Commit Graph

25828 Commits

Author SHA1 Message Date
Nikolay Bachiyski 0ff6ca33c7 Snoopy: use escapeshellarg instead of escapeshellcmd
We are escaping arguments, not commands, so we'd better use the semantically correct function, even though they are similar.

Merges [37094] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@37100


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-30 14:12:14 +00:00
Dominik Schilling ea26079cde Bump 3.9 branch to 3.9.11.
Built from https://develop.svn.wordpress.org/branches/3.9@36460


git-svn-id: http://core.svn.wordpress.org/branches/3.9@36427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 17:30:14 +00:00
Dominik Schilling 53226bc6f2 Better validation of the URL used in HTTP redirects.
Merges [36444] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@36452


git-svn-id: http://core.svn.wordpress.org/branches/3.9@36419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 17:01:19 +00:00
Dominik Schilling dfea282b1d HTTP: `0.1.2.3` is not a valid IP.
Merges [36435] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@36441


git-svn-id: http://core.svn.wordpress.org/branches/3.9@36408 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 13:05:12 +00:00
Dominik Schilling 97a834aaab Bump 3.9 branch to 3.9.10.
Built from https://develop.svn.wordpress.org/branches/3.9@36201


git-svn-id: http://core.svn.wordpress.org/branches/3.9@36168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 18:51:14 +00:00
Aaron Jorbin 5014bb866c Theme: Escape error messages
[36185] for 3.9 branch

Built from https://develop.svn.wordpress.org/branches/3.9@36191


git-svn-id: http://core.svn.wordpress.org/branches/3.9@36158 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 17:28:14 +00:00
Dion Hulse 96ad697c96 Background Updates: Remove the 7am/7pm background update check.
This changeset is a more basic version of [36180], clearing the extra now redundant schedule.
As the functionality for this was introduced in 3.9, [28129] has been backported to 3.7/3.8, allowing the API TTL to be respected by those versions.

See #27772.
Fixes #35323.

Built from https://develop.svn.wordpress.org/trunk@36184


git-svn-id: http://core.svn.wordpress.org/branches/3.9@36151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 13:24:33 +00:00
Dion Hulse 4686a8e4e7 Update Akismet externals
git-svn-id: http://core.svn.wordpress.org/branches/3.9@35107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-13 17:19:01 +00:00
Dominik Schilling 5ef1e3048b Finish bumping the 3.9 branch to 3.9.11.
Built from https://develop.svn.wordpress.org/branches/3.9@34196


git-svn-id: http://core.svn.wordpress.org/branches/3.9@34163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 14:53:17 +00:00
Helen Hou-Sandí 831baf7b04 Bump 3.9 branch to 3.9.9.
Built from https://develop.svn.wordpress.org/branches/3.9@34185


git-svn-id: http://core.svn.wordpress.org/branches/3.9@34153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 14:29:45 +00:00
Dominik Schilling fdc6949e64 XMLRPC: Don't allow private posts to be sticky.
Merge of [33325], [33612], and [34135] to the 3.9 branch.

See #20662.
Built from https://develop.svn.wordpress.org/branches/3.9@34155


git-svn-id: http://core.svn.wordpress.org/branches/3.9@34123 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 23:02:14 +00:00
Nikolay Bachiyski 008ebcfae7 Shortcodes: don't allow unclosed HTML elements in attributes
Merges [34134] for 3.9 branch

Built from https://develop.svn.wordpress.org/branches/3.9@34148


git-svn-id: http://core.svn.wordpress.org/branches/3.9@34116 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 22:49:30 +00:00
Nikolay Bachiyski 0c61562bf5 List tables: escape user e-mails
Merges [34133] for 3.9 branch

Built from https://develop.svn.wordpress.org/branches/3.9@34141


git-svn-id: http://core.svn.wordpress.org/branches/3.9@34109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 22:44:14 +00:00
Gary Pendergast b7606aaa3c WPDB: `get_table_from_query()` didn't find table names with hyphens in them.
Merge of [33718] to the 3.9 branch.

Props dustinbolton, pento.

See #33470.


Built from https://develop.svn.wordpress.org/branches/3.9@33995


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 07:09:14 +00:00
Gary Pendergast 3edf686b37 Capabilities: Fall back to the `edit_posts` capability for orphaned comments.
Merge of the `capabilities.php` part of [33614] to the 3.9 branch.

Props pento, dd32.

See #33154.


Built from https://develop.svn.wordpress.org/branches/3.9@33975


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 06:14:14 +00:00
Dominik Schilling fc3a293811 Bump 3.9 branch to version 3.9.8.
Built from https://develop.svn.wordpress.org/branches/3.9@33570


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33537 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 11:40:14 +00:00
Dion Hulse 31ebb3f94b Fix `do_shortcode('<[shortcode]')` edge case.
Props miqrogroove.

Merges [33499] to the 3.9 branch.
See #33116.

Built from https://develop.svn.wordpress.org/branches/3.9@33566


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 07:18:46 +00:00
Dominik Schilling 996d8547e3 Comments: IDs are integers.
Merge of [33555] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33559


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 05:00:06 +00:00
Dominik Schilling 7a06b64959 Themes: Fix some broken links in the legacy theme preview.
Merge of [33549] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33552


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33519 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 04:57:55 +00:00
Dominik Schilling 8417706532 Heartbeat: Ensure post locks are released.
Merge of [33542] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33546


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 04:56:06 +00:00
Dominik Schilling 811541dfe6 Customizer: Use `hash_equals()` for widgets.
Merge of [33535] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33539


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 04:53:20 +00:00
Dominik Schilling 792858da14 Nav menus: Consistent titles in widgets.
Merge of [33529] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33532


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-03 20:58:50 +00:00
Andrew Ozz bb869f458b Backport r33469 and r33470 to 3.9.
See #33106.
Built from https://develop.svn.wordpress.org/branches/3.9@33523


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-31 01:45:14 +00:00
Gary Pendergast 9641009151 Bump 3.9 branch to version 3.9.7.
Built from https://develop.svn.wordpress.org/branches/3.9@33398


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 11:08:13 +00:00
Gary Pendergast aff3c77aad Shortcodes: Improve the reliablity of shortcodes inside HTML tags.
Merge of [33359] to the 3.9 branch.

Props miqrogroove.

See #15694.


Built from https://develop.svn.wordpress.org/branches/3.9@33386


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 05:01:14 +00:00
Gary Pendergast c5eb54f359 Capabilities: When creating an auto-draft, ensure that the current user still has permission to do so.
Merge of [33357] to the 3.9 branch.


Built from https://develop.svn.wordpress.org/branches/3.9@33377


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 04:12:14 +00:00
Dominik Schilling 98037bb876 3.9.6 version bumps.
Built from https://develop.svn.wordpress.org/branches/3.9@32437


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 23:30:15 +00:00
Michael Adams d4608a9fe5 Upgrade: `$wpdb->get_col_length()` sanity check: bail on unexpected return value.
Merges [32429] for the 3.9 branch.

See #32165.

Built from https://develop.svn.wordpress.org/branches/3.9@32433


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 23:14:15 +00:00
Michael Adams 464ce8a75f Upgrade: Ensure unintelligible DB schemas don't result in content loss.
Merge of [32417] to the 3.9 branch.

See #32165.

Props ocean90.

Built from https://develop.svn.wordpress.org/branches/3.9@32421


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 21:53:15 +00:00
John Blackbourn 8f57ec6bbf WPDB: Allow queries to reference tables in the dbname.tablename format, and allow table names to contain any valid character, rather than just ASCII.
Merge of [32368] to the 3.9 branch.

Props pento, willstedt for the initial patch.

See #32090.

Built from https://develop.svn.wordpress.org/branches/3.9@32414


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 21:05:14 +00:00
Aaron Jorbin 96890b155a Remove debugging comments from [32408]
Built from https://develop.svn.wordpress.org/branches/3.9@32409


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32379 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 20:30:15 +00:00
Aaron Jorbin fbb0252a46 When upgrading WordPress remove genericons example.html files
[32385] for 3.9 branch

Props @dd32, @boonebgorges, @johnjamesjacoby, @drewapicture, @jorbin



Built from https://develop.svn.wordpress.org/branches/3.9@32408


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 20:20:14 +00:00
Dominik Schilling 16156dcff9 WPDB: When sanity checking query character sets, there's no need to check queries that don't return user data.
Merges [32374] to the 3.9 branch.

props pento.
see #32104.
Built from https://develop.svn.wordpress.org/branches/3.9@32405


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 20:05:46 +00:00
Helen Hou-Sandí cfb6ef101b The UTF-8 regex can occasionally fail on very low memory machines. Reduce the amount of memory it uses.
Merges [32375] to the 3.9 branch.

props pento.
See #32204.

Built from https://develop.svn.wordpress.org/branches/3.9@32398


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32368 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:43:51 +00:00
Michael Adams 1c86df8bbf WPDB: When checking that a string can be sent to MySQL, we shouldn't use `mb_convert_encoding()`, as it behaves differently to MySQL's character encoding conversion.
Merge of [32364] to the 3.9 branch.

Props mdawaffe, pento, nbachiyski, jorbin, johnjamesjacoby, jeremyfelt.

See #32165.

Built from https://develop.svn.wordpress.org/branches/3.9@32389


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32359 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:12:16 +00:00
Andrew Ozz b2c747a38e TinyMCE: work-around a bug in the tags matching regex.
For 3.9.
Built from https://develop.svn.wordpress.org/branches/3.9@32373


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 05:36:17 +00:00
Michael Adams 10be03b2d7 3.9:
- WPDB: Sanity check that any strings being stored in the DB are not too long to store correctly.
- When upgrading, remove any suspicious comments.

Built from https://develop.svn.wordpress.org/branches/3.9@32316


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-27 18:30:15 +00:00
Gary Pendergast ad0a3701d4 3.9 branch is now 3.9.6.
Built from https://develop.svn.wordpress.org/branches/3.9@32303


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-27 14:12:15 +00:00
Helen Hou-Sandí 67a0654bcb The 3.9 branch is now 3.9.5.
Built from https://develop.svn.wordpress.org/branches/3.9@32284


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32255 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-23 21:35:52 +00:00
Gary Pendergast fa12b4a44c WPDB: When sanity checking a string by sending it to MySQL for conversion checks, the incorrect data structure was being returned from wpdb::strip_invalid_text(), causing all write queries to fail for some character sets when the query contained non-ASCII characters.
Merge of [32261] to the 3.9 branch.

See #32051.


Built from https://develop.svn.wordpress.org/branches/3.9@32273


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-23 11:48:16 +00:00
Gary Pendergast 4e39f0ba11 WPDB: When deciding if a query needs extra sanity checking based on collation, return early when we can. Merges [32232] and [32233] to the 3.9 branch.
See #32029.


Built from https://develop.svn.wordpress.org/branches/3.9@32239


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32210 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-21 06:58:14 +00:00
Gary Pendergast b435ecd2f8 Fix some `wpdb::check_safe_collation()` calls missed in [32182].
Built from https://develop.svn.wordpress.org/branches/3.9@32224


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 19:04:15 +00:00
Gary Pendergast 6af36f8915 Bump 3.9 branch to 3.9.4.
Built from https://develop.svn.wordpress.org/branches/3.9@32217


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32191 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 17:37:28 +00:00
Gary Pendergast f56dd747c8 3.9: Update about.php.
Built from https://develop.svn.wordpress.org/branches/3.9@32216


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 17:37:14 +00:00
Gary Pendergast 2a42fc2e73 Ensure post titles are correctly escaped on the Dashboard. Merge of [32175] to the 3.9 branch.
Props helen, ocean90, dd32, pento.


Built from https://develop.svn.wordpress.org/branches/3.9@32204


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 13:39:14 +00:00
Gary Pendergast 7bd9e93fef In Multisite, prevent plugins from unintentionally switching sites. Merge of [32173] to the 3.9 branch.
Props mdawaffe, pento.


Built from https://develop.svn.wordpress.org/branches/3.9@32200


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32173 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 13:23:15 +00:00
Gary Pendergast 6c6ea88f7d Update the Plupload Flash file to the latest version. Merge of [32168] to the 3.9 branch.
Props azaozz.


Built from https://develop.svn.wordpress.org/branches/3.9@32198


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 13:11:15 +00:00
Gary Pendergast dc27207e1f Remove some old backwards compatibility code from TinyMCE. Merge of [32166] to the 3.9 branch.
Props azaozz.


Built from https://develop.svn.wordpress.org/branches/3.9@32194


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 12:52:16 +00:00
Gary Pendergast 27c4e15959 Clean up some edge cases in `sanitize_sql_orderby()`. Merge of [32164] to the 3.9 branch.
Props vortfu, dd32.


Built from https://develop.svn.wordpress.org/branches/3.9@32190


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 12:36:14 +00:00
Gary Pendergast ff692384e0 `wpdb::$checking_collation` was incorrectly marked as `protected` instead of `private` in [32182].
Built from https://develop.svn.wordpress.org/branches/3.9@32185


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32158 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 11:24:15 +00:00