Commit Graph

13681 Commits

Author SHA1 Message Date
Andrew Ozz bb869f458b Backport r33469 and r33470 to 3.9.
See #33106.
Built from https://develop.svn.wordpress.org/branches/3.9@33523


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-31 01:45:14 +00:00
Gary Pendergast 9641009151 Bump 3.9 branch to version 3.9.7.
Built from https://develop.svn.wordpress.org/branches/3.9@33398


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 11:08:13 +00:00
Gary Pendergast aff3c77aad Shortcodes: Improve the reliablity of shortcodes inside HTML tags.
Merge of [33359] to the 3.9 branch.

Props miqrogroove.

See #15694.


Built from https://develop.svn.wordpress.org/branches/3.9@33386


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 05:01:14 +00:00
Gary Pendergast c5eb54f359 Capabilities: When creating an auto-draft, ensure that the current user still has permission to do so.
Merge of [33357] to the 3.9 branch.


Built from https://develop.svn.wordpress.org/branches/3.9@33377


git-svn-id: http://core.svn.wordpress.org/branches/3.9@33348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 04:12:14 +00:00
John Blackbourn 8f57ec6bbf WPDB: Allow queries to reference tables in the dbname.tablename format, and allow table names to contain any valid character, rather than just ASCII.
Merge of [32368] to the 3.9 branch.

Props pento, willstedt for the initial patch.

See #32090.

Built from https://develop.svn.wordpress.org/branches/3.9@32414


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 21:05:14 +00:00
Dominik Schilling 16156dcff9 WPDB: When sanity checking query character sets, there's no need to check queries that don't return user data.
Merges [32374] to the 3.9 branch.

props pento.
see #32104.
Built from https://develop.svn.wordpress.org/branches/3.9@32405


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 20:05:46 +00:00
Helen Hou-Sandí cfb6ef101b The UTF-8 regex can occasionally fail on very low memory machines. Reduce the amount of memory it uses.
Merges [32375] to the 3.9 branch.

props pento.
See #32204.

Built from https://develop.svn.wordpress.org/branches/3.9@32398


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32368 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:43:51 +00:00
Michael Adams 1c86df8bbf WPDB: When checking that a string can be sent to MySQL, we shouldn't use `mb_convert_encoding()`, as it behaves differently to MySQL's character encoding conversion.
Merge of [32364] to the 3.9 branch.

Props mdawaffe, pento, nbachiyski, jorbin, johnjamesjacoby, jeremyfelt.

See #32165.

Built from https://develop.svn.wordpress.org/branches/3.9@32389


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32359 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:12:16 +00:00
Andrew Ozz b2c747a38e TinyMCE: work-around a bug in the tags matching regex.
For 3.9.
Built from https://develop.svn.wordpress.org/branches/3.9@32373


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 05:36:17 +00:00
Michael Adams 10be03b2d7 3.9:
- WPDB: Sanity check that any strings being stored in the DB are not too long to store correctly.
- When upgrading, remove any suspicious comments.

Built from https://develop.svn.wordpress.org/branches/3.9@32316


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-27 18:30:15 +00:00
Gary Pendergast ad0a3701d4 3.9 branch is now 3.9.6.
Built from https://develop.svn.wordpress.org/branches/3.9@32303


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-27 14:12:15 +00:00
Helen Hou-Sandí 67a0654bcb The 3.9 branch is now 3.9.5.
Built from https://develop.svn.wordpress.org/branches/3.9@32284


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32255 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-23 21:35:52 +00:00
Gary Pendergast fa12b4a44c WPDB: When sanity checking a string by sending it to MySQL for conversion checks, the incorrect data structure was being returned from wpdb::strip_invalid_text(), causing all write queries to fail for some character sets when the query contained non-ASCII characters.
Merge of [32261] to the 3.9 branch.

See #32051.


Built from https://develop.svn.wordpress.org/branches/3.9@32273


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-23 11:48:16 +00:00
Gary Pendergast 4e39f0ba11 WPDB: When deciding if a query needs extra sanity checking based on collation, return early when we can. Merges [32232] and [32233] to the 3.9 branch.
See #32029.


Built from https://develop.svn.wordpress.org/branches/3.9@32239


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32210 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-21 06:58:14 +00:00
Gary Pendergast b435ecd2f8 Fix some `wpdb::check_safe_collation()` calls missed in [32182].
Built from https://develop.svn.wordpress.org/branches/3.9@32224


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 19:04:15 +00:00
Gary Pendergast 6af36f8915 Bump 3.9 branch to 3.9.4.
Built from https://develop.svn.wordpress.org/branches/3.9@32217


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32191 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 17:37:28 +00:00
Gary Pendergast 7bd9e93fef In Multisite, prevent plugins from unintentionally switching sites. Merge of [32173] to the 3.9 branch.
Props mdawaffe, pento.


Built from https://develop.svn.wordpress.org/branches/3.9@32200


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32173 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 13:23:15 +00:00
Gary Pendergast 6c6ea88f7d Update the Plupload Flash file to the latest version. Merge of [32168] to the 3.9 branch.
Props azaozz.


Built from https://develop.svn.wordpress.org/branches/3.9@32198


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 13:11:15 +00:00
Gary Pendergast dc27207e1f Remove some old backwards compatibility code from TinyMCE. Merge of [32166] to the 3.9 branch.
Props azaozz.


Built from https://develop.svn.wordpress.org/branches/3.9@32194


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 12:52:16 +00:00
Gary Pendergast 27c4e15959 Clean up some edge cases in `sanitize_sql_orderby()`. Merge of [32164] to the 3.9 branch.
Props vortfu, dd32.


Built from https://develop.svn.wordpress.org/branches/3.9@32190


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 12:36:14 +00:00
Gary Pendergast ff692384e0 `wpdb::$checking_collation` was incorrectly marked as `protected` instead of `private` in [32182].
Built from https://develop.svn.wordpress.org/branches/3.9@32185


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32158 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 11:24:15 +00:00
Gary Pendergast e4e09f8491 Merge the query sanity checks from #21212 to the 3.9 branch.
Props pento, nacin, mdawaffe, DrewAPicture.


Built from https://develop.svn.wordpress.org/branches/3.9@32182


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 11:09:15 +00:00
Gary Pendergast 932a7677e8 The 3.9 branch is now 3.9.4-alpha.
Built from https://develop.svn.wordpress.org/branches/3.9@32155


git-svn-id: http://core.svn.wordpress.org/branches/3.9@32130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 03:40:15 +00:00
Andrew Nacin d7aecf3611 3.9.3 version bumps.
Built from https://develop.svn.wordpress.org/branches/3.9@30474


git-svn-id: http://core.svn.wordpress.org/branches/3.9@30465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 16:29:14 +00:00
Andrew Nacin a067868b73 Prevent high resource usage when hashing large passwords. props mdawaffe, pento
Merges [30466] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@30468


git-svn-id: http://core.svn.wordpress.org/branches/3.9@30459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 16:06:14 +00:00
Andrew Nacin 940eb60ad7 Anchor texturize to shortcodes to improve regex efficiency.
For the 3.9 branch; see [30449] for trunk.

props miqrogroove.
see #29557 for segfault issues.

Built from https://develop.svn.wordpress.org/branches/3.9@30452


git-svn-id: http://core.svn.wordpress.org/branches/3.9@30445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 14:32:15 +00:00
Andrew Nacin ca3e6728d1 Better validation of the URL used in core HTTP requests.
Merges [30443] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@30445


git-svn-id: http://core.svn.wordpress.org/branches/3.9@30440 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 14:02:14 +00:00
Andrew Nacin bb7e7f5a0b TinyMCE: Verify HTML in captions. props azaozz
Merges [30435] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@30437


git-svn-id: http://core.svn.wordpress.org/branches/3.9@30432 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:52:15 +00:00
Andrew Nacin e8ea407eb6 Invalidate password keys when a user's email changes.
Merges [30430] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@30432


git-svn-id: http://core.svn.wordpress.org/branches/3.9@30427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:42:16 +00:00
Andrew Nacin c0357c466d Fix typo in style filter. props miqrogroove
Merges [30425] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@30427


git-svn-id: http://core.svn.wordpress.org/branches/3.9@30422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:16:42 +00:00
Andrew Nacin 3fa0efa6e3 Playlists are video by default. props duck_
Merges [30422] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@30424


git-svn-id: http://core.svn.wordpress.org/branches/3.9@30419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:12:45 +00:00
Andrew Nacin 3224f9b9c2 Use hash_equals() for old md5 hashes.
Merges [30412] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@30414


git-svn-id: http://core.svn.wordpress.org/branches/3.9@30409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 12:02:50 +00:00
Andrew Nacin 14f8d5a6e5 Password resets: Use network_site_url() for form actions.
Merges [29631] to the 3.9 branch.

props mdawaffe.
fixes #29156.

Built from https://develop.svn.wordpress.org/branches/3.9@29638


git-svn-id: http://core.svn.wordpress.org/branches/3.9@29412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-27 03:02:15 +00:00
Andrew Nacin f62b6a2c8b 3.9.2
Built from https://develop.svn.wordpress.org/branches/3.9@29411


git-svn-id: http://core.svn.wordpress.org/branches/3.9@29189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 18:27:16 +00:00
Andrew Nacin f00aac7c5c Use delimiters when building nonce hashes. Part two of [29384].
Built from https://develop.svn.wordpress.org/branches/3.9@29408


git-svn-id: http://core.svn.wordpress.org/branches/3.9@29186 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 17:53:16 +00:00
Andrew Nacin 824ca5b030 Ignore entities in XML-RPC requests.
Merges [29404] to the 3.9 branch.

props mdawaffe, nacin.

Built from https://develop.svn.wordpress.org/branches/3.9@29405


git-svn-id: http://core.svn.wordpress.org/branches/3.9@29183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 17:40:17 +00:00
Andrew Nacin 9173953c3e Escape late in get_avatar().
Merges [29397] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@29398


git-svn-id: http://core.svn.wordpress.org/branches/3.9@29176 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 07:51:15 +00:00
Andrew Nacin b86cd8511b Disable external entities in ID3.
Merges [29378] to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@29390


git-svn-id: http://core.svn.wordpress.org/branches/3.9@29168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 05:57:16 +00:00
Andrew Nacin ad39a33a22 Verify the MAC earlier in WP_Customize_Widgets. props duck_.
Merges [29377] (and [29028]) to the 3.9 branch.

Built from https://develop.svn.wordpress.org/branches/3.9@29389


git-svn-id: http://core.svn.wordpress.org/branches/3.9@29167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 05:51:15 +00:00
Andrew Nacin c4b546f41f Constant time for wp_verify_nonce().
Merges [29382] to the 3.9 branch.

Adds a second copy of hash_equals() to pluggable.php in case compat.php is not copied over in an update. (The general goal is no cross-file dependencies for minor releases.)

Built from https://develop.svn.wordpress.org/branches/3.9@29384


git-svn-id: http://core.svn.wordpress.org/branches/3.9@29162 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 05:42:16 +00:00
Andrew Nacin 7d2bc0ab0d 3.9.2-alpha
Built from https://develop.svn.wordpress.org/branches/3.9@29383


git-svn-id: http://core.svn.wordpress.org/branches/3.9@29161 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 05:26:31 +00:00
Andrew Nacin 38b8a2fbf9 3.9.1
Built from https://develop.svn.wordpress.org/branches/3.9@28345


git-svn-id: http://core.svn.wordpress.org/branches/3.9@28173 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-07 20:13:14 +00:00
Andrew Nacin 3c530e46cb 3.9.1-RC1
Built from https://develop.svn.wordpress.org/branches/3.9@28282


git-svn-id: http://core.svn.wordpress.org/branches/3.9@28110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-06 05:33:31 +00:00
Andrew Nacin e1f345903f Multisite: Treat 'www' as a special subdomain, reversing 3.9 regression.
Merges [28280] to the 3.9 branch.

props jeremyfelt.
fixes #27927.

Built from https://develop.svn.wordpress.org/branches/3.9@28281


git-svn-id: http://core.svn.wordpress.org/branches/3.9@28109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-06 05:33:17 +00:00
Andrew Nacin d6656c58e0 Multisite: Fix case sensitivity regressions in 3.9.
Merges [28276] to the 3.9 branch.

props jeremyfelt.
fixes #27866.

Built from https://develop.svn.wordpress.org/branches/3.9@28278


git-svn-id: http://core.svn.wordpress.org/branches/3.9@28106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-06 05:26:14 +00:00
Andrew Nacin c51b6347e4 Fix persistence of <track> elements in the body of a [video] shotcode in TinyMCE views.
Merges [28183] and [28169] to the 3.9 branch.

props azaozz, wonderboymusic.
fixes #27915.

Built from https://develop.svn.wordpress.org/branches/3.9@28273


git-svn-id: http://core.svn.wordpress.org/branches/3.9@28101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-06 04:51:14 +00:00
Andrew Nacin 8b65448e85 Refinements for asynchronous rendering in `wp.mce.media.PlaylistView`.
Merges [28182] to the 3.9 branch.

props gcorne, wonderboymusic.
fixes #27899.

Built from https://develop.svn.wordpress.org/branches/3.9@28272


git-svn-id: http://core.svn.wordpress.org/branches/3.9@28100 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-06 04:49:15 +00:00
Andrew Nacin 73a09188b8 Customizer: Avoid hiding 'Remove' buttons unrelated to custom headers.
Merges [28266] to the 3.9 branch.

props rzen, ehg.
fixes #27848.

Built from https://develop.svn.wordpress.org/branches/3.9@28267


git-svn-id: http://core.svn.wordpress.org/branches/3.9@28095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-06 04:15:14 +00:00
Andrew Nacin c85dc97274 Drag/drop on the editor to upload: don't trigger the uploader when selected text is being dragged from one window to another.
Merges [28189] to the 3.9 branch.

props azaozz.
fixes #27880.

Built from https://develop.svn.wordpress.org/branches/3.9@28262


git-svn-id: http://core.svn.wordpress.org/branches/3.9@28090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-06 03:28:15 +00:00
Andrew Nacin f2512c50eb Avoid an expensive attachment counting query on the post editing screen.
Merges [28191], [28194] to the 3.9 branch.

props johnbillion.
fixes #27985.

Built from https://develop.svn.wordpress.org/branches/3.9@28261


git-svn-id: http://core.svn.wordpress.org/branches/3.9@28089 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-06 03:22:17 +00:00