John Blackbourn
|
d8e9c02011
|
Hardening: Use a properly generated hash for the `newbloguser` key instead of a determinate substring.
Merges [42258] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@42304
git-svn-id: http://core.svn.wordpress.org/branches/3.9@42133 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-11-29 16:40:50 +00:00 |
Gary Pendergast
|
76ec03176d
|
Bump 3.9 branch to version 3.9.21.
Built from https://develop.svn.wordpress.org/branches/3.9@42078
git-svn-id: http://core.svn.wordpress.org/branches/3.9@41907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-10-31 13:45:15 +00:00 |
Dominik Schilling
|
ee47cb6d42
|
Users: Use correct escaping function for URLs.
Merge of [41522] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@41532
git-svn-id: http://core.svn.wordpress.org/branches/3.9@41365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-09-19 21:40:14 +00:00 |
Aaron Campbell
|
79224df81a
|
Bump 3.9 branch to version 3.9.20.
Built from https://develop.svn.wordpress.org/branches/3.9@41519
git-svn-id: http://core.svn.wordpress.org/branches/3.9@41352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-09-19 20:13:15 +00:00 |
John Blackbourn
|
f5db1e4375
|
Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues.
Merges [41457] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@41467
git-svn-id: http://core.svn.wordpress.org/branches/3.9@41300 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-09-19 14:45:15 +00:00 |
John Blackbourn
|
d46699267b
|
General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area.
Merges [41434] with changes to the 3.9 branch.
See #13377
Built from https://develop.svn.wordpress.org/branches/3.9@41449
git-svn-id: http://core.svn.wordpress.org/branches/3.9@41282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-09-19 13:44:15 +00:00 |
Dominik Schilling
|
0237d2915a
|
Users: Provide a fallback for incorrect HTTP referrers.
Merge of [41398] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@41426
git-svn-id: http://core.svn.wordpress.org/branches/3.9@41259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-09-19 11:15:31 +00:00 |
Aaron Campbell
|
66aaaa6aa8
|
Bump 3.9 branch to version 3.9.19.
Built from https://develop.svn.wordpress.org/branches/3.9@40756
git-svn-id: http://core.svn.wordpress.org/branches/3.9@40614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-05-16 21:53:55 +00:00 |
Aaron Campbell
|
700dd168fd
|
Add nonce for updating file system credentials.
Merges [40723] to 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@40732
git-svn-id: http://core.svn.wordpress.org/branches/3.9@40590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-05-16 14:57:32 +00:00 |
Dominik Schilling
|
9febffc6f7
|
Customize: Ignore invalid customization sessions.
Merge of [40704] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@40713
git-svn-id: http://core.svn.wordpress.org/branches/3.9@40576 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-05-16 12:21:15 +00:00 |
Pascal Birchler
|
063e974bd7
|
Bump 3.9 branch to version 3.9.18.
Built from https://develop.svn.wordpress.org/branches/3.9@40495
git-svn-id: http://core.svn.wordpress.org/branches/3.9@40371 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-04-20 16:28:15 +00:00 |
Pascal Birchler
|
a05429ecd1
|
Fix broken audio/video functions when sanitizing ID3 data
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.
See #40075, #40085.
Merges [40400] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@40468
git-svn-id: http://core.svn.wordpress.org/branches/3.9@40344 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-04-17 13:34:16 +00:00 |
James Nylen
|
f2ef35f4a9
|
Bump 3.9 branch to version 3.9.17.
Built from https://develop.svn.wordpress.org/branches/3.9@40210
git-svn-id: http://core.svn.wordpress.org/branches/3.9@40149 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-03-06 16:42:15 +00:00 |
Aaron Campbell
|
fcec9ed6ff
|
Plugins: Add file check to plugin deletions.
Merges [40169] to 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@40178
git-svn-id: http://core.svn.wordpress.org/branches/3.9@40117 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-03-06 13:05:15 +00:00 |
Jeremy Felt
|
ca488f141f
|
Validate video and audio metadata.
Merge of [40148] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@40157
git-svn-id: http://core.svn.wordpress.org/branches/3.9@40096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-03-06 08:12:16 +00:00 |
Aaron Campbell
|
946d349b71
|
Bump 3.9 branch to version 3.9.16.
Built from https://develop.svn.wordpress.org/branches/3.9@40004
git-svn-id: http://core.svn.wordpress.org/branches/3.9@39941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-01-26 18:29:15 +00:00 |
John Blackbourn
|
6e66a60c3c
|
Posts, Post Types: When using Excerpt mode on the Posts list table, ensure the excerpt output matches what was manually entered into the Excerpt field.
Merges [39956] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@39987
git-svn-id: http://core.svn.wordpress.org/branches/3.9@39924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-01-26 14:20:15 +00:00 |
Dominik Schilling
|
a81be45d5d
|
Press This: Do not show Categories & Tags UI for users who cannot assign terms to posts anyways.
Merge of [39968] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@39979
git-svn-id: http://core.svn.wordpress.org/branches/3.9@39916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-01-26 14:14:58 +00:00 |
Aaron Campbell
|
ec5bf14855
|
Bump 3.9 branch to version 3.9.15.
Built from https://develop.svn.wordpress.org/branches/3.9@39868
git-svn-id: http://core.svn.wordpress.org/branches/3.9@39805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-01-11 16:59:32 +00:00 |
Dominik Schilling
|
95c2ed6e0d
|
Updates: Translate plugin data on the Updates screen.
Merge of [39808] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@39828
git-svn-id: http://core.svn.wordpress.org/branches/3.9@39766 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-01-11 11:43:22 +00:00 |
Aaron Campbell
|
1db0b6e251
|
Add nonce for widget accessibility mode.
Props vortfu.
See #23328.
Merges [39765] to 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@39769
git-svn-id: http://core.svn.wordpress.org/branches/3.9@39707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-01-11 01:52:15 +00:00 |
Joe McGill
|
57383c5143
|
Media: Improved media titles when created from filename.
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.
Merge of [38615] to the 3.9 branch.
Fixes #37989.
Built from https://develop.svn.wordpress.org/branches/3.9@39717
git-svn-id: http://core.svn.wordpress.org/branches/3.9@39657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2017-01-06 22:01:57 +00:00 |
Jeremy Felt
|
ca27550a35
|
Bump 3.9 branch to 3.9.14.
Built from https://develop.svn.wordpress.org/branches/3.9@38556
git-svn-id: http://core.svn.wordpress.org/branches/3.9@38499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-09-07 15:02:18 +00:00 |
Jeremy Felt
|
cc80d2c131
|
Media: Sanitize upload filename.
Merge of [38538] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@38546
git-svn-id: http://core.svn.wordpress.org/branches/3.9@38489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-09-07 14:00:34 +00:00 |
Pascal Birchler
|
391fa0940c
|
Upgrade/Install: Sanitize file name in `File_Upload_Upgrader`.
Merge of [38524] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@38532
git-svn-id: http://core.svn.wordpress.org/branches/3.9@38473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-09-06 18:03:16 +00:00 |
Boone Gorges
|
41276a8b92
|
Bump 3.9 branch to 3.9.13.
Built from https://develop.svn.wordpress.org/branches/3.9@37834
git-svn-id: http://core.svn.wordpress.org/branches/3.9@37799 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-06-21 16:44:14 +00:00 |
Nikolay Bachiyski
|
9858249ed9
|
Admin: escape URL-encoded permalinks
Merge of [37801] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@37820
git-svn-id: http://core.svn.wordpress.org/branches/3.9@37785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-06-21 14:58:32 +00:00 |
Rachel Baker
|
5d8157a774
|
Revisions: Change the capability needed to view revision diffs to `edit_post`.
Merge of [37779] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@37803
git-svn-id: http://core.svn.wordpress.org/branches/3.9@37768 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-06-21 14:48:15 +00:00 |
Boone Gorges
|
e3098a4983
|
Taxonomy: More specific cap check when processing category data on post save.
Ports [37691] to the 3.9 branch.
Props dlh.
Fixes #36379.
Built from https://develop.svn.wordpress.org/branches/3.9@37784
git-svn-id: http://core.svn.wordpress.org/branches/3.9@37749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-06-21 14:23:58 +00:00 |
Dominik Schilling
|
3c90ea60d9
|
Customize: Make sure that preview and return URLs are URLs.
Merge of [37527] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@37777
git-svn-id: http://core.svn.wordpress.org/branches/3.9@37742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-06-21 14:21:50 +00:00 |
Dominik Schilling
|
7f38e9a815
|
Bump 3.9 branch to 3.9.12.
Built from https://develop.svn.wordpress.org/branches/3.9@37390
git-svn-id: http://core.svn.wordpress.org/branches/3.9@37356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-05-06 18:15:30 +00:00 |
Jeremy Felt
|
594a9e14e7
|
Multisite: Improve escaping in network settings.
Merge of [37124] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@37130
git-svn-id: http://core.svn.wordpress.org/branches/3.9@37097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-03-30 16:06:14 +00:00 |
Dominik Schilling
|
ba70965edc
|
Multisite: Validate new email address confirmations.
Merge of [37103] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@37109
git-svn-id: http://core.svn.wordpress.org/branches/3.9@37076 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-03-30 14:51:15 +00:00 |
Dominik Schilling
|
ea26079cde
|
Bump 3.9 branch to 3.9.11.
Built from https://develop.svn.wordpress.org/branches/3.9@36460
git-svn-id: http://core.svn.wordpress.org/branches/3.9@36427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-02-02 17:30:14 +00:00 |
Dominik Schilling
|
97a834aaab
|
Bump 3.9 branch to 3.9.10.
Built from https://develop.svn.wordpress.org/branches/3.9@36201
git-svn-id: http://core.svn.wordpress.org/branches/3.9@36168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2016-01-06 18:51:14 +00:00 |
Helen Hou-Sandí
|
831baf7b04
|
Bump 3.9 branch to 3.9.9.
Built from https://develop.svn.wordpress.org/branches/3.9@34185
git-svn-id: http://core.svn.wordpress.org/branches/3.9@34153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-09-15 14:29:45 +00:00 |
Dominik Schilling
|
fdc6949e64
|
XMLRPC: Don't allow private posts to be sticky.
Merge of [33325], [33612], and [34135] to the 3.9 branch.
See #20662.
Built from https://develop.svn.wordpress.org/branches/3.9@34155
git-svn-id: http://core.svn.wordpress.org/branches/3.9@34123 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-09-14 23:02:14 +00:00 |
Nikolay Bachiyski
|
0c61562bf5
|
List tables: escape user e-mails
Merges [34133] for 3.9 branch
Built from https://develop.svn.wordpress.org/branches/3.9@34141
git-svn-id: http://core.svn.wordpress.org/branches/3.9@34109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-09-14 22:44:14 +00:00 |
Dominik Schilling
|
fc3a293811
|
Bump 3.9 branch to version 3.9.8.
Built from https://develop.svn.wordpress.org/branches/3.9@33570
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33537 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-08-04 11:40:14 +00:00 |
Dominik Schilling
|
8417706532
|
Heartbeat: Ensure post locks are released.
Merge of [33542] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33546
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-08-04 04:56:06 +00:00 |
Gary Pendergast
|
9641009151
|
Bump 3.9 branch to version 3.9.7.
Built from https://develop.svn.wordpress.org/branches/3.9@33398
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-07-23 11:08:13 +00:00 |
Gary Pendergast
|
c5eb54f359
|
Capabilities: When creating an auto-draft, ensure that the current user still has permission to do so.
Merge of [33357] to the 3.9 branch.
Built from https://develop.svn.wordpress.org/branches/3.9@33377
git-svn-id: http://core.svn.wordpress.org/branches/3.9@33348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-07-23 04:12:14 +00:00 |
Dominik Schilling
|
98037bb876
|
3.9.6 version bumps.
Built from https://develop.svn.wordpress.org/branches/3.9@32437
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-05-06 23:30:15 +00:00 |
Michael Adams
|
d4608a9fe5
|
Upgrade: `$wpdb->get_col_length()` sanity check: bail on unexpected return value.
Merges [32429] for the 3.9 branch.
See #32165.
Built from https://develop.svn.wordpress.org/branches/3.9@32433
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-05-06 23:14:15 +00:00 |
Michael Adams
|
464ce8a75f
|
Upgrade: Ensure unintelligible DB schemas don't result in content loss.
Merge of [32417] to the 3.9 branch.
See #32165.
Props ocean90.
Built from https://develop.svn.wordpress.org/branches/3.9@32421
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-05-06 21:53:15 +00:00 |
Aaron Jorbin
|
96890b155a
|
Remove debugging comments from [32408]
Built from https://develop.svn.wordpress.org/branches/3.9@32409
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32379 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-05-06 20:30:15 +00:00 |
Aaron Jorbin
|
fbb0252a46
|
When upgrading WordPress remove genericons example.html files
[32385] for 3.9 branch
Props @dd32, @boonebgorges, @johnjamesjacoby, @drewapicture, @jorbin
Built from https://develop.svn.wordpress.org/branches/3.9@32408
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-05-06 20:20:14 +00:00 |
Michael Adams
|
1c86df8bbf
|
WPDB: When checking that a string can be sent to MySQL, we shouldn't use `mb_convert_encoding()`, as it behaves differently to MySQL's character encoding conversion.
Merge of [32364] to the 3.9 branch.
Props mdawaffe, pento, nbachiyski, jorbin, johnjamesjacoby, jeremyfelt.
See #32165.
Built from https://develop.svn.wordpress.org/branches/3.9@32389
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32359 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-05-06 19:12:16 +00:00 |
Michael Adams
|
10be03b2d7
|
3.9:
- WPDB: Sanity check that any strings being stored in the DB are not too long to store correctly.
- When upgrading, remove any suspicious comments.
Built from https://develop.svn.wordpress.org/branches/3.9@32316
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-04-27 18:30:15 +00:00 |
Helen Hou-Sandí
|
67a0654bcb
|
The 3.9 branch is now 3.9.5.
Built from https://develop.svn.wordpress.org/branches/3.9@32284
git-svn-id: http://core.svn.wordpress.org/branches/3.9@32255 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2015-04-23 21:35:52 +00:00 |