Security issues fixed - SECURITY

viruthagiri · Feb 25, 2016 · 3bf9d4d · 3bf9d4d
1 parent ec7e616
commit 3bf9d4d
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 11 deletions.
diff --git a/bp-compliments.php b/bp-compliments.php
@@ -68,12 +68,8 @@ function bp_compliments_init() {
 
     // show admin notice for users on BP 1.2.x
     } else {
-        $older_version_notice = __( "Hey! BP Compliments requires BuddyPress 1.5 or higher.", 'bp-compliments' );
-
-        add_action( 'admin_notices', create_function( '', "
-			echo '<div class=\"error\"><p>' . $older_version_notice . '</p></div>';
-		" ) );
-
+        add_action( 'admin_notices', 'bp_compliments_older_version_notice' );
+
         return;
     }
 }
@@ -105,7 +101,7 @@ function bp_compliments_activate() {
              */
             $table_prefix = apply_filters( 'bp_core_get_table_prefix', $wpdb->base_prefix );
 
-        $sql[] = "CREATE TABLE IF NOT EXISTS {$table_prefix}bp_compliments (
+        $sql = "CREATE TABLE {$table_prefix}bp_compliments (
 			id bigint(20) NOT NULL AUTO_INCREMENT PRIMARY KEY,
 			term_id int(10) NOT NULL,
 			post_id int(10) NULL DEFAULT NULL,
@@ -154,3 +150,9 @@ function bp_compliments_required_plugins_nag() {
         echo"<div class=\"$class\"> <p>$message</p></div>";
     }
 }
+
+function bp_compliments_older_version_notice() {
+    $older_version_notice = __( "Hey! BP Compliments requires BuddyPress 1.5 or higher.", 'bp-compliments' );
+
+    echo '<div class="error"><p>' . $older_version_notice . '</p></div>';
+}
diff --git a/change_log.txt b/change_log.txt
@@ -2,6 +2,7 @@ v1.0.2
 Compliment user settings page - ADDED
 Linebreaks are removed on compliment messages - FIXED
 Compliments message links are clickable - ADDED
+Security issues fixed - SECURITY
 
 v1.0.1
 Use singular name instead of slug name - FIXED

diff --git a/includes/bp-compliments-functions.php b/includes/bp-compliments-functions.php
@@ -151,6 +151,17 @@ function bp_compliments_remove_data( $user_id ) {
      */
     do_action( 'bp_compliments_after_remove_data', $user_id );
 }
+
+/**
+ * Inject buddypress compliments content into BP.
+ *
+ * @since 0.0.1
+ * @package BuddyPress_Compliments
+ */
+function bp_compliments_single_compliments_content() {
+    bp_get_template_part( 'members/single/compliments' ); // note the new template name for our template part.
+}
+
 add_action( 'wpmu_delete_user',	'bp_compliments_remove_data' );
 add_action( 'delete_user',	'bp_compliments_remove_data' );
 add_action( 'make_spam_user',	'bp_compliments_remove_data' );
diff --git a/includes/bp-compliments-screens.php b/includes/bp-compliments-screens.php
@@ -63,10 +63,7 @@ function bp_compliments_load_template_filter( $found_template, $templates ) {
         $found_template = locate_template( 'members/single/plugins.php', false, false );
 
         // add our hook to inject content into BP
-        // note the new template name for our template part
-        add_action( 'bp_template_content', create_function( '', "
-			bp_get_template_part( 'members/single/compliments' );
-		" ) );
+        add_action( 'bp_template_content', 'bp_compliments_single_compliments_content' );
     }
 
     /**