[auto] plugin: buddypress 2.9.2

wp-content/plugins/buddypress/bp-activity/classes/class-bp-activity-activity.php

@@ -1832,7 +1832,7 @@ class BP_Activity_Activity {
 		// Get activities from user meta.
 		$favorite_activity_entries = bp_get_user_meta( $user_id, 'bp_favorite_activities', true );
 		if ( ! empty( $favorite_activity_entries ) ) {
-			return count( maybe_unserialize( $favorite_activity_entries ) );
+			return count( $favorite_activity_entries );
 		}
 
 		// No favorites.

wp-content/plugins/buddypress/bp-activity/classes/class-bp-activity-template.php

@@ -195,7 +195,7 @@ class BP_Activity_Template {
 		$this->disable_blogforum_replies = (bool) bp_core_get_root_option( 'bp-disable-blogforum-comments' );
 
 		// Get an array of the logged in user's favorite activities.
-		$this->my_favs = maybe_unserialize( bp_get_user_meta( bp_loggedin_user_id(), 'bp_favorite_activities', true ) );
+		$this->my_favs = bp_get_user_meta( bp_loggedin_user_id(), 'bp_favorite_activities', true );
 
 		// Fetch specific activity items based on ID's.
 		if ( !empty( $include ) ) {

wp-content/plugins/buddypress/bp-blogs/bp-blogs-functions.php

@@ -548,8 +548,9 @@ add_action( 'update_option_site_icon', 'bp_blogs_update_option_site_icon', 10, 2
 /**
  * Deletes the 'url' blogmeta for a site.
  *
- * Hooked to 'refresh_blog_details', which is notably used when editing a site
- * under "Network Admin > Sites".
+ * Fires when a site's details are updated, which generally happens when
+ * editing a site under "Network Admin > Sites". Prior to WP 4.9, the
+ * correct hook was 'refresh_blog_details'; afterward, 'clean_site_cache'.
  *
  * @since 2.3.0
  *
@@ -558,7 +559,12 @@ add_action( 'update_option_site_icon', 'bp_blogs_update_option_site_icon', 10, 2
 function bp_blogs_delete_url_blogmeta( $site_id = 0 ) {
 	bp_blogs_delete_blogmeta( (int) $site_id, 'url' );
 }
-add_action( 'refresh_blog_details', 'bp_blogs_delete_url_blogmeta' );
+
+if ( function_exists( 'wp_switch_roles_and_user' ) ) {
+	add_action( 'clean_site_cache', 'bp_blogs_delete_url_blogmeta' );
+} else {
+	add_action( 'refresh_blog_details', 'bp_blogs_delete_url_blogmeta' );
+}
 
 /**
  * Record activity metadata about a published blog post.

wp-content/plugins/buddypress/bp-core/admin/css/common-rtl.css

@@ -47,7 +47,8 @@ TABLE OF CONTENTS:
 	left: 0;
 }
 
-.buddypress code {
+.index_page_bp-credits code,
+.index_page_bp-about code {
 	background-color: #e0e0e0;
 	color: #636363;
 	font-size: 1em;
@@ -359,8 +360,12 @@ TABLE OF CONTENTS:
 		margin-top: 2em;
 	}
 
+	.buddypress .bp-changelog {
+		margin-bottom: 0;
+	}
+
 	.buddypress .bp-changelog-section .changelog-title {
-		margin-bottom: 1.5em;
+		margin-bottom: 0.5em;
 	}
 
 	.buddypress .bp-changelog .title {
@@ -377,6 +382,10 @@ TABLE OF CONTENTS:
 		padding-bottom: 0.5em;
 		width: 100%;
 	}
+
+	.buddypress .bp-three-column .bp-column {
+		width: 100%;
+	}
 }
 
 @media screen and ( max-width: 360px ) {

wp-content/plugins/buddypress/bp-core/admin/css/common.css

@@ -47,7 +47,8 @@ TABLE OF CONTENTS:
 	right: 0;
 }
 
-.buddypress code {
+.index_page_bp-credits code,
+.index_page_bp-about code {
 	background-color: #e0e0e0;
 	color: #636363;
 	font-size: 1em;
@@ -359,8 +360,12 @@ TABLE OF CONTENTS:
 		margin-top: 2em;
 	}
 
+	.buddypress .bp-changelog {
+		margin-bottom: 0;
+	}
+
 	.buddypress .bp-changelog-section .changelog-title {
-		margin-bottom: 1.5em;
+		margin-bottom: 0.5em;
 	}
 
 	.buddypress .bp-changelog .title {
@@ -377,6 +382,10 @@ TABLE OF CONTENTS:
 		padding-bottom: 0.5em;
 		width: 100%;
 	}
+
+	.buddypress .bp-three-column .bp-column {
+		width: 100%;
+	}
 }
 
 @media screen and ( max-width: 360px ) {

wp-content/plugins/buddypress/bp-core/js/bp-plupload.js

@@ -275,7 +275,7 @@ window.bp = window.bp || {};
 					'IO_ERROR':               self.strings.io_error,
 					'HTTP_ERROR':             self.strings.http_error,
 					'SECURITY_ERROR':         self.strings.security_error,
-					'FILE_SIZE_ERROR':        self.strings.file_exceeds_size_limit.replace( '%s' , pluploadError.file.name )
+					'FILE_SIZE_ERROR':        self.strings.file_exceeds_size_limit.replace( '%s' , $( '<span />' ).text( pluploadError.file.name ).html() )
 				};
 
 			// Check for plupload errors.

wp-content/plugins/buddypress/bp-core/js/bp-plupload.min.js

-window.wp=window.wp||{},window.bp=window.bp||{},function(e,i){"undefined"!=typeof BP_Uploader&&(_.extend(bp,_.pick(wp,"Backbone","ajax","template")),bp.Models=bp.Models||{},bp.Collections=bp.Collections||{},bp.Views=bp.Views||{},bp.Uploader={},bp.Uploader.uploader=function(){var e=this,t=-1!==navigator.userAgent.indexOf("Trident/")||-1!==navigator.userAgent.indexOf("MSIE ");this.params=BP_Uploader.settings,this.strings=BP_Uploader.strings,this.supports={upload:this.params.browser.supported},this.supported=this.supports.upload,this.supported?(t||"flash"!==plupload.predictRuntime(this.params.defaults)||this.params.defaults.required_features&&this.params.defaults.required_features.hasOwnProperty("send_binary_string")||(this.params.defaults.required_features=this.params.defaults.required_features||{},this.params.defaults.required_features.send_binary_string=!0),this.uploader=new plupload.Uploader(this.params.defaults),this.uploader.bind("Init",function(t){var s=i("#"+e.params.defaults.container),a=i("#"+e.params.defaults.drop_element);"html4"===t.runtime&&(t.settings.multipart_params.html4=!0),"bp_avatar_upload"===t.settings.multipart_params.action&&(t.settings.multipart_params.bp_params.ui_available_width=s.width()),t.features.dragdrop&&!e.params.browser.mobile?(s.addClass("drag-drop"),a.bind("dragover.wp-uploader",function(){s.addClass("drag-over")}).bind("dragleave.wp-uploader, drop.wp-uploader",function(){s.removeClass("drag-over")})):(s.removeClass("drag-drop"),a.unbind(".wp-uploader"))}),this.uploader.bind("postinit",function(e){e.refresh()}),this.uploader.init(),this.feedback=function(e,i,t){!_.isNull(t)&&t.item&&t.item.clear(),bp.Uploader.filesError.unshift({message:e,data:i,file:t})},this.uploader.bind("FilesAdded",function(t,s){var a=parseInt(t.settings.max_file_size,10),r=this;if(!t.settings.multi_selection&&s.length>1){for(var n in s)t.removeFile(s[n]);i(e).trigger("bp-uploader-warning",e.strings.unique_file_warning)}else _.each(s,function(e){var i;plupload.FAILED!==e.status&&(a>104857600&&e.size>104857600&&"html5"!==t.runtime?r.uploadSizeError(t,e,!0):(i=_.extend({id:e.id,file:e,uploading:!0,date:new Date,filename:e.name},_.pick(e,"loaded","size","percent")),e.item=new bp.Models.File(i),bp.Uploader.filesQueue.add(e.item)))}),t.refresh(),t.start()}),this.uploader.bind("UploadProgress",function(e,i){i.item.set(_.pick(i,"loaded","percent"))}),this.uploader.bind("FileUploaded",function(i,t,s){var a=e.strings.default_error;try{s=JSON.parse(s.response)}catch(i){return e.feedback(a,i,t)}return!_.isObject(s)||_.isUndefined(s.success)?e.feedback(a,null,t):s.success?(_.each(["file","loaded","size","percent"],function(e){t.item.unset(e)}),t.item.set(_.extend(s.data,{uploading:!1})),void bp.Uploader.filesUploaded.add(t.item)):(s.data&&s.data.message&&(a=s.data.message),e.feedback(a,s.data,t))}),this.uploader.bind("BeforeUpload",function(t,s){i(e).trigger("bp-uploader-new-upload",t,s)}),this.uploader.bind("UploadComplete",function(t,s){i(e).trigger("bp-uploader-upload-complete",t,s),bp.Uploader.filesQueue.reset()}),this.uploader.bind("Error",function(t,s){var a,r=e.strings.default_error,n={FAILED:e.strings.upload_failed,FILE_EXTENSION_ERROR:e.strings.invalid_filetype,IMAGE_FORMAT_ERROR:e.strings.not_an_image,IMAGE_MEMORY_ERROR:e.strings.image_memory_exceeded,IMAGE_DIMENSIONS_ERROR:e.strings.image_dimensions_exceeded,GENERIC_ERROR:e.strings.upload_failed,IO_ERROR:e.strings.io_error,HTTP_ERROR:e.strings.http_error,SECURITY_ERROR:e.strings.security_error,FILE_SIZE_ERROR:e.strings.file_exceeds_size_limit.replace("%s",s.file.name)};for(a in n)if(s.code===plupload[a]){r=n[a];break}i(e).trigger("bp-uploader-warning",r),t.refresh()})):BP_Uploader=void 0},bp.Models.File=Backbone.Model.extend({file:{}}),i.extend(bp.Uploader,{filesQueue:new Backbone.Collection,filesUploaded:new Backbone.Collection,filesError:new Backbone.Collection}),bp.View=bp.Backbone.View.extend({inject:function(e){this.render(),i(e).html(this.el),this.views.ready()},prepare:function(){return!_.isUndefined(this.model)&&_.isFunction(this.model.toJSON)?this.model.toJSON():{}}}),bp.Views.Uploader=bp.View.extend({className:"bp-uploader-window",template:bp.template("upload-window"),defaults:_.pick(BP_Uploader.settings.defaults,"container","drop_element","browse_button"),initialize:function(){this.warnings=[],this.model=new Backbone.Model(this.defaults),this.on("ready",this.initUploader)},initUploader:function(){this.uploader=new bp.Uploader.uploader,i(this.uploader).on("bp-uploader-warning",_.bind(this.setWarning,this)),i(this.uploader).on("bp-uploader-new-upload",_.bind(this.resetWarning,this))},setWarning:function(e,i){if(!_.isUndefined(i)){var t=new bp.Views.uploaderWarning({value:i}).render();this.warnings.push(t),this.$el.after(t.el)}},resetWarning:function(){0!==this.warnings.length&&(_.each(this.warnings,function(e){e.remove()}),this.warnings=[])}}),bp.Views.uploaderWarning=bp.View.extend({tagName:"p",className:"warning",initialize:function(){this.value=this.options.value},render:function(){return this.$el.html(this.value),this}}),bp.Views.uploaderStatus=bp.View.extend({className:"files",initialize:function(){_.each(this.collection.models,this.addFile,this),this.collection.on("change:percent",this.progress,this),bp.Uploader.filesError.on("add",this.feedback,this)},addFile:function(e){this.views.add(new bp.Views.uploaderProgress({model:e}))},progress:function(e){_.isUndefined(e.get("percent"))||i("#"+e.get("id")+" .bp-progress .bp-bar").css("width",e.get("percent")+"%")},feedback:function(e){_.isUndefined(e.get("message"))||_.isUndefined(e.get("file"))||i("#"+e.get("file").id).html(e.get("message")).addClass("error")}}),bp.Views.uploaderProgress=bp.View.extend({className:"bp-uploader-progress",template:bp.template("progress-window")}))}(bp,jQuery);
\ No newline at end of file
+window.wp=window.wp||{},window.bp=window.bp||{},function(e,i){"undefined"!=typeof BP_Uploader&&(_.extend(bp,_.pick(wp,"Backbone","ajax","template")),bp.Models=bp.Models||{},bp.Collections=bp.Collections||{},bp.Views=bp.Views||{},bp.Uploader={},bp.Uploader.uploader=function(){var e=this,t=-1!==navigator.userAgent.indexOf("Trident/")||-1!==navigator.userAgent.indexOf("MSIE ");this.params=BP_Uploader.settings,this.strings=BP_Uploader.strings,this.supports={upload:this.params.browser.supported},this.supported=this.supports.upload,this.supported?(t||"flash"!==plupload.predictRuntime(this.params.defaults)||this.params.defaults.required_features&&this.params.defaults.required_features.hasOwnProperty("send_binary_string")||(this.params.defaults.required_features=this.params.defaults.required_features||{},this.params.defaults.required_features.send_binary_string=!0),this.uploader=new plupload.Uploader(this.params.defaults),this.uploader.bind("Init",function(t){var s=i("#"+e.params.defaults.container),a=i("#"+e.params.defaults.drop_element);"html4"===t.runtime&&(t.settings.multipart_params.html4=!0),"bp_avatar_upload"===t.settings.multipart_params.action&&(t.settings.multipart_params.bp_params.ui_available_width=s.width()),t.features.dragdrop&&!e.params.browser.mobile?(s.addClass("drag-drop"),a.bind("dragover.wp-uploader",function(){s.addClass("drag-over")}).bind("dragleave.wp-uploader, drop.wp-uploader",function(){s.removeClass("drag-over")})):(s.removeClass("drag-drop"),a.unbind(".wp-uploader"))}),this.uploader.bind("postinit",function(e){e.refresh()}),this.uploader.init(),this.feedback=function(e,i,t){!_.isNull(t)&&t.item&&t.item.clear(),bp.Uploader.filesError.unshift({message:e,data:i,file:t})},this.uploader.bind("FilesAdded",function(t,s){var a=parseInt(t.settings.max_file_size,10),r=this;if(!t.settings.multi_selection&&s.length>1){for(var n in s)t.removeFile(s[n]);i(e).trigger("bp-uploader-warning",e.strings.unique_file_warning)}else _.each(s,function(e){var i;plupload.FAILED!==e.status&&(a>104857600&&e.size>104857600&&"html5"!==t.runtime?r.uploadSizeError(t,e,!0):(i=_.extend({id:e.id,file:e,uploading:!0,date:new Date,filename:e.name},_.pick(e,"loaded","size","percent")),e.item=new bp.Models.File(i),bp.Uploader.filesQueue.add(e.item)))}),t.refresh(),t.start()}),this.uploader.bind("UploadProgress",function(e,i){i.item.set(_.pick(i,"loaded","percent"))}),this.uploader.bind("FileUploaded",function(i,t,s){var a=e.strings.default_error;try{s=JSON.parse(s.response)}catch(i){return e.feedback(a,i,t)}return!_.isObject(s)||_.isUndefined(s.success)?e.feedback(a,null,t):s.success?(_.each(["file","loaded","size","percent"],function(e){t.item.unset(e)}),t.item.set(_.extend(s.data,{uploading:!1})),void bp.Uploader.filesUploaded.add(t.item)):(s.data&&s.data.message&&(a=s.data.message),e.feedback(a,s.data,t))}),this.uploader.bind("BeforeUpload",function(t,s){i(e).trigger("bp-uploader-new-upload",t,s)}),this.uploader.bind("UploadComplete",function(t,s){i(e).trigger("bp-uploader-upload-complete",t,s),bp.Uploader.filesQueue.reset()}),this.uploader.bind("Error",function(t,s){var a,r=e.strings.default_error,n={FAILED:e.strings.upload_failed,FILE_EXTENSION_ERROR:e.strings.invalid_filetype,IMAGE_FORMAT_ERROR:e.strings.not_an_image,IMAGE_MEMORY_ERROR:e.strings.image_memory_exceeded,IMAGE_DIMENSIONS_ERROR:e.strings.image_dimensions_exceeded,GENERIC_ERROR:e.strings.upload_failed,IO_ERROR:e.strings.io_error,HTTP_ERROR:e.strings.http_error,SECURITY_ERROR:e.strings.security_error,FILE_SIZE_ERROR:e.strings.file_exceeds_size_limit.replace("%s",i("<span />").text(s.file.name).html())};for(a in n)if(s.code===plupload[a]){r=n[a];break}i(e).trigger("bp-uploader-warning",r),t.refresh()})):BP_Uploader=void 0},bp.Models.File=Backbone.Model.extend({file:{}}),i.extend(bp.Uploader,{filesQueue:new Backbone.Collection,filesUploaded:new Backbone.Collection,filesError:new Backbone.Collection}),bp.View=bp.Backbone.View.extend({inject:function(e){this.render(),i(e).html(this.el),this.views.ready()},prepare:function(){return!_.isUndefined(this.model)&&_.isFunction(this.model.toJSON)?this.model.toJSON():{}}}),bp.Views.Uploader=bp.View.extend({className:"bp-uploader-window",template:bp.template("upload-window"),defaults:_.pick(BP_Uploader.settings.defaults,"container","drop_element","browse_button"),initialize:function(){this.warnings=[],this.model=new Backbone.Model(this.defaults),this.on("ready",this.initUploader)},initUploader:function(){this.uploader=new bp.Uploader.uploader,i(this.uploader).on("bp-uploader-warning",_.bind(this.setWarning,this)),i(this.uploader).on("bp-uploader-new-upload",_.bind(this.resetWarning,this))},setWarning:function(e,i){if(!_.isUndefined(i)){var t=new bp.Views.uploaderWarning({value:i}).render();this.warnings.push(t),this.$el.after(t.el)}},resetWarning:function(){0!==this.warnings.length&&(_.each(this.warnings,function(e){e.remove()}),this.warnings=[])}}),bp.Views.uploaderWarning=bp.View.extend({tagName:"p",className:"warning",initialize:function(){this.value=this.options.value},render:function(){return this.$el.html(this.value),this}}),bp.Views.uploaderStatus=bp.View.extend({className:"files",initialize:function(){_.each(this.collection.models,this.addFile,this),this.collection.on("change:percent",this.progress,this),bp.Uploader.filesError.on("add",this.feedback,this)},addFile:function(e){this.views.add(new bp.Views.uploaderProgress({model:e}))},progress:function(e){_.isUndefined(e.get("percent"))||i("#"+e.get("id")+" .bp-progress .bp-bar").css("width",e.get("percent")+"%")},feedback:function(e){_.isUndefined(e.get("message"))||_.isUndefined(e.get("file"))||i("#"+e.get("file").id).html(e.get("message")).addClass("error")}}),bp.Views.uploaderProgress=bp.View.extend({className:"bp-uploader-progress",template:bp.template("progress-window")}))}(bp,jQuery);
\ No newline at end of file

wp-content/plugins/buddypress/bp-loader.php

@@ -15,7 +15,7 @@
  * Description: BuddyPress adds community features to WordPress. Member Profiles, Activity Streams, Direct Messaging, Notifications, and more!
  * Author:      The BuddyPress Community
  * Author URI:  https://buddypress.org/
- * Version:     2.9.1
+ * Version:     2.9.2
  * Text Domain: buddypress
  * Domain Path: /bp-languages/
  * License:     GPLv2 or later (license.txt)

wp-content/plugins/buddypress/bp-members/classes/class-bp-members-admin.php

@@ -680,7 +680,9 @@ class BP_Members_Admin {
 
 		// Conditionally add a referer if it exists in the existing request.
 		if ( ! empty( $_REQUEST['wp_http_referer'] ) ) {
-			$query_args['wp_http_referer'] = urlencode( stripslashes_deep( $_REQUEST['wp_http_referer'] ) );
+			$wp_http_referer = wp_unslash( $_REQUEST['wp_http_referer'] );
+			$wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) );
+			$query_args['wp_http_referer'] = urlencode( $wp_http_referer );
 		}
 
 		// Setup the two distinct "edit" URL's.
@@ -919,7 +921,9 @@ class BP_Members_Admin {
 		$form_action_url = add_query_arg( 'action', 'update', $request_url );
 		$wp_http_referer = false;
 		if ( ! empty( $_REQUEST['wp_http_referer'] ) ) {
-			$wp_http_referer = remove_query_arg( array( 'action', 'updated' ), $_REQUEST['wp_http_referer'] );
+			$wp_http_referer = wp_unslash( $_REQUEST['wp_http_referer'] );
+			$wp_http_referer = remove_query_arg( array( 'action', 'updated' ), $wp_http_referer );
+			$wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) );
 		}
 
 		// Prepare notice for admin.
@@ -1241,7 +1245,9 @@ class BP_Members_Admin {
 		}
 
 		// Add the referer.
-		$args['wp_http_referer'] = urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) );
+		$wp_http_referer = wp_unslash( $_SERVER['REQUEST_URI'] );
+		$wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) );
+		$args['wp_http_referer'] = urlencode( $wp_http_referer );
 
 		// Add the "Extended" link if the current user can edit this user.
 		if ( current_user_can( 'edit_user', $user->ID ) || bp_current_user_can( 'bp_moderate' ) ) {

wp-content/plugins/buddypress/bp-messages/bp-messages-actions.php

@@ -131,34 +131,38 @@ add_action( 'bp_actions', 'bp_messages_action_create_message' );
  *
  * @since 2.4.0 This function was split from messages_screen_notices(). See #6505.
  *
- * @global int $notice_id
- *
  * @return boolean
  */
 function bp_messages_action_edit_notice() {
-	global $notice_id;
 
 	// Bail if not viewing a single notice URL.
-	if ( ! bp_is_messages_component() || ! bp_is_current_action( 'notices' ) || ! bp_action_variable( 1 ) ) {
+	if ( ! bp_is_messages_component() || ! bp_is_current_action( 'notices' ) ) {
 		return false;
 	}
 
-	// Get action variables.
-	$action    = bp_action_variable( 0 ); // deactivate|activate|delete.
-	$notice_id = bp_action_variable( 1 ); // 1|2|3|etc...
+	// Get the notice ID (1|2|3).
+	$notice_id = bp_action_variable( 1 );
 
 	// Bail if notice ID is not numeric.
-	if ( ! is_numeric( $notice_id ) ) {
-		return;
+	if ( empty( $notice_id ) || ! is_numeric( $notice_id ) ) {
+		return false;
 	}
 
-	// Define local variables.
-	$redirect_to = '';
-	$feedback    = '';
-	$success     = false;
+	// Bail if the current user doesn't have administrator privileges.
+	if ( ! bp_current_user_can( 'bp_moderate' ) ) {
+		return false;
+	}
+
+	// Get the action (deactivate|activate|delete).
+	$action = sanitize_key( bp_action_variable( 0 ) );
+
+	// Check the nonce.
+	check_admin_referer( "messages_{$action}_notice" );
 
 	// Get the notice from database.
-	$notice = new BP_Messages_Notice( $notice_id );
+	$notice   = new BP_Messages_Notice( $notice_id );
+	$success  = false;
+	$feedback = '';
 
 	// Take action.
 	switch ( $action ) {

wp-content/plugins/buddypress/bp-templates/bp-legacy/buddypress-functions.php

@@ -688,7 +688,7 @@ function bp_legacy_theme_ajax_querystring( $query_string, $object ) {
 
 	// Activity stream filtering on action.
 	if ( ! empty( $_BP_COOKIE['bp-' . $object . '-filter'] ) && '-1' != $_BP_COOKIE['bp-' . $object . '-filter'] ) {
-		$qs[] = 'type=' . $_BP_COOKIE['bp-' . $object . '-filter'];
+		$qs[] = 'type=' . urlencode( $_BP_COOKIE['bp-' . $object . '-filter'] );
 
 		if ( bp_is_active( 'activity' ) ) {
 			$actions = bp_activity_get_actions_for_context();
@@ -711,7 +711,7 @@ function bp_legacy_theme_ajax_querystring( $query_string, $object ) {
 
 		// Activity stream scope only on activity directory.
 		if ( 'all' != $_BP_COOKIE['bp-' . $object . '-scope'] && ! bp_displayed_user_id() && ! bp_is_single_item() )
-			$qs[] = 'scope=' . $_BP_COOKIE['bp-' . $object . '-scope'];
+			$qs[] = 'scope=' . urlencode( $_BP_COOKIE['bp-' . $object . '-scope'] );
 	}
 
 	// If page and search_terms have been passed via the AJAX post request, use those.

wp-content/plugins/buddypress/bp-themes/bp-default/_inc/ajax.php

@@ -107,8 +107,8 @@ function bp_dtheme_ajax_querystring( $query_string, $object ) {
 
 	// Activity stream filtering on action
 	if ( ! empty( $_BP_COOKIE['bp-' . $object . '-filter'] ) && '-1' != $_BP_COOKIE['bp-' . $object . '-filter'] ) {
-		$qs[] = 'type='   . $_BP_COOKIE['bp-' . $object . '-filter'];
-		$qs[] = 'action=' . $_BP_COOKIE['bp-' . $object . '-filter'];
+		$qs[] = 'type='   . urlencode( $_BP_COOKIE['bp-' . $object . '-filter'] );
+		$qs[] = 'action=' . urlencode( $_BP_COOKIE['bp-' . $object . '-filter'] );
 	}
 
 	if ( ! empty( $_BP_COOKIE['bp-' . $object . '-scope'] ) ) {
@@ -119,7 +119,7 @@ function bp_dtheme_ajax_querystring( $query_string, $object ) {
 
 		// Activity stream scope only on activity directory.
 		if ( 'all' != $_BP_COOKIE['bp-' . $object . '-scope'] && ! bp_displayed_user_id() && ! bp_is_single_item() )
-			$qs[] = 'scope=' . $_BP_COOKIE['bp-' . $object . '-scope'];
+			$qs[] = 'scope=' . urlencode( $_BP_COOKIE['bp-' . $object . '-scope'] );
 	}
 
 	// If page and search_terms have been passed via the AJAX post request, use those.
@@ -134,7 +134,7 @@ function bp_dtheme_ajax_querystring( $query_string, $object ) {
 
 	$object_search_text = bp_get_search_default_text( $object );
  	if ( ! empty( $_POST['search_terms'] ) && $object_search_text != $_POST['search_terms'] && 'false' != $_POST['search_terms'] && 'undefined' != $_POST['search_terms'] )
-		$qs[] = 'search_terms=' . $_POST['search_terms'];
+		$qs[] = 'search_terms=' . urlencode( $_POST['search_terms'] );
 
 	// Now pass the querystring to override default values.
 	$query_string = empty( $qs ) ? '' : join( '&', (array) $qs );

wp-content/plugins/buddypress/bp-xprofile/bp-xprofile-filters.php

@@ -168,11 +168,16 @@ function xprofile_sanitize_data_value_before_save( $field_value, $field_id = 0,
 		return $field_value;
 	}
 
-	// Value might be serialized.
+	// Force reserialization if serialized (avoids mutation, retains integrity)
+	if ( is_serialized( $field_value ) && ( false === $reserialize ) ) {
+		$reserialize = true;
+	}
+
+	// Value might be a serialized array of options.
 	$field_value = maybe_unserialize( $field_value );
 
-	// Filter single value.
-	if ( !is_array( $field_value ) ) {
+	// Sanitize single field value.
+	if ( ! is_array( $field_value ) ) {
 		$kses_field_value     = xprofile_filter_kses( $field_value, $data_obj );
 		$filtered_field_value = wp_rel_nofollow( force_balance_tags( $kses_field_value ) );
 
@@ -187,16 +192,15 @@ function xprofile_sanitize_data_value_before_save( $field_value, $field_id = 0,
 		 */
 		$filtered_field_value = apply_filters( 'xprofile_filtered_data_value_before_save', $filtered_field_value, $field_value, $data_obj );
 
-	// Filter each array item independently.
+	// Sanitize multiple individual option values.
 	} else {
 		$filtered_values = array();
 		foreach ( (array) $field_value as $value ) {
-			$kses_field_value       = xprofile_filter_kses( $value, $data_obj );
-			$filtered_value 	= wp_rel_nofollow( force_balance_tags( $kses_field_value ) );
+			$kses_field_value = xprofile_filter_kses( $value, $data_obj );
+			$filtered_value   = wp_rel_nofollow( force_balance_tags( $kses_field_value ) );
 
 			/** This filter is documented in bp-xprofile/bp-xprofile-filters.php */
 			$filtered_values[] = apply_filters( 'xprofile_filtered_data_value_before_save', $filtered_value, $value, $data_obj );
-
 		}
 
 		if ( !empty( $reserialize ) ) {

wp-content/plugins/buddypress/bp-xprofile/bp-xprofile-functions.php

@@ -464,6 +464,8 @@ function xprofile_set_field_data( $field, $user_id, $value, $is_required = false
 	$field           = new BP_XProfile_ProfileData();
 	$field->field_id = $field_id;
 	$field->user_id  = $user_id;
+
+	// Gets un/reserialized via xprofile_sanitize_data_value_before_save()
 	$field->value    = maybe_serialize( $value );
 
 	return $field->save();

wp-content/plugins/buddypress/bp-xprofile/bp-xprofile-template.php

@@ -588,27 +588,22 @@ function bp_the_profile_field_edit_value() {
 	function bp_get_the_profile_field_edit_value() {
 		global $field;
 
-		/**
-		 * Check to see if the posted value is different, if it is re-display this
-		 * value as long as it's not empty and a required field.
-		 */
+		// Make sure field data object exists
 		if ( ! isset( $field->data ) ) {
 			$field->data = new stdClass;
 		}
 
+		// Default to empty value
 		if ( ! isset( $field->data->value ) ) {
 			$field->data->value = '';
 		}
 
-		if ( isset( $_POST['field_' . $field->id] ) && $field->data->value != $_POST['field_' . $field->id] ) {
-			if ( ! empty( $_POST['field_' . $field->id] ) ) {
-				$field->data->value = $_POST['field_' . $field->id];
-			} else {
-				$field->data->value = '';
-			}
-		}
+		// Was a new value posted? If so, use it instead.
+		if ( isset( $_POST['field_' . $field->id] ) ) {
 
-		$field_value = isset( $field->data->value ) ? bp_unserialize_profile_field( $field->data->value ) : '';
+			// This is sanitized via the filter below (based on the field type)
+			$field->data->value = $_POST['field_' . $field->id];
+		}
 
 		/**
 		 * Filters the XProfile field edit value.
@@ -619,7 +614,7 @@ function bp_the_profile_field_edit_value() {
 		 * @param string $type        Type for the profile field.
 		 * @param int    $id          ID for the profile field.
 		 */
-		return apply_filters( 'bp_get_the_profile_field_edit_value', $field_value, $field->type, $field->id );
+		return apply_filters( 'bp_get_the_profile_field_edit_value', $field->data->value, $field->type, $field->id );
 	}
 
 /**
@@ -904,7 +899,8 @@ function bp_the_profile_field_visibility_level_label() {
 	}
 
 /**
- * Return unserialized profile field data.
+ * Return unserialized profile field data, and combine any array items into a
+ * comma-separated string.
  *
  * @since 1.0.0
  *
@@ -913,7 +909,7 @@ function bp_the_profile_field_visibility_level_label() {
  */
 function bp_unserialize_profile_field( $value ) {
 	if ( is_serialized($value) ) {
-		$field_value = maybe_unserialize($value);
+		$field_value = @unserialize($value);
 		$field_value = implode( ', ', $field_value );
 		return $field_value;
 	}

wp-content/plugins/buddypress/bp-xprofile/classes/class-bp-xprofile-user-admin.php

@@ -464,7 +464,10 @@ class BP_XProfile_User_Admin {
 				);
 
 				if ( ! empty( $_REQUEST['wp_http_referer'] ) ) {
-					$query_args['wp_http_referer'] = urlencode( wp_unslash( $_REQUEST['wp_http_referer'] ) );
+					$wp_http_referer = wp_unslash( $_REQUEST['wp_http_referer'] );
+					$wp_http_referer = remove_query_arg( array( 'action', 'updated' ), $wp_http_referer );
+					$wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) );
+					$query_args['wp_http_referer'] = urlencode( $wp_http_referer );
 				}
 
 				$community_url = add_query_arg( $query_args, buddypress()->members->admin->edit_profile_url );

wp-content/plugins/buddypress/class-buddypress.php

@@ -293,7 +293,7 @@ class BuddyPress {
 
 		/** Versions **********************************************************/
 
-		$this->version    = '2.9.1';
+		$this->version    = '2.9.2';
 		$this->db_version = 11105;
 
 		/** Loading ***********************************************************/

wp-content/plugins/buddypress/readme.txt

@@ -2,8 +2,9 @@
 Contributors: johnjamesjacoby, DJPaul, boonebgorges, r-a-y, imath, mercime, tw2113, dcavins, hnla
 Tags: social networking, activity, profiles, messaging, friends, groups, forums, notifications, settings, social, community, networks, networking
 Requires at least: 4.4
-Tested up to: 4.8.1
-Stable tag: 2.9.1
+Tested up to: 4.9
+Requires PHP: 5.3
+Stable tag: 2.9.2
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
 
@@ -116,10 +117,10 @@ Please consider helping translate BuddyPress at our <a href="https://translate.w
 
 == Upgrade Notice ==
 
-= 2.9.1 =
-See: https://codex.buddypress.org/releases/version-2-9-1/
+= 2.9.2 =
+See: https://codex.buddypress.org/releases/version-2-9-2/
 
 == Changelog ==
 
-= 2.9.1 =
-See: https://codex.buddypress.org/releases/version-2-9-1/
+= 2.9.2 =
+See: https://codex.buddypress.org/releases/version-2-9-2/