Commit Graph

12616 Commits

Author SHA1 Message Date
John Blackbourn a8bf70c382 WPDB: Allow queries to reference tables in the dbname.tablename format, and allow table names to contain any valid character, rather than just ASCII.
Merge of [32368] to the 3.7 branch.

Props pento, willstedt for the initial patch.

See #32090.

Built from https://develop.svn.wordpress.org/branches/3.7@32416


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 21:14:10 +00:00
Dominik Schilling 8cb1387688 WPDB: When sanity checking query character sets, there's no need to check queries that don't return user data.
Merges [32374] to the 3.7 branch.

props pento.
fixes #32104.
Built from https://develop.svn.wordpress.org/branches/3.7@32407


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 20:08:09 +00:00
Helen Hou-Sandí 0697563967 The UTF-8 regex can occasionally fail on very low memory machines. Reduce the amount of memory it uses.
Merges [32375] to the 3.7 branch.

props pento.
fixes #32204.

Built from https://develop.svn.wordpress.org/branches/3.7@32400


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32370 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:44:19 +00:00
Michael Adams 18fcca2916 WPDB: When checking that a string can be sent to MySQL, we shouldn't use `mb_convert_encoding()`, as it behaves differently to MySQL's character encoding conversion.
Merge of [32364] to the 3.7 branch.

Props mdawaffe, pento, nbachiyski, jorbin, johnjamesjacoby, jeremyfelt.

See #32165.

Built from https://develop.svn.wordpress.org/branches/3.7@32391


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:17:09 +00:00
Michael Adams cd63ed5102 3.7:
- WPDB: Sanity check that any strings being stored in the DB are not too long to store correctly.
- When upgrading, remove any suspicious comments.

Built from https://develop.svn.wordpress.org/branches/3.7@32318


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-27 18:35:09 +00:00
Gary Pendergast 82c855cce0 3.7 branch is now 3.7.8.
Built from https://develop.svn.wordpress.org/branches/3.7@32305


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32276 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-27 14:13:09 +00:00
Helen Hou-Sandí 23f7dc02fe The 3.7 branch is now 3.7.7.
Built from https://develop.svn.wordpress.org/branches/3.7@32286


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32257 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-23 21:36:10 +00:00
Gary Pendergast 2e7a66f15f WPDB: When sanity checking a string by sending it to MySQL for conversion checks, the incorrect data structure was being returned from wpdb::strip_invalid_text(), causing all write queries to fail for some character sets when the query contained non-ASCII characters.
Merge of [32261] to the 3.7 branch.

See #32051.


Built from https://develop.svn.wordpress.org/branches/3.7@32275


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32246 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-23 11:56:10 +00:00
Gary Pendergast 8490921af3 WPDB: When deciding if a query needs extra sanity checking based on collation, return early when we can. Merges [32232] and [32233] to the 3.7 branch.
See #32029.


Built from https://develop.svn.wordpress.org/branches/3.7@32241


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-21 07:06:10 +00:00
Gary Pendergast 4935ef466c Bump 3.7 branch 3.7.6.
Built from https://develop.svn.wordpress.org/branches/3.7@32213


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32187 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 17:33:09 +00:00
Gary Pendergast 03874af5c9 In Multisite, prevent plugins from unintentionally switching sites. Merge of [32173] to the 3.7 branch.
Props mdawaffe, pento.


Built from https://develop.svn.wordpress.org/branches/3.7@32202


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32175 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 13:28:10 +00:00
Gary Pendergast c3a4c7463c Remove some old backwards compatibility code from TinyMCE. Merge of [32166] to the 3.7 branch.
Props azaozz.


Built from https://develop.svn.wordpress.org/branches/3.7@32196


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 12:58:10 +00:00
Gary Pendergast 888d60a151 Clean up some edge cases in `sanitize_sql_orderby()`. Merge of [32164] to the 3.7 branch.
Props vortfu, dd32.


Built from https://develop.svn.wordpress.org/branches/3.7@32192


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32165 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 12:41:09 +00:00
Gary Pendergast 5236e251a3 Merge the query sanity checks from #21212 to the 3.7 branch.
Props pento, nacin, mdawaffe, DrewAPicture.


Built from https://develop.svn.wordpress.org/branches/3.7@32188


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32161 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 11:52:10 +00:00
Gary Pendergast a05b1eca46 The 3.7 branch is now 3.7.6-alpha.
Built from https://develop.svn.wordpress.org/branches/3.7@32159


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32134 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 03:49:09 +00:00
Andrew Nacin f5f28b9b1b 3.7.5 version bumps.
Built from https://develop.svn.wordpress.org/branches/3.7@30472


git-svn-id: http://core.svn.wordpress.org/branches/3.7@30463 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 16:26:10 +00:00
Andrew Nacin 3762c63026 Prevent high resource usage when hashing large passwords. props mdawaffe, pento
Merges [30466] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@30470


git-svn-id: http://core.svn.wordpress.org/branches/3.7@30461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 16:08:09 +00:00
Andrew Nacin 0c8039be21 Anchor texturize to shortcodes to improve regex efficiency.
Merges [30452] to the 3.7 branch.

props miqrogroove.
see #29557 for segfault issues.

Built from https://develop.svn.wordpress.org/branches/3.7@30456


git-svn-id: http://core.svn.wordpress.org/branches/3.7@30447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 14:40:09 +00:00
Andrew Nacin 1e0faa77d3 Better validation of the URL used in core HTTP requests.
Merges [30443] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@30447


git-svn-id: http://core.svn.wordpress.org/branches/3.7@30442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 14:03:08 +00:00
Andrew Nacin c2b7538b1c Invalidate password keys when a user's email changes.
Merges [30430] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@30434


git-svn-id: http://core.svn.wordpress.org/branches/3.7@30429 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:43:09 +00:00
Andrew Nacin eeb9290b3b Fix typo in style filter. props miqrogroove
Merges [30425] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@30429


git-svn-id: http://core.svn.wordpress.org/branches/3.7@30424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:17:09 +00:00
Andrew Nacin 7e1c039ed1 Use hash_equals() for old md5 hashes.
Merges [30412] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@30416


git-svn-id: http://core.svn.wordpress.org/branches/3.7@30411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 12:06:10 +00:00
Andrew Nacin a318c79670 Password resets: Use network_site_url() for form actions.
Merges [29631] to the 3.7 branch.

props mdawaffe.
fixes #29156.

Built from https://develop.svn.wordpress.org/branches/3.7@29640


git-svn-id: http://core.svn.wordpress.org/branches/3.7@29414 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-27 03:06:11 +00:00
Andrew Nacin e4da99ec10 3.7.4
Built from https://develop.svn.wordpress.org/branches/3.7@29413


git-svn-id: http://core.svn.wordpress.org/branches/3.7@29191 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 18:27:35 +00:00
Andrew Nacin 635a071eda Use delimiters when building nonce hashes. Part two of [29388].
Built from https://develop.svn.wordpress.org/branches/3.7@29410


git-svn-id: http://core.svn.wordpress.org/branches/3.7@29188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 17:59:09 +00:00
Andrew Nacin 69d28f882f Ignore entities in XML-RPC requests.
Merges [29404] to the 3.7 branch.

props mdawaffe, nacin.

Built from https://develop.svn.wordpress.org/branches/3.7@29407


git-svn-id: http://core.svn.wordpress.org/branches/3.7@29185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 17:51:19 +00:00
Andrew Nacin 8b02ba1d76 Escape late in get_avatar().
Merges [29397] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@29400


git-svn-id: http://core.svn.wordpress.org/branches/3.7@29178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 07:51:32 +00:00
Andrew Nacin 746e87cf0a Disable external entities in ID3.
Merges [29378] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@29392


git-svn-id: http://core.svn.wordpress.org/branches/3.7@29170 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 05:58:19 +00:00
Andrew Nacin 2312c77dc5 Constant time for wp_verify_nonce().
Merges [29384] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@29388


git-svn-id: http://core.svn.wordpress.org/branches/3.7@29166 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 05:45:10 +00:00
Andrew Nacin 110becdc03 3.7.4-alpha
Built from https://develop.svn.wordpress.org/branches/3.7@29387


git-svn-id: http://core.svn.wordpress.org/branches/3.7@29165 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 05:44:11 +00:00
Andrew Nacin d2044c3bb5 3.7.3
Built from https://develop.svn.wordpress.org/branches/3.7@28119


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27950 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-14 19:06:10 +00:00
Andrew Nacin 1ea4ff28ce 3.7.3-RC1
Built from https://develop.svn.wordpress.org/branches/3.7@28078


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-11 17:30:09 +00:00
Andrew Nacin 9c1b1dd073 Recover auto-drafts lost via Quick Draft.
Merges [28075] from the 3.8 to the 3.7 branch. See [28074].

fixes #27734.

Built from https://develop.svn.wordpress.org/branches/3.7@28077


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-11 17:29:10 +00:00
Andrew Nacin 1dd3b9212e 3.7.2
Built from https://develop.svn.wordpress.org/branches/3.7@28056


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-08 18:13:10 +00:00
Andrew Nacin 4932c36533 Harden HMAC verification. props duck_. [28053] for 3.7.
Built from https://develop.svn.wordpress.org/branches/3.7@28055


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-08 18:08:10 +00:00
Andrew Nacin ab7e094de3 3.7.2-RC1
Built from https://develop.svn.wordpress.org/branches/3.7@27993


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27823 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-07 19:40:11 +00:00
Dion Hulse 1d299753ff Background Updates: Fix a PHP Warning caused by a Upgrader instance being passed into the Theme & Plugin $extra_stats parameter.
Background Updates: Fix two variable typos in r27905

Merges [27906],	[27928]	to the 3.7 branch.
Fixes #27633.

Built from https://develop.svn.wordpress.org/branches/3.7@27930


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27760 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-03 05:47:09 +00:00
Andrew Nacin d5744d72dc Background Updates: Record plugin & theme update statistics like we do for core updates.
Pass plugin/theme update objects into the Background updater for consistency with core & translations.

Merges [27905] to the 3.7 branch.

props dd32.
fixes #27633.

Built from https://develop.svn.wordpress.org/branches/3.7@27924


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-03 04:03:09 +00:00
Andrew Nacin 3ec57fa3e0 Update Plupload Silverlight binary to 1.5.8 in the 3.7 branch.
Built from https://develop.svn.wordpress.org/branches/3.7@27921


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-03 03:38:09 +00:00
Andrew Nacin dc382aeae2 Remove links_recently_updated_time (hardening).
Merges [27917] from the 3.8 branch to 3.7 branch.

see #27649.

Built from https://develop.svn.wordpress.org/branches/3.7@27919


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-03 03:23:10 +00:00
Andrew Nacin 52f5555eca Prefix the notoptions cache key in the multisite site-options group with $wpdb->siteid to avoid collisions.
Merges [26304] (and [26305]) from 3.8 to the 3.7 branch.

props wonderboymusic.
fixes #25883.

Built from https://develop.svn.wordpress.org/branches/3.7@27888


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27719 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-01 04:07:09 +00:00
Andrew Nacin 3d8c17a9c8 Fix a regression in wp_mkdir_p() where the $mode of the parent folder is not correctly applied to all created paths.
Merges [26449] and [26927] from 3.8.x to the 3.7 branch.

props dd32.
fixes #25822.

Built from https://develop.svn.wordpress.org/branches/3.7@27887


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27718 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-01 04:02:10 +00:00
Andrew Nacin 7a01e960b5 Cron: Fix a case where a cache inconsistency can cause wp_clear_scheduled_hook() to enter an infinite loop.
Merges [26782] from 3.8 to the 3.7 branch.

props dd32.
fixes #25773.

Built from https://develop.svn.wordpress.org/branches/3.7@27886


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27717 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-01 03:40:10 +00:00
Andrew Nacin 2486cbe932 Forward pingback IP during pingback verification.
Merges [27872] to the 3.7 branch.

props tellyworth, nacin.
fixes #27613.

Built from https://develop.svn.wordpress.org/branches/3.7@27878


git-svn-id: http://core.svn.wordpress.org/branches/3.7@27709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-31 21:36:11 +00:00
Andrew Nacin cbb694c005 Update the 3.7 branch's version numbers. fixes #25985.
Built from https://develop.svn.wordpress.org/branches/3.7@26546


git-svn-id: http://core.svn.wordpress.org/branches/3.7@26438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-02 23:16:11 +00:00
Dion Hulse bd4a5ae14a Background Updates: Spread them over the hour. Props Pento. Merges r26149 to the 3.7 branch. Fixes #25833 for 3.7.
Built from https://develop.svn.wordpress.org/branches/3.7@26450


git-svn-id: http://core.svn.wordpress.org/branches/3.7@26348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-28 02:35:11 +00:00
Andrew Nacin f2e591e4c2 PHP4 compatibility for files loaded before we bail. fixes #25760.
Merges [25986] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@25987


git-svn-id: http://core.svn.wordpress.org/branches/3.7@25923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-29 20:08:08 +00:00
Andrew Nacin 2d26855d11 3.7.1
Built from https://develop.svn.wordpress.org/branches/3.7@25982


git-svn-id: http://core.svn.wordpress.org/branches/3.7@25921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-29 17:20:08 +00:00
Andrew Nacin 462ede7416 Avoid resetting the 'hierarchical' argument in get_pages() when 'parent' is -1, the default.
Merges [25974] and [25975] to the 3.7 branch.

Fixes a regression introduced in [25270]. Adds unit tests.

props chrisbliss18.
fixes #25750.

Built from https://develop.svn.wordpress.org/branches/3.7@25976


git-svn-id: http://core.svn.wordpress.org/branches/3.7@25919 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-29 01:50:08 +00:00
Andrew Nacin 1171df59bc 3.7-RC1
Built from https://develop.svn.wordpress.org/branches/3.7@25958


git-svn-id: http://core.svn.wordpress.org/branches/3.7@25917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-27 21:14:10 +00:00