Changeset 6777 for trunk/src/includes/extend/buddypress/notifications.php

Timestamp:

01/24/2018 01:01:49 AM (8 years ago)

Author:

johnjamesjacoby

Message:

General: user escaped GetText variant where no HTML is ever allowed in strings.

This change brings a few dozen strings up to par with the others, and ensures that strings are escaped on their way into the runtime environment.

File:

• trunk/src/includes/extend/buddypress/notifications.php (modified) (2 diffs)

trunk/src/includes/extend/buddypress/notifications.php

@@ -87 +87 @@
     if ( $action_item_count > 1 ) {
         $filter = 'bbp_multiple_new_subscription_notification';
-        $text   = sprintf( __( 'You have %d new replies', 'bbpress' ), $action_item_count );
+        $text   = sprintf( esc_html__( 'You have %d new replies', 'bbpress' ), $action_item_count );
 
     // Single
@@ -93 +93 @@
         $filter = 'bbp_single_new_subscription_notification';
         $text   = ! empty( $secondary_item_id )
-            ? sprintf( __( 'You have %d new reply to %2$s from %3$s', 'bbpress' ), $action_item_count, $topic_title, bp_core_get_user_displayname( $secondary_item_id ) )
-            : sprintf( __( 'You have %d new reply to %s',             'bbpress' ), $action_item_count, $topic_title );
+            ? sprintf( esc_html__( 'You have %d new reply to %2$s from %3$s', 'bbpress' ), $action_item_count, $topic_title, bp_core_get_user_displayname( $secondary_item_id ) )
+            : sprintf( esc_html__( 'You have %d new reply to %s',             'bbpress' ), $action_item_count, $topic_title );
     }