WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
22,126 Commits 49 Branches 747 Tags 953 MiB
Commit Graph

56 Commits

Author SHA1 Message Date
Ryan Boren 5f809d1d22 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-03-01 17:00:25 +00:00
Ryan Boren 43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-03-01 16:28:40 +00:00
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments. 
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-02-14 22:51:06 +00:00
Andrew Ozz cbd737470c Kill use of colons in class names, props SergeyBiryukov, fixes #21152 
git-svn-id: http://core.svn.wordpress.org/trunk@22396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-11-06 01:01:52 +00:00
Ryan Boren a820d7481b Handle screen arg in WP_Comments_List_Table constructor. Avoids warning when calling WP_Screen::get() later. fixes #22039 
git-svn-id: http://core.svn.wordpress.org/trunk@22085 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-09-29 10:05:15 +00:00
Andrew Nacin b821458a03 Map 'all' to no status for get_comments() in the list table. See #21101. 
git-svn-id: http://core.svn.wordpress.org/trunk@22081 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-09-28 21:46:24 +00:00
Andrew Nacin 557d9313a7 Introduce constants to allow for easier expression of time periods in seconds. Adds MINUTE_IN_SECONDS, HOUR_IN_SECONDS, DAY_IN_SECONDS, WEEK_IN_SECONDS, YEAR_IN_SECONDS. props nbachiyski, SergeyBiryukov. fixes #20987. 
git-svn-id: http://core.svn.wordpress.org/trunk@21996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-09-25 05:26:19 +00:00
Andrew Nacin 68061acf95 Add restrict_manage_comments hook. props hardy101. fixes #21344. 
git-svn-id: http://core.svn.wordpress.org/trunk@21985 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-09-24 21:23:43 +00:00
Andrew Nacin c1b0670c2d Updates and fixes to the new button styles. By default, buttons are now the same size as they were in 3.4. Then there is a smaller button (designed for minor elements) and a larger button (designed for things like Publish and Save Changes). Better focus styles. props lessbloat. see #21598. 
git-svn-id: http://core.svn.wordpress.org/trunk@21944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-09-21 19:34:23 +00:00
Daryl Koopersmith 67894a3407 New button styles. 
Using the new buttons:

* Button classes are now stackable.
* All buttons should use a base class of "button".
* Buttons default to the gray style (formerly "button-secondary"). Buttons can add a style by adding additional classes. To make a primary button, add the "button-primary" class.
* Buttons can be rendered in various sizes. In addition to the default size, you can add "button-large", "button-small", or "button-tiny".

For backwards compatibility reasons, "button-primary" and "button-secondary" both work as standalone classes.

get_submit_button() has been adjusted to handle shorthand button classes (i.e. button classes can be passed without the "button-" prefix).

props lessbloat, helenyhou, trepmal, nacin. see #21598.



git-svn-id: http://core.svn.wordpress.org/trunk@21789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-09-08 04:58:34 +00:00
Andrew Nacin d31f7b3793 Restore global references that broke the media and comment list tables. Todo, make list tables rely far less on global state. see #21309. 
git-svn-id: http://core.svn.wordpress.org/trunk@21736 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-09-04 18:23:51 +00:00
Ryan Boren cfb35a9d85 Use get_post() instead of global $post. 
Make the $post argument to get_post() optional, defaulting to the current post in The Loop.

Props nacin
see #21309


git-svn-id: http://core.svn.wordpress.org/trunk@21735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-09-04 16:29:28 +00:00
ryan 73addbbd24 More screen reader text for list table checkboxes and theme install search. Props MikeLittle, SergeyBiryukov. see #21325 
git-svn-id: http://core.svn.wordpress.org/trunk@21323 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-07-25 16:18:14 +00:00
ryan c36145c9aa Add screen reader text to checkboxes in list tables. Props MikeLittle, nacin. see #21325 
git-svn-id: http://core.svn.wordpress.org/trunk@21317 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-07-24 18:01:22 +00:00
duck_ 9e8ebc70f1 Remove "Approve" bulk action when viewing spam comments as it isn't shown in the row actions. Props russellwwest. Fixes #20123. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@20533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-04-19 14:00:44 +00:00
duck_ 3738a692a3 Make comment type filter persist across views (e.g. approved, spam) of the list of comments. Fixes #20281. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@20350 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-04-04 17:36:23 +00:00
nacin ed3a628088 'No comments awaiting moderation.' props demetris. fixes #15689. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19723 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-09 19:53:51 +00:00
ryan e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-08 17:01:11 +00:00
ryan 7f10cf4814 Don't show edit links for spam comments. Props DH-Shredder. fixes #18340 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19296 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-11-15 14:02:42 +00:00
ryan 401c841c93 Use 'View Post' instead of '#' for view post links in comment rows. Props SergeyBiryukov. fixes #18846 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-10-03 14:03:01 +00:00
westi ca0474c9fb Fix the action links broken by [18594]. Fixes #18447. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18599 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-25 08:05:15 +00:00
westi 633f13ca72 End each row with a new line to make the raw HTML easier to read. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-24 11:13:33 +00:00
westi 6afa141b4e Include all comment css classes when outputing the rows in the Comments admin page to allow for easy customisation by plugins. Fixes #18447 props josephscott. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-24 11:12:07 +00:00
ryan eb825b2b40 Remove duplicate IDs before passing comment post IDs to get_pending_comments_num() 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-05-25 17:36:26 +00:00
ryan 04487fc268 Constructor cleanup. Props ocean90. fixes #16768 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-04-29 20:05:12 +00:00
ryan 5385398e76 Remove debug cruft. Props markmcwilliams. fixes #15530 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-02-03 20:00:21 +00:00
ryan 862b5e4da7 Update counts and pagination when trashing and moderating comments. Props garyc40, koopersmith, mdawaffe, nacin. fixes #15530 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-01-22 18:47:42 +00:00
nacin a1d3c1c62a Global comment_type in WP_Comments_List_Table::prepare_items(). props jorbin, fixes #16344. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17350 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-01-22 18:27:04 +00:00
nacin 19efd03fe8 Use only an ID, no name, on the 'Filter' buttons on list screens. see #16345. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-01-22 18:25:32 +00:00
markjaquith 47c8008257 Fix the comments "river." issue 9. props garyc40. see #16262 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17344 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-01-21 21:17:12 +00:00
nacin 37075f7f71 Remove AJAX from list tables. first pass. see #16262. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-01-16 21:47:24 +00:00
nacin f5cdbd1ded Add nonces to instances where the list table display() method is overridden. see #16188. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-01-11 22:42:22 +00:00
ryan 85f1feed84 Bring out the shears. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-01-06 04:11:14 +00:00
ryan 9b3c2a5db3 Hard limit to 10 comments on edit post screen. Props greuben. fixes #15998 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-29 15:58:46 +00:00
ryan edc2f694ad Fix comment manipulation on edit post screen. Props garyc40. fixes #15876 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-22 19:03:43 +00:00
markjaquith b9a7bb4bc7 Display placeholder when no comments found. props garyc40. fixes #15937 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-21 17:34:29 +00:00
scribu 5fce5c6d14 Always display the table, with a placeholder row when there are no items. Fixes #15849 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-16 19:05:14 +00:00
nacin a189f21c45 Replace check_permissions() with ajax_user_can(). New method returns true/false to current_user_can(), which we then handle in admin ajax. see #15326. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-16 09:18:28 +00:00
scribu e6d0e7a509 Fix error when trashing a comment on the last page. Props garyc40. Fixes #15500 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-14 11:53:31 +00:00
ryan 3949ce12d0 Pink trailing whites. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-13 21:21:50 +00:00
scribu 3bf4bab66a Fix strange JS error when trashing a comment. Props greuben. Fixes #15746 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-09 14:16:35 +00:00
scribu 6eff593e14 Get rid of in favor of . Fixes #15607. See #15580 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16617 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-29 20:15:04 +00:00
scribu 94e36009c7 Make comment content column unsortable. See #15580 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16588 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-25 18:45:28 +00:00
westi dc79a67932 Error suppression is lame! 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16565 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-24 11:19:23 +00:00
markjaquith 6482610f9a esc_textarea() and application for obvious textarea escaping. props alexkingorg. fixes #15454 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16431 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-17 17:12:01 +00:00
scribu 14fa85ba94 Make submitted-on a class instead of an id. Fixes #15426 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-14 20:28:55 +00:00
scribu e1c3e15de4 Fix post comments box and remove unused 'add-comment' ajax action. See #15338 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16371 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-14 18:19:45 +00:00
scribu 68981ccac4 Add back 'Submitted on ' text. Props zeo. See #14579 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-13 20:58:39 +00:00
scribu e875f0f5da Fix 'response' column title. Props zeo. See #14579 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-13 20:53:21 +00:00
scribu 3d8f4b6b2e Use get_current_screen() in list table classes. Fixes #15338 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-08 15:43:44 +00:00