WordPress-C/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2025-02-17 20:15:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
34,089 Commits 50 Branches 750 Tags
Commit Graph

21290 Commits

Author SHA1 Message Date
Gary Pendergast
512427a740 Bump 4.5 branch to version 4.5.11. 
Built from https://develop.svn.wordpress.org/branches/4.5@42072


git-svn-id: http://core.svn.wordpress.org/branches/4.5@41901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-31 13:16:30 +00:00
Gary Pendergast
84b702009b Database: Restore numbered placeholders in wpdb::prepare(). 
[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.

This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.

Merges [41662], [42056] to the 4.5 branch.
See #41925.


Built from https://develop.svn.wordpress.org/branches/4.5@42060


git-svn-id: http://core.svn.wordpress.org/branches/4.5@41889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-31 12:44:32 +00:00
Dominik Schilling
5047d9b8db Bump 4.5 branch to version 4.5.10. 
Built from https://develop.svn.wordpress.org/branches/4.5@41513


git-svn-id: http://core.svn.wordpress.org/branches/4.5@41346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 20:01:31 +00:00
Aaron Campbell
9007b3117b Database: Hardening to bring wpdb::prepare() inline with documentation. 
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.

Merges [41496] to 4.5 branch.


Built from https://develop.svn.wordpress.org/branches/4.5@41500


git-svn-id: http://core.svn.wordpress.org/branches/4.5@41333 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 18:14:31 +00:00
Aaron Campbell
4b09915583 Database: Don’t trigger _doing_it_wrong() for null values in wpdb::prepare(). 
While `wpdb::prepare()` does not support null values (see #12819) they still appear in the wild like in the WordPress Importer and other plugins.

Merges [41483] to 4.5 branch.


Built from https://develop.svn.wordpress.org/branches/4.5@41487


git-svn-id: http://core.svn.wordpress.org/branches/4.5@41320 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 16:23:33 +00:00
Aaron Campbell
644434666e Database: Hardening for wpdb::prepare() 
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.

Merges [41470] to 4.5 branch.


Built from https://develop.svn.wordpress.org/branches/4.5@41474


git-svn-id: http://core.svn.wordpress.org/branches/4.5@41307 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 15:01:07 +00:00
Aaron Campbell
f1c76c5532 oEmbed: Add extra hardening around allowed HTML for improved sandboxing. 
Merges [41448] to 4.5 branch.



Built from https://develop.svn.wordpress.org/branches/4.5@41454


git-svn-id: http://core.svn.wordpress.org/branches/4.5@41287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 13:50:32 +00:00
Dominik Schilling
c3844666a2 TinyMCE: Improve the previews for shortcodes. 
Merge of [41395] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@41438


git-svn-id: http://core.svn.wordpress.org/branches/4.5@41271 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 12:43:08 +00:00
Dominik Schilling
cda7d5bac0 Customize: Ensure valid themes in the preview. 
Merge of [41397] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@41432


git-svn-id: http://core.svn.wordpress.org/branches/4.5@41265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 11:52:08 +00:00
Dominik Schilling
0d5353afbc Editor: Prevent adding javascript: and data: URLs through the inline link dialog. 
Merge of [41393] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@41403


git-svn-id: http://core.svn.wordpress.org/branches/4.5@41236 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 10:17:14 +00:00
John Blackbourn
030d6166f9 General: Backport PHP 7.1 fixes to the 4.5 branch to avoid fatal errors and warnings. 
Props simonvik, ayeshrajans

See #41135

Built from https://develop.svn.wordpress.org/branches/4.5@41128


git-svn-id: http://core.svn.wordpress.org/branches/4.5@40968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-07-24 22:25:32 +00:00
Aaron Campbell
9ab481b9e5 Bump 4.7 branch to version 4.5.9. 
Built from https://develop.svn.wordpress.org/branches/4.5@40750


git-svn-id: http://core.svn.wordpress.org/branches/4.5@40608 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 21:50:02 +00:00
Pascal Birchler
c2adcb9aec Media: Simplify upload error message construction. 
Merges [40736] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@40739


git-svn-id: http://core.svn.wordpress.org/branches/4.5@40597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 18:02:32 +00:00
Dominik Schilling
5046262be3 Customize: Ignore invalid customization sessions. 
Merge of [40704] to the 4.5 branch.
Built from https://develop.svn.wordpress.org/branches/4.5@40707


git-svn-id: http://core.svn.wordpress.org/branches/4.5@40570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 12:16:31 +00:00
Pascal Birchler
62983e1dd2 Adjust post meta checks 
Merges [40692] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@40695


git-svn-id: http://core.svn.wordpress.org/branches/4.5@40558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 08:50:31 +00:00
Pascal Birchler
8ce7f49c8d Whitelist post arguments in XML-RPC 
Merges [40677] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@40680


git-svn-id: http://core.svn.wordpress.org/branches/4.5@40543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 08:20:31 +00:00
Pascal Birchler
26c585efa7 Bump 4.5 branch to version 4.5.8. 
Built from https://develop.svn.wordpress.org/branches/4.5@40489


git-svn-id: http://core.svn.wordpress.org/branches/4.5@40365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-20 16:23:33 +00:00
James Nylen
5d48102386 Bump 4.5 branch to version 4.5.7. 
Built from https://develop.svn.wordpress.org/branches/4.5@40204


git-svn-id: http://core.svn.wordpress.org/branches/4.5@40143 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 16:18:31 +00:00
Aaron Campbell
a9f9235d88 Strip control characters before validating redirect. 
Merges [40183] to 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@40186


git-svn-id: http://core.svn.wordpress.org/branches/4.5@40125 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 13:42:04 +00:00
Dominik Schilling
4c805032cb Embeds: URL encode YouTube video IDs for broader compatibility. 
Merge of [40160] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@40163


git-svn-id: http://core.svn.wordpress.org/branches/4.5@40102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 12:06:05 +00:00
Aaron Campbell
5697303ab4 Bump 4.5 branch to version 4.5.6. 
Built from https://develop.svn.wordpress.org/branches/4.5@39998


git-svn-id: http://core.svn.wordpress.org/branches/4.5@39935 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 18:21:32 +00:00
Dominik Schilling
aa2ad2c3dd Query: Ensure that queries work correctly with post type names with special characters. 
Merge of [39952] to the 4.5 branch.
Built from https://develop.svn.wordpress.org/branches/4.5@39958


git-svn-id: http://core.svn.wordpress.org/branches/4.5@39895 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 13:50:32 +00:00
Aaron Campbell
438fd7f3bb Bump 4.5 branch to version 4.5.5. 
Built from https://develop.svn.wordpress.org/branches/4.5@39862


git-svn-id: http://core.svn.wordpress.org/branches/4.5@39799 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 16:55:29 +00:00
Joe McGill
a1d67608bf Media: Fix exif_imagetype check in wp_get_image_mime 
This is a follow up to [39831].

Merges [39850] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@39853


git-svn-id: http://core.svn.wordpress.org/branches/4.5@39790 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 16:40:32 +00:00
Joe McGill
a8dcdd4fd5 Media: Improve image filetype checking. 
This adds a new function `wp_get_image_mime()` which is used by
`wp_check_filetype_and_ext()` to validate image files using
`exif_imagetype()` if available instead of `getimagesize()`.

`getimagesize()` is less performant than `exif_imagetype()` and is
dependent on GD. If `exif_imagetype()` is not available, it falls back to
`getimagesize()` as before.

If `wp_check_filetype_and_ext()` can't validate the filetype, we now return
`false` for ext/MIME values.

Merges [39831] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@39834


git-svn-id: http://core.svn.wordpress.org/branches/4.5@39772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 13:15:31 +00:00
Dominik Schilling
c1684e38b0 Themes: Fix markup for theme name fallbacks. 
Merge of [39807] to the 4.5 branch.
Built from https://develop.svn.wordpress.org/branches/4.5@39811


git-svn-id: http://core.svn.wordpress.org/branches/4.5@39749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 11:10:05 +00:00
Jeremy Felt
13d318d196 Multisite: Use wp_rand() in signup key creation. 
Merges [39795] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@39798


git-svn-id: http://core.svn.wordpress.org/branches/4.5@39736 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 05:33:32 +00:00
Dion Hulse
440b7b387f Update PHPMailer to 5.2.22. 
The full list of changes is available here:
https://github.com/PHPMailer/PHPMailer/compare/v5.2.21...v5.2.22

Merges [39759] to the 4.5 branch.
Fixes #37210 for 4.5.

Built from https://develop.svn.wordpress.org/branches/4.5@39786


git-svn-id: http://core.svn.wordpress.org/branches/4.5@39724 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 05:23:31 +00:00
Dion Hulse
f991d9356c Mail: Upgrade PHPMailer to 5.2.21. 
Merges [39645] to the 4.5 branch.
See #37210.

Built from https://develop.svn.wordpress.org/branches/4.5@39723


git-svn-id: http://core.svn.wordpress.org/branches/4.5@39663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-06 22:04:36 +00:00
Jeremy Felt
34ea4c35f4 Bump 4.5 branch to 4.5.4. 
Built from https://develop.svn.wordpress.org/branches/4.5@38550


git-svn-id: http://core.svn.wordpress.org/branches/4.5@38493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 14:58:31 +00:00
Jeremy Felt
ff1790b8e8 Media: Sanitize upload filename. 
Merge of [38538] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@38540


git-svn-id: http://core.svn.wordpress.org/branches/4.5@38483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 13:57:58 +00:00
Pascal Birchler
b7bb8822d7 Upgrade/Install: Sanitize file name in File_Upload_Upgrader. 
Merge of [38524] to the 4.5 branch.
Built from https://develop.svn.wordpress.org/branches/4.5@38526


git-svn-id: http://core.svn.wordpress.org/branches/4.5@38467 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-06 17:34:33 +00:00
Dominik Schilling
c1e4d25350 The 4.5 branch is now 4.5.4-alpha. 
Built from https://develop.svn.wordpress.org/branches/4.5@38000


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-07-07 12:07:32 +00:00
Boone Gorges
b15f7577d3 Bump 4.5 branch to 4.5.3. 
Built from https://develop.svn.wordpress.org/branches/4.5@37826


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 15:53:29 +00:00
Pascal Birchler
47e67b7d33 Media: Fix rendering of incorrect toolbar in the Edit view. 
This switches event binding in `wp.media.controller.EditImage` to use `on`
instead of `listenTo` to restore rendering of the correct toolbar when the
`toolbar:render:edit-image` event fires. The existing listeners broke
when we upgraded Backbone in [36546].

Merge of [37678] to the 4.5 branch.

Props adamsilverstein.
Fixes #36861.
Built from https://develop.svn.wordpress.org/branches/4.5@37813


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37778 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:55:30 +00:00
Joe McGill
b747172c20 Media: Improve handling of extensionless filenames. 
Merge of [37756] to the 4.5 branch.

See #37111.
Built from https://develop.svn.wordpress.org/branches/4.5@37809


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37774 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:52:06 +00:00
Nikolay Bachiyski
df44f6cbc4 Admin: escape URL-encoded permalinks 
Merge of [37801] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@37806


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:50:03 +00:00
Pascal Birchler
63325a253e Media: Restore keyboard navigation of the media grid. 
This changes the binding of event listeners in the Attachments Browser
to use `on` instead of `listenTo` for the `attachment:keydown:arrow` and
`attachment:details:shift-tab` events. The existing listeners broke
when we upgraded Backbone in [36546].

Merge of [37755] to the 4.5 branch.

Props adamsilverstein.
Fixes #36900.
Built from https://develop.svn.wordpress.org/branches/4.5@37804


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:49:28 +00:00
Rachel Baker
01fbbebff4 Revisions: Change the capability needed to view revision diffs to edit_post. 
Merge of [37779] to the 4.5 branch.
Built from https://develop.svn.wordpress.org/branches/4.5@37791


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37756 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:27:33 +00:00
Nikolay Bachiyski
97bcc889a7 Admin: Escape attachment name in case it contains special characters 
Merge of [37774] to the 4.5 branch.

Built from https://develop.svn.wordpress.org/branches/4.5@37783


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37748 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:23:45 +00:00
Dominik Schilling
45dc424bc1 Customize: Make sure that preview and return URLs are URLs. 
Merge of [37527] to the 4.5 branch.
Built from https://develop.svn.wordpress.org/branches/4.5@37768


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:16:56 +00:00
Boone Gorges
4113f3fb69 Taxonomy: More specific cap check when processing category data on post save. 
Ports [37691] to the 4.5 branch.

 Props dlh.
 Fixes #36379.
 Please enter the commit message for your changes. Lines starting
Built from https://develop.svn.wordpress.org/branches/4.5@37759


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37724 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:11:55 +00:00
Jeremy Felt
c75e86705a Admin: Allow for the consistent filtering of auth_redirect_scheme 
Merge of [37651] to the 4.5 branch.

See #37047.

Built from https://develop.svn.wordpress.org/branches/4.5@37757


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37722 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:10:30 +00:00
Pascal Birchler
f5fdf443eb Menus: Support nested array variables in POST data when saving menus. 
[36510] allowed larger menus to be created in the Edit Menu screen by JSON-encoding the entire form into a single input field. However, it did not correctly handle nested arrays.

This introduces a new `_wp_expand_nav_menu_post_data()` helper function to handle this POST data which uses `array_replace_recursive()` internally. Since the latter is only available on PHP 5.3+, we add a compatibility function to ensure PHP 5.2 support.

Merge of [37748] and [37750] to the 4.5 branch.

Props ericlewis, neverything, swissspidy.
Fixes #36590. See #14134.
Built from https://develop.svn.wordpress.org/branches/4.5@37754


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37719 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-20 19:50:30 +00:00
Aaron Jorbin
9b7c749c86 Output node and npm versions on travis. 
In order to make local debugging of travis easier, output the npm and node versions when travis runs.

[37730] for 4.5.

see #37116. 

Built from https://develop.svn.wordpress.org/branches/4.5@37733


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37698 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-16 17:32:28 +00:00
Pascal Birchler
e05facfc58 Embeds: Enforce a valid post ID when embedding a post from the current site. 
Otherwise `wp_filter_pre_oembed_result()` could erroneously return the HTML of the current post instead of the intended result.

Merge of [37729] to the 4.5 branch.

Props kraftbj.
See #36767.
Built from https://develop.svn.wordpress.org/branches/4.5@37732


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37697 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-16 17:30:55 +00:00
Dominik Schilling
c3a292dc76 Customize: Separate preview and actions in the site icon control. 
Reverts [37456] to allow users to remove/change a site icon even if the attachment has corrupt/missing data about sizes.

Merge of [37724] to the 4.5 branch.

See #36749.
Built from https://develop.svn.wordpress.org/branches/4.5@37725


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-16 09:53:28 +00:00
Pascal Birchler
e09e36af80 Fix tests after [37709]. 
Avoids using `assertNotFalse()` which is only available in PHPUnit 4.0 and above.

See [37708], [37710].
See #36767.
Built from https://develop.svn.wordpress.org/branches/4.5@37711


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-15 12:24:28 +00:00
Pascal Birchler
ddfbf0cbe4 Embeds: Improve performance when embedding a post of the current site. 
When the post being embedded is from the same site, there's no reason to do an HTTP request for it. The data can be fetched directly using `get_oembed_response_data()`.

Merge of [37708] to the 4.5 branch.

Fixes #36767.
Built from https://develop.svn.wordpress.org/branches/4.5@37709


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37675 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-15 11:32:29 +00:00
Dominik Schilling
caf7ab7df5 Database: dbDelta() will no longer try to downgrade the size of TEXT and BLOB columns. 
When upgrading to `utf8mb4`, `TEXT` fields will be upgraded to `MEDIUMTEXT` (and likewise for all other `*TEXT` and `*BLOB` fields). This is to allow for the additional space requirements of `utf8mb4`.

On the subsequent upgrade, after the `utf8mb4` upgrade, `dbDelta()` would try and downgrade the fields to their original size again. At best, this it a waste of time, at worst, this could truncate any data larger than the original size. There's no harm in leaving them at their original size, so let's do that.

Merge of [37525] to the 4.5 branch.

Props pento.
See #36748.


Built from https://develop.svn.wordpress.org/branches/4.5@37606


git-svn-id: http://core.svn.wordpress.org/branches/4.5@37574 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-01 12:59:28 +00:00