Commit Graph

90 Commits

Author SHA1 Message Date
Ryan Boren 5f809d1d22 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 17:00:25 +00:00
Ryan Boren 43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
ryan 7b49ad8493 Introduce get_edit_user_link(). Props scribu, georgestephanis, johnbillion. fixes #14787 see #20307
git-svn-id: http://core.svn.wordpress.org/trunk@21364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-30 18:30:03 +00:00
ryan 73addbbd24 More screen reader text for list table checkboxes and theme install search. Props MikeLittle, SergeyBiryukov. see #21325
git-svn-id: http://core.svn.wordpress.org/trunk@21323 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-25 16:18:14 +00:00
ryan e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
ryan 616c35e71c One newline is enough.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:10:39 +00:00
ryan 07ff8b216b Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
ryan 69994de5d1 Consolidate larg network criteria into wp_is_large_network(). Allow plugins to change this criteria via filter. Props PeteMall. fixes #18464
git-svn-id: http://svn.automattic.com/wordpress/trunk@18871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-03 16:30:07 +00:00
nacin 0caf6ee451 Dissolve wp-admin/network/edit.php. props PeteMall, fixes #18379.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-18 02:29:06 +00:00
ryan daa14c36f9 Bring out the pinking shears.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-10 23:01:45 +00:00
westi b64c0fb2f9 Add a ms_user_row_actions filter on the actions array for the Network Users table. Fixes #15932 props sorich87
git-svn-id: http://svn.automattic.com/wordpress/trunk@18090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-01 14:44:10 +00:00
nacin 37075f7f71 Remove AJAX from list tables. first pass. see #16262.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-16 21:47:24 +00:00
nacin f15b1ad05d Allow us to return from whence we came. Specify wp_http_referer for user-edit in the network admin, as we may come from network/users or site-users. props PeteMall, SergeyBiryukov, fixes #16053.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-01 22:30:46 +00:00
ryan b6346ae5cd Default to leading and trailing wildcards for site user searches. Require explicit trailing wildcard asterisk request for network user searches. Disallow leading wildcards for network user searches. Move wildcard policy up the stake, allowing more flexibility in WP_User_Query. Props SergeyBiryukov. fixes #16014
git-svn-id: http://svn.automattic.com/wordpress/trunk@17189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-30 23:38:21 +00:00
scribu 0879929ca7 Make WP_User_Query return regular objects by default. Fixes #15854
git-svn-id: http://svn.automattic.com/wordpress/trunk@17013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-17 00:38:15 +00:00
nacin a189f21c45 Replace check_permissions() with ajax_user_can(). New method returns true/false to current_user_can(), which we then handle in admin ajax. see #15326.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-16 09:18:28 +00:00
PeteMall 527a1381d6 This is only for use in the Network admin when it is always multisite.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-15 19:11:55 +00:00
westi 98ae904159 Fix HTML validation errors. Fixes #15716.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16962 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-15 18:34:59 +00:00
ryan 3949ce12d0 Pink trailing whites.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-13 21:21:50 +00:00
westi 568043870d Fix row hilighting when user is spam. See #15558 props beaulebens.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-11 09:40:49 +00:00
nacin 8d00b7b63b s/can_edit_site/can_edit_network/g. see #15720.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16833 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-09 12:36:39 +00:00
westi 4bd2db1ca5 Use a span so we mark up the all the info about the site. See #15716 - allows for css targetting based on site.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16765 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-07 15:00:30 +00:00
westi 381a4f7750 Introduce can_edit_site to replace inline checks on whether or not the site_id is for the current Network. See #15716.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16764 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-07 14:28:40 +00:00
westi d2bce97ced Make the list of actions that can be performed on a site in the User List in Network admin filterable.
Add classes for all core site status types to the view url.
Move the CSS to a css file rather than including it inline.
See #15558

git-svn-id: http://svn.automattic.com/wordpress/trunk@16607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-29 13:31:42 +00:00
scribu cc540d502a Fix problems with hidden columns on network users screen. Props ocean90. See #14579
git-svn-id: http://svn.automattic.com/wordpress/trunk@16601 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-28 17:39:44 +00:00
PeteMall 24bd7a417e Use get_user_count() in network admin users. Fixes #15567
git-svn-id: http://svn.automattic.com/wordpress/trunk@16574 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-24 20:03:28 +00:00
PeteMall 9a23bd6078 Use first and last name in network admin users. Fixes #15528.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-22 04:31:31 +00:00
scribu 2410a3bd8e Don't need WP_MS_Users_List_Table constructor anymore. See [16501]
git-svn-id: http://svn.automattic.com/wordpress/trunk@16507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-20 14:03:49 +00:00
ryan e3d61691fa Could not bulk edit users in Network Admin due to reversed logic on capability check, and incorrect action included for comparing to nonce. Props beaulebens
git-svn-id: http://svn.automattic.com/wordpress/trunk@16501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-20 05:48:35 +00:00
nacin d22cc9bd64 s/Login/Username/ to restore 3.0 string. props demetris, fixes #15453.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-17 16:58:15 +00:00
scribu e496292ae5 Make manage_users_custom_column hook consistent between WP_(MS)?_Users_List_Table. Fixes #14562
git-svn-id: http://svn.automattic.com/wordpress/trunk@16354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-13 20:47:34 +00:00
ryan dd1630305b Check delete caps in network users admin.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-12 16:00:41 +00:00
scribu 1f74ef6b02 Make 'registered' column sort by user id. See #14579
git-svn-id: http://svn.automattic.com/wordpress/trunk@16290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-11 11:47:10 +00:00
nacin 3b2c4501d1 Super Admin filter for network/users.php. fixes #15371.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-10 17:05:20 +00:00
scribu c5a9fd309d Default to get_current_screen() in list table classes. See #14579
git-svn-id: http://svn.automattic.com/wordpress/trunk@16182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-04 15:00:55 +00:00
westi 5e90c5d1c3 Revert [16171] and [16172] - The class names were fine as they were and the MultiSite classes stand out more with the original naming.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16175 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-04 08:07:03 +00:00
scribu 836ec33dca List-table Class Names: Consistency's Revenge. See #14579
git-svn-id: http://svn.automattic.com/wordpress/trunk@16171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-03 21:09:27 +00:00
ryan f5ab587c9d Show latest x users with no paging if on a large network. see #15170
git-svn-id: http://svn.automattic.com/wordpress/trunk@16160 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-03 13:34:04 +00:00
westi ad92d629d6 The big renaming of the list-table class files.
See #14579

git-svn-id: http://svn.automattic.com/wordpress/trunk@16128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-01 09:19:50 +00:00