WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
36,210 Commits 50 Branches 749 Tags 983 MiB
Commit Graph

13 Commits

Author SHA1 Message Date
whyisjake ea6d1132c0 Customize: Add additional filters to Customizer to prevent JSON corruption. 
User: Invalidate `user_activation_key` on password update.
Query: Ensure that only a single post can be returned on date/time based queries.
Cache API: Ensure proper escaping around the stats method in the cache API.
Formatting: Expand `sanitize_file_name` to have better support for utf8 characters.

Brings the changes in [47633], [47634], [47635], [47637], and [47638] to the 4.7 branch.

Props: batmoo, ehti, nickdaugherty, peterwilsoncc, sergeybiryukov, sstoqnov, westi, westonruter, whyisjake, whyisjake, xknown.

Built from https://develop.svn.wordpress.org/branches/4.7@47650


git-svn-id: http://core.svn.wordpress.org/branches/4.7@47425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-04-29 16:23:25 +00:00
whyisjake 8e914c079d Backporting several bug fixes. 
- Query: Remove the static query property.
- HTTP API: Protect against hex interpretation.
- Filesystem API: Prevent directory travelersals when creating new folders.
- Administration: Ensure that admin referer nonce is valid.
- REST API: Send a Vary: Origin header on GET requests.

Backports [46474], [46475], [46476], [46477], [46478], [46483], [46485] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@46495


git-svn-id: http://core.svn.wordpress.org/branches/4.7@46292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-10-14 18:50:26 +00:00
Dominik Schilling 5960939cca Query: Ensure that queries work correctly with post type names with special characters. 
Merge of [39952] to the 4.7 branch.
Built from https://develop.svn.wordpress.org/branches/4.7@39953


git-svn-id: http://core.svn.wordpress.org/branches/4.7@39890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 13:36:37 +00:00
Drew Jaynes 568838bebd Docs: Update the DocBlock description for `WP_Query::is_single()` to mention that it works for any post types excluding pages. 
Props ryankienstra.
Fixes #38225.

Built from https://develop.svn.wordpress.org/trunk@39052


git-svn-id: http://core.svn.wordpress.org/trunk@38994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 06:34:34 +00:00
Boone Gorges bcc26664ed Query: Allow the prefix used for search term exclusion to be filtered. 
[38792] allowed `WP_Query`'s hyphen-as-exclusion-prefix feature to be
disabled via filter. A more general solution is to allow the prefix to
be filtered; returning an empty value from a filter callback works to
disable the feature.

Props dlh.
Fixes #38099.
Built from https://develop.svn.wordpress.org/trunk@38844


git-svn-id: http://core.svn.wordpress.org/trunk@38787 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-20 18:42:29 +00:00
Boone Gorges 9783a3df6b Query: Allow the hyphen-prefix-for-search-exclusion feature to be disabled by filter. 
WordPress 4.4 introduced "hyphen exclusion" for search terms, so that
"foo -bar" would return posts containing "foo" AND not containing "bar".
The new filter 'wp_query_use_hyphen_for_exclusion' allows developers
to disable this feature when it's known that their content will contain
semantically important leading hyphens.

Props chriseverson, choongsavvii.
Fixes #38099.
Built from https://develop.svn.wordpress.org/trunk@38792


git-svn-id: http://core.svn.wordpress.org/trunk@38735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-14 20:06:28 +00:00
Gary Pendergast af69f4ab1a General: Restore usage of `$wpdb`, instead of `$this->db`. 
Hiding the `$wpdb` global behind a property decreases the readability of the code, as well as causing irrelevant output when dumping an object.

Reverts [38275], [38278], [38279], [38280], [38387].
See #37699.


Built from https://develop.svn.wordpress.org/trunk@38768


git-svn-id: http://core.svn.wordpress.org/trunk@38711 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-10 06:38:31 +00:00
Boone Gorges 132f3d0d19 Query: Eliminate unnecessary `wp_list_filter()` call in `get_queried_object()`. 
The refactor in [30711] swapped out the old `queries` property for the
new `queried_terms`, but should also have gotten rid of the now-
superfluous `wp_list_filter()` call.

Fixes #37962.
Built from https://develop.svn.wordpress.org/trunk@38586


git-svn-id: http://core.svn.wordpress.org/trunk@38529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-09 19:49:29 +00:00
Boone Gorges 163d59f8e1 Query: Avoid PHP notice in `get_queried_object()` when query contains `NOT EXISTS` tax query. 
Props johnjamesjacoby.
See #37962.
Built from https://develop.svn.wordpress.org/trunk@38585


git-svn-id: http://core.svn.wordpress.org/trunk@38528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-09 19:37:38 +00:00
Dion Hulse 227a80eba3 Query: Use `AND` in a SQL query rather than `&&`. 
This appears to have been the only instance of `&&` being used in SQL, so for consistency lets remove it.

Props scrappy@hub.org.
Fixes #37903.

Built from https://develop.svn.wordpress.org/trunk@38491


git-svn-id: http://core.svn.wordpress.org/trunk@38432 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-01 05:11:31 +00:00
Scott Taylor af71985625 Query: r38356, you were not long for this world. 
Fixes #37830.

Built from https://develop.svn.wordpress.org/trunk@38471


git-svn-id: http://core.svn.wordpress.org/trunk@38412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 16:53:29 +00:00
Scott Taylor faccc617fb Query: collapse several of the `is_*` methods using `__call()`. Add `@method` annotations. 
Fixes #37830.

Built from https://develop.svn.wordpress.org/trunk@38356


git-svn-id: http://core.svn.wordpress.org/trunk@38297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-25 19:42:43 +00:00
Scott Taylor d5f28fdad8 Query: move `WP_Query` into its own file via `svn cp`. 
See #37827.

Built from https://develop.svn.wordpress.org/trunk@38351


git-svn-id: http://core.svn.wordpress.org/trunk@38292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-25 17:20:38 +00:00