Skip to:
Content

bbPress.org

Changeset 7214


Ignore:
Timestamp:
10/12/2021 10:09:28 PM (3 years ago)
Author:
johnjamesjacoby
Message:

Users: add some error checking to get_userdata() calls in profile link functions.

This change ensures that when attempting to link to user profiles when the display_name is the inner HTML of the link, that the "Anonymous" alternate is used whenever the user cannot be found.

It also bails early – returning false – if the user account simply does not exist, consistent with upstream calls to bbp_get_user_id(). (Functions calling these functions have a responsibility to appropriately handle boolean return values.)

In trunk, for 2.7.

Fixes #3440.

Location:
trunk/src/includes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/includes/extend/buddypress/activity.php

    r7187 r7214  
    385385
    386386        // User link for topic author
    387         $user_link = bbp_get_user_profile_link( $user_id  );
     387        $user_link = bbp_get_user_profile_link( $user_id );
    388388
    389389        // Topic
     
    520520
    521521        // Setup links for activity stream
    522         $user_link = bbp_get_user_profile_link( $user_id  );
     522        $user_link = bbp_get_user_profile_link( $user_id );
    523523
    524524        // Reply
  • trunk/src/includes/users/template.php

    r7185 r7214  
    445445        }
    446446
    447         $user      = get_userdata( $user_id );
    448         $user_link = '<a href="' . esc_url( bbp_get_user_profile_url( $user_id ) ) . '">' . esc_html( $user->display_name ) . '</a>';
    449 
    450         // Filter & return
    451         return apply_filters( 'bbp_get_user_profile_link', $user_link, $user_id );
     447        // Get the user
     448        $user = get_userdata( $user_id );
     449        if ( empty( $user ) ) {
     450            return false;
     451        }
     452
     453        // Display Name
     454        $name = ! empty( $user->display_name )
     455            ? $user->display_name
     456            : bbp_get_fallback_display_name();
     457
     458        // URL
     459        $url = bbp_get_user_profile_url( $user_id );
     460
     461        // Link
     462        $link = ! empty( $url )
     463            ? '<a href="' . esc_url( $url ) . '">' . esc_html( $name ) . '</a>'
     464            : esc_html( $name );
     465
     466        // Filter & return
     467        return (string) apply_filters( 'bbp_get_user_profile_link', $link, $user_id );
    452468    }
    453469
     
    597613        }
    598614
    599         $user      = get_userdata( $user_id );
    600         $edit_link = '<a href="' . esc_url( bbp_get_user_profile_edit_url( $user_id ) ) . '">' . esc_html( $user->display_name ) . '</a>';
    601 
    602         // Filter & return
    603         return apply_filters( 'bbp_get_user_profile_edit_link', $edit_link, $user_id );
     615        // Get the user
     616        $user = get_userdata( $user_id );
     617        if ( empty( $user ) ) {
     618            return false;
     619        }
     620
     621        // Display Name
     622        $name = ! empty( $user->display_name )
     623            ? $user->display_name
     624            : bbp_get_fallback_display_name();
     625
     626        // URL
     627        $url = bbp_get_user_profile_edit_url( $user_id );
     628
     629        // Link
     630        $link = ! empty( $url )
     631            ? '<a href="' . esc_url( $url ) . '">' . esc_html( $name ) . '</a>'
     632            : esc_html( $name );
     633
     634        // Filter & return
     635        return (string) apply_filters( 'bbp_get_user_profile_edit_link', $link, $user_id );
    604636    }
    605637
Note: See TracChangeset for help on using the changeset viewer.