Andrew Nacin
5f0981788d
Detect and handle symlinking of plugins in plugin_basename().
...
props rmccue, MikeSchinkel, jdgrimes.
see #16953 .
Built from https://develop.svn.wordpress.org/trunk@27158
git-svn-id: http://core.svn.wordpress.org/trunk@27024 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-10 23:00:15 +00:00
Andrew Ozz
eba12cfaf4
Remove unused arg from wp_auth_check(), see #27081 .
...
Built from https://develop.svn.wordpress.org/trunk@27154
git-svn-id: http://core.svn.wordpress.org/trunk@27021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-09 22:34:11 +00:00
Dominik Schilling
a4e5457ee1
Update @return statement of wp_nonce_url(): The URL is escaped.
...
props c3mdigital.
see #4221 .
Built from https://develop.svn.wordpress.org/trunk@27070
git-svn-id: http://core.svn.wordpress.org/trunk@26943 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-02 10:53:11 +00:00
Scott Taylor
678ef2b1e1
In `wpdb::db_connect()`, allow the loading of a custom database error template - this is already allowed in `dead_db()`.
...
In `dead_db()`, move the call to `wp_load_translations_early()` before the inclusion of the `db-error.php` file to allow translation in both locations before the template is loaded.
Props sbruner, kovshenin.
Fixes #25703 .
Built from https://develop.svn.wordpress.org/trunk@27056
git-svn-id: http://core.svn.wordpress.org/trunk@26929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-29 05:28:12 +00:00
Dion Hulse
2d9dd4979e
Uploads: Fix the Order of Operations for wp_mkdir_p() which caused this branch to never be hit. Props fboender. Fixes #26781 for trunk. See #25822
...
Built from https://develop.svn.wordpress.org/trunk@26926
git-svn-id: http://core.svn.wordpress.org/trunk@26807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-08 23:13:10 +00:00
Ryan Boren
07c16fd23c
The Pinking Shears stir from their slumber, awakened by what may seem, to those
...
innocent in the ways of The Shears, a triviality, a nothing-of-consequence. But there are consequences indeed for recklessly trailing your whitespace. Naturally, they a dire!
One, two! One, two! And through and through
The Pinking Shears went snicker-snack!
They plucked your tail and with your space
They went sniksnuking back.
Let me tell you, that can be uncomfortable, so always pre-sniksnuk your trailing whites. May The Shears be with you.
Built from https://develop.svn.wordpress.org/trunk@26851
git-svn-id: http://core.svn.wordpress.org/trunk@26738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-11 19:49:11 +00:00
Dion Hulse
7f1047ece1
Remove the experimental RSS.JS feed, and move it to a plugin for feature development. Unprops pento. See #25639
...
Built from https://develop.svn.wordpress.org/trunk@26644
git-svn-id: http://core.svn.wordpress.org/trunk@26534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-04 22:24:10 +00:00
Dion Hulse
8c60f742a1
Fix a regression in wp_mkdir_p() where the $mode of the parent folder is not correctly applied to all created paths. Fixes #25822 for trunk
...
Built from https://develop.svn.wordpress.org/trunk@26449
git-svn-id: http://core.svn.wordpress.org/trunk@26347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-28 02:20:10 +00:00
Matt Thomas
c0f4798af9
Update error screens with the new visual design:
...
* Bring in new styles for backgrounds/text/link/borders/buttons
* Switch to device-width for the viewport and tweak margins etc so the layout works nicely on all device sizes
Fixes #25956 , props johnbillion.
Built from https://develop.svn.wordpress.org/trunk@26299
git-svn-id: http://core.svn.wordpress.org/trunk@26204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-21 00:25:10 +00:00
Andrew Nacin
c8bbc31c39
Add an experimental rssjs feed based on the experimental rss.js spec.
...
This is simply a JSON representation of the RSS 2.0 feed, accessible at /feed/rssjs/ anywhere.
props pento.
see #25639 .
Built from https://develop.svn.wordpress.org/trunk@26294
git-svn-id: http://core.svn.wordpress.org/trunk@26199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-20 22:58:09 +00:00
Sergey Biryukov
c7a96bbf29
Use get_current_site() instead of the $current_site global in wp-admin/admin-header.php and is_main_network().
...
fixes #25158 .
Built from https://develop.svn.wordpress.org/trunk@26235
git-svn-id: http://core.svn.wordpress.org/trunk@26142 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-16 13:46:10 +00:00
Scott Taylor
c2bc0e6836
Don't place smilies inside of pre or code tags. Don't skip smilie after a smilie with an 8 in it. Fix regular expression used for smiley translations to work when there is only one registered emoticon.
...
Props solarissmoke, soulseekah, mdbitz, yonasy. ht to mdbitz for the Unit Tests and a comprehensive patch.
Fixes #16448 , #20124 , #25303 .
Built from https://develop.svn.wordpress.org/trunk@26191
git-svn-id: http://core.svn.wordpress.org/trunk@26099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-15 02:46:10 +00:00
Dion Hulse
560b0c8b0a
Fix a case where wp_guess_url() would leave a prefixed path in the generated URL when symlinks were involved. Fixes #25797
...
Built from https://develop.svn.wordpress.org/trunk@26031
git-svn-id: http://core.svn.wordpress.org/trunk@25961 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-07 03:34:10 +00:00
Sergey Biryukov
918e8bab96
Remove irrelevant @see references. props mt8.biz. fixes #25843 .
...
Built from https://develop.svn.wordpress.org/trunk@26022
git-svn-id: http://core.svn.wordpress.org/trunk@25953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-06 10:17:09 +00:00
Andrew Nacin
d0cfa40983
Add jshintrc to qunit.
...
props jorbin.
see #25187 .
Built from https://develop.svn.wordpress.org/trunk@25992
git-svn-id: http://core.svn.wordpress.org/trunk@25925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-30 14:39:10 +00:00
Andrew Nacin
deadb7b296
Avoid a notice in is_main_network() when called in single site. see #25030 .
...
Built from https://develop.svn.wordpress.org/trunk@25827
git-svn-id: http://core.svn.wordpress.org/trunk@25827 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:53:31 +00:00
Andrew Nacin
8ae8e01b67
Remove the old wp_auto_updates_maybe_update cron event. Schedule the new wp_maybe_auto_update event at 7 a.m. and 7 p.m. in the site's timezone.
...
see #27704 .
Built from https://develop.svn.wordpress.org/trunk@25825
git-svn-id: http://core.svn.wordpress.org/trunk@25825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:53:14 +00:00
Andrew Nacin
8f0f48e3f9
Avoid a notice in is_main_network() when called in single site. see #25030 .
...
Built from https://develop.svn.wordpress.org/trunk@25827
git-svn-id: http://core.svn.wordpress.org/trunk@25739 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-17 05:17:08 +00:00
Sergey Biryukov
336c737727
Correct phpdoc for wp_check_filetype_and_ext(). props dimadin. fixes #25513 .
...
Built from https://develop.svn.wordpress.org/trunk@25713
git-svn-id: http://core.svn.wordpress.org/trunk@25626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-07 15:34:10 +00:00
Andrew Nacin
d7fc6d5d49
Order search results by relevance, rather than by date.
...
The ordering logic is as follows:
* Full sentence matches in post titles.
* All search terms in post titles.
* Any search terms in post titles.
* Full sentence matches in post content.
Each section and any remaining posts are then sorted by date.
Introduces some filters:
* wp_search_stopwords, to filter stop words ignored in WHERE.
* posts_search_orderby, to filter the ORDER BY when ordering search results.
props azaozz, wonderboymusic.
fixes #7394 .
Built from https://develop.svn.wordpress.org/trunk@25632
git-svn-id: http://core.svn.wordpress.org/trunk@25549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-27 17:34:09 +00:00
Dominik Schilling
32aff2db8a
Add 'image' type/extensions to wp_ext2type() and make it case insensitive. props xparham. fixes #25176 .
...
Built from https://develop.svn.wordpress.org/trunk@25437
git-svn-id: http://core.svn.wordpress.org/trunk@25359 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-14 14:34:09 +00:00
Dion Hulse
bbd3312389
Account for Windows and CLI instances in wp_guess_url(). Props SergeyBiryukov. See #25317
...
Built from https://develop.svn.wordpress.org/trunk@25436
git-svn-id: http://core.svn.wordpress.org/trunk@25358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-14 03:43:10 +00:00
Andrew Nacin
4542e678d2
Return false from wp_get_original_referer() if it is called before wp_validate_redirect() is defined.
...
see #25294 .
Built from https://develop.svn.wordpress.org/trunk@25400
git-svn-id: http://core.svn.wordpress.org/trunk@25331 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-12 13:36:09 +00:00
Andrew Nacin
46611d4282
Return false from wp_get_referer() if it is called before wp_validate_redirect() is defined.
...
see #25294 .
Built from https://develop.svn.wordpress.org/trunk@25399
git-svn-id: http://core.svn.wordpress.org/trunk@25330 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-12 13:33:09 +00:00
Dion Hulse
641d3b2560
Fix wp_guess_url() to work in every scenario I could find, allows us to use it to determine the correct path to the WordPress Site URL before installation for install.php and setup-config.php redirects. Fixes #24480 Fixes #16884
...
Built from https://develop.svn.wordpress.org/trunk@25396
git-svn-id: http://core.svn.wordpress.org/trunk@25327 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-12 06:57:09 +00:00
Helen Hou-Sandí
8359c66176
Indicate that the fall-through in `is_serialized()` is deliberate. fixes #24023 .
...
Built from https://develop.svn.wordpress.org/trunk@25371
git-svn-id: http://core.svn.wordpress.org/trunk@25321 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-12 03:41:09 +00:00
Dion Hulse
ca008522f3
Add a set of helpers to turn the behaviour of mbstring.func_overload off when needed. Fixes #25259
...
Built from https://develop.svn.wordpress.org/trunk@25346
git-svn-id: http://core.svn.wordpress.org/trunk@25308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-11 07:23:08 +00:00
Andrew Nacin
1536779aaf
Avoid error in ms-files.php after [25317].
...
Built from https://develop.svn.wordpress.org/trunk@25344
git-svn-id: http://core.svn.wordpress.org/trunk@25306 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-11 04:49:10 +00:00
Andrew Nacin
89c57124da
Improve clarity and speed of [25320].
...
Built from https://develop.svn.wordpress.org/trunk@25338
git-svn-id: http://core.svn.wordpress.org/trunk@25300 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-11 03:23:08 +00:00
Scott Taylor
02757de9d8
Remove dead code in `add_query_arg()`.
...
Props hakre, c3mdigital.
Fixes #16942 .
Built from https://develop.svn.wordpress.org/trunk@25333
git-svn-id: http://core.svn.wordpress.org/trunk@25295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 23:38:09 +00:00
Andrew Nacin
a461a25d76
Loose validation for is_serialized() in maybe_serialize().
...
Built from https://develop.svn.wordpress.org/trunk@25320
git-svn-id: http://core.svn.wordpress.org/trunk@25282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 18:10:09 +00:00
Andrew Nacin
cf3fddde96
Validate referrers to prevent off-domain redirects.
...
Built from https://develop.svn.wordpress.org/trunk@25318
git-svn-id: http://core.svn.wordpress.org/trunk@25280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 18:07:10 +00:00
Andrew Nacin
c8a7b53c65
Tighten allowed upload file types.
...
Built from https://develop.svn.wordpress.org/trunk@25317
git-svn-id: http://core.svn.wordpress.org/trunk@25279 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 18:04:09 +00:00
Scott Taylor
a563a5b2fa
Replace the ancient `phpfreaks.com` RegEx to extract urls to ping with a more robust matcher. URLs with commas and things like `&` were not being pinged. The new matcher even works for most IDN URLs. Adds unit tests.
...
Fixes #9064 .
Built from https://develop.svn.wordpress.org/trunk@25313
git-svn-id: http://core.svn.wordpress.org/trunk@25275 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 03:18:08 +00:00
Andrew Nacin
6a1ac52330
Be less verbose when erroring out in do_feed() for an invalid feed template. fixes #24874 .
...
Built from https://develop.svn.wordpress.org/trunk@25190
git-svn-id: http://core.svn.wordpress.org/trunk@25162 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-30 23:37:11 +00:00
Andrew Nacin
1fbc03a388
The main site of a secondary network should not use the original wp-content/uploads upload path.
...
props jeremyfelt.
fixes #25030 .
Built from https://develop.svn.wordpress.org/trunk@25148
git-svn-id: http://core.svn.wordpress.org/trunk@25127 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-28 03:36:09 +00:00
Andrew Nacin
4d6d80a14f
Introduce is_main_network().
...
By default, a network ID of 1 is assumed to be the main network.
Otherwise, it is the first network listed in the wp_site table.
If PRIMARY_NETWORK_ID is defined, it is considered main network.
props jeremyfelt.
see #25030 .
Built from https://develop.svn.wordpress.org/trunk@25147
git-svn-id: http://core.svn.wordpress.org/trunk@25126 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-28 03:35:08 +00:00
Sergey Biryukov
c7de681a26
Add description for _wp_timezone_choice_usort_callback(). props neoxx. fixes #25125 .
...
Built from https://develop.svn.wordpress.org/trunk@25101
git-svn-id: http://core.svn.wordpress.org/trunk@25083 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-23 13:57:08 +00:00
Dion Hulse
5eb1c81924
Make use of the recursive option in mkdir() in wp_mkdir_p(). Avoids a bunch of silenced PHP Notices being logged. Fixes #23196
...
Built from https://develop.svn.wordpress.org/trunk@25047
git-svn-id: http://core.svn.wordpress.org/trunk@25034 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-17 03:09:11 +00:00
Andrew Nacin
1065f55586
Add a function to return an empty string, for filters. props wpsmith, trepmal. fixes #20357 .
...
Built from https://develop.svn.wordpress.org/trunk@25037
git-svn-id: http://core.svn.wordpress.org/trunk@25024 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-16 20:02:08 +00:00
Ryan Boren
acc0aec2b0
Silence is_dir() to avoud warning when upload_tmp_dir is outside open_basedir.
...
Props dpash
fixes #24704
git-svn-id: http://core.svn.wordpress.org/trunk@24995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-06 17:39:33 +00:00
Andrew Nacin
21a1fe8d4b
Use wp_safe_remote_request() and friends instead of reject_unsafe_urls = true.
...
fixes #24646 .
git-svn-id: http://core.svn.wordpress.org/trunk@24917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 06:52:13 +00:00
Michael Adams
ec6f40342a
Allow HTTPS URL enclosures.
...
Props markjaquith with a patch that predates all WordCamps.
Fixes #2875 .
git-svn-id: http://core.svn.wordpress.org/trunk@24810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-28 19:07:43 +00:00
Andrew Nacin
a70604d441
Add iWork formats to valid upload filetypes. key, numbers, pages. props barry, fixes #24621 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24782 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-23 15:29:26 +00:00
Ryan Boren
cbf77c6523
Fire wp_auth_check_load() from admin_enqueue_scripts instead of admin_init so that it can access the current screen object.
...
Black list the update and upgrade screens.
Allow plugins to white/black list screens via the wp_auth_check_load filter.
Props nacin
see #23295
git-svn-id: http://core.svn.wordpress.org/trunk@24738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-18 19:06:35 +00:00
Peter Westwood
b58e828475
Fall back to non-translated strings in _deprecated_*() if the translation function doesn't exist. This may be the case in sunrise, for example.
...
Fixes #24778 props SergeyBiryukov.
git-svn-id: http://core.svn.wordpress.org/trunk@24723 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-17 21:04:50 +00:00
Andrew Ozz
b96efc779a
Logged out warnings:
...
- Replace the Close button with an always visible "X" icon in the top/right corner.
- Check if the user is still logged in every 3 min. by default.
- Add 'wp_auth_check_interval' filter so the interval can be set from PHP.
See #23295 .
git-svn-id: http://core.svn.wordpress.org/trunk@24695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-12 23:32:32 +00:00
Andrew Nacin
740d141e1d
Support IIS 8 and above.
...
props hurtige for initial patch.
fixes #23533 .
git-svn-id: http://core.svn.wordpress.org/trunk@24594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-08 20:27:06 +00:00
Ryan Boren
419fea1a16
Normalize the UTF-8 and ISO-8859-1 charset strings stored in blog_charset to make them friendlier with PHP functions that accept a charset such as htmlspecialchars().
...
fixes #23688
git-svn-id: http://core.svn.wordpress.org/trunk@24510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-25 19:03:17 +00:00
Andrew Nacin
96ee267343
Better validation of the URL used in core HTTP requests.
...
git-svn-id: http://core.svn.wordpress.org/trunk@24480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-21 06:07:47 +00:00
Andrew Nacin
7addff9967
Use correct variable order in add_query_arg(). This had mostly just filled error logs; it also broke some obscure URL situations. see #23284 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24444 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-19 08:33:10 +00:00
Andrew Nacin
bb1234c4be
Fall back to non-translated strings in _doing_it_wrong() if the translation function doesn't exist. This may be the case in sunrise, for example.
...
props SergeyBiryukov.
fixes #23555 .
for trunk.
git-svn-id: http://core.svn.wordpress.org/trunk@24439 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-19 08:11:59 +00:00
Andrew Ozz
b1009b33c4
Logged out warnings: fix same domain comparison in wp_auth_check_html() when FORCE_SSL_LOGIN && ! FORCE_SSL_ADMIN. See #23295
...
git-svn-id: http://core.svn.wordpress.org/trunk@24266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-15 22:09:54 +00:00
Sergey Biryukov
74638ccb5a
Fix typos in phpdoc. props TheLastCicada. fixes #24302 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-10 01:39:30 +00:00
Andrew Ozz
19c3b4bfdc
Logged out warnings:
...
- Don't use <base> tag to set target="_blank". It can break form submission. Instead, set target only on links with JS.
- Fix same domain comparison in wp_auth_check_html() when FORCE_SSL_LOGIN == true.
- Properly show/hide the "Close" button when the dialog is shown multiple times.
See #23295
git-svn-id: http://core.svn.wordpress.org/trunk@24208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-08 22:45:58 +00:00
Mark Jaquith
0a49442e35
Multiple improvements to image post format insertion and display.
...
* get_tag_regex() altered based on Unit Tests.
* Changes to post-formats.js to provide size and link context during image selection.
* Captions are now output in the_post_format_image() when present.
* The meta value for url is respected for the image post format when the HTML in the image meta doesn't include a link
props wonderboymusic. fixes #23965 , #23964 . see #24147 , #24046 .
git-svn-id: http://core.svn.wordpress.org/trunk@24066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-22 22:11:42 +00:00
Andrew Ozz
bcb9eef7cd
Logged out warnings: fix phpdoc, props ocean90, see #23295
...
git-svn-id: http://core.svn.wordpress.org/trunk@23922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-05 23:28:40 +00:00
Andrew Ozz
04c5aefbea
Logged out warnings: add fallback text dialog for:
...
- The login page has "X-Frame-Options: DENY" header.
- Cross-domain when displaying on the front-end on multisite with domain mapping.
- The site forces ssl login but not ssl admin.
Add onbeforeunload prompt to counter (frame-busting) JS redirects. Move the JS and CSS into separate files. See #23295 .
git-svn-id: http://core.svn.wordpress.org/trunk@23805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-27 08:43:11 +00:00
Ryan Boren
9f44cb4038
Remove old phpdoc that incorrectly marks wp_timezone_choice() as temporary.
...
Props danielbachhuber
fixes #23804
git-svn-id: http://core.svn.wordpress.org/trunk@23738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-18 13:35:34 +00:00
Mark Jaquith
53d12e91bc
Introduce [audio] and [video] shortcodes, and use MediaElement.js to play them.
...
props wonderboymusic. see #23282 .
git-svn-id: http://core.svn.wordpress.org/trunk@23729 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-16 05:25:44 +00:00
Andrew Nacin
af53edb696
Revert [23411] until encoding differences are worked out. see #20771 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@23637 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-07 06:57:56 +00:00
Andrew Nacin
7b47322e22
Ensure the referer functions operate completely on unslashed data: wp_referer_field(), wp_original_referer_field(), wp_get_referer(), wp_get_original_referer().
...
Use wp_slash() instead of addslashes().
see #21767 .
git-svn-id: http://core.svn.wordpress.org/trunk@23578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 17:58:43 +00:00
Ryan Boren
09d2c65970
Always wp_unslash() the return of wp_get_referer().
...
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 17:20:32 +00:00
Ryan Boren
43a7e695e9
Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
...
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Andrew Ozz
99e168d1a2
Logged out warnings: restructure the PHP code (no need for a class), props nacin, see #23295
...
git-svn-id: http://core.svn.wordpress.org/trunk@23543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 01:55:33 +00:00
Andrew Nacin
81080da6f2
Allow nonce name to be passed to wp_nonce_url(), as allowed by wp_nonce_field(). props MatthewRuddy, fixes #22423 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@23519 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-28 18:08:53 +00:00
Andrew Ozz
0910d5755e
Improved logged out warnings, first run, props mintindeed, see #23295
...
git-svn-id: http://core.svn.wordpress.org/trunk@23504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-28 08:57:17 +00:00
Sergey Biryukov
8fb830eeda
Fix typos in phpdoc. props markmcwilliams. fixes #23481 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@23434 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-15 18:59:56 +00:00
Mark Jaquith
4ca36c6337
Update our Windows media file MIME types to the official Microsoft-recommended ones.
...
props niallkennedy, wonderboymusic. fixes #14253
git-svn-id: http://core.svn.wordpress.org/trunk@23422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-15 16:12:40 +00:00
Ryan Boren
cc5ed3a485
Change all core API to expect unslashed rather than slashed arguments.
...
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.
Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.
Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.
Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.
Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.
Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.
Plugins should use wp_unslash() on data being passed to core API.
Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.
Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.
Remove many no longer necessary calls to $wpdb->escape() and esc_sql().
In wp_get_referer() and wp_get_original_referer(), return unslashed data.
Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.
Switch several queries over to prepare().
Expect something to break.
Props alexkingorg
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Sergey Biryukov
4e46d0045c
Use correct escaping function. props jkudish. fixes #20771 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@23411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 05:12:23 +00:00
Ryan Boren
57f65d2906
Try not to send Last-Modified, even with an empty value. Some servers interpret an empty value as the epoch.
...
Props nacin, slene, SergeyBiryukov, andy
see #23021 for trunk
git-svn-id: http://core.svn.wordpress.org/trunk@23267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-04 19:51:31 +00:00
Dion Hulse
52c97f6b1a
Correct an incorrect PHPDoc s/@see/@link/ introduced in r23254. See #22900
...
git-svn-id: http://core.svn.wordpress.org/trunk@23256 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-03 08:05:48 +00:00
Dion Hulse
50da2d8a9f
HTTP API: Introduce wp_is_writable() to wrap win_is_writable() and is_writable() to work around PHP Windows ACL issues. See #22900 for trunk
...
git-svn-id: http://core.svn.wordpress.org/trunk@23255 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-03 08:04:11 +00:00
Dion Hulse
a7bb4ac774
Clarify the Documentation in win_is_writable() and move an inline comment to the Docblock, reduces confusion about what the function actually does. See #22900
...
git-svn-id: http://core.svn.wordpress.org/trunk@23254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-03 07:56:38 +00:00
Mark Jaquith
dc4832131f
Add .webm (video/webm) to wp_get_mime_types(). props wonderboymusic. fixes #14659
...
git-svn-id: http://core.svn.wordpress.org/trunk@23229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-29 18:07:23 +00:00
Ryan Boren
20d9c165ee
Properly set the base URL for the main site when ms-files rewriting is enabled for MU-era installs.
...
Props nacin
fixes #22702
git-svn-id: http://core.svn.wordpress.org/trunk@23002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-03 22:24:06 +00:00
Mark Jaquith
4fcb87234b
Remove trailing slashes from UPLOADS before trying a str_replace() in wp_upload_dir(). props jbrinley. fixes #22469
...
* In 3.4.x, both $url and UPLOADS had trailing slashes
* Due to refactoring, $url is no longer expected to have a trailing slash
* Because of the mismatch, the str_replace() was not working, resulting in an incorrectly verbose upload dir URL
git-svn-id: http://core.svn.wordpress.org/trunk@22736 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-21 07:08:38 +00:00
Ryan Boren
06ee370814
Pinking shears
...
git-svn-id: http://core.svn.wordpress.org/trunk@22634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-17 15:11:29 +00:00
Andrew Nacin
e5c1d8d7af
Account for unfiltered_upload cap in wp_upload_bits(). see #21292 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@22471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-08 20:41:34 +00:00
Dion Hulse
a24d651e0e
Prevent an issue on windows systems which can cause the temporary directory from get_temp_dir() from returning a path containing \/. Props to SergeyBiryukov for the initial patch. Fixes #20778
...
git-svn-id: http://core.svn.wordpress.org/trunk@22331 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-30 20:58:35 +00:00
Andrew Ozz
efbc9d2336
Buttons:
...
- Update the install/initial configuration/repair screens buttons, props DrewAPicture
- Fix the welcome screen buttons and fine-tune the buttons css, props lessbloat
fixes #21598
git-svn-id: http://core.svn.wordpress.org/trunk@22314 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-26 19:40:39 +00:00
Andrew Nacin
1773a06874
Avoid 'headers already sent' messages for header_remove() the same way we currently do with header(). props ryan. fixes #22258 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@22303 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-25 20:38:55 +00:00
Andrew Nacin
a88114dd92
Do not issue a Last-Modified header when issuing no-cache headers to avoid aggressive (webkit) caching. Serve a blank header when header_remove() is not available (PHP < 5.3). props andy. fixes #22258 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@22283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-23 15:45:44 +00:00
Ryan Boren
43a1c703e0
A more generic message for wp_upload_dir(). Props nacin. fixes #21796
...
git-svn-id: http://core.svn.wordpress.org/trunk@22276 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-23 13:49:00 +00:00
Andrew Nacin
dc3fbf216f
Have wp_upload_dir() account for blog switching, ms-files rewriting, and the UPLOADS constant properly. This type of logic needs a lot of code comments.
...
Prevents wp_upload_dir() from obeying the UPLOADS constant when ms-files rewriting is enabled and a blog is switched.
Reverts [22106] thanks to [22108].
see #19235 .
git-svn-id: http://core.svn.wordpress.org/trunk@22222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-12 22:05:02 +00:00
Ryan Boren
7a86de87fb
Reduce use of global. Use get_blog_details() instead. fixes #22090
...
git-svn-id: http://core.svn.wordpress.org/trunk@22108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-04 12:40:09 +00:00
Andrew Nacin
8451f7e987
Pass the current blog id to is_main_site() in wp_upload_dir(), because is_main_site() without arguments does not respond correctly on switch. see #19235 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@22106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-03 18:57:36 +00:00
Ryan Boren
b4d0be2d1a
Introduce WP_Image_Editor, WP_Image_Editor_Imagick, and WP_Image_Editor_GD. Abstracts image editing API and adds support for ImageMagick.
...
Props DH-Shredder, kurtpayne, markoheijnen
see #6821
git-svn-id: http://core.svn.wordpress.org/trunk@22094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-01 20:59:06 +00:00
Dion Hulse
19c7ca7729
Silence a PHP Warning in Safe Mode from get_temp_dir(). Props ocean90. Fixes #20778
...
git-svn-id: http://core.svn.wordpress.org/trunk@22082 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-29 01:22:25 +00:00
Andrew Nacin
143f4da6a6
If a pre-3.0 (MU era) network disables ms-files manually, they don't need /sites/ in their wp-content/uploads directory. see #19235 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@22038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-27 04:56:58 +00:00
Dion Hulse
a41af6219a
Move win_is_writable() from wp-admin/includes to wp-includes so that it's always available for get_temp_dir(). Fixes #20778
...
git-svn-id: http://core.svn.wordpress.org/trunk@22009 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-26 05:08:26 +00:00
Dion Hulse
079afa8ce2
Rearrange the order that we check for temporary directories in get_temp_dir(). This change causes us to use System temporary directories in preference to WP_CONTENT_DIR, for better windows compatibility, we use win_is_writable() as well. Props simonwheatley and kurtpayne for initial patches, See #20778
...
git-svn-id: http://core.svn.wordpress.org/trunk@22008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-26 05:02:58 +00:00
Andrew Nacin
557d9313a7
Introduce constants to allow for easier expression of time periods in seconds. Adds MINUTE_IN_SECONDS, HOUR_IN_SECONDS, DAY_IN_SECONDS, WEEK_IN_SECONDS, YEAR_IN_SECONDS. props nbachiyski, SergeyBiryukov. fixes #20987 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 05:26:19 +00:00
Peter Westwood
fa8a509ff3
Posting: Improve the invalid date protection code based on feedback from nacin.
...
* Introduce a wp_checkdate() function with a single filter to centralise the code that validates dates.
* Improve the error message
* Correctly handle the return value of wp_insert_post which is not always a WP_Error on failure
Fixes #17180
git-svn-id: http://core.svn.wordpress.org/trunk@21922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-20 10:46:50 +00:00
Andrew Nacin
749c06e91f
Simplify protocol stripping in add_query_arg() by avoiding a regular expression. Don't cast a known array to an array. fixes #21332 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21865 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-16 16:16:26 +00:00
Andrew Nacin
e4c21210aa
Add xmpp to allowed protocols. props ethitter, fixes #21604 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-12 15:47:34 +00:00
Andrew Nacin
9f6fe3c4ff
Don't show Appearance > Widgets if the theme has no sidebars defined. props SergeyBiryukov for the initial patch. fixes #21761 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-12 02:16:46 +00:00
Andrew Nacin
dc49f24a6c
Remove ms-files.php rewriting from WordPress multisite. fixes #19235 .
...
Keep existing networks compatible with a ms_files_rewriting network option.
git-svn-id: http://core.svn.wordpress.org/trunk@21823 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-11 22:22:20 +00:00
Andrew Nacin
bc6087bc98
Always return upload directory information from wp_upload_dir(), even if there is an error. Append the error to the array. see #19235 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21822 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-11 22:06:49 +00:00