BuddyPress

Unescaped parameter $search_terms_left_join used in $wpdb->get_results("\n\t\t\tSELECT b.blog_id, b.user_id as admin_user_id, u.user_email as admin_user_email, wb.domain, wb.path, bm.meta_value as last_activity, bm_name.meta_value as name\n\t\t\tFROM\n\t\t\t {$bp->blogs->table_name} b\n\t\t\t LEFT JOIN {$bp->blogs->table_name_blogmeta} bm ON (b.blog_id = bm.blog_id)\n\t\t\t LEFT JOIN {$bp->blogs->table_name_blogmeta} bm_name ON (b.blog_id = bm_name.blog_id)\n\t\t\t {$search_terms_left_join}\n\t\t\t LEFT JOIN {$wpdb->base_prefix}blogs wb ON (b.blog_id = wb.blog_id)\n\t\t\t LEFT JOIN {$wpdb->users} u ON (b.user_id = u.ID)\n\t\t\tWHERE\n\t\t\t wb.archived = '0' AND wb.spam = 0 AND wb.mature = 0 AND wb.deleted = 0 {$hidden_sql}\n\t\t\t AND bm.meta_key = 'last_activity' AND bm_name.meta_key = 'name'\n\t\t\t {$search_terms_sql} {$user_sql} {$include_sql} {$date_query_sql}\n\t\t\tGROUP BY b.blog_id {$order_sql} {$pag_sql}\n\t\t")\n$search_terms_left_join assigned unsafely at line 276:\n $search_terms_left_join = ''\n$search_terms_sql assigned unsafely at line 277:\n $search_terms_sql = ''\n$paged_blogs assigned unsafely at line 280:\n $paged_blogs = $wpdb->get_results( "\n\t\t\tSELECT b.blog_id, b.user_id as admin_user_id, u.user_email as admin_user_email, wb.domain, wb.path, bm.meta_value as last_activity, bm_name.meta_value as name\n\t\t\tFROM\n\t\t\t {$bp->blogs->table_name} b\n\t\t\t LEFT JOIN {$bp->blogs->table_name_blogmeta} bm ON (b.blog_id = bm.blog_id)\n\t\t\t LEFT JOIN {$bp->blogs->table_name_blogmeta} bm_name ON (b.blog_id = bm_name.blog_id)\n\t\t\t {$search_terms_left_join}\n\t\t\t LEFT JOIN {$wpdb->base_prefix}blogs wb ON (b.blog_id = wb.blog_id)\n\t\t\t LEFT JOIN {$wpdb->users} u ON (b.user_id = u.ID)\n\t\t\tWHERE\n\t\t\t wb.archived = '0' AND wb.spam = 0 AND wb.mature = 0 AND wb.deleted = 0 {$hidden_sql}\n\t\t\t AND bm.meta_key = 'last_activity' AND bm_name.meta_key = 'name'\n\t\t\t {$search_terms_sql} {$user_sql} {$include_sql} {$date_query_sql}\n\t\t\tGROUP BY b.blog_id {$order_sql} {$pag_sql}\n\t\t" )\n$hidden_sql assigned unsafely at line 234:\n $hidden_sql = ''\n$user_sql assigned unsafely at line 239:\n $user_sql = ! empty( $r['user_id'] ) ? $wpdb->prepare( " AND b.user_id = %d", $r['user_id'] ) : ''\n$date_query_sql assigned unsafely at line 252:\n $date_query_sql = BP_Date_Query::get_where_sql( $r['date_query'], 'wb.registered', true )\n$pag_sql assigned unsafely at line 237:\n $pag_sql = ( $r['per_page'] && $r['page'] ) ? $wpdb->prepare( " LIMIT %d, %d", intval( ( $r['page'] - 1 ) * $r['per_page']), intval( $r['per_page'] ) ) : ''\n$r['date_query'] used without escaping.

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "bp_core_get_avatar_data_url_filter".

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "bp_core_check_avatar_upload".

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "bp_core_check_avatar_size".

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "bp_core_get_allowed_avatar_types".

Hook names invoked by a theme/plugin should start with the theme/plugin prefix. Found: "bp_core_get_allowed_avatar_types".

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "bp_core_get_allowed_avatar_mimes".

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "bp_core_check_avatar_type".

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "bp_core_get_upload_dir".

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: "bp_core_avatar_upload_path".