Sergey Biryukov
51be1d635c
Escape the output in `wp_ajax_upload_attachment()`.
...
Merges [45936] to the 4.4 branch.
Props whyisjake, sstoqnov.
Built from https://develop.svn.wordpress.org/branches/4.4@45951
git-svn-id: http://core.svn.wordpress.org/branches/4.4@45762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:38:22 +00:00
Helen Hou-Sandí
48befcf361
Superglobals: Revert [34059] until further notice.
...
see #33837 .
Built from https://develop.svn.wordpress.org/trunk@34265
git-svn-id: http://core.svn.wordpress.org/trunk@34229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-17 12:33:26 +00:00
Scott Taylor
191400f9e6
Don't ever use the `guid` value when retrieving URLs for media, use `wp_get_attachment_url()`. Use `get_attached_file()` for path to file.
...
Fixes #33386 .
Built from https://develop.svn.wordpress.org/trunk@34163
git-svn-id: http://core.svn.wordpress.org/trunk@34131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 02:50:25 +00:00
Scott Taylor
cd7c0f0b0d
Introduce `wp_validate_action( $action = '' )`, a helper function that checks `$_REQUEST` for `action` and returns it, or empty string if not present. If `$action` is passed, it checks to make sure they match before returning it, or an empty string. Strings are always returned to avoid returning multiple types.
...
Implementing this removes 27 uses of direct superglobal access in the admin.
For more reading:
https://codeclimate.com/github/WordPress/WordPress/wp-admin/edit-comments.php
See #33837 .
Built from https://develop.svn.wordpress.org/trunk@34059
git-svn-id: http://core.svn.wordpress.org/trunk@34027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 21:08:26 +00:00
Sergey Biryukov
32b5726fd4
Merge two similar strings.
...
props pavelevap.
fixes #33643 .
Built from https://develop.svn.wordpress.org/trunk@33842
git-svn-id: http://core.svn.wordpress.org/trunk@33810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-01 13:46:24 +00:00
Scott Taylor
8af2dbc671
Correct punctuation/case for inline comment in `async-upload.php`
...
Props chriscct7.
Fixes #33408 .
Built from https://develop.svn.wordpress.org/trunk@33640
git-svn-id: http://core.svn.wordpress.org/trunk@33607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-18 23:35:25 +00:00
Dion Hulse
3cec3655e9
Prevent IE9 and lower displaying the download file dialogue when attempting to upload using the `html4` Plupload handler.
...
The HTML4 Plupload handler uses a hidden iframe to POST the upload form,
Unfortunately Internet Explorer 9 doesn't support the `application/json`
content-type which `wp_send_json_success()` and requires `text/html` instead.
This partially reverts [30354], keeping the better error messages.
Fixes #31037 for trunk.
Built from https://develop.svn.wordpress.org/trunk@31429
git-svn-id: http://core.svn.wordpress.org/trunk@31410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-12 01:15:29 +00:00
Drew Jaynes
2faf449f51
Docs Formatting: Backtick-escape inline code for all dynamic hook docs in wp-admin/*.
...
Also includes some changes to move hook docs to directly precede hook lines. This is necessary to prevent DocBlock-matching confusion when core is parsed.
Affects DocBlocks for the following hooks:
* `wp_ajax_ . $_REQUEST['action']`
* `wp_ajax_nopriv_ . $_REQUEST['action']`
* `admin_footer- . $GLOBALS['hook_suffix']`
* `admin_head-$hook_suffix`
* `admin_post_nopriv_{$action}`
* `admin_post_{$action}`
* `load- . $page_hook`
* `load- . $plugin_page`
* `load-importer- . $importer`
* `load- . $pagenow`
* `admin_action_ . $_REQUEST['action']`
* `async_upload_{$type}`
* `add_meta_boxes_ . $post_type`
* `{$taxonomy}_pre_edit_form`
* `{$taxonomy}_term_edit_form_tag`
* `{$taxonomy}_edit_form_fields`
* `{$taxonomy}_edit_form`
* `after-{$taxonomy}-table`
* `{$taxonomy}_pre_add_form`
* `{$taxonomy}_term_new_form_tag`
* `{$taxonomy}_add_form_fields`
* `{$taxonomy}_add_form`
* `media_upload_$type`
* `media_upload_$tab`
* `install_plugins_pre_$tab`
* `install_plugins_$tab`
* `install_themes_pre_{$tab}`
* `install_themes_{$tab}`
* `update-core-custom_{$action}`
* `update-custom_{$action}`
* `user_{$name}_label`
See #30552 .
Built from https://develop.svn.wordpress.org/trunk@30649
git-svn-id: http://core.svn.wordpress.org/trunk@30639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 11:42:24 +00:00
John Blackbourn
fd15794b5c
Add some specific JSON responses when there are user permission errors for AJAX file uploads. Replace some usage of `wp_json_encode()` with `wp_send_json_*()`.
...
See #25849
Props gcorne
Built from https://develop.svn.wordpress.org/trunk@30354
git-svn-id: http://core.svn.wordpress.org/trunk@30353 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-16 05:47:21 +00:00
Scott Taylor
2d1080aed1
Improve `wp.Uploader` documentation.
...
Props ericlewis.
See #30260 .
Built from https://develop.svn.wordpress.org/trunk@30244
git-svn-id: http://core.svn.wordpress.org/trunk@30244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-05 19:37:23 +00:00
Dominik Schilling
8ea68677f3
Media Upload: Improve styling of error messages.
...
props afercia, michalzuber.
fixes #29047 .
Built from https://develop.svn.wordpress.org/trunk@29355
git-svn-id: http://core.svn.wordpress.org/trunk@29131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-02 14:14:19 +00:00
Drew Jaynes
097dc8ee15
Fix syntax for single- and multi-line comments in wp-admin-directory files.
...
See #28931 .
Built from https://develop.svn.wordpress.org/trunk@29206
git-svn-id: http://core.svn.wordpress.org/trunk@28990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-17 09:14:16 +00:00
Scott Taylor
b9afafffe3
`hackificator` complains if you call `include 'file.php'` without the parens, needs to be `include( 'file.php' )`
...
See #27881 .
Built from https://develop.svn.wordpress.org/trunk@28479
git-svn-id: http://core.svn.wordpress.org/trunk@28306 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-18 20:52:15 +00:00
Scott Taylor
112ca4e055
Because the `WP_ADMIN` constant name can be bound in multiple files, all instances should check `! defined` first. `wp-admin/admin.php` already has this check.
...
See #27881 .
Built from https://develop.svn.wordpress.org/trunk@28478
git-svn-id: http://core.svn.wordpress.org/trunk@28305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-18 20:42:16 +00:00
Dominik Schilling
12334929d7
Fix typo in hook description for `async_upload_{$type}`.
...
Built from https://develop.svn.wordpress.org/trunk@27955
git-svn-id: http://core.svn.wordpress.org/trunk@27785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-05 14:12:16 +00:00
Andrew Nacin
5965616aca
Define DOING_AJAX earlier in async-upload.php.
...
props avryl.
fixes #27387 . see [22902].
Built from https://develop.svn.wordpress.org/trunk@27558
git-svn-id: http://core.svn.wordpress.org/trunk@27401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-15 19:59:15 +00:00
Drew Jaynes
95bf041b3a
Inline documentation for hooks in wp-admin/async-upload.php.
...
Props rzen for the initial patch.
Fixes #25517 .
Built from https://develop.svn.wordpress.org/trunk@25942
git-svn-id: http://core.svn.wordpress.org/trunk@25901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-26 21:41:09 +00:00
Andrew Nacin
fd57b239d2
Don't rely on include_path to include files.
...
Always use dirname() or, once available, ABSPATH.
props ketwaroo, hakre.
fixes #17092 .
Built from https://develop.svn.wordpress.org/trunk@25616
git-svn-id: http://core.svn.wordpress.org/trunk@25533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-25 00:18:11 +00:00
Andrew Nacin
c2db94d10c
Use meta caps edit_post, read_post, and delete_post directly, rather than consulting the post type object. map_meta_cap() handles that for us. props markjaquith, kovshenin. fixes #23226 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-08 20:05:42 +00:00
Sergey Biryukov
415a5c60da
* Pass ellipsis as a parameter to wp_html_excerpt() instead of appending it manually.
...
* Consolidate the logic to avoid appending ellipsis if the entire string is shown.
* Show ellipsis after truncated filenames and post titles.
props solarissmoke, bpetty, SergeyBiryukov. fixes #11446 .
git-svn-id: http://core.svn.wordpress.org/trunk@24214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-09 00:22:02 +00:00
Andrew Nacin
7e13a6656c
Verify attachment parent during upload.
...
git-svn-id: http://core.svn.wordpress.org/trunk@22915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-29 02:39:34 +00:00
Ryan Boren
ea0d28db29
Route uploads through async-upload.php instead of admin-ajax.php.
...
Props nacin, koopersmith
fixes #22622
git-svn-id: http://core.svn.wordpress.org/trunk@22902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-28 20:17:57 +00:00
Andrew Nacin
e276fc44be
Have media-new.php return simple rows of basic attachment data, with an 'Edit' link next to each taking them to post.php (in a new window). Not ideal, but this is largely a fallback screen at this point.
...
This is bolted on to existing code, the vast majority of which is destined to be ripped out in 3.6 once things settle.
see #22083 .
git-svn-id: http://core.svn.wordpress.org/trunk@22755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-21 13:05:44 +00:00
ryan
e3b46b25d3
Lose EOF ?>. Clean up EOF newlines. fixes #12307
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
ryan
0358498b0a
Use text/html to appease IE < 9. Props azaozz. fixes #19494
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19586 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-11 00:03:24 +00:00
ryan
3862c4c34c
Add cap and type checks to media item fetch. For trunk
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17390 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-02-05 18:22:53 +00:00
dd32
0821c7163b
Better display handling of error messages during swfupload uploading. Fixes #12225
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14816 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-23 10:59:52 +00:00
nacin
6ec7cb4540
Use relative paths when including files, avoiding include_path. fixes #12594 , props sorich87.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-18 06:14:45 +00:00
ryan
e8c32c03b0
Pass logged_in cookie to async-upload. Props nbachiyski. fixes #10739
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-08 15:22:42 +00:00
azaozz
85766ab12e
Show "Delete" in Media -> Add New, props mgriepentrog, fixes #7879
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11421 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-21 01:42:40 +00:00
markjaquith
119b39cec2
deprecate wp_specialchars() in favor of esc_html(). Encode quotes for esc_html() as in esc_attr(), to improve plugin security.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-18 15:11:07 +00:00
ryan
a61bc0ec8a
Trailing whitespace cleanup
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-20 18:18:39 +00:00
azaozz
f26797d298
Define WP_ADMIN in flash uploader, props hailin, fixes #9368
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10827 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-03-20 01:07:35 +00:00
azaozz
65e0cea07b
Show file url after upload form media library, props yoavf, fixes #9267
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10696 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-03-04 08:22:25 +00:00
ryan
9861eb1a85
Notice fixes from DD32. see #7509
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@9699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-11-14 23:01:16 +00:00
azaozz
a6f7c12d48
Upload media from the Media Library page.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@8998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-09-27 08:17:55 +00:00
ryan
175c2b6fb1
WP-Admin File Level Inline Documentation from santosj. see #7496
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@8618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-11 20:26:31 +00:00
ryan
35b18e5034
Trailing whitespace cleanup
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@8600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-09 05:36:14 +00:00
ryan
636c562256
SSL fixes. see #7001
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@8190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-06-24 22:19:27 +00:00
ryan
5ad5715af7
Add some noncing. Props andy.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@8023 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-05-30 20:43:36 +00:00
ryan
a5336482b1
Add charset to async-upload content-type header. Props duncanmc. fixes #6873 for trunk
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@8021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-05-30 20:42:28 +00:00
ryan
5b8113578d
Allow wp-config.php to exist one level up from WordPress root directory. Props sambauers. fixes #6933
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@7971 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-05-21 05:59:27 +00:00
ryan
cab4206406
Workaround response truncation by reducing size of response after uploading with flash uploader. Props tellyworth. fixes #6713
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@7682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-04-14 23:09:14 +00:00
ryan
b0b5981a77
Add capability check to async-upload. Props xknown. fixes #5848
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6830 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-02-13 23:16:11 +00:00
matt
f529123061
First pass at async upload, multi-upload, and gallery feature. Modified names from patch. Hat tip: tellyworth, skeltoac.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6659 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-01-25 19:21:11 +00:00