Commit Graph

255 Commits

Author SHA1 Message Date
Ryan Boren 15a06a35ab Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #WP21767


git-svn-id: http://core.svn.wordpress.org/trunk@23591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-03 16:30:38 +00:00
Sergey Biryukov 4847fe6efc Make sure the pings are only sent once per URL for a given post. props dllh. fixes #23217.
git-svn-id: http://core.svn.wordpress.org/trunk@23571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 17:39:52 +00:00
Ryan Boren 43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Ryan Boren 353ef064ea Use microtime() instead of incrementors for last_changed to to avoid race conditions with cache evictions.
Props westi
fixes #23448


git-svn-id: http://core.svn.wordpress.org/trunk@23401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-11 18:08:14 +00:00
Andrew Nacin 411acbdf43 Use correct cache bucket. Fixes copy-paste error in r23320. props kurtpayne. see #23167.
git-svn-id: http://core.svn.wordpress.org/trunk@23341 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-24 17:21:55 +00:00
Andrew Nacin 82e9c40482 Validate pingback source URIs. Less verbose errors.
git-svn-id: http://core.svn.wordpress.org/trunk@23329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-22 22:30:08 +00:00
Andrew Nacin abd37fe4a7 Comment Query: Use $this->query_vars instead of the nonexistent shorthand $q. see #23208.
git-svn-id: http://core.svn.wordpress.org/trunk@23325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-22 16:54:38 +00:00
Ryan Boren 1b2b394a91 Avoid the appearance of a magic number.
Props nacin
see #23167


git-svn-id: http://core.svn.wordpress.org/trunk@23320 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-22 15:52:13 +00:00
Ryan Boren 48058dfb99 Explicitly set last_changed to 1 instead of the result of wp_cache_set(). Avoids ambiguity and works with cache backends that return void instead of boolean.
see #23167


git-svn-id: http://core.svn.wordpress.org/trunk@23319 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-22 15:46:16 +00:00
Peter Westwood f683fc7677 Tighten our braces. Fixes #23118 props evansolomon.
git-svn-id: http://core.svn.wordpress.org/trunk@23265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-04 10:13:51 +00:00
Helen Hou-Sandí b1f1579604 its <=> it's in documentation, along with a rogue the, The, and looses. props trepmal. fixes #22665.
git-svn-id: http://core.svn.wordpress.org/trunk@23191 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-20 15:55:32 +00:00
Andrew Nacin 8762f64494 Duplicate comments should be allowed under a different comment parent. props andy. fixes #21609.
git-svn-id: http://core.svn.wordpress.org/trunk@22229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-14 17:06:37 +00:00
Ryan Boren a9e25d964e If wp_cache_incr() is not available fallback to get()/set(). fixes #22024
git-svn-id: http://core.svn.wordpress.org/trunk@22110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-04 13:25:58 +00:00
Ryan Boren f1385f2979 Restore the behavior of the 'all' status for comment queries. Props SergeyBiryukov. see #21101
git-svn-id: http://core.svn.wordpress.org/trunk@22090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-01 15:31:40 +00:00
Ryan Boren b1834eae16 Revert stowaway in [22087]
git-svn-id: http://core.svn.wordpress.org/trunk@22088 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-01 14:26:45 +00:00
Ryan Boren 75e64cface Reinit roles and the current user after switching the cache to the new blog in switch_to_blog() and restore_current_blog(). Props joostdekeijzer. fixes #21459
git-svn-id: http://core.svn.wordpress.org/trunk@22087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-01 14:25:31 +00:00
Ryan Boren 65c83c659a Invalidate the WP_Comment_Query:query() cache when comments are added. Switch last_changed to a counter incremented via wp_cache_incr().
fixes #22024


git-svn-id: http://core.svn.wordpress.org/trunk@22080 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-28 12:47:31 +00:00
Ryan Boren 996268ff7a Remove debug cruft. Props duck_. fixes #21003
git-svn-id: http://core.svn.wordpress.org/trunk@22079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-28 12:31:39 +00:00
Ryan Boren 75558ab270 Support meta queries in WP_Comment_Query.
Props nikolov.tmw
fixes #21003


git-svn-id: http://core.svn.wordpress.org/trunk@22074 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-27 21:53:14 +00:00
Ryan Boren 9f32de9496 Allow get_comments() to query for explicit value of comment_approved.
Props dd32, nbachiyski
fixes #21101


git-svn-id: http://core.svn.wordpress.org/trunk@22068 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-27 18:08:02 +00:00
Andrew Nacin 557d9313a7 Introduce constants to allow for easier expression of time periods in seconds. Adds MINUTE_IN_SECONDS, HOUR_IN_SECONDS, DAY_IN_SECONDS, WEEK_IN_SECONDS, YEAR_IN_SECONDS. props nbachiyski, SergeyBiryukov. fixes #20987.
git-svn-id: http://core.svn.wordpress.org/trunk@21996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 05:26:19 +00:00
Ryan Boren 6b0b49c65b Update comment_parent in wp_update_comment(). Props JustinSainton. fixes #21706
git-svn-id: http://core.svn.wordpress.org/trunk@21938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-21 12:57:26 +00:00
Ryan Boren f483a85676 Remove unnecessary return by refs. Props wonderboymusic. fixes #21839
git-svn-id: http://core.svn.wordpress.org/trunk@21792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-10 17:00:11 +00:00
Ryan Boren bd94583aaf Use get_post() instead of bare SQL in do_trackbacks(). see #21309
git-svn-id: http://core.svn.wordpress.org/trunk@21599 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-23 20:43:47 +00:00
Ryan Boren f56d8278bb Remove return ref from all calls to get_post()
Return WP_Post from get_default_post_to_edit()
Replace all calls to get_page() with get_post()
see #21309


git-svn-id: http://core.svn.wordpress.org/trunk@21597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-23 20:01:10 +00:00
Peter Westwood a8ce9af6d8 Comments: Allow the caller of get_comments() to request comments with a specific comment_approved value.
This allows for a custom comment status to be queried directly overriding the status argument.

See #21101 props nbachiyski.


git-svn-id: http://core.svn.wordpress.org/trunk@21570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-21 09:56:16 +00:00
Ryan Boren dc58551658 Add isset() check to avoid notice. Props c3mdigital. fixes #21512
git-svn-id: http://core.svn.wordpress.org/trunk@21506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-14 19:07:56 +00:00
nacin 7127ed1197 Move most instances of new WP_User to get_userdata(). see #21120.
git-svn-id: http://core.svn.wordpress.org/trunk@21413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-03 01:06:05 +00:00
nacin 9dca2c6876 Remove old code unsetting a few variables in wp-settings.php. fixes #21115.
git-svn-id: http://core.svn.wordpress.org/trunk@21186 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-29 20:57:09 +00:00
duck_ 1e76fdfb4b Accept a post object in clean_post_cache(). Fixes #20486.
The post_type can then be accessed to properly clean the taxonomy relationships cache.
The full object is useful in situations when an ID might reference a post that has been
removed from the database (e.g. wp_delete_post()).


git-svn-id: http://svn.automattic.com/wordpress/trunk@20569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-23 22:04:35 +00:00
nacin c7cf0927fc Use the metadata API rather than raw queries and direct do_action calls. see #20417.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-11 20:02:39 +00:00
ryan baf681233f Pass post_type to clean_post_cache() instead of attempting to fetch a post object since the post may have been deleted.
Props leewillis77
see #19690


git-svn-id: http://svn.automattic.com/wordpress/trunk@20423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-10 16:09:44 +00:00
ryan de41bc288b Introduce WP_User::exists(). see #20372
git-svn-id: http://svn.automattic.com/wordpress/trunk@20378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-06 19:18:45 +00:00
nacin 0730535015 Introduce $wpdb->delete(). props justindgivens, scribu. fixes #18948.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-24 15:24:31 +00:00
nacin 8199ae99aa Add $post_ID context to the pre_ping filter. props alexkingorg, devesine. fixes #18506.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20127 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-06 22:44:44 +00:00
ryan d910c26182 Pinking shears 6-20000
git-svn-id: http://svn.automattic.com/wordpress/trunk@20000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-27 19:46:52 +00:00
nacin 51cdc1719d Docs, see ##19882.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-10 22:49:56 +00:00
nacin 40ff0dafbe Allow get_comment_meta() to be called with only a comment ID, something get_metadata() allows. Same functionality as get_user_meta() and get_post_meta(). see #19882.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-10 22:44:30 +00:00
westi c54927be82 Update the documentation of wp_set_comment_status to match current functionality props solarissmoke.
The 'delete' status was removed in [11749] when the concept of a trash status was introduced for #4529.

git-svn-id: http://svn.automattic.com/wordpress/trunk@19751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-25 10:41:52 +00:00
ryan e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
ryan 83b131f8e3 User lowercase true, false, null instead of uppercase. Props c3mdigital, mfields. fixes #16302
git-svn-id: http://svn.automattic.com/wordpress/trunk@19687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:50:54 +00:00
ryan 616c35e71c One newline is enough.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:10:39 +00:00
westi c39397033a Make it possible for commenter cookies to be disabled if someone wants to by setting them on an action instead of always. Fixes #17976 props SergeyBiryukov and pishmishy .
git-svn-id: http://svn.automattic.com/wordpress/trunk@19622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-21 10:57:42 +00:00
ryan 07ff8b216b Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
markjaquith 9e80bec002 Always pass the post ID as the second argument to the the_title filter. props GaryJ. fixes #16688
git-svn-id: http://svn.automattic.com/wordpress/trunk@18907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-06 21:09:37 +00:00
duck_ a7a8d9e3e3 Use metadata API in do_all_pings() to delete post meta (cleaner, plays better with cache). Remove redundant query to retrieve meta_id. See #18196.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-01 08:38:33 +00:00
ryan 96b3575b72 Pass the query object to _close_comments_for_old_posts() so that is_singular is checked for the proper query. Props kawauso. fixes #18109
git-svn-id: http://svn.automattic.com/wordpress/trunk@18836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-30 15:35:50 +00:00
westi 2ad5ccbe7b Only close comments on old posts by default. Fixes #16090 props nacin and johnjamesjacoby.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-01 14:24:02 +00:00
nacin da2732c7de Use wp_remote_retrieve_* helper functions instead of the raw HTTP response array. props aaroncampbell, fixes #17416.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17928 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-14 19:45:07 +00:00