#3069 closed defect (bug) (fixed)
User description (profile) is stored in database html entity encoded
Reported by: | markjaquith | Owned by: | markjaquith |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 2.1 |
Component: | General | Keywords: | has-patch 2nd-opinion |
Focuses: | Cc: |
Description
The user description (profile) is stored in the database encoded into html entities. This necessitates extra work if you actually want to display the user description on the site somewhere, like on their author page, and have things like links work.
Attachments (1)
Change History (8)
#1
@
18 years ago
- Keywords has-patch 2nd-opinion added
- Owner changed from anonymous to markjaquith
- Status changed from new to assigned
Patch removes call to wp_specialchars();
This will need a security check to make sure that wp_specialchars() call wasn't protecting against script injection. It's already kses'd via filters, however.
#2
@
18 years ago
Do we need to do any database upgrade on this?
Where are we kses's the profile - a quick search lead me to nothing.
Note: See
TracTickets for help on using
tickets.
Patch for /trunk/