Commit Graph

25 Commits

Author SHA1 Message Date
whyisjake abc5355d75 General: WordPress updates
* XML-RPC: Improve error messages for unprivileged users.
* External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
* Embeds: Disable embeds on deactivated Multisite sites.
* Coding standards: Modify escaping functions to avoid potential false positives.
* XML-RPC: Return error message if attachment ID is incorrect.
* Upgrade/install: Improve logic check when determining installation status.
* Meta: Sanitize meta key before checking protection status.
* Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.

Brings the changes from [49380,49382-49388] to the 4.6 branch.

Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.

Built from https://develop.svn.wordpress.org/branches/4.6@49400


git-svn-id: http://core.svn.wordpress.org/branches/4.6@49159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-29 19:00:24 +00:00
Dominik Schilling 25e66e4f1e Text Changes: Unify permission error messages.
The new format looks like "Sorry, you are not allowed to <action>.". This provides a consistent experience for all error messages related to missing permissions. It also reduces the number of similar strings and allows translators to provide a consistent style in their language.

Props ramiy, Presskopp.
Fixes #34521.
Built from https://develop.svn.wordpress.org/trunk@37914


git-svn-id: http://core.svn.wordpress.org/trunk@37855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-29 15:16:29 +00:00
Scott Taylor 811f76699b `media-new.php`, when using the browser uploader, if the result of uploading is a `WP_Error` - `wp_die()` with the error, instead of redirecting with a generic error.
Props solarissmoke.
Fixes #16820. 

Built from https://develop.svn.wordpress.org/trunk@34002


git-svn-id: http://core.svn.wordpress.org/trunk@33971 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 17:18:24 +00:00
Konstantin Obenland 7dc1d06e64 Proper heading for admin screens.
First step towards restoring a good heading structure in wp-admin.
The previous `<h1>` contained the site title and a link to the front page and was removed with the toolbar refactoring in 3.2.

Props joedolson, afercia.
Fixes #31650.


Built from https://develop.svn.wordpress.org/trunk@32974


git-svn-id: http://core.svn.wordpress.org/trunk@32945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-27 15:41:25 +00:00
Dominik Schilling 64fc7294b6 Use HTTPS URLs for codex.wordpress.org.
see #27115.
Built from https://develop.svn.wordpress.org/trunk@32116


git-svn-id: http://core.svn.wordpress.org/trunk@32095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-12 21:29:32 +00:00
Andrew Nacin dce0b9adea Use SSL when linking to WordPress.org. see #27115.
Built from https://develop.svn.wordpress.org/trunk@27469


git-svn-id: http://core.svn.wordpress.org/trunk@27314 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-08 04:14:15 +00:00
Andrew Ozz 8d6059b383 Remove all screen_icon() calls and deprecate the functions, props TobiasBg, fixes #26119
Built from https://develop.svn.wordpress.org/trunk@26518


git-svn-id: http://core.svn.wordpress.org/trunk@26411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-02 03:53:11 +00:00
Andrew Nacin fd57b239d2 Don't rely on include_path to include files.
Always use dirname() or, once available, ABSPATH.

props ketwaroo, hakre.
fixes #17092.

Built from https://develop.svn.wordpress.org/trunk@25616


git-svn-id: http://core.svn.wordpress.org/trunk@25533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-25 00:18:11 +00:00
Ryan Boren 469d1a3099 Escape form action urls with esc_url() rather than esc_attr().
Props SergeyBiryukov
fixes #23266


git-svn-id: http://core.svn.wordpress.org/trunk@23739 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-18 14:01:25 +00:00
Andrew Nacin 6074924272 Don't label the form on media-new.php an upload form to avoid esoteric breakage. In past lives, the form has been more complicated than the standard .wp-upload-form use case, with submit buttons that are not just for the uploader, which means we really can't disable them here.
Reverts part of [22663]. see #20855.



git-svn-id: http://core.svn.wordpress.org/trunk@22880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-27 22:41:15 +00:00
Ryan Boren b7c0d84c7f In media_upload_flash_bypass(), pass the post id in the media-new.php url.
In media-new.php, use post_id from REQUEST if passed and the current user can edit the post.
Fixes adding media with the browser uploader.

Props nacin, ocean90
fixes #22572


git-svn-id: http://core.svn.wordpress.org/trunk@22853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-26 23:10:19 +00:00
Andrew Nacin 229a919b27 media-new.php: Remove unused scripts, strings, error handling, save handling, and save button. fixes #22083.
git-svn-id: http://core.svn.wordpress.org/trunk@22764 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-21 15:10:17 +00:00
Andrew Nacin e276fc44be Have media-new.php return simple rows of basic attachment data, with an 'Edit' link next to each taking them to post.php (in a new window). Not ideal, but this is largely a fallback screen at this point.
This is bolted on to existing code, the vast majority of which is destined to be ripped out in 3.6 once things settle.

see #22083.



git-svn-id: http://core.svn.wordpress.org/trunk@22755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-21 13:05:44 +00:00
Andrew Nacin 07a0349e2c Remove cruft from media-new.php. No need to keep extra parameters around (including post ID, which is always 0 here). see #22083.
git-svn-id: http://core.svn.wordpress.org/trunk@22752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-21 12:27:12 +00:00
Andrew Nacin f6b9a928e5 Split media-new.php and media-upload.php into distinct files.
* media-new.php will remain the entry point for uploading isolated files, and for using the browser-based uploader (versus Plupload).
 * media-upload.php is the legacy (pre-3.5) media uploader.
see #22083.



git-svn-id: http://core.svn.wordpress.org/trunk@22751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-21 12:19:40 +00:00
azaozz 817b932ed1 Don't hide links to the upload form and show an error for mobile devices that cannot upload, see #20410
git-svn-id: http://svn.automattic.com/wordpress/trunk@20449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-12 00:16:37 +00:00
azaozz 66a7dd4697 Move the wp_is_mobile() check after the admin bootstrap in media-new.php, props SergeyBiryukov, see #20014
git-svn-id: http://svn.automattic.com/wordpress/trunk@20420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-10 02:34:47 +00:00
azaozz 1d12cd07b0 Introduce wp_is_mobile() and use it instead of $is_iphone global, see #20014
git-svn-id: http://svn.automattic.com/wordpress/trunk@20417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-10 01:19:30 +00:00
ryan e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
azaozz 7f9b0fcc1e Don't show the uploader on iPads (it's pointless), fixes #19004
git-svn-id: http://svn.automattic.com/wordpress/trunk@19335 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-18 08:43:16 +00:00
nacin 9cb6e158fc Switch from Panel/SubPanel to Screen in inline documentation and Codex links. props michaelh, fixes #17265.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17748 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-28 15:24:49 +00:00
nacin 6ec7cb4540 Use relative paths when including files, avoiding include_path. fixes #12594, props sorich87.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-18 06:14:45 +00:00
markjaquith 61f911c42e Bring back the H2s. Rough draft.
git-svn-id: http://svn.automattic.com/wordpress/trunk@9232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-10-17 20:02:03 +00:00
ryan a2b6f064b3 File level phpdc from jacobsantos. see #7550
git-svn-id: http://svn.automattic.com/wordpress/trunk@9052 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-10-02 01:02:17 +00:00
ryan a25b5ddc09 media-new.php to make menus happy
git-svn-id: http://svn.automattic.com/wordpress/trunk@9035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-09-30 00:27:27 +00:00