WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
25,879 Commits 50 Branches 749 Tags 982 MiB
Commit Graph

25879 Commits

Author SHA1 Message Date
Aaron Campbell 30570f494f Database: Don’t trigger `_doing_it_wrong()` for null values in `wpdb::prepare()`. 
While `wpdb::prepare()` does not support null values (see #12819) they still appear in the wild like in the WordPress Importer and other plugins.

Merges [41483] to 3.9 branch.


Built from https://develop.svn.wordpress.org/branches/3.9@41493


git-svn-id: http://core.svn.wordpress.org/branches/3.9@41326 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 16:27:16 +00:00
Aaron Campbell a5756e9c27 Database: Hardening for `wpdb::prepare()` 
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.

Merges [41470] to 3.9 branch.


Built from https://develop.svn.wordpress.org/branches/3.9@41480


git-svn-id: http://core.svn.wordpress.org/branches/3.9@41313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 15:04:33 +00:00
John Blackbourn f5db1e4375 Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues. 
Merges [41457] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@41467


git-svn-id: http://core.svn.wordpress.org/branches/3.9@41300 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 14:45:15 +00:00
John Blackbourn d46699267b General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area. 
Merges [41434] with changes to the 3.9 branch.

See #13377

Built from https://develop.svn.wordpress.org/branches/3.9@41449


git-svn-id: http://core.svn.wordpress.org/branches/3.9@41282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 13:44:15 +00:00
Dominik Schilling 0237d2915a Users: Provide a fallback for incorrect HTTP referrers. 
Merge of [41398] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@41426


git-svn-id: http://core.svn.wordpress.org/branches/3.9@41259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 11:15:31 +00:00
Dominik Schilling 435ca07747 Editor: Prevent adding `javascript:` and `data:` URLs through the inline link dialog. 
Merge of [41393] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@41409


git-svn-id: http://core.svn.wordpress.org/branches/3.9@41242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 10:20:24 +00:00
Aaron Campbell 66aaaa6aa8 Bump 3.9 branch to version 3.9.19. 
Built from https://develop.svn.wordpress.org/branches/3.9@40756


git-svn-id: http://core.svn.wordpress.org/branches/3.9@40614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 21:53:55 +00:00
Pascal Birchler 73b0352cba Media: Simplify upload error message construction. 
Merges [40736] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@40745


git-svn-id: http://core.svn.wordpress.org/branches/3.9@40603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 18:05:32 +00:00
Aaron Campbell 700dd168fd Add nonce for updating file system credentials. 
Merges [40723] to 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@40732


git-svn-id: http://core.svn.wordpress.org/branches/3.9@40590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 14:57:32 +00:00
Dominik Schilling 9febffc6f7 Customize: Ignore invalid customization sessions. 
Merge of [40704] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@40713


git-svn-id: http://core.svn.wordpress.org/branches/3.9@40576 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 12:21:15 +00:00
Pascal Birchler c2f264d25f Adjust post meta checks 
Merges [40692] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@40701


git-svn-id: http://core.svn.wordpress.org/branches/3.9@40564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 08:54:15 +00:00
Pascal Birchler a81079c403 Whitelist post arguments in XML-RPC 
Merges [40677] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@40686


git-svn-id: http://core.svn.wordpress.org/branches/3.9@40549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 08:29:15 +00:00
Pascal Birchler 063e974bd7 Bump 3.9 branch to version 3.9.18. 
Built from https://develop.svn.wordpress.org/branches/3.9@40495


git-svn-id: http://core.svn.wordpress.org/branches/3.9@40371 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-20 16:28:15 +00:00
Pascal Birchler a05429ecd1 Fix broken audio/video functions when sanitizing ID3 data 
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

See #40075, #40085.

Merges [40400] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@40468


git-svn-id: http://core.svn.wordpress.org/branches/3.9@40344 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-17 13:34:16 +00:00
James Nylen f2ef35f4a9 Bump 3.9 branch to version 3.9.17. 
Built from https://develop.svn.wordpress.org/branches/3.9@40210


git-svn-id: http://core.svn.wordpress.org/branches/3.9@40149 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 16:42:15 +00:00
Aaron Campbell 244804028c Strip control characters before validating redirect. 
Merges [40183] to 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@40192


git-svn-id: http://core.svn.wordpress.org/branches/3.9@40131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 13:45:58 +00:00
Aaron Campbell fcec9ed6ff Plugins: Add file check to plugin deletions. 
Merges [40169] to 3.9 branch.


Built from https://develop.svn.wordpress.org/branches/3.9@40178


git-svn-id: http://core.svn.wordpress.org/branches/3.9@40117 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 13:05:15 +00:00
Jeremy Felt ca488f141f Validate video and audio metadata. 
Merge of [40148] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@40157


git-svn-id: http://core.svn.wordpress.org/branches/3.9@40096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 08:12:16 +00:00
Aaron Campbell 946d349b71 Bump 3.9 branch to version 3.9.16. 
Built from https://develop.svn.wordpress.org/branches/3.9@40004


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 18:29:15 +00:00
John Blackbourn 6e66a60c3c Posts, Post Types: When using Excerpt mode on the Posts list table, ensure the excerpt output matches what was manually entered into the Excerpt field. 
Merges [39956] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@39987


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:20:15 +00:00
Dominik Schilling a81be45d5d Press This: Do not show Categories & Tags UI for users who cannot assign terms to posts anyways. 
Merge of [39968] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@39979


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:14:58 +00:00
Dominik Schilling 13a15e6e07 Query: Ensure that queries work correctly with post type names with special characters. 
Merge of [39952] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@39964


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 13:53:00 +00:00
Aaron Campbell ec5bf14855 Bump 3.9 branch to version 3.9.15. 
Built from https://develop.svn.wordpress.org/branches/3.9@39868


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 16:59:32 +00:00
Joe McGill e2ef6cefbe Media: Fix exif_imagetype check in wp_get_image_mime 
This is a follow up to [39831].

Merges [39850] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@39859


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 16:45:15 +00:00
Joe McGill c47e0b66a2 Media: Improve image filetype checking. 
This adds a new function `wp_get_image_mime()` which is used by
`wp_check_filetype_and_ext()` to validate image files using
`exif_imagetype()` if available instead of `getimagesize()`.

`getimagesize()` is less performant than `exif_imagetype()` and is
dependent on GD. If `exif_imagetype()` is not available, it falls back to
`getimagesize()` as before.

If `wp_check_filetype_and_ext()` can't validate the filetype, we now return
`false` for ext/MIME values.

Merges [39831] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@39840


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39778 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 13:20:15 +00:00
Dominik Schilling 95c2ed6e0d Updates: Translate plugin data on the Updates screen. 
Merge of [39808] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@39828


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39766 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 11:43:22 +00:00
Dominik Schilling d9f0c45795 Themes: Fix markup for theme name fallbacks. 
Merge of [39807] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@39817


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 11:12:53 +00:00
Jeremy Felt 8d2a900277 Multisite: Use `wp_rand()` in signup key creation. 
Merges [39795] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@39804


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 05:36:32 +00:00
Dion Hulse 924f935cb3 Update PHPMailer to 5.2.22. 
The full list of changes is available here:
https://github.com/PHPMailer/PHPMailer/compare/v5.2.21...v5.2.22

Merges [39759] to the 3.9 branch.
Fixes #37210 for 3.9.

Built from https://develop.svn.wordpress.org/branches/3.9@39792


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39730 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 05:26:32 +00:00
Jeremy Felt 498ad8eb14 Mail: Disable wp-mail.php when `mailserver_url` is mail.example.com. 
Merges [39772] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@39781


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39719 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 05:21:15 +00:00
Aaron Campbell 1db0b6e251 Add nonce for widget accessibility mode. 
Props vortfu.

See #23328.

Merges [39765] to 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@39769


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 01:52:15 +00:00
Dion Hulse 40ce4b29b1 Mail: Upgrade PHPMailer to 5.2.21. 
Merges [39645], [36083], [33142], [33124], [29783] to the 3.9 branch.
See #37210.

Built from https://develop.svn.wordpress.org/branches/3.9@39729


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-06 22:06:55 +00:00
Joe McGill 57383c5143 Media: Improved media titles when created from filename. 
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.

Merge of [38615] to the 3.9 branch.

Fixes #37989.

Built from https://develop.svn.wordpress.org/branches/3.9@39717


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-06 22:01:57 +00:00
Dion Hulse 04cab520ed General: Update copyright year to 2017 in license.txt. 
Props Nikschavan.
Merges [39659] to the 3.9 branch.
Fixes #39433.

Built from https://develop.svn.wordpress.org/branches/3.9@39705


git-svn-id: http://core.svn.wordpress.org/branches/3.9@39645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-06 21:55:27 +00:00
Jeremy Felt ca27550a35 Bump 3.9 branch to 3.9.14. 
Built from https://develop.svn.wordpress.org/branches/3.9@38556


git-svn-id: http://core.svn.wordpress.org/branches/3.9@38499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 15:02:18 +00:00
Jeremy Felt cc80d2c131 Media: Sanitize upload filename. 
Merge of [38538] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@38546


git-svn-id: http://core.svn.wordpress.org/branches/3.9@38489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 14:00:34 +00:00
Pascal Birchler 391fa0940c Upgrade/Install: Sanitize file name in `File_Upload_Upgrader`. 
Merge of [38524] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@38532


git-svn-id: http://core.svn.wordpress.org/branches/3.9@38473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-06 18:03:16 +00:00
Boone Gorges 41276a8b92 Bump 3.9 branch to 3.9.13. 
Built from https://develop.svn.wordpress.org/branches/3.9@37834


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37799 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 16:44:14 +00:00
Joe McGill b7be0d01c0 Media: Improve handling of extensionless filenames. 
Merge of [37756] to the 3.9 branch.

See #37111.
Built from https://develop.svn.wordpress.org/branches/3.9@37822


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37787 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:59:24 +00:00
Nikolay Bachiyski 9858249ed9 Admin: escape URL-encoded permalinks 
Merge of [37801] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@37820


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:58:32 +00:00
Rachel Baker 5d8157a774 Revisions: Change the capability needed to view revision diffs to `edit_post`. 
Merge of [37779] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@37803


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37768 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:48:15 +00:00
Nikolay Bachiyski 5995443179 Admin: Escape attachment name in case it contains special characters 
Merge of [37774] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@37793


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37758 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:28:14 +00:00
Boone Gorges e3098a4983 Taxonomy: More specific cap check when processing category data on post save. 
Ports [37691] to the 3.9 branch.

Props dlh.
Fixes #36379.
Built from https://develop.svn.wordpress.org/branches/3.9@37784


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:23:58 +00:00
Dominik Schilling 3c90ea60d9 Customize: Make sure that preview and return URLs are URLs. 
Merge of [37527] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@37777


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:21:50 +00:00
Jeremy Felt 0f819f1f57 Admin: Allow for the consistent filtering of `auth_redirect_scheme` 
Merge of [37651] to the 3.9 branch.

See #37047.

Built from https://develop.svn.wordpress.org/branches/3.9@37764


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37729 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:13:52 +00:00
Dominik Schilling 7f38e9a815 Bump 3.9 branch to 3.9.12. 
Built from https://develop.svn.wordpress.org/branches/3.9@37390


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-05-06 18:15:30 +00:00
Nikolay Bachiyski d1db26f726 External Libraries: Update plupload from upstream 
Built from https://develop.svn.wordpress.org/branches/3.9@37376


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37342 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-05-06 17:56:15 +00:00
Nikolay Bachiyski 7da57d4ef3 Taxonomies: make sure taxonomy functions work correctly with taxonomy names with special characters 
The codex says that taxonomy names "should only contain lowercase letters and the underscore character", but that's not enforced. It's too late to enforce it, since some plugins haven't been following it and the official phpdoc doesn't mention this restriction.

Merge of [37133] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@37140


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-03-30 17:38:15 +00:00
Jeremy Felt 594a9e14e7 Multisite: Improve escaping in network settings. 
Merge of [37124] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@37130


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-03-30 16:06:14 +00:00
Dominik Schilling 8576838329 HTTP: Improve detection of valid IP addresses. 
Merge of [37115] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@37121


git-svn-id: http://core.svn.wordpress.org/branches/3.9@37088 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-03-30 15:53:01 +00:00