Nikolay Bachiyski
c512f8cbdd
Docs: clarify inline docs for hash_equals
...
Before the docs implied the complexity of the function was O(1) by using the term "constant time", now we use the more descriptive term "Timing attack safe".
Props AramZS.
Fixes #32778 .
Built from https://develop.svn.wordpress.org/trunk@35805
git-svn-id: http://core.svn.wordpress.org/trunk@35769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-06 22:04:51 +00:00
Dion Hulse
4852cbf14b
Use PHP7's `random_int()` CSPRNG functionality in `wp_rand()` with a fallback to the `random_compat` library for PHP 5.x.
...
`random_compat` offers a set of compatible functions for older versions of PHP, filling in the gap by using other PHP extensions when available.
We still include our existing `wp_rand()` functionality as a fallback for when no proper CSPRNG exists on the system.
Take Two, this was previously committed in [34922] but had an issue on PHP 5.2 which sarciszewski has now resolved.
Props sarciszewski
See #28633
Built from https://develop.svn.wordpress.org/trunk@34981
git-svn-id: http://core.svn.wordpress.org/trunk@34946 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-09 04:28:24 +00:00
Dion Hulse
bb8ba86ed1
Revert [34922] pending PHP 5.2 compatibility.
...
See #28633
Built from https://develop.svn.wordpress.org/trunk@34924
git-svn-id: http://core.svn.wordpress.org/trunk@34889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 00:17:24 +00:00
Dion Hulse
0e322469a6
Use PHP7's `random_int()` CSPRNG functionality in `wp_rand()` with a fallback to the `random_compat` library for PHP 5.x.
...
`random_compat` offers a set of compatible functions for older versions of PHP, filling in the gap by using other PHP extensions when available.
We still include our existing `wp_rand()` functionality as a fallback for when no proper CSPRNG exists on the system.
Props sarciszewski
See #28633
Built from https://develop.svn.wordpress.org/trunk@34922
git-svn-id: http://core.svn.wordpress.org/trunk@34887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 00:02:24 +00:00
Scott Taylor
f8c3aca01c
REST API: add `JsonSerializable()` compatibility interface for PHP <5.4 to `compat.php`
...
Props rmmcue.
See #33982 .
Built from https://develop.svn.wordpress.org/trunk@34845
git-svn-id: http://core.svn.wordpress.org/trunk@34810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 02:56:24 +00:00
Scott Taylor
5a357a452f
REST API: add `json_last_error_msg()` compatibility function for PHP <5.5 to `compat.php`
...
Props rmmcue.
See #33982 .
Built from https://develop.svn.wordpress.org/trunk@34844
git-svn-id: http://core.svn.wordpress.org/trunk@34809 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 02:45:26 +00:00
Scott Taylor
42d51a4f89
Add doc blocks to functions that are missing them.
...
If the function has no need for `@param` or `@return`, do an archeaological dig to find `@since`.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32672
git-svn-id: http://core.svn.wordpress.org/trunk@32642 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-31 03:18:25 +00:00
Scott Taylor
19a3aacc94
Add `@static*` annotations where they are missing.
...
Initialize all static vars that are not, most to `null`.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32650
git-svn-id: http://core.svn.wordpress.org/trunk@32620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 15:43:29 +00:00
Gary Pendergast
364886a5be
WPDB: When checking that a string can be sent to MySQL, we shouldn't use `mb_convert_encoding()`, as it behaves differently to MySQL's character encoding conversion.
...
Props mdawaffe, pento, nbachiyski, jorbin, johnjamesjacoby, jeremyfelt.
See #32165 .
Built from https://develop.svn.wordpress.org/trunk@32364
git-svn-id: http://core.svn.wordpress.org/trunk@32335 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 03:00:25 +00:00
Sergey Biryukov
b76cfbcdb4
Fix a copy/paste error in a comment.
...
see #31951 .
Built from https://develop.svn.wordpress.org/trunk@32115
git-svn-id: http://core.svn.wordpress.org/trunk@32094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-11 23:20:25 +00:00
Andrew Ozz
f008aea0e1
Add `mb_strlen()` compatibility function. Works the same way as the existing `mb_substr()` compatibility function.
...
Props SergeyBiryukov. Fixes #31951 .
Built from https://develop.svn.wordpress.org/trunk@32114
git-svn-id: http://core.svn.wordpress.org/trunk@32093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-11 23:14:26 +00:00
Scott Taylor
fe6b5983df
In PHP 5.0.0, `is_a()` became deprecated in favour of the `instanceof` operator. Calling `is_a()` would result in an `E_STRICT` warning.
...
In PHP 5.3.0, `is_a()` is no longer deprecated, and will therefore no longer throw `E_STRICT` warnings.
To avoid warnings in PHP < 5.3.0, convert all `is_a()` calls to `$var instanceof WP_Class` calls.
`instanceof` does not throw any error if the variable being tested is not an object, it simply returns `false`.
Props markoheijnen, wonderboymusic.
Fixes #25672 .
Built from https://develop.svn.wordpress.org/trunk@31188
git-svn-id: http://core.svn.wordpress.org/trunk@31169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-16 01:06:24 +00:00
Mark Jaquith
45afcde640
Define `JSON_PRETTY_PRINT` so it can be used with `wp_json_encode()`
...
* `JSON_PRETTY_PRINT` was introduced in PHP 5.4
* Now you can use it with lower PHP versions, without a notice
fixes #30139
see #28786
Built from https://develop.svn.wordpress.org/trunk@30075
git-svn-id: http://core.svn.wordpress.org/trunk@30075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-28 21:13:22 +00:00
Andrew Nacin
7d672c38a4
Constant time for wp_verify_nonce().
...
Built from https://develop.svn.wordpress.org/trunk@29382
git-svn-id: http://core.svn.wordpress.org/trunk@29160 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 05:26:16 +00:00
nacin
c8e85fcb81
Restore compat for json_decode and json_encode. fixes #18015 for trunk.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-07-06 23:33:05 +00:00
ryan
38e198f8f1
Resurrect hash_hmac() compat for hosts that --disable-hash. Props aaroncampbell. fixes #17647
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18111 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-02 14:21:09 +00:00
markjaquith
86bc31ea2b
Add mb_substr() back to compat.php (it is non-default). see #16918 . props joostdevalk
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-07 15:46:57 +00:00
markjaquith
613639762a
Add _() back to compat.php (it is non-default). see #16918 . props aaroncampbell
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-07 15:46:48 +00:00
ryan
91dc365567
Take out unnecessary compat functions from compat.php. Props hakre, ptahdunbar. see #16918
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-05 17:13:04 +00:00
dd32
f7e764312b
Fix invalid paths in requires. See r14139. See #12594
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-18 09:51:19 +00:00
nacin
6ec7cb4540
Use relative paths when including files, avoiding include_path. fixes #12594 , props sorich87.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-18 06:14:45 +00:00
dd32
ceb1acf3f7
Implement the 2nd parameter of json_decode() for back-compat purposes. Returns an associative array instead of an object. For the recursive object handling, Props carbolineum. Fixes #11963
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13863 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-28 04:42:44 +00:00
dd32
adb825f6d0
Implement the 2nd parameter of json_decode() for back-compat purposes. Returns an associative array instead of an object. Fixes #11963
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13862 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-28 04:35:42 +00:00
ryan
137705d20b
Update json lib. Use encodeUnsafe in our json wrapper. Props nacin. fixes #11537 for trunk
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-22 16:49:35 +00:00
westi
50a2f86dda
Correct key padding and add support for raw_output in hash_hmac. Fixes #10284 props mdawaffe.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-12 22:03:14 +00:00
westi
b45dcf2df5
Make our hash_hmac compatibility function unit testable even when the real one exists. See #10284 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11920 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-12 08:26:44 +00:00
azaozz
1c161c23c2
Image editing (first run). Includes code by stephanreiter, see #10528
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-10 22:07:33 +00:00
azaozz
a0467d5cda
Add JSON compat for PHP < 5.2, props Viper007Bond, see #10337
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-25 07:48:59 +00:00
ryan
ead9ed7938
Add compat for mb_substr rather than mb_strcut. fixes #9055
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-03-04 22:05:49 +00:00
ryan
39edc65b53
Use right variable name. Props stringfold. fixes #9090 for trunk
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-02-11 19:36:32 +00:00
azaozz
ec1ca2236f
Latest version of the patch for refactor filters to avoid potential XSS attacks, props sambauers and DD32, see #8767
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10298 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-01-04 23:37:47 +00:00
azaozz
19848b9d90
Refactor filters to avoid potential XSS attacks, props sambauers and DD32, see #8767
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-01-04 22:25:50 +00:00
azaozz
79eab52909
htmlspecialchars_decode() for php versions less than 5.1, props sivel, fixes #8679
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10236 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-12-21 09:03:23 +00:00
ryan
6e181bb941
Multi-byte character safe excerpting from nbachiyski. fixes #6077
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@7140 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-03-03 21:05:23 +00:00
ryan
d88983793b
Trailing whitespace cleanup
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-02-05 06:47:27 +00:00
ryan
71c278e89d
Remove PHP 4.2 and 4.3 back compat functions. Props DD32. fixes #5415
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6672 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-01-28 20:15:20 +00:00
westi
0a7a447555
Add file level documentation for compat.php. Fixes #5510 props darkdragon.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-12-24 07:18:41 +00:00
westi
71b2207ea3
Ensure we don't call exif_read_data() on unsupported file types. Fixes #5397 props DD32
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-12-20 22:18:28 +00:00
ryan
29ef8b6f5f
New secure cookie protocol. see #5367
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-12-16 17:41:59 +00:00
westi
3d04ae4f29
Refactor of wp-admin/includes/image.php. Fixes #5312 , #4151 , #4709 , #5304 props DD32.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6309 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-11-03 18:33:19 +00:00
markjaquith
ba6e8f4a92
Actually, we always need to URLencode square brackets... or wp_redirect() will strip them out. see #4935 . see #4878
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-09-10 15:53:34 +00:00
markjaquith
51299852ef
Forgot to use $lsb and $rsb in [6064]. Props mdawaffe. see #4935 . see #4878
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6069 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-09-10 15:34:13 +00:00
markjaquith
79c4324e01
Only urlencode previously existing values in add_query_arg() (more backwards compatible). fixes #4935 . see #4084 . see #4878
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@6064 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-09-08 14:27:24 +00:00
markjaquith
0906863d2c
Preserve query string arrays in add_query_arg(). fixes #4878 for trunk
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@5999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-09-01 03:41:50 +00:00
rob1n
4a5335aee6
Add stripos() for compatibility for PHP < 5. This will be needed for a patch later, I think.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@5187 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-04-06 02:54:12 +00:00
ryan
9f534ebae6
Remove trailing spaces and convert spaces to tabs. Props Nazgul. fixes #986
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@4495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-11-19 07:56:05 +00:00
ryan
4b02c602d1
Move _() to compat.php
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@3901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-06-22 19:45:49 +00:00
ryan
c93efa866e
Include file renames. #2525
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@3862 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-06-11 06:43:54 +00:00