
994
  add_action( 'bp_user_query_populate_extras', array( $this, 'populate_group_member_extras' ), 10, 2 );
995
  }
1040
  protected function get_group_member_ids() {
1041
  global $wpdb;
1042
 
1043
+ if ( is_array( $this->group_member_ids ) ) {
1044
+ return $this->group_member_ids;
1045
+ }
1046
+
1047
  $bp = buddypress();
1048
  $sql = array(
1049
  'select' => "SELECT user_id FROM {$bp->groups->table_name_members}",
1122
  $sql['order'] = "DESC";
1123
 
1124
  /** LIMIT clause ******************************************************/
1125
+ $this->group_member_ids = $wpdb->get_col( "{$sql['select']} {$sql['where']} {$sql['orderby']} {$sql['order']} {$sql['limit']}" );
1126
 
1127
+ return $this->group_member_ids;
1128
+ }
1129
 
1130
+ /**
1131
+ * Tell BP_User_Query to order by the order of our query results
1132
+ *
1133
+ * This implementation assumes the 'last_modified' sort order
1134
+ * hardcoded in BP_Group_Member_Query::get_group_member_ids().
1135
+ *
1136
+ * @param object $query BP_User_Query object
1137
+ */
1138
+ public function set_orderby( $query ) {
1139
+ $gm_ids = $this->get_group_member_ids();
1140
+ if ( empty( $gm_ids ) ) {
1141
+ $gm_ids = array( 0 );
1142
+ }
1143
+
1144
+ // The first param in the FIELD() clause is the sort column id
1145
+ $gm_ids = array_merge( array( 'u.id' ), wp_parse_id_list( $gm_ids ) );
1146
+ $gm_ids_sql = implode( ',', $gm_ids );
1147
+
1148
+ $query->uid_clauses['orderby'] = "ORDER BY FIELD(" . $gm_ids_sql . ")";
1149
+
1150
+ // Prevent this filter from running on future BP_User_Query
1151
+ // instances on the same page
1152
+ remove_action( 'bp_pre_user_query', array( $this, 'set_orderby' ) );
1153
  }
1154
 
1155
  /**
1506
  $pag_sql = ( !empty( $limit ) && !empty( $page ) ) ? $wpdb->prepare( " LIMIT %d, %d", intval( ( $page - 1 ) * $limit), intval( $limit ) ) : '';
1507
 
1508
  if ( !empty( $exclude ) ) {
1509
+ $exclude = implode( ',', wp_parse_id_list( $exclude ) );
 
1510
  $exclude_sql = " AND g.id NOT IN ({$exclude})";
1511
  } else {
1512
  $exclude_sql = '';
1667
 
1668
  $exclude_sql = '';
1669
  if ( !empty( $exclude ) ) {
1670
+ $exclude = implode( ',', wp_parse_id_list( $exclude ) );
 
1671
  $exclude_sql = " AND m.user_id NOT IN ({$exclude})";
1672
  }
1673
 
2573
  $method = $context . '_' . $type;
2574
  $rmethod = $this->class_reflection->getMethod( $method );
2575
  if ( isset( $rmethod->class ) && $this->class_name === $rmethod->class ) {
2576
+ $callback = array( $this, $method );
2577
  }
2578
 
2579
  if ( empty( $callback ) ) {
2580
  $fallback_method = 'settings_' . $type;
2581
  $rfallback_method = $this->class_reflection->getMethod( $fallback_method );
2582
  if ( isset( $rfallback_method->class ) && $this->class_name === $rfallback_method->class ) {
2583
+ $callback = array( $this, $fallback_method );
2584
  }
2585
  }
2586
 
bp-groups/bp-groups-functions.php CHANGED
@@ -1045,7 +1045,7 @@ function groups_update_groupmeta( $group_id, $meta_key, $meta_value ) {
1045
  $meta_key = preg_replace( '|[^a-z0-9_]|i', '', $meta_key );
1046
 
1047
  if ( is_string( $meta_value ) )
1048
- $meta_value = stripslashes( $wpdb->escape( $meta_value ) );
1049
 
1050
  $meta_value = maybe_serialize( $meta_value );
1051
 
1045
  $meta_key = preg_replace( '|[^a-z0-9_]|i', '', $meta_key );
1046
 
1047
  if ( is_string( $meta_value ) )
1048
+ $meta_value = stripslashes( esc_sql( $meta_value ) );
1049
 
1050
  $meta_value = maybe_serialize( $meta_value );
1051
 
bp-languages/buddypress.pot CHANGED
@@ -4,7 +4,7 @@ msgid ""
4
  msgstr ""
5
  "Project-Id-Version: BuddyPress \n"
6
  "Report-Msgid-Bugs-To: http://wppolyglots.wordpress.com\n"
7
- "POT-Creation-Date: 2013-07-16 19:35:17+00:00\n"
8
  "MIME-Version: 1.0\n"
9
  "Content-Type: text/plain; charset=UTF-8\n"
10
  "Content-Transfer-Encoding: 8bit\n"
@@ -566,7 +566,7 @@ msgid "%s posted an update"
566
  msgstr ""
567
 
568
  #: bp-activity/bp-activity-functions.php:1188
569
- #: tests/testcases/activity/class.BP_Activity_Activity.php:167
570
  msgid "%s posted a new activity comment"
571
  msgstr ""
572
 
@@ -1529,7 +1529,7 @@ msgstr ""
1529
  #: bp-core/bp-core-admin.php:408 bp-core/bp-core-template.php:243
1530
  #: bp-core/bp-core-widgets.php:113 bp-groups/bp-groups-admin.php:759
1531
  #: bp-groups/bp-groups-template.php:1476 bp-members/bp-members-loader.php:24
1532
- #: bp-members/bp-members-screens.php:354
1533
  #: bp-templates/bp-legacy/buddypress/groups/single/admin.php:231
1534
  #: bp-themes/bp-default/groups/single/admin.php:231
1535
  msgid "Members"
@@ -1820,12 +1820,12 @@ msgstr ""
1820
  msgid "%s Directory"
1821
  msgstr ""
1822
 
1823
- #: bp-core/bp-core-filters.php:366 bp-members/bp-members-screens.php:511
1824
  #: bp-themes/bp-default/registration/register.php:23
1825
  msgid "Create an Account"
1826
  msgstr ""
1827
 
1828
- #: bp-core/bp-core-filters.php:370 bp-members/bp-members-screens.php:519
1829
  #: bp-themes/bp-default/registration/activate.php:13
1830
  msgid "Activate your Account"
1831
  msgstr ""
@@ -3001,7 +3001,7 @@ msgstr ""
3001
  msgid "Delete Group"
3002
  msgstr ""
3003
 
3004
- #: bp-groups/bp-groups-admin.php:863 bp-groups/bp-groups-classes.php:2076
3005
  #: bp-templates/bp-legacy/buddypress/groups/single/admin.php:32
3006
  #: bp-templates/bp-legacy/buddypress/groups/single/admin.php:117
3007
  #: bp-templates/bp-legacy/buddypress/groups/single/forum/edit.php:58
@@ -3126,11 +3126,11 @@ msgstr ""
3126
  msgid "Group Avatar"
3127
  msgstr ""
3128
 
3129
- #: bp-groups/bp-groups-classes.php:1258
3130
  msgid "Group Mod"
3131
  msgstr ""
3132
 
3133
- #: bp-groups/bp-groups-classes.php:1264 bp-groups/bp-groups-functions.php:121
3134
  msgid "Group Admin"
3135
  msgstr ""
3136
 
@@ -3923,12 +3923,12 @@ msgstr ""
3923
  msgid "Your account is now active!"
3924
  msgstr ""
3925
 
3926
- #: bp-members/bp-members-screens.php:514
3927
  #: bp-themes/bp-default/registration/register.php:253
3928
  msgid "Check Your Email To Activate Your Account!"
3929
  msgstr ""
3930
 
3931
- #: bp-members/bp-members-screens.php:522
3932
  #: bp-themes/bp-default/registration/activate.php:11
3933
  msgid "Account Activated"
3934
  msgstr ""
4
  msgstr ""
5
  "Project-Id-Version: BuddyPress \n"
6
  "Report-Msgid-Bugs-To: http://wppolyglots.wordpress.com\n"
7
+ "POT-Creation-Date: 2013-07-27 18:35:29+00:00\n"
8
  "MIME-Version: 1.0\n"
9
  "Content-Type: text/plain; charset=UTF-8\n"
10
  "Content-Transfer-Encoding: 8bit\n"
566
  msgstr ""
567
 
568
  #: bp-activity/bp-activity-functions.php:1188
569
+ #: tests/testcases/activity/class.BP_Activity_Activity.php:202
570
  msgid "%s posted a new activity comment"
571
  msgstr ""
572
 
1529
  #: bp-core/bp-core-admin.php:408 bp-core/bp-core-template.php:243
1530
  #: bp-core/bp-core-widgets.php:113 bp-groups/bp-groups-admin.php:759
1531
  #: bp-groups/bp-groups-template.php:1476 bp-members/bp-members-loader.php:24
1532
+ #: bp-members/bp-members-screens.php:355
1533
  #: bp-templates/bp-legacy/buddypress/groups/single/admin.php:231
1534
  #: bp-themes/bp-default/groups/single/admin.php:231
1535
  msgid "Members"
1820
  msgid "%s Directory"
1821
  msgstr ""
1822
 
1823
+ #: bp-core/bp-core-filters.php:366 bp-members/bp-members-screens.php:512
1824
  #: bp-themes/bp-default/registration/register.php:23
1825
  msgid "Create an Account"
1826
  msgstr ""
1827
 
1828
+ #: bp-core/bp-core-filters.php:370 bp-members/bp-members-screens.php:520
1829
  #: bp-themes/bp-default/registration/activate.php:13
1830
  msgid "Activate your Account"
1831
  msgstr ""
3001
  msgid "Delete Group"
3002
  msgstr ""
3003
 
3004
+ #: bp-groups/bp-groups-admin.php:863 bp-groups/bp-groups-classes.php:2121
3005
  #: bp-templates/bp-legacy/buddypress/groups/single/admin.php:32
3006
  #: bp-templates/bp-legacy/buddypress/groups/single/admin.php:117
3007
  #: bp-templates/bp-legacy/buddypress/groups/single/forum/edit.php:58
3126
  msgid "Group Avatar"
3127
  msgstr ""
3128
 
3129
+ #: bp-groups/bp-groups-classes.php:1303
3130
  msgid "Group Mod"
3131
  msgstr ""
3132
 
3133
+ #: bp-groups/bp-groups-classes.php:1309 bp-groups/bp-groups-functions.php:121
3134
  msgid "Group Admin"
3135
  msgstr ""
3136
 
3923
  msgid "Your account is now active!"
3924
  msgstr ""
3925
 
3926
+ #: bp-members/bp-members-screens.php:515
3927
  #: bp-themes/bp-default/registration/register.php:253
3928
  msgid "Check Your Email To Activate Your Account!"
3929
  msgstr ""
3930
 
3931
+ #: bp-members/bp-members-screens.php:523
3932
  #: bp-themes/bp-default/registration/activate.php:11
3933
  msgid "Account Activated"
3934
  msgstr ""
bp-loader.php CHANGED
@@ -16,7 +16,7 @@
16
  * Description: Social networking in a box. Build a social network for your company, school, sports team or niche community all based on the power and flexibility of WordPress.
17
  * Author: The BuddyPress Community
18
  * Author URI: http://buddypress.org/community/members/
19
- * Version: 1.8
20
  * Text Domain: buddypress
21
  * Domain Path: /bp-languages/
22
  * License: GPLv2 or later (license.txt)
@@ -294,7 +294,7 @@ class BuddyPress {
294
 
295
  /** Versions **********************************************************/
296
 
297
- $this->version = '1.8';
298
  $this->db_version = 6080;
299
 
300
  /** Loading ***********************************************************/
16
  * Description: Social networking in a box. Build a social network for your company, school, sports team or niche community all based on the power and flexibility of WordPress.
17
  * Author: The BuddyPress Community
18
  * Author URI: http://buddypress.org/community/members/
19
+ * Version: 1.8.1
20
  * Text Domain: buddypress
21
  * Domain Path: /bp-languages/
22
  * License: GPLv2 or later (license.txt)
294
 
295
  /** Versions **********************************************************/
296
 
297
+ $this->version = '1.8.1';
298
  $this->db_version = 6080;
299
 
300
  /** Loading ***********************************************************/
bp-members/bp-members-screens.php CHANGED
@@ -330,10 +330,11 @@ class BP_Members_Theme_Compat {
330
  * @param string $templates The templates from bp_get_theme_compat_templates()
331
  * @return array $templates Array of custom templates to look for.
332
  */
333
- public function directory_template_hierarchy( $templates ) {
 
334
  // Setup our templates based on priority
335
  $new_templates = apply_filters( 'bp_template_hierarchy_members_directory', array(
336
- 'members/single/index-directory.php'
337
  ) );
338
 
339
  // Merge new templates with existing stack
330
  * @param string $templates The templates from bp_get_theme_compat_templates()
331
  * @return array $templates Array of custom templates to look for.
332
  */
333
+ public function directory_template_hierarchy( $templates = array() ) {
334
+
335
  // Setup our templates based on priority
336
  $new_templates = apply_filters( 'bp_template_hierarchy_members_directory', array(
337
+ 'members/index-directory.php'
338
  ) );
339
 
340
  // Merge new templates with existing stack
bp-messages/bp-messages-classes.php CHANGED
@@ -149,7 +149,7 @@ class BP_Messages_Thread {
149
  $type_sql = " AND r.unread_count = 0 ";
150
 
151
  if ( !empty( $search_terms ) ) {
152
- $search_terms = like_escape( $wpdb->escape( $search_terms ) );
153
  $search_sql = "AND ( subject LIKE '%%$search_terms%%' OR message LIKE '%%$search_terms%%' )";
154
  }
155
 
149
  $type_sql = " AND r.unread_count = 0 ";
150
 
151
  if ( !empty( $search_terms ) ) {
152
+ $search_terms = like_escape( esc_sql( $search_terms ) );
153
  $search_sql = "AND ( subject LIKE '%%$search_terms%%' OR message LIKE '%%$search_terms%%' )";
154
  }
155
 
bp-themes/bp-default/rtl.css CHANGED
@@ -2,7 +2,7 @@
2
  * Theme Name: BuddyPress Default
3
  * Theme URI: http://buddypress.org/extend/themes/
4
  * Description: Clean and stylish, BuddyPress Default lets you build a social network straight out of the box. Make it yours with a custom menu, header image, and background. Along with five widgetized areas (one in the sidebar, four in the footer), BP-Default supports featured images (as custom header images on posts and pages) and is furnished with an optional one-column page template that removes the sidebar, and a stylesheet for the admin Visual Editor.
5
- * Version: 1.8
6
  * Author: the BuddyPress team
7
  * Author URI: http://buddypress.org
8
  * License: GNU General Public License
2
  * Theme Name: BuddyPress Default
3
  * Theme URI: http://buddypress.org/extend/themes/
4
  * Description: Clean and stylish, BuddyPress Default lets you build a social network straight out of the box. Make it yours with a custom menu, header image, and background. Along with five widgetized areas (one in the sidebar, four in the footer), BP-Default supports featured images (as custom header images on posts and pages) and is furnished with an optional one-column page template that removes the sidebar, and a stylesheet for the admin Visual Editor.
5
+ * Version: 1.8.1
6
  * Author: the BuddyPress team
7
  * Author URI: http://buddypress.org
8
  * License: GNU General Public License
bp-themes/bp-default/style.css CHANGED
@@ -2,7 +2,7 @@
2
  * Theme Name: BuddyPress Default
3
  * Theme URI: http://buddypress.org/extend/themes/
4
  * Description: Clean and stylish, BuddyPress Default lets you build a social network straight out of the box. Make it yours with a custom menu, header image, and background. Along with five widgetized areas (one in the sidebar, four in the footer), BP-Default supports featured images (as custom header images on posts and pages) and is furnished with an optional one-column page template that removes the sidebar, and a stylesheet for the admin Visual Editor.
5
- * Version: 1.8
6
  * Author: the BuddyPress team
7
  * Author URI: http://buddypress.org
8
  * License: GNU General Public License
2
  * Theme Name: BuddyPress Default
3
  * Theme URI: http://buddypress.org/extend/themes/
4
  * Description: Clean and stylish, BuddyPress Default lets you build a social network straight out of the box. Make it yours with a custom menu, header image, and background. Along with five widgetized areas (one in the sidebar, four in the footer), BP-Default supports featured images (as custom header images on posts and pages) and is furnished with an optional one-column page template that removes the sidebar, and a stylesheet for the admin Visual Editor.
5
+ * Version: 1.8.1
6
  * Author: the BuddyPress team
7
  * Author URI: http://buddypress.org
8
  * License: GNU General Public License
bp-xprofile/bp-xprofile-functions.php CHANGED
@@ -589,7 +589,7 @@ function bp_xprofile_update_meta( $object_id, $object_type, $meta_key, $meta_val
589
  $meta_key = preg_replace( '|[^a-z0-9_]|i', '', $meta_key );
590
 
591
  if ( is_string( $meta_value ) )
592
- $meta_value = stripslashes( $wpdb->escape( $meta_value ) );
593
 
594
  $meta_value = maybe_serialize( $meta_value );
595
 
589
  $meta_key = preg_replace( '|[^a-z0-9_]|i', '', $meta_key );
590
 
591
  if ( is_string( $meta_value ) )
592
+ $meta_value = stripslashes( esc_sql( $meta_value ) );
593
 
594
  $meta_value = maybe_serialize( $meta_value );
595
 
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: johnjamesjacoby, DJPaul, boonebgorges, r-a-y
3
  Tags: social networking, activity, profiles, messaging, friends, groups, forums, notifications, settings, twitter, facebook, social, community, networks, networking, cms
4
  Requires at least: 3.5
5
  Tested up to: 3.6
6
- Stable tag: 1.8
7
  License: GPLv2 or later
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
@@ -77,6 +77,9 @@ BuddyPress is available in more than 20 languages. For more information, check o
77
 
78
  == Upgrade Notice ==
79
 
 
 
 
80
  = 1.8 =
81
  See: http://codex.buddypress.org/releases/version-1-8/
82
 
@@ -124,6 +127,9 @@ Fixes over 10 bugs.
124
 
125
  == Changelog ==
126
 
 
 
 
127
  = 1.8 =
128
  See: http://codex.buddypress.org/releases/version-1-8/
129
 
3
  Tags: social networking, activity, profiles, messaging, friends, groups, forums, notifications, settings, twitter, facebook, social, community, networks, networking, cms
4
  Requires at least: 3.5
5
  Tested up to: 3.6
6
+ Stable tag: 1.8.1
7
  License: GPLv2 or later
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
77
 
78
  == Upgrade Notice ==
79
 
80
+ = 1.8.1 =
81
+ See: http://codex.buddypress.org/releases/version-1-8-1/
82
+
83
  = 1.8 =
84
  See: http://codex.buddypress.org/releases/version-1-8/
85
 
127
 
128
  == Changelog ==
129
 
130
+ = 1.8.1 =
131
+ See: http://codex.buddypress.org/releases/version-1-8-1/
132
+
133
  = 1.8 =
134
  See: http://codex.buddypress.org/releases/version-1-8/
135