ryan
|
593659b8d0
|
Hardening. Santizers for WPLANG and new_admin_email. Prevent stomping ID and filter. Validate locale filename. Props westi.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-06-27 15:56:42 +00:00 |
ryan
|
bc667be71b
|
Allow plus '+' character when sanitizing mime type. Props cyberhobo. fixes #17855
git-svn-id: http://svn.automattic.com/wordpress/trunk@18324 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-06-20 20:05:57 +00:00 |
westi
|
fda24a53ed
|
Ensure we have a valid timezone identifier before trying to use it.
Validate the new timezone identifier during option update.
Fixes #17840.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18323 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-06-20 14:58:50 +00:00 |
azaozz
|
ae81d75d39
|
Fix typo in remove_accents(), props scribu, fixes #16232
git-svn-id: http://svn.automattic.com/wordpress/trunk@18159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-06-06 02:22:50 +00:00 |
ryan
|
4da684cf9a
|
Update @since
git-svn-id: http://svn.automattic.com/wordpress/trunk@18032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-05-25 15:47:17 +00:00 |
ryan
|
81a5f821fb
|
Sanitize guid on save and display. Sanitize mime type on save. Don't allow changing mime type via edit form handlers. Protect hidden meta.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-05-22 23:19:42 +00:00 |
ryan
|
569c17df7f
|
Properly anchor mime preg.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-05-22 23:17:09 +00:00 |
nacin
|
98bd4c0b2f
|
s/coma/comma/. props ocean90.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-05-21 15:20:25 +00:00 |
ryan
|
b2c2e302be
|
Revert part of [17920]. Support for empty tz must remain. Props johnjamesjacoby. fixes #17448
git-svn-id: http://svn.automattic.com/wordpress/trunk@17958 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-05-18 18:56:42 +00:00 |
westi
|
65e341d0cb
|
Fix typos and inconsistencies in PHPdoc / function declarations. See #17414 props duck_
git-svn-id: http://svn.automattic.com/wordpress/trunk@17925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-05-14 09:50:20 +00:00 |
ryan
|
58767691f4
|
Remove PHP5 back compat code from get_gmt_from_date. Props technosailor. fixes #16920
git-svn-id: http://svn.automattic.com/wordpress/trunk@17920 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-05-13 19:17:07 +00:00 |
ryan
|
74354459f1
|
Performance improvements for wptexturize(). Props solarissmoke, hakre. fixes #16684
git-svn-id: http://svn.automattic.com/wordpress/trunk@17636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-04-13 17:11:35 +00:00 |
nacin
|
14ec951269
|
Make underscores valid in sanitize_html_class. fixes #17067.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-04-06 21:28:52 +00:00 |
ryan
|
975a6a8c8d
|
Reduce backtracking in make_clickable() regex. Reduce pcre.recursion_limit to avoid segfaulting. Props hakre. For trunk.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-03-28 21:39:16 +00:00 |
ryan
|
4d46e8d95e
|
Lose create_function() in links_add_target() and links_add_base_url(). esc_attr() the target to provide extra coverage for plugins. Props Justin Rainbow, nacin. For trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@17459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-02-16 19:24:18 +00:00 |
ryan
|
85f1feed84
|
Bring out the shears.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2011-01-06 04:11:14 +00:00 |
ryan
|
81cd855720
|
Don't be case sensitive to attribute names. Handle padded entities when checking for bad protocols. Normalize entities before checking for bad protocols in esc_url(). Props Mauro Gentile, duck_, miqrogroove
git-svn-id: http://svn.automattic.com/wordpress/trunk@17171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-12-29 20:45:37 +00:00 |
nacin
|
95726df854
|
Revert [16995] due to the way the data enters the db. props garyc40, see #15454.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17142 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-12-25 18:10:59 +00:00 |
ryan
|
3a66c698ee
|
Remove some unnecessary esc_textarea() calls. Props garyc40. see #15454
git-svn-id: http://svn.automattic.com/wordpress/trunk@17001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-12-16 17:48:20 +00:00 |
markjaquith
|
49c11dc768
|
Use ENT_QUOTES in esc_textarea() in case someone uses it in a value='' situation by accident. see #15454
git-svn-id: http://svn.automattic.com/wordpress/trunk@16993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-12-16 09:24:22 +00:00 |
westi
|
60aa1d3062
|
Ultimate make_clickable. Fixes #14993 props filosofo
git-svn-id: http://svn.automattic.com/wordpress/trunk@16948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-12-15 13:43:30 +00:00 |
westi
|
1df7f1be64
|
Revert [16279] - the recursive nature of this regex doesn't play well with stack space. See #14993
git-svn-id: http://svn.automattic.com/wordpress/trunk@16692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-12-02 17:26:06 +00:00 |
nacin
|
b8ce0261df
|
More param fixes, props duck_. see #14783.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16469 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-18 19:12:48 +00:00 |
ryan
|
847499e531
|
Pinking shears
git-svn-id: http://svn.automattic.com/wordpress/trunk@16438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-17 18:47:34 +00:00 |
markjaquith
|
6482610f9a
|
esc_textarea() and application for obvious textarea escaping. props alexkingorg. fixes #15454
git-svn-id: http://svn.automattic.com/wordpress/trunk@16431 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-17 17:12:01 +00:00 |
nacin
|
3f5b442306
|
Revert changes to wptexturize() until test cases pass. Reverts [16280], [16378]. see #4539 and #15241.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-16 22:18:48 +00:00 |
westi
|
17d25e2cdc
|
Fix regression in wptexturize with single quotes when used for contraction. See #15241 props norbertm.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-15 08:52:36 +00:00 |
nacin
|
81a8f2d3ce
|
Use square brackets instead of braces for string access. props hakre, fixes #13900.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-13 09:53:55 +00:00 |
nacin
|
5f4a583fb1
|
Remove more create_function calls. props huichen, see #14424.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-11 22:50:36 +00:00 |
westi
|
71fab5576a
|
Improved RegEx for quote matching in wptexturize. Fixes #4539 and #15241 props norbertm.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-10 19:23:57 +00:00 |
westi
|
2d09607167
|
Don't capture the pesky trailing punctuation. Fixes #14993 props filosofo
git-svn-id: http://svn.automattic.com/wordpress/trunk@16279 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-10 17:47:46 +00:00 |
ryan
|
dbf7388c5b
|
Don't anchor regex. Props ozh. fixes #14628
git-svn-id: http://svn.automattic.com/wordpress/trunk@16207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-05 15:29:50 +00:00 |
scribu
|
fdd3556806
|
Introduce wp_basename() and use it for media handling. See #11887
git-svn-id: http://svn.automattic.com/wordpress/trunk@16154 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-02 17:19:55 +00:00 |
westi
|
81a1c190c4
|
Revert 16150 - breaks things more than it fixes things. See #14993
git-svn-id: http://svn.automattic.com/wordpress/trunk@16151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-02 11:42:30 +00:00 |
westi
|
c6471ef6e2
|
Don't capture RFC3986 sub-delims when making urls clickable except for ). Fixes #14993 props filosofo.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-11-02 09:45:09 +00:00 |
westi
|
51c714b256
|
Always capture ! as part of a url. See #14993 props filosofo.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16111 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-10-31 09:09:29 +00:00 |
westi
|
fed42ecdf1
|
Purger more create_function usage during autop and iso descrambling. See #14424 props ScottMac.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-10-28 07:38:00 +00:00 |
ryan
|
614dd3b3a9
|
Idempotence for sanitize_user(). Make sanitize_key() match its phpdoc. Props duck_ fixes #15198
git-svn-id: http://svn.automattic.com/wordpress/trunk@15948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-10-24 20:33:54 +00:00 |
scribu
|
81025846b1
|
Also convert uppercase letters in Latin Extended-B. See #9591
git-svn-id: http://svn.automattic.com/wordpress/trunk@15931 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-10-23 15:36:16 +00:00 |
scribu
|
633daa01cb
|
remove_accents(): Nordic characters fixes. Props einare. Fixes #4739. See #9591
git-svn-id: http://svn.automattic.com/wordpress/trunk@15930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-10-23 13:00:21 +00:00 |
scribu
|
c613576e77
|
Introduce sanitize_title_for_query(). See #9591
git-svn-id: http://svn.automattic.com/wordpress/trunk@15929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-10-23 12:55:55 +00:00 |
ryan
|
fd2896de77
|
Improve regex performance in wptexturize(). Props mdawaffe. fixes #15093
git-svn-id: http://svn.automattic.com/wordpress/trunk@15816 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-10-15 14:34:38 +00:00 |
ryan
|
6b351163ef
|
Simplify sanitize_key() and use it in more places. see #14910
git-svn-id: http://svn.automattic.com/wordpress/trunk@15635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-09-20 15:28:58 +00:00 |
nacin
|
5a20c05d27
|
Phpdoc argument/@param cleanups. props duck_, see #14783.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-09-07 11:21:11 +00:00 |
ryan
|
5d5f2ed563
|
Make smilies links SSL aware. Props tech163. fixes #14360
git-svn-id: http://svn.automattic.com/wordpress/trunk@15554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-08-31 18:26:18 +00:00 |
markjaquith
|
798ba9900d
|
Leonard Lin was kind enough to relicense his balanceTags() function as "GPL (any version)" instead of "GPL v2.0." http://github.com/lhl/balanceTags/blob/master/README
git-svn-id: http://svn.automattic.com/wordpress/trunk@15536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-08-26 15:43:32 +00:00 |
markjaquith
|
57deb5ec03
|
More judicious Wordpress-to-WordPress correction, to avoid bungling reasonable URLs. fixes #13971
git-svn-id: http://svn.automattic.com/wordpress/trunk@15377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-07-08 19:35:29 +00:00 |
dd32
|
a14d289755
|
Alot more tabs. Props jacobsantos & Viper007bond. See #14147
git-svn-id: http://svn.automattic.com/wordpress/trunk@15355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-06-30 00:05:18 +00:00 |
nacin
|
2eadcb9aef
|
Fix warnings related to static pages. props zeo for initial patch. fixes #13830.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-06-11 17:04:06 +00:00 |
nacin
|
c3cf7e4ee0
|
Forever eliminate 'Wordpress' from the planet (or at least the little bit we can influence). props matt.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2010-05-27 16:11:27 +00:00 |