The built-in profile validation should never stop working. Maybe you’ve got another plugin interfering with things? What else are you using?
@djpaul thanks for the reply
I found what is going on: xprofile_check_is_required_field bypasses if user is administrator, that’s why I was able to save required fields empty.
Now I am trying to hook xprofile_check_is_required_field to a bp-custom function called check_and_validate that also checks the fields for a character limit (another very important missing security feature I pointed out on another post.) But somehow it is not working.. any ideas on how to do it?
By the way Paul, how can I submit tickets on bug tracking? I’ve been messing around with buddypress a lot lately and found a couple.
Actually I think it is impossible without modifying the core files. Any character limit or other custom validation is lost in the edit profile page, and since the $error is a local variable on xprofile_screen_edit_profile, there is no way to set it. Can you confirm that @djpaul?
I don’t know if this is planned for future releases, but I could help build a better validation code for user registration and edit profile. Adding a character limit to fields would be nice.