Ryan Boren
09d2c65970
Always wp_unslash() the return of wp_get_referer().
...
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 17:20:32 +00:00
Ryan Boren
43a7e695e9
Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
...
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Andrew Nacin
83e0ce2ac1
Remove unused variables reset by wp_reset_vars(). Many of these haven't been used since b2. see #21767 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@23445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-16 18:28:41 +00:00
Ryan Boren
cc5ed3a485
Change all core API to expect unslashed rather than slashed arguments.
...
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.
Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.
Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.
Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.
Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.
Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.
Plugins should use wp_unslash() on data being passed to core API.
Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.
Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.
Remove many no longer necessary calls to $wpdb->escape() and esc_sql().
In wp_get_referer() and wp_get_original_referer(), return unslashed data.
Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.
Switch several queries over to prepare().
Expect something to break.
Props alexkingorg
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Sergey Biryukov
e9eb36face
Only show "There is a pending change of your e-mail..." message on the current user's profile page. fixes #23146 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@23364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-01 01:50:19 +00:00
Andrew Nacin
fa76d11e93
As wp_dropdown_roles() only prints editable roles, ensure that the
...
"selected" role passed into it on the user-edit screen is editable.
props johnjamesjacoby. see #22361 .
git-svn-id: http://core.svn.wordpress.org/trunk@22687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-19 19:23:54 +00:00
Ryan Boren
75a9ce4b37
Remove unnecessary label. Props waclawjacek. fixes #17978
...
git-svn-id: http://core.svn.wordpress.org/trunk@21927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-20 13:59:39 +00:00
Ryan Boren
9e9d4ebd50
Allow granting the network admin email user super admin. Props JustinSainton, garyc40. fixes #16629
...
git-svn-id: http://core.svn.wordpress.org/trunk@21925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-20 13:50:35 +00:00
Ryan Boren
cbd6a8becd
Allow passing stdClass and WP_User to wp_insert_user() and wp_update_user(). Introduce WP_User::to_array(). Eliminate uses of get_object_vars() when passing to wp_*_user(). fixes #21429
...
git-svn-id: http://core.svn.wordpress.org/trunk@21496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-10 15:36:54 +00:00
ryan
7b49ad8493
Introduce get_edit_user_link(). Props scribu, georgestephanis, johnbillion. fixes #14787 see #20307
...
git-svn-id: http://core.svn.wordpress.org/trunk@21364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-30 18:30:03 +00:00
nacin
a9ee3b61f5
Remove charset attribute from script elements. props neoxx, fixes #21146 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-03 13:27:14 +00:00
azaozz
9855eccd45
Do not clear the old values in "Display name publicly as" drop-down on the user profile screen, append new values there when the user changes any of20747 the name fields, fixes #20747
...
git-svn-id: http://core.svn.wordpress.org/trunk@20964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-30 21:54:33 +00:00
nacin
8c841df86d
Revert type="email" (HTML5) as some browsers that do validation on these fields do not work for IDN domains yet. Core does not support these well either, but server-side validation can at least be dealt with by a plugin. see #17863 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-15 18:09:14 +00:00
azaozz
f3b63e4537
Set proper HTML5 input types in the admin, props georgestephanis, fixes #17863
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-10 01:23:48 +00:00
ryan
e3b46b25d3
Lose EOF ?>. Clean up EOF newlines. fixes #12307
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
ryan
616c35e71c
One newline is enough.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:10:39 +00:00
ryan
88b1f65116
s/Admin Bar/Toolbar/. Props ocean90. fixes #19461
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-08 16:49:16 +00:00
nacin
3d51303ca3
Help tweaks for users, tools. props jane, see #19020 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19509 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-01 01:17:14 +00:00
koopersmith
90f4fb3dd5
Update help content for user edit page. props Ipstenu, see #19020 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-28 16:32:33 +00:00
nacin
0f3e2f79bd
Show 'Profile updated' for profile.php. props johnbillion, fixes #19053 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-14 22:09:15 +00:00
nacin
bfb98c193e
s/add_help_sidebar/set_help_sidebar/g and introduce screen->remove_help_tab($id) and screen->remove_help_tabs(). see #19020 , #18785 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-02 20:14:10 +00:00
ryan
3ad1f67958
Use add_help_sidebar(). see #19020
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19111 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-02 03:12:37 +00:00
ryan
28a6d49c1a
Validation fix for user-edit.php. Props sorich87. fixes #18921
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-12 19:47:00 +00:00
nacin
2ee655428d
Force the admin bar on in the admin as it is now integrated. Removes the second UI option. Leaves out the upgrade routine for now. see #18197 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-17 22:26:01 +00:00
nacin
1fdf0b9430
Add 'Add New' buttons to edit links, edit media, and edit user screens. props sbressler, fixes #17499 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-19 19:52:11 +00:00
nacin
9cb6e158fc
Switch from Panel/SubPanel to Screen in inline documentation and Codex links. props michaelh, fixes #17265 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17748 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-28 15:24:49 +00:00
ryan
976fbf8505
Back to Authors and Users should say Back to Users. Props SergeyBiryukov. fixes #16054
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-18 21:53:15 +00:00
dd32
7c6cf52194
Add missing closing fieldset tag. Props bluntelk. Fixes #17042 for trunk
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-04 08:04:41 +00:00
azaozz
ade138d7ac
Fix display of apostrophes in the user's first and last names on the User Profile page, partial props andrewryno, see #17004
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-01 20:40:16 +00:00
nacin
51b3f2faf2
Remove cryptic bitwise check. Todo, CPT/supports checks. see #17005 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17574 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-03-31 06:33:20 +00:00
markjaquith
4d39c5894a
Remove unused/non-functional code with old-style CSRF checking. see #16499
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-02-03 07:23:05 +00:00
nacin
1b1997583b
Err, oops. Put the class on the table row. props yoast, see [17234], see #16004 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-07 16:47:39 +00:00
nacin
d2c179f49e
Revert _admin_bar_preferences() and add a class to the table row to allow it to be hidden. Forcing the use of CSS at least attempts to ensure that the developer will recognize that the saving aspect isn't handled. Handle this in the future across all settings screens. Reverts [17161]. fixes #16004 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17234 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-07 16:39:18 +00:00
nacin
f15b1ad05d
Allow us to return from whence we came. Specify wp_http_referer for user-edit in the network admin, as we may come from network/users or site-users. props PeteMall, SergeyBiryukov, fixes #16053 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-01 22:30:46 +00:00
nacin
a92b6663aa
Move the admin bar profile preferences to a hook. fixes #16004 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17161 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-28 19:37:11 +00:00
nacin
9009245db5
Tag textareas escaped earlier with textarea_escaped. see #15454 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-25 17:58:01 +00:00
nacin
a50012abc7
Final string tweaks to admin bar preferences. props jane, fixes #15829 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-21 14:45:55 +00:00
nacin
d2b0ef40c8
String changes to admin bar preferences. props jane, see #15829 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17055 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-19 05:23:25 +00:00
ryan
58e65d1855
Admin bar visibility prefs. Props duck_. see #15829
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-17 21:48:30 +00:00
ryan
d5f81d06f9
Don't show super admin checkbox for the user that has the network admin email address. Props duck_. fixes #14051
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16767 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-07 18:10:16 +00:00
nacin
ee718e28c0
Don't double-escape user description. see #15454 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16744 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-06 08:55:09 +00:00
PeteMall
5e3fd53b7a
Ignore role selector in network admin user-edit. See #14435 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-24 08:06:38 +00:00
nacin
b3b979ce48
Codex links should open in a new window. fixes #14665 , props qwertymaniac.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-18 03:26:03 +00:00
markjaquith
6482610f9a
esc_textarea() and application for obvious textarea escaping. props alexkingorg. fixes #15454
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16431 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-17 17:12:01 +00:00
ryan
cd8c19d46d
Remove role selector from network admin user-edit. Props PeteMall. see #14435
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16210 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-05 17:26:32 +00:00
nacin
f5e23028ff
Pass user object through _wp_get_user_contactmethods() to the user_contactmethods filter. props aaroncampbell, fixes #15186 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-21 15:42:06 +00:00
scribu
799baf139c
Use submit_button() in more places. See #15064
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15830 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-17 18:24:34 +00:00
scribu
08e984e5e8
move password-strength-meter.js into user-profile.js. See #5919
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-12 20:29:19 +00:00
ryan
9c31fd7c70
First pass of user admin. Network admin and screen cleanups. see #14696
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15746 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-07 19:34:18 +00:00
ryan
21e3f0f7fa
Network Admin, first pass. see #14435
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-07-30 20:34:54 +00:00