Commit Graph

37 Commits

Author SHA1 Message Date
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
ryan 85304c2dc7 Introduce term_is_ancestor_of(). Finish taxonomy support for wp_insert_category(). Props garyc40. fixes #15581
git-svn-id: http://svn.automattic.com/wordpress/trunk@19678 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-04 22:44:19 +00:00
ryan 07ff8b216b Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
nacin e1eec3925a More @since. props SergeyBiryukov, fixes #15445.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-20 09:25:21 +00:00
ryan 3f72e340d6 Update since phpdoc. Props demetris. fixes #15445
git-svn-id: http://svn.automattic.com/wordpress/trunk@16660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-01 19:24:38 +00:00
nacin 69b3167678 Revert [15688], [15689], [15691]. Try again in 3.2. see #14966.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-22 17:17:26 +00:00
nacin c6ff4fbaa9 Have wp_delete_category wrap wp_delete_term. Move wp_delete_category into wp-includes scope for consistency. fixes #15008, props blepoxp.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-03 07:29:44 +00:00
nacin 4e666d5d44 Move some post and taxonomy functions from admin/includes to wp-includes in preparation for QuickPress template tag. Moves get_tags_to_edit, get_terms_to_edit, get_default_post_to_edit, media_buttons, _media_button, get_upload_iframe_src. Also introduce get_media_buttons as a wrapper for media_buttons. props jorbin, see #14966.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15688 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-03 02:58:59 +00:00
ryan c614b6d0a2 Deprecate is_term, is_taxonomy, is_post_type for *_exists(). Props nacin. fixes #13747
git-svn-id: http://svn.automattic.com/wordpress/trunk@15220 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-06-11 15:53:41 +00:00
dd32 b9c22a4e91 PHPDocs update. Props miqrogroove. See #12422
git-svn-id: http://svn.automattic.com/wordpress/trunk@13482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-28 03:18:40 +00:00
dd32 34cc6ab57e Merge Categories/Hierarchical taxonomies into edit-tags.php. See #11838
git-svn-id: http://svn.automattic.com/wordpress/trunk@12818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-24 11:00:27 +00:00
ryan 58d3776667 Show custom hierarchical taxonomies in the menus. Props dd32. see #11838
git-svn-id: http://svn.automattic.com/wordpress/trunk@12694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-11 19:27:44 +00:00
ryan 26ade42134 Pass parent to category_exists(). Props thetoine. fixes #11825
git-svn-id: http://svn.automattic.com/wordpress/trunk@12662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-08 17:58:13 +00:00
markjaquith 6c2ffddf31 _a(), _ea(), _xa(), attr() are now esc_attr__(), esc_attr_e(), esc_attr_x(), esc_attr() -- still short, but less cryptic. see #9650
git-svn-id: http://svn.automattic.com/wordpress/trunk@11204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-05 19:43:53 +00:00
ryan 2d489767bb s/attribute_escape/attr/. see #9650
git-svn-id: http://svn.automattic.com/wordpress/trunk@11109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-28 05:58:45 +00:00
ryan 8362ffda5c Remove deubg
git-svn-id: http://svn.automattic.com/wordpress/trunk@10906 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-10 21:18:58 +00:00
ryan 6f431038f2 Add option to check if term exists with given parent. Update ajax add-cat check to pass parent when checking if cat exists.
git-svn-id: http://svn.automattic.com/wordpress/trunk@10905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-10 20:58:25 +00:00
ryan e8b6fe7347 Trim trailing whitespace
git-svn-id: http://svn.automattic.com/wordpress/trunk@10810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-03-18 02:43:45 +00:00
ryan 8a8ac376bf Allow muliple tag-like taxonomies in the post editor. see #6387
git-svn-id: http://svn.automattic.com/wordpress/trunk@10222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-12-18 19:12:26 +00:00
ryan 0a8415ae7a Warning fixes
git-svn-id: http://svn.automattic.com/wordpress/trunk@9481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-11-02 23:52:49 +00:00
ryan 5fd146865b phpdoc for wp-admin/includes from jacobsantos. see #7527
git-svn-id: http://svn.automattic.com/wordpress/trunk@9053 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-10-02 01:03:26 +00:00
ryan 2a22782bb0 Fix tag duplication when saving posts with multiple tags that have custom slugs. Props mtekk and count_0. fixes #6593 see #6313
git-svn-id: http://svn.automattic.com/wordpress/trunk@8603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-09 17:13:40 +00:00
ryan 938f29414f Use array calling style. see #6647
git-svn-id: http://svn.automattic.com/wordpress/trunk@7911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-05-08 19:19:58 +00:00
ryan a4589fb866 Make sure cat parents are >= 0. see #6305
git-svn-id: http://svn.automattic.com/wordpress/trunk@7483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-03-23 01:10:46 +00:00
ryan c81a649596 Parse default args and return WP_Error for emprt cat name in wp_insert_category.
git-svn-id: http://svn.automattic.com/wordpress/trunk@7423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-03-20 20:19:25 +00:00
ryan dce0978cee Notice fixes from nbachiyski. fixes #5961
git-svn-id: http://svn.automattic.com/wordpress/trunk@6983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-02-22 17:43:56 +00:00
matt 16d42d6ee7 New experimental category interface, fixes #5618. Hat tip: mdawaffe.
git-svn-id: http://svn.automattic.com/wordpress/trunk@6588 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-01-10 09:39:35 +00:00
ryan 2283075a92 Remove unused variables. Props DD32. see #5418
git-svn-id: http://svn.automattic.com/wordpress/trunk@6363 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-12-06 06:37:30 +00:00
ryan 26cd478bb7 Output WP_Error message when adding categories via AJAX. fixes #5342
git-svn-id: http://svn.automattic.com/wordpress/trunk@6329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-11-12 19:12:49 +00:00
ryan 683db28b4c Term with slug that conflicts with existing term with different parent gets a new term entry with a unique slug. see #5034
git-svn-id: http://svn.automattic.com/wordpress/trunk@6157 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-09-22 18:01:08 +00:00
ryan 321c310717 Remove trailing whitespace
git-svn-id: http://svn.automattic.com/wordpress/trunk@6026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-09-03 23:32:58 +00:00
ryan 51b6d6f6ea Don't pass cat as ref. Fix some term sanitization. fixes #4702
git-svn-id: http://svn.automattic.com/wordpress/trunk@5938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-08-24 18:41:01 +00:00
ryan e7890261e5 EXTR_SKIP. See #4468
git-svn-id: http://svn.automattic.com/wordpress/trunk@5712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-06-15 17:30:37 +00:00
ryan d2188a7dde Fix category renaming. fixes #4415 see #4189
git-svn-id: http://svn.automattic.com/wordpress/trunk@5659 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-06-06 16:12:02 +00:00
ryan 4214428322 Separate AJAX cat adder into post and link flavors. see #4189
git-svn-id: http://svn.automattic.com/wordpress/trunk@5637 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-06-02 02:53:09 +00:00
ryan 8e547a3677 attribute_escape()s and int casts. see #4333
git-svn-id: http://svn.automattic.com/wordpress/trunk@5543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-05-25 09:41:04 +00:00
ryan 770613e763 Admin includes reorg. see #4334
git-svn-id: http://svn.automattic.com/wordpress/trunk@5542 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-05-25 07:16:21 +00:00