Nikolay Bachiyski
0ff6ca33c7
Snoopy: use escapeshellarg instead of escapeshellcmd
...
We are escaping arguments, not commands, so we'd better use the semantically correct function, even though they are similar.
Merges [37094] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@37100
git-svn-id: http://core.svn.wordpress.org/branches/3.9@37067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-30 14:12:14 +00:00
Dominik Schilling
ea26079cde
Bump 3.9 branch to 3.9.11.
...
Built from https://develop.svn.wordpress.org/branches/3.9@36460
git-svn-id: http://core.svn.wordpress.org/branches/3.9@36427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 17:30:14 +00:00
Dominik Schilling
53226bc6f2
Better validation of the URL used in HTTP redirects.
...
Merges [36444] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@36452
git-svn-id: http://core.svn.wordpress.org/branches/3.9@36419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 17:01:19 +00:00
Dominik Schilling
dfea282b1d
HTTP: `0.1.2.3` is not a valid IP.
...
Merges [36435] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@36441
git-svn-id: http://core.svn.wordpress.org/branches/3.9@36408 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 13:05:12 +00:00
Dominik Schilling
97a834aaab
Bump 3.9 branch to 3.9.10.
...
Built from https://develop.svn.wordpress.org/branches/3.9@36201
git-svn-id: http://core.svn.wordpress.org/branches/3.9@36168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 18:51:14 +00:00
Aaron Jorbin
5014bb866c
Theme: Escape error messages
...
[36185] for 3.9 branch
Built from https://develop.svn.wordpress.org/branches/3.9@36191
git-svn-id: http://core.svn.wordpress.org/branches/3.9@36158 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 17:28:14 +00:00
Dion Hulse
96ad697c96
Background Updates: Remove the 7am/7pm background update check.
...
This changeset is a more basic version of [36180], clearing the extra now redundant schedule.
As the functionality for this was introduced in 3.9, [28129] has been backported to 3.7/3.8, allowing the API TTL to be respected by those versions.
See #27772 .
Fixes #35323 .
Built from https://develop.svn.wordpress.org/trunk@36184
git-svn-id: http://core.svn.wordpress.org/branches/3.9@36151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 13:24:33 +00:00
Dion Hulse
4686a8e4e7
Update Akismet externals
...
git-svn-id: http://core.svn.wordpress.org/branches/3.9@35107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-13 17:19:01 +00:00
Dominik Schilling
5ef1e3048b
Finish bumping the 3.9 branch to 3.9.11.
...
Built from https://develop.svn.wordpress.org/branches/3.9@34196
git-svn-id: http://core.svn.wordpress.org/branches/3.9@34163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 14:53:17 +00:00
Helen Hou-Sandí
831baf7b04
Bump 3.9 branch to 3.9.9.
...
Built from https://develop.svn.wordpress.org/branches/3.9@34185
git-svn-id: http://core.svn.wordpress.org/branches/3.9@34153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 14:29:45 +00:00
Dominik Schilling
fdc6949e64
XMLRPC: Don't allow private posts to be sticky.
...
Merge of [33325], [33612], and [34135] to the 3.9 branch.
See #20662 .
Built from https://develop.svn.wordpress.org/branches/3.9@34155
git-svn-id: http://core.svn.wordpress.org/branches/3.9@34123 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 23:02:14 +00:00
Nikolay Bachiyski
008ebcfae7
Shortcodes: don't allow unclosed HTML elements in attributes
...
Merges [34134] for 3.9 branch
Built from https://develop.svn.wordpress.org/branches/3.9@34148
git-svn-id: http://core.svn.wordpress.org/branches/3.9@34116 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 22:49:30 +00:00
Nikolay Bachiyski
0c61562bf5
List tables: escape user e-mails
...
Merges [34133] for 3.9 branch
Built from https://develop.svn.wordpress.org/branches/3.9@34141
git-svn-id: http://core.svn.wordpress.org/branches/3.9@34109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 22:44:14 +00:00
Gary Pendergast
b7606aaa3c
WPDB: `get_table_from_query()` didn't find table names with hyphens in them.
...
Merge of [33718] to the 3.9 branch.
Props dustinbolton, pento.
See #33470 .
Built from https://develop.svn.wordpress.org/branches/3.9@33995
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 07:09:14 +00:00
Gary Pendergast
3edf686b37
Capabilities: Fall back to the `edit_posts` capability for orphaned comments.
...
Merge of the `capabilities.php` part of [33614] to the 3.9 branch.
Props pento, dd32.
See #33154 .
Built from https://develop.svn.wordpress.org/branches/3.9@33975
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 06:14:14 +00:00
Dominik Schilling
fc3a293811
Bump 3.9 branch to version 3.9.8.
...
Built from https://develop.svn.wordpress.org/branches/3.9@33570
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33537 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 11:40:14 +00:00
Dion Hulse
31ebb3f94b
Fix `do_shortcode('<[shortcode]')` edge case.
...
Props miqrogroove.
Merges [33499] to the 3.9 branch.
See #33116 .
Built from https://develop.svn.wordpress.org/branches/3.9@33566
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 07:18:46 +00:00
Dominik Schilling
996d8547e3
Comments: IDs are integers.
...
Merge of [33555] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33559
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 05:00:06 +00:00
Dominik Schilling
7a06b64959
Themes: Fix some broken links in the legacy theme preview.
...
Merge of [33549] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33552
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33519 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 04:57:55 +00:00
Dominik Schilling
8417706532
Heartbeat: Ensure post locks are released.
...
Merge of [33542] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33546
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 04:56:06 +00:00
Dominik Schilling
811541dfe6
Customizer: Use `hash_equals()` for widgets.
...
Merge of [33535] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33539
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 04:53:20 +00:00
Dominik Schilling
792858da14
Nav menus: Consistent titles in widgets.
...
Merge of [33529] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33532
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-03 20:58:50 +00:00
Andrew Ozz
bb869f458b
Backport r33469 and r33470 to 3.9.
...
See #33106 .
Built from https://develop.svn.wordpress.org/branches/3.9@33523
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-31 01:45:14 +00:00
Gary Pendergast
9641009151
Bump 3.9 branch to version 3.9.7.
...
Built from https://develop.svn.wordpress.org/branches/3.9@33398
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 11:08:13 +00:00
Gary Pendergast
aff3c77aad
Shortcodes: Improve the reliablity of shortcodes inside HTML tags.
...
Merge of [33359] to the 3.9 branch.
Props miqrogroove.
See #15694 .
Built from https://develop.svn.wordpress.org/branches/3.9@33386
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 05:01:14 +00:00
Gary Pendergast
c5eb54f359
Capabilities: When creating an auto-draft, ensure that the current user still has permission to do so.
...
Merge of [33357] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33377
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 04:12:14 +00:00
Dominik Schilling
98037bb876
3.9.6 version bumps.
...
Built from https://develop.svn.wordpress.org/branches/3.9@32437
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 23:30:15 +00:00
Michael Adams
d4608a9fe5
Upgrade: `$wpdb->get_col_length()` sanity check: bail on unexpected return value.
...
Merges [32429] for the 3.9 branch.
See #32165 .
Built from https://develop.svn.wordpress.org/branches/3.9@32433
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 23:14:15 +00:00
Michael Adams
464ce8a75f
Upgrade: Ensure unintelligible DB schemas don't result in content loss.
...
Merge of [32417] to the 3.9 branch.
See #32165 .
Props ocean90.
Built from https://develop.svn.wordpress.org/branches/3.9@32421
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 21:53:15 +00:00
John Blackbourn
8f57ec6bbf
WPDB: Allow queries to reference tables in the dbname.tablename format, and allow table names to contain any valid character, rather than just ASCII.
...
Merge of [32368] to the 3.9 branch.
Props pento, willstedt for the initial patch.
See #32090 .
Built from https://develop.svn.wordpress.org/branches/3.9@32414
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 21:05:14 +00:00
Aaron Jorbin
96890b155a
Remove debugging comments from [32408]
...
Built from https://develop.svn.wordpress.org/branches/3.9@32409
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32379 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 20:30:15 +00:00
Aaron Jorbin
fbb0252a46
When upgrading WordPress remove genericons example.html files
...
[32385] for 3.9 branch
Props @dd32, @boonebgorges, @johnjamesjacoby, @drewapicture, @jorbin
Built from https://develop.svn.wordpress.org/branches/3.9@32408
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 20:20:14 +00:00
Dominik Schilling
16156dcff9
WPDB: When sanity checking query character sets, there's no need to check queries that don't return user data.
...
Merges [32374] to the 3.9 branch.
props pento.
see #32104 .
Built from https://develop.svn.wordpress.org/branches/3.9@32405
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 20:05:46 +00:00
Helen Hou-Sandí
cfb6ef101b
The UTF-8 regex can occasionally fail on very low memory machines. Reduce the amount of memory it uses.
...
Merges [32375] to the 3.9 branch.
props pento.
See #32204 .
Built from https://develop.svn.wordpress.org/branches/3.9@32398
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32368 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:43:51 +00:00
Michael Adams
1c86df8bbf
WPDB: When checking that a string can be sent to MySQL, we shouldn't use `mb_convert_encoding()`, as it behaves differently to MySQL's character encoding conversion.
...
Merge of [32364] to the 3.9 branch.
Props mdawaffe, pento, nbachiyski, jorbin, johnjamesjacoby, jeremyfelt.
See #32165 .
Built from https://develop.svn.wordpress.org/branches/3.9@32389
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32359 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:12:16 +00:00
Andrew Ozz
b2c747a38e
TinyMCE: work-around a bug in the tags matching regex.
...
For 3.9.
Built from https://develop.svn.wordpress.org/branches/3.9@32373
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 05:36:17 +00:00
Michael Adams
10be03b2d7
3.9:
...
- WPDB: Sanity check that any strings being stored in the DB are not too long to store correctly.
- When upgrading, remove any suspicious comments.
Built from https://develop.svn.wordpress.org/branches/3.9@32316
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-27 18:30:15 +00:00
Gary Pendergast
ad0a3701d4
3.9 branch is now 3.9.6.
...
Built from https://develop.svn.wordpress.org/branches/3.9@32303
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-27 14:12:15 +00:00
Helen Hou-Sandí
67a0654bcb
The 3.9 branch is now 3.9.5.
...
Built from https://develop.svn.wordpress.org/branches/3.9@32284
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32255 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-23 21:35:52 +00:00
Gary Pendergast
fa12b4a44c
WPDB: When sanity checking a string by sending it to MySQL for conversion checks, the incorrect data structure was being returned from wpdb::strip_invalid_text(), causing all write queries to fail for some character sets when the query contained non-ASCII characters.
...
Merge of [32261] to the 3.9 branch.
See #32051 .
Built from https://develop.svn.wordpress.org/branches/3.9@32273
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-23 11:48:16 +00:00
Gary Pendergast
4e39f0ba11
WPDB: When deciding if a query needs extra sanity checking based on collation, return early when we can. Merges [32232] and [32233] to the 3.9 branch.
...
See #32029 .
Built from https://develop.svn.wordpress.org/branches/3.9@32239
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32210 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-21 06:58:14 +00:00
Gary Pendergast
b435ecd2f8
Fix some `wpdb::check_safe_collation()` calls missed in [32182].
...
Built from https://develop.svn.wordpress.org/branches/3.9@32224
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 19:04:15 +00:00
Gary Pendergast
6af36f8915
Bump 3.9 branch to 3.9.4.
...
Built from https://develop.svn.wordpress.org/branches/3.9@32217
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32191 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 17:37:28 +00:00
Gary Pendergast
f56dd747c8
3.9: Update about.php.
...
Built from https://develop.svn.wordpress.org/branches/3.9@32216
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 17:37:14 +00:00
Gary Pendergast
2a42fc2e73
Ensure post titles are correctly escaped on the Dashboard. Merge of [32175] to the 3.9 branch.
...
Props helen, ocean90, dd32, pento.
Built from https://develop.svn.wordpress.org/branches/3.9@32204
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 13:39:14 +00:00
Gary Pendergast
7bd9e93fef
In Multisite, prevent plugins from unintentionally switching sites. Merge of [32173] to the 3.9 branch.
...
Props mdawaffe, pento.
Built from https://develop.svn.wordpress.org/branches/3.9@32200
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32173 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 13:23:15 +00:00
Gary Pendergast
6c6ea88f7d
Update the Plupload Flash file to the latest version. Merge of [32168] to the 3.9 branch.
...
Props azaozz.
Built from https://develop.svn.wordpress.org/branches/3.9@32198
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 13:11:15 +00:00
Gary Pendergast
dc27207e1f
Remove some old backwards compatibility code from TinyMCE. Merge of [32166] to the 3.9 branch.
...
Props azaozz.
Built from https://develop.svn.wordpress.org/branches/3.9@32194
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 12:52:16 +00:00
Gary Pendergast
27c4e15959
Clean up some edge cases in `sanitize_sql_orderby()`. Merge of [32164] to the 3.9 branch.
...
Props vortfu, dd32.
Built from https://develop.svn.wordpress.org/branches/3.9@32190
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 12:36:14 +00:00
Gary Pendergast
ff692384e0
`wpdb::$checking_collation` was incorrectly marked as `protected` instead of `private` in [32182].
...
Built from https://develop.svn.wordpress.org/branches/3.9@32185
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32158 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 11:24:15 +00:00