* XML-RPC: Improve error messages for unprivileged users.
* External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
* Embeds: Disable embeds on deactivated Multisite sites.
* Coding standards: Modify escaping functions to avoid potential false positives.
* XML-RPC: Return error message if attachment ID is incorrect.
* Upgrade/install: Improve logic check when determining installation status.
* Meta: Sanitize meta key before checking protection status.
* Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.
Brings the changes from [49380,49382-49388] to the 5.4 branch.
Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.
Built from https://develop.svn.wordpress.org/branches/5.4@49391
git-svn-id: http://core.svn.wordpress.org/branches/5.4@49150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.
This commit also includes:
* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
* `wp-admin/admin-header.php`
* `wp-admin/admin-footer.php`
* `wp-includes/version.php`
Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes#48082.
Built from https://develop.svn.wordpress.org/trunk@47198
git-svn-id: http://core.svn.wordpress.org/trunk@46998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new format looks like "Sorry, you are not allowed to <action>.". This provides a consistent experience for all error messages related to missing permissions. It also reduces the number of similar strings and allows translators to provide a consistent style in their language.
Props ramiy, Presskopp.
Fixes#34521.
Built from https://develop.svn.wordpress.org/trunk@37914
git-svn-id: http://core.svn.wordpress.org/trunk@37855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
First step towards restoring a good heading structure in wp-admin.
The previous `<h1>` contained the site title and a link to the front page and was removed with the toolbar refactoring in 3.2.
Props joedolson, afercia.
Fixes#31650.
Built from https://develop.svn.wordpress.org/trunk@32974
git-svn-id: http://core.svn.wordpress.org/trunk@32945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In media-new.php, use post_id from REQUEST if passed and the current user can edit the post.
Fixes adding media with the browser uploader.
Props nacin, ocean90
fixes#22572
git-svn-id: http://core.svn.wordpress.org/trunk@22853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is bolted on to existing code, the vast majority of which is destined to be ripped out in 3.6 once things settle.
see #22083.
git-svn-id: http://core.svn.wordpress.org/trunk@22755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* media-new.php will remain the entry point for uploading isolated files, and for using the browser-based uploader (versus Plupload).
* media-upload.php is the legacy (pre-3.5) media uploader.
see #22083.
git-svn-id: http://core.svn.wordpress.org/trunk@22751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
whyisjake
Sergey Biryukov
Gary Pendergast
Andrea Fercia
Dominik Schilling
Scott Taylor
Konstantin Obenland
Andrew Nacin
Andrew Ozz
Ryan Boren
azaozz
ryan
nacin
markjaquith