Commit Graph

246 Commits

Author SHA1 Message Date
Ryan Boren 43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Sergey Biryukov 7a77f47f55 Use correct escaping function. fixes #23334.
git-svn-id: http://core.svn.wordpress.org/trunk@23413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 05:52:23 +00:00
Ryan Boren d4abd95449 Scope button classes so they can be used on the frontend without interfering with theme styles.
Props helenyhou, koopersmith
fixes #22644


git-svn-id: http://core.svn.wordpress.org/trunk@22948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-30 13:40:59 +00:00
Andrew Nacin f5e7edf2f2 Add manual new lines to a string, as double quotes with \n is not optimal due to sprintf-parsing reasons. props SergeyBiryukov, fixes #22486. see #22260.
git-svn-id: http://core.svn.wordpress.org/trunk@22664 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-19 06:11:42 +00:00
Ryan Boren 0794b91606 Use retina logo in install, upgrade, setup-config, repair, and confirmation screens.
Props kopepasah, SergeyBiryukov
fixes #22375


git-svn-id: http://core.svn.wordpress.org/trunk@22419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 17:34:22 +00:00
Peter Westwood 1f76fa3703 i18n: Fix the usage of sprintf replacements in the Multisite Network Admin new site page. See #22260.
git-svn-id: http://core.svn.wordpress.org/trunk@22272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-23 11:30:09 +00:00
Ryan Boren 646f62f5a9 Remove set_time_limit() from sites.php. Props dllh. fixes #19486 see #21521
git-svn-id: http://core.svn.wordpress.org/trunk@22259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-17 21:40:31 +00:00
Ryan Boren 51920e1858 Consolidate some strings. Props pavelevap, SergeyBiryukov. see #21728
git-svn-id: http://core.svn.wordpress.org/trunk@22124 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-05 19:04:34 +00:00
Dion Hulse 434aef8e89 Fix Bulk Theme Deletion in the Network Admin when using FTP. Props kobenland. Fixes #20671
git-svn-id: http://core.svn.wordpress.org/trunk@22084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-29 01:36:14 +00:00
Ryan Boren c224c2fee5 Remove dupe/deprecated code from sites.php.
Props wonderboymusic
fixes #21553


git-svn-id: http://core.svn.wordpress.org/trunk@22064 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-27 17:11:07 +00:00
Mark Jaquith e3dc0220ff Make Multisite work when WordPress is installed in a subdirectory. You can now have WordPress Multisite as an SVN external or a Git submodule! props johnjamesjacoby, evansolomon, duck_, jakemgold, nacin, markjaquith. see #19796
git-svn-id: http://core.svn.wordpress.org/trunk@22042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-27 06:07:21 +00:00
Andrew Nacin 0d37467603 Move sanitization for the multisite illegal_names, limited_email_domains, and banned_email_domains options to sanitize_option(). props wonderboymusic. fixes #21552.
git-svn-id: http://core.svn.wordpress.org/trunk@21993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 01:54:12 +00:00
Andrew Nacin 087b6ace16 Remove unused edit-site nonce fields from site-users and site-themes. props jeremyfelt, fixes #21277.
git-svn-id: http://core.svn.wordpress.org/trunk@21903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-18 23:06:22 +00:00
Andrew Nacin bd25a2e910 Correct a translation context in the network admin. props SergeyBiryukov. fixes #20910.
git-svn-id: http://core.svn.wordpress.org/trunk@21858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-15 19:57:46 +00:00
Andrew Nacin d91ae96dc9 Simplify the markup and hierarchy of the Add Existing and Add New user forms on site-users.php. props obenland, fixes #21223.
git-svn-id: http://core.svn.wordpress.org/trunk@21854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-15 19:38:23 +00:00
Andrew Nacin 84c3a86036 Hide the link manager from the UI on upgrade, if the site has no links. New DB option, link_manager_enabled.
Enforce this by denying the 'manage_links' capability, which hides the All Links, Add New Link, and Link Categories screens. Hide WP_Widget_Links and the UI for the default_link_category as well.

Convert all references to 'posts and links' when handling reassignment on user deletion to just 'posts'.

see #21307.



git-svn-id: http://core.svn.wordpress.org/trunk@21501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-13 16:18:42 +00:00
ryan 5ca54e7d2f Deprecate get_blog_option(), add_blog_option(), update_blog_option(), and delete_blog_option().
Use the regular option functions wrapped in switch_to_blog() and restore_current_blog() instead.

Group multiple operations within a single switch where possible.

fixes #21432


git-svn-id: http://core.svn.wordpress.org/trunk@21414 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-03 17:51:42 +00:00
nacin 7127ed1197 Move most instances of new WP_User to get_userdata(). see #21120.
git-svn-id: http://core.svn.wordpress.org/trunk@21413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-03 01:06:05 +00:00
nacin 9d20dfc4e1 Enforce multisite plugins menu preference in map_meta_cap(). This means a simple current_user_can('activate_plugins') check will handle the 'Enable administration menus' setting.
Remove bogus checks for enabling/disabling the 'themes' menu (something core does not handle out of the box) when in the network admin.

fixes #21123.



git-svn-id: http://core.svn.wordpress.org/trunk@21198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-30 12:40:25 +00:00
ryan bbb1494919 Use the stylesheet rather than the template to create the network enable theme nonce. Fix network enable redirect following theme installation. Props duck_, nacin. fixes #20916
git-svn-id: http://core.svn.wordpress.org/trunk@21062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-12 15:31:25 +00:00
ryan 7859542799 Remove obsolete help string. Props SergeyBiryukov. fixes #20909
git-svn-id: http://core.svn.wordpress.org/trunk@21051 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-11 20:32:21 +00:00
nacin 3ebea2f218 Remove user/site suggestions (autocompletion) from search inputs, as the UX isn't proper.
* Removes all instances of site-search, so away it goes. Sidesteps a number of bugs with site-search.
 * Renames user-search to user-suggest, which means it better describes the current behavior (autocompletion) while allowing for future behavior (instant search).
 * Ties user suggestions to a single .wp-suggest-user class.

with help from markjaquith, helenyhou, wonderboymusic. 
fixes #20835.



git-svn-id: http://core.svn.wordpress.org/trunk@21003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-05 18:51:33 +00:00
nacin c0f8ad074e Fix typo in the word 'administrator'.
translate.wordpress.org was manually updated to correct the typo,
so this will not result in a string change.

props ocean90
fixes #20829



git-svn-id: http://core.svn.wordpress.org/trunk@20993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-04 18:06:32 +00:00
nacin eb8e069932 Correct the link to http://codex.wordpress.org/Network_Admin_Sites_Screen in the network admin help sidebars. props Nao. fixes #20607.
git-svn-id: http://core.svn.wordpress.org/trunk@20713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-03 13:34:33 +00:00
nacin b82ddbd98b Do not break a domain on network/site-new.php across two lines. props SergeyBiryukov, fixes #19895.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-27 19:02:10 +00:00
nacin 2dd485a823 s/website/network/ on the network settings screen. props Ipstenu, fixes #20314.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-11 20:45:03 +00:00
nacin 81407efd05 Clean up cap checks for autocompletes for sites and users in a network. see #19810.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-30 21:04:48 +00:00
nacin 959160e789 Remove step="" from upload size inputs, as the step is enforced in the spec, rather than being a recommendation. finally fixes #17863.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-25 13:02:01 +00:00
markjaquith 2a8c7bbc7a Autocomplete site names in Network Admin. More user completion areas. props Japh, DrewAPicture. see #19810.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20279 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-24 04:54:58 +00:00
nacin 35ba4853bf Adjust site upload space HTML5 type='number' validation. see #17863.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-16 04:16:21 +00:00
nacin 8c841df86d Revert type="email" (HTML5) as some browsers that do validation on these fields do not work for IDN domains yet. Core does not support these well either, but server-side validation can at least be dealt with by a plugin. see #17863.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-15 18:09:14 +00:00
nacin 1db1017721 Remove index-extra.php. Move dashboard widget XHR callbacks to ajax-actions.php. fixes #20242.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-15 13:20:00 +00:00
azaozz f3b63e4537 Set proper HTML5 input types in the admin, props georgestephanis, fixes #17863
git-svn-id: http://svn.automattic.com/wordpress/trunk@20168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-10 01:23:48 +00:00
nacin 7bac1174bf In multisite, list broken themes on network/themes.php instead of on individual Manage Themes pages. see #20103.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-08 07:32:42 +00:00
duck_ 2ce9545bff Use tabs for indentation.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-02 22:03:15 +00:00
duck_ da535ce54e Drop unnecessary if-statements which also have some strange logic. Fixes #20159.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-02 22:01:41 +00:00
nacin 6321f9060c Use wp_get_theme() rather than get_theme_data() in the verify theme deletion (multisite network) screen. see #20103.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20037 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-29 07:50:56 +00:00
nacin 5ecb56896f Update login-logo.png to use proper color. Copy it over wordpress-logo.png. Make that one canonical, and stop using login-logo.png. Leave it for plugins. props iammattthomas. see #19955.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-17 04:57:56 +00:00
markjaquith 481959acec Autocomplete for add-user screens in multisite. props boonebgorges, Japh, DrewAPicture, PeteMall, nacin, koopersmith, markjaquith. see #19810.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-10 08:45:17 +00:00
nacin 81bb2f7ed7 Use is_rtl() for html direction when possible. In sites.php, language_attributes() will always exist (MU vestige). When the DB is dead, language_attributes() is worse than a simple is_rtl() check. is_rtl() exists here due to wp_load_translations_early(). see #18180.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19862 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-08 06:05:35 +00:00
duck_ 81a7ad2c81 split was deprecated in PHP 5.3.0, so use explode instead. Props garyc40. Fixes #16325.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-09 21:20:51 +00:00
ryan e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
nacin f9b554814e about.php and friends for the global dashboard. see #19762.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-06 18:08:45 +00:00
nacin aa6c34ac3e Create a network/about.php page and leverage it, to prevent the dashboard from switching to the blog admin. fixes #19762.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-06 17:53:41 +00:00
ryan 83b131f8e3 User lowercase true, false, null instead of uppercase. Props c3mdigital, mfields. fixes #16302
git-svn-id: http://svn.automattic.com/wordpress/trunk@19687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:50:54 +00:00
ryan 616c35e71c One newline is enough.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:10:39 +00:00
ryan 340e93324c Remove extraneous spaces. Props kenan3008, dimadin. fixes #19501 #19433
git-svn-id: http://svn.automattic.com/wordpress/trunk@19596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-14 17:36:38 +00:00
ryan 07ff8b216b Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
ryan 02a1dd7ccb Best practice, use wp_safe_redirect() when dealing with referrers. Props nacin.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19579 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-10 18:26:48 +00:00