WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
29,772 Commits 50 Branches 749 Tags 904 MiB
Commit Graph

14063 Commits

Author SHA1 Message Date
John Blackbourn a59dfc257f Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues. 
Merges [41457] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@41464


git-svn-id: http://core.svn.wordpress.org/branches/4.2@41297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 14:43:56 +00:00
John Blackbourn 6ddef3f8ab General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area. 
Merges [41434] with changes to the 4.2 branch.

See #13377

Built from https://develop.svn.wordpress.org/branches/4.2@41445


git-svn-id: http://core.svn.wordpress.org/branches/4.2@41278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 13:32:30 +00:00
Dominik Schilling e7865eb9ae Users: Provide a fallback for incorrect HTTP referrers. 
Merge of [41398] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@41423


git-svn-id: http://core.svn.wordpress.org/branches/4.2@41256 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 11:14:36 +00:00
Aaron Campbell a01117bf0d Bump 4.2 branch to version 4.2.15. 
Built from https://develop.svn.wordpress.org/branches/4.2@40753


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 21:52:23 +00:00
Aaron Campbell 566df4de1a Add nonce for updating file system credentials. 
Merges [40723] to 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40729


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 14:56:24 +00:00
Dominik Schilling 8f47014af6 Customize: Ignore invalid customization sessions. 
Merge of [40704] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@40710


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40573 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 12:19:29 +00:00
Pascal Birchler 5565b98dde Bump 4.2 branch to version 4.2.14. 
Built from https://develop.svn.wordpress.org/branches/4.2@40492


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40368 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-20 16:26:30 +00:00
Pascal Birchler 82c9b36ce7 Fix broken audio/video functions when sanitizing ID3 data 
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

See #40075, #40085.

Merges [40400] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40465


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40341 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-17 13:22:30 +00:00
James Nylen b9a98e7562 Bump 4.2 branch to version 4.2.13. 
Built from https://develop.svn.wordpress.org/branches/4.2@40207


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40146 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 16:32:30 +00:00
John Blackbourn 8299a48476 Press This: Verify intent before fetching in-page resources using Press This. 
Props vortfu

Merges [40195] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40201


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40140 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 14:04:31 +00:00
Aaron Campbell 2bc231688e Plugins: Add file check to plugin deletions. 
Merges [40169] to 4.2 branch.


Built from https://develop.svn.wordpress.org/branches/4.2@40175


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 13:03:30 +00:00
Jeremy Felt 933f556e84 Validate video and audio metadata. 
Merge of [40148] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40154


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 08:09:31 +00:00
Aaron Campbell f449b0a0ce Bump 4.2 branch to version 4.2.12. 
Built from https://develop.svn.wordpress.org/branches/4.2@40001


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 18:25:29 +00:00
John Blackbourn 22688ca8c6 Posts, Post Types: When using Excerpt mode on the Posts list table, ensure the excerpt output matches what was manually entered into the Excerpt field. 
Merges [39956] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@39984


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:17:17 +00:00
Dominik Schilling afc91088f4 Press This: Do not show Categories & Tags UI for users who cannot assign terms to posts anyways. 
Merge of [39968] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@39975


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:13:31 +00:00
Aaron Campbell ab64033700 Bump 4.2 branch to version 4.2.11. 
Built from https://develop.svn.wordpress.org/branches/4.2@39865


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39802 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 16:58:29 +00:00
Dominik Schilling 87912afcf6 Updates: Translate plugin data on the Updates screen. 
Merge of [39808] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@39825


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 11:42:26 +00:00
Aaron Campbell 9f4a883e2f Add nonce for widget accessibility mode. 
Props vortfu.

See #23328.

Merges [39765] to 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@39766


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39704 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 01:49:32 +00:00
Joe McGill 8afdd2be32 Media: Improved media titles when created from filename. 
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.

Merge of [38615] to the 4.2 branch.

Fixes #37989.

Built from https://develop.svn.wordpress.org/branches/4.2@39714


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-06 22:01:02 +00:00
Jeremy Felt e57416e1d7 Bump 4.2 branch to 4.2.10. 
Built from https://develop.svn.wordpress.org/branches/4.2@38553


git-svn-id: http://core.svn.wordpress.org/branches/4.2@38496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 15:00:32 +00:00
Jeremy Felt f7adf3c9d2 Media: Sanitize upload filename. 
Merge of [38538] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@38543


git-svn-id: http://core.svn.wordpress.org/branches/4.2@38486 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 13:59:32 +00:00
Pascal Birchler 0e5485fe33 Upgrade/Install: Sanitize file name in `File_Upload_Upgrader`. 
Merge of [38524] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@38529


git-svn-id: http://core.svn.wordpress.org/branches/4.2@38470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-06 17:55:29 +00:00
Gary Pendergast 2c40eb4cf2 Database: `dbDelta()` will no longer try to downgrade the size of `TEXT` and `BLOB` columns. 
When upgrading to `utf8mb4`, `TEXT` fields will be upgraded to `MEDIUMTEXT` (and likewise for all other `*TEXT` and `*BLOB` fields). This is to allow for the additional space requirements of `utf8mb4`.

On the subsequent upgrade, `dbDelta()` would try and downgrade the fields to their original size again. At best, this it a waste of time, at worst, this could truncate any data larger than the original size. There's no harm in leaving them at their new size, so let's do that.

The `FULLTEXT` indexes are removed from the tests, as `dbDelta()`'s `FULLTEXT` support was added in WordPress 4.4.

This also includes the `setUp()` and `tearDown()` parts of [32270], to allow the tests to run, and fixes a typo them.

Merge of [37525] to the 4.2 branch.
Partial merge of [36552] to the 4.2 branch.
Partial merge of [32270] to the 4.2 branch.

See #36748.


Built from https://develop.svn.wordpress.org/branches/4.2@37939


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-07-01 11:51:28 +00:00
Boone Gorges 3042245749 Bump 4.2 branch to 4.2.9. 
Built from https://develop.svn.wordpress.org/branches/4.2@37831


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 16:36:27 +00:00
Nikolay Bachiyski 3c1876e6c5 Admin: escape URL-encoded permalinks 
Merge of [37801] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@37812


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37777 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:54:28 +00:00
Rachel Baker d5a6676eb2 Revisions: Change the capability needed to view revision diffs to `edit_post`. 
Merge of [37779] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@37799


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37764 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:44:29 +00:00
Nikolay Bachiyski 437f727e8f Admin: Escape attachment name in case it contains special characters 
Merge of [37774] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@37789


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:26:11 +00:00
Boone Gorges b4bf158d3a Taxonomy: More specific cap check when processing category data on post save. 
Ports [37691] to the 4.2 branch.

Props dlh.
Fixes #36379.
Built from https://develop.svn.wordpress.org/branches/4.2@37776


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37741 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:21:38 +00:00
Dominik Schilling 569f0c90fc Customize: Make sure that preview and return URLs are URLs. 
Merge of [37527] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@37772


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:19:48 +00:00
Dominik Schilling 94306911e2 Bump 4.2 branch to 4.2.8. 
Built from https://develop.svn.wordpress.org/branches/4.2@37387


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37353 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-05-06 18:13:27 +00:00
Jeremy Felt 6d9698863c Multisite: Improve escaping in network settings. 
Merge of [37124] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@37127


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-03-30 16:02:49 +00:00
Dominik Schilling 1c4f8827a2 Multisite: Validate new email address confirmations. 
Merge of [37103] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@37106


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37073 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-03-30 14:50:27 +00:00
Dominik Schilling 666b9f8558 Bump 4.2 branch to 4.2.7. 
Built from https://develop.svn.wordpress.org/branches/4.2@36457


git-svn-id: http://core.svn.wordpress.org/branches/4.2@36424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-02-02 17:28:49 +00:00
Dominik Schilling c897bed043 Bump 4.2 branch to 4.2.6. 
Built from https://develop.svn.wordpress.org/branches/4.2@36198


git-svn-id: http://core.svn.wordpress.org/branches/4.2@36165 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-01-06 18:49:27 +00:00
Helen Hou-Sandí 629e2b70f7 Bump 4.2 branch to 4.2.5. 
Built from https://develop.svn.wordpress.org/branches/4.2@34182


git-svn-id: http://core.svn.wordpress.org/branches/4.2@34150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-15 14:27:44 +00:00
Dominik Schilling ec4db723d2 XMLRPC: Don't allow private posts to be sticky. 
Merge of [33325], [33612], and [34135] to the 4.2 branch.

See #20662.
Built from https://develop.svn.wordpress.org/branches/4.2@34152


git-svn-id: http://core.svn.wordpress.org/branches/4.2@34120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-14 22:51:28 +00:00
Nikolay Bachiyski c8d3901f8f List tables: escape user e-mails 
Merges [34133] for 4.2 branch

Built from https://develop.svn.wordpress.org/branches/4.2@34138


git-svn-id: http://core.svn.wordpress.org/branches/4.2@34106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-14 22:41:28 +00:00
Dominik Schilling a4279152fc Bump 4.2 branch to version 4.2.4. 
Built from https://develop.svn.wordpress.org/branches/4.2@33573


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-08-04 11:50:27 +00:00
Dominik Schilling b0b028eacd Heartbeat: Ensure post locks are released. 
Merge of [33542] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@33543


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-08-04 04:54:59 +00:00
Dominik Schilling fe8fa1b562 Nav menus: Adjust redundant titles in accessibility helpers. 
Merge of [33540] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@33541


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33508 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-08-04 04:54:09 +00:00
Gary Pendergast c58e9ddf35 Don't blindly trust the output of `glob()` to be an array. 
Props kitchin.

Merge of [33447] to the 4.2 branch.

Fixes #33093.


Built from https://develop.svn.wordpress.org/branches/4.2@33481


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-29 06:53:28 +00:00
Gary Pendergast d8eb8da38a Bump 4.2 branch to version 4.2.3. 
Built from https://develop.svn.wordpress.org/branches/4.2@33395


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33363 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-23 11:03:27 +00:00
Gary Pendergast 4cd2612edc Shortcodes: Improve the reliablity of shortcodes inside HTML tags. 
Merge of [33359] to the 4.2 branch.

Props miqrogroove.

See #15694.


Built from https://develop.svn.wordpress.org/branches/4.2@33360


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-22 05:44:27 +00:00
Gary Pendergast fe2d10ea5c Capabilities: When creating an auto-draft, ensure that the current user still has permission to do so. 
Merge of [33357] to the 4.2 branch.


Built from https://develop.svn.wordpress.org/branches/4.2@33358


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33330 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-22 04:06:28 +00:00
Dion Hulse 0f9cb9ce20 Updates: Better handling when the credential form is long (such as when SSH is active). This adds scrolling to the dialogue, and hides the SSH-specific fields when not using the SSH handler. 
Merges [32777] to the 4.2 branch, the JS changes were previously merged in [33304]
See #32435

Built from https://develop.svn.wordpress.org/branches/4.2@33319


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-18 05:25:28 +00:00
Andrew Ozz 020f33ba74 Widgets: 
- Fix dragging to the bottom of the screen on the Widgets and Dashboard screens.
- Fix hiding of the dragged widget when dragging over a closed sidebar.
- Fix the admin menu position and scrolling when all widget containers are folded.
Fixes #32094 for 4.2.
Built from https://develop.svn.wordpress.org/branches/4.2@33313


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-17 21:06:27 +00:00
Dion Hulse c4faea356b Updates: When an update fails (and it's not during the credential form) allow further updates to continue, with the assumption that the error only affects a single plugin. 
Props magicroundabout.
Merges [32780] to the 4.2 branch
Fixes #32110 for 4.2


Built from https://develop.svn.wordpress.org/branches/4.2@33306


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-17 04:09:27 +00:00
Dion Hulse 78b8290b7a Updates: Display the failure reason in addition to 'Update Failed', allows for debugging by site owners. 
Merges the behaviour of [32779] to the 4.2 branch without a string change.
See #32435, #32473

Built from https://develop.svn.wordpress.org/branches/4.2@33305


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-17 04:07:27 +00:00
Dion Hulse c33661c857 Updates: Better handling when the credential form is long (such as when SSH is active). 
Merges the JS changes from [32777] to the 4.2 branch
See #32435

Built from https://develop.svn.wordpress.org/branches/4.2@33304


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33276 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-17 04:03:26 +00:00
Dion Hulse 3f40fe30a8 Updates: When a connection failure occurs, and no credential form is present client side, allow it to fall through to the normal failure handlers. 
Merges [32776] to the 4.2 branch
See #32435

Built from https://develop.svn.wordpress.org/branches/4.2@33303


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33275 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-17 04:01:27 +00:00