WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
36,196 Commits 50 Branches 749 Tags 982 MiB
Commit Graph

16229 Commits

Author SHA1 Message Date
whyisjake 9b67830c05 General: WordPress updates 
* XML-RPC: Improve error messages for unprivileged users.
* External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
* Embeds: Disable embeds on deactivated Multisite sites.
* Coding standards: Modify escaping functions to avoid potential false positives.
* XML-RPC: Return error message if attachment ID is incorrect.
* Upgrade/install: Improve logic check when determining installation status.
* Meta: Sanitize meta key before checking protection status.
* Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.

Brings the changes from [49380,49382-49388] to the 4.7 branch.

Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.

Built from https://develop.svn.wordpress.org/branches/4.7@49399


git-svn-id: http://core.svn.wordpress.org/branches/4.7@49158 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-10-29 18:57:24 +00:00
Sergey Biryukov 2353b610e9 Administration: Pass the result of `set-screen-option` filter to the new `set_screen_option_{$option}` filter to ensure backward compatibility. 
Rename the `$keep` parameter of both filters to `$screen_option` for clarity, update the documentation to better reflect its purpose.

Follow-up to [47951].

Props Chouby, sswells, SergeyBiryukov.
Merges [48241] to the 4.7 branch.
Fixes #50392.
Built from https://develop.svn.wordpress.org/branches/4.7@48251


git-svn-id: http://core.svn.wordpress.org/branches/4.7@48020 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-07-01 09:51:10 +00:00
desrosj 62593e3f73 WordPress 4.7.18. 
Built from https://develop.svn.wordpress.org/branches/4.7@47996


git-svn-id: http://core.svn.wordpress.org/branches/4.7@47764 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-06-10 21:37:49 +00:00
whyisjake e8b6c5c329 General: Backport several commits for release. 
- Embeds: Ensure that the title attribute is set correctly on embeds.
- Editor: Prevent HTML decoding on by setting the proper editor context.
- Formatting: Ensure that wp_validate_redirect() sanitizes a wider variety of characters.
- Themes: Ensure a broken theme name is returned properly.
- Administration: Add a new filter to extend set-screen-option.

Merges [47947-47951] to the 4.7 branch.

Props xknown, sstoqnov, vortfu, SergeyBiryukov, whyisjake.

Built from https://develop.svn.wordpress.org/branches/4.7@47978


git-svn-id: http://core.svn.wordpress.org/branches/4.7@47747 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-06-10 18:56:20 +00:00
Sergey Biryukov 31561a4a82 Update the About page for WordPress 4.7.17 
Built from https://develop.svn.wordpress.org/branches/4.7@47697


git-svn-id: http://core.svn.wordpress.org/branches/4.7@47474 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-04-29 18:34:45 +00:00
Sergey Biryukov f2b4026b21 WordPress 4.7.16 
Built from https://develop.svn.wordpress.org/branches/4.7@46926


git-svn-id: http://core.svn.wordpress.org/branches/4.7@46726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-12-12 20:28:44 +00:00
desrosj eb11d89736 WordPress 4.7.15. 
Built from https://develop.svn.wordpress.org/branches/4.7@46513


git-svn-id: http://core.svn.wordpress.org/branches/4.7@46310 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-10-14 20:10:15 +00:00
desrosj 1f06c6044e WordPress 4.7.14. 
Built from https://develop.svn.wordpress.org/branches/4.7@46041


git-svn-id: http://core.svn.wordpress.org/branches/4.7@45853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-04 22:05:08 +00:00
Sergey Biryukov ac5e918526 Escape the output in `wp_ajax_upload_attachment()`. 
Merges [45936] to the 4.7 branch.
Props whyisjake, sstoqnov.
Built from https://develop.svn.wordpress.org/branches/4.7@45947


git-svn-id: http://core.svn.wordpress.org/branches/4.7@45758 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-04 16:35:47 +00:00
Gary Pendergast c1d8f3c319 WordPress 4.7.13 
Built from https://develop.svn.wordpress.org/branches/4.7@44872


git-svn-id: http://core.svn.wordpress.org/branches/4.7@44703 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-13 01:13:22 +00:00
Sergey Biryukov c088a3b025 Comments: Improve comment content filtering. 
Merges [44842] to the 4.7 branch.
Built from https://develop.svn.wordpress.org/branches/4.7@44847


git-svn-id: http://core.svn.wordpress.org/branches/4.7@44679 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-12 22:36:22 +00:00
Jeremy Felt f646b1a559 Bump 4.7 branch to version 4.7.12. 
Built from https://develop.svn.wordpress.org/branches/4.7@44080


git-svn-id: http://core.svn.wordpress.org/branches/4.7@43910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 02:13:42 +00:00
Gary Pendergast 6f9a887644 Editor: Remove unwanted fields before saving posts. 
The `meta_input`, `file`, and `guid` fields are not intended to be updated through user input.

Merges [44047] to the 4.7 branch.


Built from https://develop.svn.wordpress.org/branches/4.7@44056


git-svn-id: http://core.svn.wordpress.org/branches/4.7@43886 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 01:41:22 +00:00
Peter Wilson 51631c8f07 Multisite: Validate activation links. 
Merges [44048] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@44054


git-svn-id: http://core.svn.wordpress.org/branches/4.7@43884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 01:39:22 +00:00
Aaron Campbell c7498304f3 Bump 4.7 branch to version 4.7.11 
Built from https://develop.svn.wordpress.org/branches/4.7@43409


git-svn-id: http://core.svn.wordpress.org/branches/4.7@43237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-07-05 16:11:43 +00:00
Aaron Campbell cf0f4c6d2c Bump 4.7 branch to version 4.7.10 
Built from https://develop.svn.wordpress.org/branches/4.7@42935


git-svn-id: http://core.svn.wordpress.org/branches/4.7@42765 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-04-03 20:27:32 +00:00
Dion Hulse b631c9a667 Bump the 4.7 branch to 4.7.9. 
Built from https://develop.svn.wordpress.org/branches/4.7@42496


git-svn-id: http://core.svn.wordpress.org/branches/4.7@42325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 21:40:05 +00:00
Dion Hulse 7949731503 External Libraries: Remove unnecessary / obsoleted MediaElement.js files. 
Merges [42478] to the 4.7 branch.
Fixes #42720 for 4.7.

Built from https://develop.svn.wordpress.org/branches/4.7@42479


git-svn-id: http://core.svn.wordpress.org/branches/4.7@42308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 08:05:38 +00:00
Dion Hulse 5c6ad6022c Upgrade: When deleting old files, if deletion fails attempt to empty the file instead. 
Props joemcgill, dd32.
Merges [42434] to the 4.7 branch.
Fixes #42963 for 4.7.

Built from https://develop.svn.wordpress.org/branches/4.7@42467


git-svn-id: http://core.svn.wordpress.org/branches/4.7@42296 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 06:54:06 +00:00
John Blackbourn 5abbd8a7b5 Bump 4.7 branch to 4.7.8. 
Built from https://develop.svn.wordpress.org/branches/4.7@42318


git-svn-id: http://core.svn.wordpress.org/branches/4.7@42147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-11-29 18:58:34 +00:00
John Blackbourn 547fd42bfe Hardening: Use a properly generated hash for the `newbloguser` key instead of a determinate substring. 
Merges [42258] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@42272


git-svn-id: http://core.svn.wordpress.org/branches/4.7@42101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-11-29 16:17:35 +00:00
Gary Pendergast b14e1b3d42 Bump 4.7 branch to version 4.7.7. 
Built from https://develop.svn.wordpress.org/branches/4.7@42070


git-svn-id: http://core.svn.wordpress.org/branches/4.7@41899 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-31 13:13:33 +00:00
Dominik Schilling 0a70974b31 Taxonomy/Users: Use correct escaping function for URLs. 
Merge of [41522] to the 4.7 branch.
Built from https://develop.svn.wordpress.org/branches/4.7@41524


git-svn-id: http://core.svn.wordpress.org/branches/4.7@41357 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 21:21:35 +00:00
Dominik Schilling f920f99c1c Bump 4.7 branch to version 4.7.6. 
Built from https://develop.svn.wordpress.org/branches/4.7@41511


git-svn-id: http://core.svn.wordpress.org/branches/4.7@41344 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 19:56:36 +00:00
Dominik Schilling ec72da84f3 Bump 4.7 branch to version 4.7.3. 
Built from https://develop.svn.wordpress.org/branches/4.7@41510


git-svn-id: http://core.svn.wordpress.org/branches/4.7@41343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 19:51:32 +00:00
John Blackbourn 2915a1c876 Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues. 
Merges [41457] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@41459


git-svn-id: http://core.svn.wordpress.org/branches/4.7@41292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 14:38:34 +00:00
Dominik Schilling a0af012ed0 Taxonomy/Users: Provide a fallback for incorrect HTTP referrers. 
Merge of [41398] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@41418


git-svn-id: http://core.svn.wordpress.org/branches/4.7@41251 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 11:12:08 +00:00
John Blackbourn 7c8fbd2966 General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area. 
Merges [41412] to the 4.7 branch

See #13377

Built from https://develop.svn.wordpress.org/branches/4.7@41413


git-svn-id: http://core.svn.wordpress.org/branches/4.7@41246 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 10:21:48 +00:00
Aaron Campbell 9fad803761 Bump 4.7 branch to version 4.7.5. 
Built from https://develop.svn.wordpress.org/branches/4.7@40748


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40606 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 21:48:33 +00:00
Aaron Campbell a86f61290e Add nonce for updating file system credentials. 
Merges [40723] to 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40724


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 14:51:35 +00:00
Dominik Schilling 2d7fa9d0dc Customize: Ignore invalid customization sessions. 
Merge of [40704] to the 4.7 branch.
Built from https://develop.svn.wordpress.org/branches/4.7@40705


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 12:14:35 +00:00
Dion Hulse 0516c67beb List Tables: After [38703], [38706], and [40118], adjust the jQuery selector to make the selection of a range of checkboxes work again. 
Unprop afercia.
Merges [40268] to the 4.7 branch.
Fixes #40056.

Built from https://develop.svn.wordpress.org/branches/4.7@40512


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-21 07:36:37 +00:00
Pascal Birchler 8cf8ada93d Bump 4.7 branch to version 4.7.4. 
Built from https://develop.svn.wordpress.org/branches/4.7@40487


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40363 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-20 16:21:36 +00:00
Pascal Birchler d9681fd881 Fix broken audio/video functions when sanitizing ID3 data 
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

Fixes #40075, #40085.

Merges [40400] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40460


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40336 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-17 13:00:35 +00:00
Pascal Birchler 3623849a05 Customize: Verify availability of `history.replaceState` (in IE9) before attempting to populate `changeset_uuid` parameter. 
Props westonruter, timmydcrawford for testing.
Amends [39686].
See #39227.
Fixes #40405.

Merges[40405] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40420


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40318 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-13 12:32:35 +00:00
Pascal Birchler 6736569b43 Customize: Auto-expand a widget area section when expanding the Widgets panel if there is only one registered sidebar and it is active. 
Introduces WP_Customize_Panel::$auto_expand_sole_section property which allows panels to opt-in to the behavior, which the Widgets panel is made to do by default.

Props delawski, westonruter, melchoyce.
Fixes #37471.

Merges [40395] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40402


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40309 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-10 12:36:34 +00:00
Pascal Birchler df7c706b34 Customize: Fix behavior of clicking Delete Menu link and keep available nav menu items panel open when doing bulk deletion. 
Props maguiar, adamsilverstein for testing.
Amends [39548].
Fixes #38953.

Merges [40396] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40401


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-10 12:29:38 +00:00
Pascal Birchler 0a91666a7e Customize: Fix reversal of nav menu item's `type` and `object` properties for 
page stub added in customizer.

Amends [38906].
See #38164.
Fixes #40277.

Merges [40380] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40383


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-06 17:18:36 +00:00
Pascal Birchler c0f0a7739a Customize: Fix failure to collapse expanded sections and panels that become deactivated. 
Improve jsdoc for `onChangeActive` function. Restores fix from [34557] which got dropped in [38648].

Props dlh, westonruter.
See #34391, #33509.
Fixes #39430.

Merges [40304] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40375


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-05 02:20:25 +00:00
Pascal Birchler a394c05654 Customize: Use `get_user_locale()` in customizer body class. 
Otherwise CSS specific to the site's locale would be applied, even though the customizer is displayed in the user's locale.

See #29783.
Fixes #40271.

Merges [40368] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40369


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40276 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-05 02:16:34 +00:00
Pascal Birchler 5a10b5c879 Administration: Fix minor misalignments caused by the `button-link` CSS class. 
After [40059] the CSS class `button-link` uses `text-align: left` by default.
This change now requires to limit as much as possible the use of `button-link`
to controls that should really look like links and to explicitly set
`text-align: center` in a few other cases.

Fixes #39983.

Merges [40358] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40367


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-05 02:15:18 +00:00
Pascal Birchler 1b7455c6d3 Quick/Bulk Edit: Fix the Tag suggestions position on the Bulk Edit textarea. 
Always passes the complete `position` object to the jQuery autocomplete widget.
Also checks if an autocomplete instance already exists on the Bulk Edit textarea.

Props davidbenton.
Fixes #40242.

Merges [40357] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40365


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-05 02:14:11 +00:00
Pascal Birchler 511b47afd9 Customize: Prevent client-side validation from being cleared when no corresponding server-side validation is present. 
See #36944.
Fixes #39770.

Merges [40319] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40345


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-28 07:22:37 +00:00
Pascal Birchler 52f0c65fc5 Customize: Prevent links to `customize.php` from being generated which have query vars from `wp_removable_query_args()` present. 
Props dlh.
See #23367, #32692.
Fixes #31850.

Merges [40313] to the 4.7 branch.


Built from https://develop.svn.wordpress.org/branches/4.7@40331


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40238 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-25 13:35:38 +00:00
John Blackbourn bfa0cc8b91 Login and Registration: Avoid a potentially incorrect value for the cookie hash on multisite installations that don't have a value in the `siteurl` network option. 
This reverts [38619].

See #34084, #39497

Merges [40320] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40321


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-23 19:03:37 +00:00
James Nylen 8622d105f5 Bump 4.7 branch to version 4.7.3. 
Built from https://develop.svn.wordpress.org/branches/4.7@40202


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 15:56:33 +00:00
John Blackbourn 882ac7830f Press This: Verify intent before fetching in-page resources using Press This. 
Props vortfu

Merges [40195] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40196


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 13:56:35 +00:00
John Blackbourn 0066640479 Taxonomy: Correct the formatting of HTML entities when generating the screen reader text for tag removal. 
Props adamsilverstein

Merges [40181] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40182


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 13:16:35 +00:00
Aaron Campbell 177b19d9ec Plugins: Add file check to plugin deletions. 
Merges [40169] to 4.7 branch.


Built from https://develop.svn.wordpress.org/branches/4.7@40170


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 12:58:35 +00:00
Jeremy Felt a80351f7ed Validate video and audio metadata. 
merge of [40148] to the 4.7 branch

Built from https://develop.svn.wordpress.org/branches/4.7@40149


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40088 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 08:03:35 +00:00