Commit Graph

115 Commits

Author SHA1 Message Date
Andrew Nacin 3bfb59b39d More robust escaping in the plugin/theme upgrader.
git-svn-id: http://core.svn.wordpress.org/trunk@24474 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-21 05:54:40 +00:00
Andrew Ozz d306a85654 Add more specific error messages when upgrading themes and plugins and the package cannot be extracted (no files), props SergeyBiryukov, fixes #24223
git-svn-id: http://core.svn.wordpress.org/trunk@24313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-22 16:57:20 +00:00
Ryan Boren 9eff7bb71a Don't show both "update failed" and "update successful" messages when upgrading a theme fails due to connectivity problems.
Props SergeyBiryukov
fixes #23027


git-svn-id: http://core.svn.wordpress.org/trunk@24276 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-16 12:46:36 +00:00
Andrew Nacin a518fb0c94 Fix usage of undeclared variables.
* the_weekday_date() needs the global $currentday
 * ms_site_check() needs the global $current_site
 * media list table does not need to check for $total_orphans
 * upgrader has no $feedback variable, appears to be copypasta from other upgrade APIs
 * install_themes_feature_list() has no $features variable, return array() instead of a new return type of WP_Error

see #24210.



git-svn-id: http://core.svn.wordpress.org/trunk@24189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-07 16:35:03 +00:00
Andrew Nacin 3b4a087007 remove_filter() only accepts three arguments: filter, callback, and priority. An accepted args parameter is only used for adds.
props rlerdorf.
see #24210.



git-svn-id: http://core.svn.wordpress.org/trunk@24188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-07 15:55:31 +00:00
Sergey Biryukov dace3f0b6d Remove redundant echo calls from list tables. Don't mix string concatenation with direct output. see #24210.
git-svn-id: http://core.svn.wordpress.org/trunk@24123 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-29 01:10:50 +00:00
Andrew Nacin bc7082a7c3 WP_Upgrader: Add upgrader_process_complete hooks and add a abort_if_destination_exists flag (default is true). props dd32. see #18200.
git-svn-id: http://core.svn.wordpress.org/trunk@23912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-04 21:10:54 +00:00
Ryan Boren 9890179bce Make the before() and after() methods in Bulk_Plugin_Upgrader_Skin and Bulk_Theme_Upgrader_Skin declarations match Bulk_Upgrader_Skin. Eliminates strict standards warning.
Props charlestonsw
fixes #23807


git-svn-id: http://core.svn.wordpress.org/trunk@23749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-19 03:24:51 +00:00
Ryan Boren 5f809d1d22 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 17:00:25 +00:00
Ryan Boren 43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Helen Hou-Sandí b1f1579604 its <=> it's in documentation, along with a rogue the, The, and looses. props trepmal. fixes #22665.
git-svn-id: http://core.svn.wordpress.org/trunk@23191 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-20 15:55:32 +00:00
Andrew Nacin 1acd8b556f New HiDPI spinner. Uses clean <span class="spinner"></span> markup.
Be on the lookout for weirdness.
props lessbloat. see #21456.



git-svn-id: http://core.svn.wordpress.org/trunk@22019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-26 19:57:44 +00:00
Andrew Nacin fb36abe6b7 Always URL-encode a stylesheet directory value before using it in a URL. These situations are saved by wp_nonce_url(), but we should not depend on that. see #21749, for trunk only.
git-svn-id: http://core.svn.wordpress.org/trunk@21755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-04 22:35:12 +00:00
Andrew Nacin d476c22aa1 Fix old-school Preview links when a theme directory contains spaces. Fix the theme-editor.php link from MS themes screens when a theme directory contains spaces. see #21749.
git-svn-id: http://core.svn.wordpress.org/trunk@21752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-04 22:25:25 +00:00
markjaquith 09f66013f5 Do not display an error message when a plugin or theme being updated is found to already be up to date. Note the fact, and call it success. props solarissmoke. fixes #19752
git-svn-id: http://core.svn.wordpress.org/trunk@21236 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-09 03:40:32 +00:00
nacin b43393e9db Cap checks for links in the upgrader, for plugins. fixes #19824.
git-svn-id: http://core.svn.wordpress.org/trunk@21197 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-30 12:19:13 +00:00
nacin fffff45c25 Cap checks in the upgrader so we do not show links the user cannot access. props linuxologos for the initial patch. see #19824.
Also fixes a rare fatal error when theme_info is not set when updating a theme that is already up to date.



git-svn-id: http://core.svn.wordpress.org/trunk@21195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-30 12:08:18 +00:00
nacin 3a215028ea Allow switch_theme() to take a single $stylesheet argument.
It now effectively has two function definitions:
function switch_theme( $stylesheet )
function switch_theme( $template, $stylesheet )

fixes #21075.



git-svn-id: http://core.svn.wordpress.org/trunk@21131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-26 05:21:04 +00:00
nacin 222425a917 Introduce wp_clean_themes_cache() for upgrades and testing. fixes #20954.
git-svn-id: http://core.svn.wordpress.org/trunk@21080 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-14 14:24:25 +00:00
ryan 21436ed8b9 Force a theme directory scan after installing and upgrading themes. Props nacin. fixes #20919
git-svn-id: http://core.svn.wordpress.org/trunk@21064 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-12 15:59:53 +00:00
ryan bbb1494919 Use the stylesheet rather than the template to create the network enable theme nonce. Fix network enable redirect following theme installation. Props duck_, nacin. fixes #20916
git-svn-id: http://core.svn.wordpress.org/trunk@21062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-12 15:31:25 +00:00
nacin 551f88dbcb Use the proper value for the switch-theme nonce in the upgrader. Fixes child theme activation after install. props duck_. fixes #20914.
git-svn-id: http://core.svn.wordpress.org/trunk@21061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-12 14:36:24 +00:00
ryan d00954f12e Post theme upgrade/install tweaks.
* Add title attributes to Live Preview links.
* Show Customize instead of Live Preview after upgrading current theme.
* Hide activate and preview links after theme upgrade when in the network admin.

Props SergeyBiryukov
fixes #20784


git-svn-id: http://core.svn.wordpress.org/trunk@20958 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-30 18:55:20 +00:00
ryan 03daf400c5 "Live Preview" rather than "Customize" after installing/upgrading a theme. Props SergeyBiryukov. fixes #20784
git-svn-id: http://core.svn.wordpress.org/trunk@20957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-30 17:15:57 +00:00
ryan 28d2b205d8 Remove activate/deactivate messages from plugin upgrades. Props toppa. fixes #17833
git-svn-id: http://core.svn.wordpress.org/trunk@20786 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-14 17:24:44 +00:00
koopersmith 1c102d3180 Add quote to fix 'Customize' link after new theme install on Chrome. props DH-Shredder, see #19910.
git-svn-id: http://core.svn.wordpress.org/trunk@20695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-02 20:22:02 +00:00
nacin 0af650a02c Check if update_core() exists before calling it in Core_Upgrader. If not, issue an error message that the copy failed likely due to disk space. fixes #19883.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20619 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-27 18:57:59 +00:00
koopersmith 73246fa076 Theme Customizer: Remove unused 'template' argument from wp_customize_url. see #19910.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-18 20:57:06 +00:00
nacin aab399efbc Theme Customizer: Stick to wp_customize_url() instead of wp_customize_href(). Switch argument order so it is stylesheet-template. (Template is hypothetically optional, but the function will not support that.) see #19910.
Move to ->display('Name'), as ->get('Name') is a raw, untranslated version of the header.



git-svn-id: http://svn.automattic.com/wordpress/trunk@20477 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-16 14:36:47 +00:00
koopersmith a5dacf7da5 Theme Customizer: Allow the customize iframe to be accessed directly (with full feature support). see #19910.
* Move the 'Return to Manage Themes' and 'Collapse Sidebar' actions from themes.php to customize-controls.php.
* Create a postMessage connection between themes.php and customize-controls.php.
* Allow the theme customizer to be accessed directly (independent of themes.php and the customize loader).
* Add wp_customize_href() and wp_customize_url().
* Remove wp_customize_loader(). To include the loader, use wp_enqueue_script( 'customize-loader' ).
* The theme customizer now requires postMessage browser support.
* Add .hide-if-customize and .hide-if-no-customize CSS classes.
* Clean up customize-preview.js.

git-svn-id: http://svn.automattic.com/wordpress/trunk@20476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-16 14:02:28 +00:00
koopersmith c2fb0c425b Replace all instances of thickbox theme preview with the theme customizer. fixes #20404.
* Use theme customizer in theme install/update screens.
* Separate the customize loader from the customizer. Use wp_customize_loader() to include the loader script and markup.
* Deprecated: wp-admin/js/theme-preview.js is now no longer used by core.

git-svn-id: http://svn.automattic.com/wordpress/trunk@20419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-10 02:25:03 +00:00
nacin 2a29da4d31 Clear WP_Theme caches on update. fixes #20331.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-30 14:46:52 +00:00
nacin 8c46a71af6 Leverage WP_Theme in the upgrader. Remove debug line from [20267]. Stop using get_theme_data() as it will be deprecated. see #13774. see #20103.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-23 10:20:26 +00:00
nacin 98862a975b Support child theme installation in the theme installer. props otto42, dd32. fixes #13774.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-23 10:10:06 +00:00
ryan 616c35e71c One newline is enough.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:10:39 +00:00
ryan 07ff8b216b Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
ryan 872428d60d More specific error strings for failed theme and plugin package uploads. Props dd32. fixes #14999
git-svn-id: http://svn.automattic.com/wordpress/trunk@19246 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-10 19:41:44 +00:00
dd32 16697d503e Tabs > Spaces. Props SergeyBiryukov. See #14999
git-svn-id: http://svn.automattic.com/wordpress/trunk@19115 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-02 12:16:47 +00:00
dd32 68037f4ac1 Themes not within a subdirectory of the zip need to have the working directory Trailingslashed. See #14999
git-svn-id: http://svn.automattic.com/wordpress/trunk@19057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-25 04:25:52 +00:00
ryan 62afab8db3 Pinking shears
git-svn-id: http://svn.automattic.com/wordpress/trunk@19054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-24 19:13:23 +00:00
duck_ c1d1590171 Fix typos in documentation (wp-admin/). See #18560.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-03 14:18:10 +00:00
dd32 e089db6cf4 First slice of rejecting invalid Plugin and Theme zip uploads (Incompatible file structure, not containing a Plugin/Theme, etc). See #14999
git-svn-id: http://svn.automattic.com/wordpress/trunk@18618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-28 15:02:48 +00:00
dd32 ef278df299 Store Plugin/Theme uploads in the Media Library properly. Add Scheduled cleanup +2hrs to clean up any aborted installation attempts. See #18182
git-svn-id: http://svn.automattic.com/wordpress/trunk@18617 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-28 08:42:07 +00:00
dd32 b16b6f8a31 Only clean up the uploaded files after a successful (or failed) install. Allows files to persist past the FTP credential screen. See #18182
git-svn-id: http://svn.automattic.com/wordpress/trunk@18616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-28 05:51:38 +00:00
dd32 ea3a169b6f Clean up Plugin/Theme uploads after successfully installing them. Restores pre-3.2 behaviour. See #18182
git-svn-id: http://svn.automattic.com/wordpress/trunk@18614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-28 03:51:35 +00:00
nacin 0fe8ea2f72 Add 'Network Enable' link after installing a theme in the network admin. props PeteMall, fixes #18468.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-18 22:40:37 +00:00
nacin 97730f64fa Initialize in the Theme_Upgrader class. props mitchoyoshitaka, fixes #18367.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-10 19:26:36 +00:00
nacin bf9c99e1fa Extra check for partial updates: Make sure the API response matches the current version of WP. see #10611.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-10 06:22:33 +00:00
nacin 493ac83f33 Core support for partial updates. see #10611.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18225 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-10 05:47:44 +00:00