Commit Graph

376 Commits

Author SHA1 Message Date
Dion Hulse 7317940591 Correct a typo in a docblock in [25055]. Props buffler. See #16754
Built from https://develop.svn.wordpress.org/trunk@25058


git-svn-id: http://core.svn.wordpress.org/trunk@25044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-20 07:10:09 +00:00
Dion Hulse 47c82e1c83 Remove some PHP4-ness from the antispambot() function, and update it to match some modern coding standards. Props hakre and crrobi01 for initial patches. Fixes #16754
Built from https://develop.svn.wordpress.org/trunk@25055


git-svn-id: http://core.svn.wordpress.org/trunk@25041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-20 06:08:09 +00:00
Dion Hulse 2da772855e Simplify _deep_replace() by removing it's obscure looping and replacement checking logic, and instead, using the PHP5 $count parameter of str_replace(). Props hakre. Fixes #16903
Built from https://develop.svn.wordpress.org/trunk@25054


git-svn-id: http://core.svn.wordpress.org/trunk@25040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-20 05:57:10 +00:00
Andrew Nacin 8ee6d136de Adjust esc_sql()'s @param documentation to reflect that it allows for arrays. props scribu, fixes #22573.
git-svn-id: http://core.svn.wordpress.org/trunk@24986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-05 22:11:30 +00:00
Andrew Nacin 3b4f3dea29 Deprecate wpdb::escape() in favor of wpdb::prepare() and esc_sql(). fixes #24774.
git-svn-id: http://core.svn.wordpress.org/trunk@24718 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-16 17:44:42 +00:00
Andrew Nacin 7690d7fbeb Move get_url_in_content() out of post-formats.php. see #24202.
git-svn-id: http://core.svn.wordpress.org/trunk@24683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-12 19:38:37 +00:00
Andrew Nacin bfb3b89672 Skip protocol checking in esc_url() when we are dealing with a relative URL. Prevents munging of colons in paths and query strings, when present in a protocol-relative URL.
props SergeyBiryukov.
fixes #21974.



git-svn-id: http://core.svn.wordpress.org/trunk@24642 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-10 13:45:22 +00:00
Andrew Nacin 720f37c374 Expand human_time_diff() from minutes/hours/days to also include weeks/months/years. Fix off-by-one issue.
props SergeyBiryukov, westi.
fixes #9272.



git-svn-id: http://core.svn.wordpress.org/trunk@24582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-08 13:00:34 +00:00
Sergey Biryukov 58c364947f PHPDoc fixes and additions. fixes #24616.
git-svn-id: http://core.svn.wordpress.org/trunk@24490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-21 12:45:11 +00:00
Andrew Nacin d80469f8a5 Fix storage of illegal_names. Add an upgrade routine to fix bad values.
props SergeyBiryukov.
see #23418.
for trunk.



git-svn-id: http://core.svn.wordpress.org/trunk@24448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-19 22:06:42 +00:00
Mark Jaquith 74c6071b9d Improve regular expressions by using a backreference to match right quote of quote pair when matching attributes.
props kovshenin. see #24225.

git-svn-id: http://core.svn.wordpress.org/trunk@24241 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-10 22:54:33 +00:00
Sergey Biryukov 74638ccb5a Fix typos in phpdoc. props TheLastCicada. fixes #24302.
git-svn-id: http://core.svn.wordpress.org/trunk@24229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-10 01:39:30 +00:00
Sergey Biryukov 415a5c60da * Pass ellipsis as a parameter to wp_html_excerpt() instead of appending it manually.
* Consolidate the logic to avoid appending ellipsis if the entire string is shown.
* Show ellipsis after truncated filenames and post titles.

props solarissmoke, bpetty, SergeyBiryukov. fixes #11446.

git-svn-id: http://core.svn.wordpress.org/trunk@24214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-09 00:22:02 +00:00
Sergey Biryukov 57c10eadbb Use ellipsis instead of three dots. props tjsingleton, jordie23, wojtek.szkutnik, DrewAPicture, SergeyBiryukov. see #8714.
git-svn-id: http://core.svn.wordpress.org/trunk@24207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-08 21:27:31 +00:00
Andrew Nacin 3139a0451e Variables passed by reference do not need to be set first.
props kovshenin.
see #24222.



git-svn-id: http://core.svn.wordpress.org/trunk@24129 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-29 14:48:31 +00:00
Andrew Nacin f1aeebf00b Improve the performance of backslashit() by avoiding regular expressions. backslashit() is used heavily in date_i18n().
props jbutkus.
fixes #22286.



git-svn-id: http://core.svn.wordpress.org/trunk@24051 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-22 20:01:57 +00:00
Sergey Biryukov d454a9c86b Remove duplicate array key. props tivnet. fixes #24021.
git-svn-id: http://core.svn.wordpress.org/trunk@23948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-10 15:55:53 +00:00
Peter Westwood 072cccd0e4 Formatting: Pass the blog charset to htmlspecialchars so that we don't eat non-UTF8 strings in PHP 5.4
Fixes #23688


git-svn-id: http://core.svn.wordpress.org/trunk@23685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-13 15:24:38 +00:00
Andrew Nacin 2ca0cdcdfe Properly handle timezones in get_date_from_gmt() rather than relying on the implicit gmt_offset. This offset is only good for the current time, rather than the passed time, which causes problems when converting a DST date when DST is not in effect, or vice versa.
Update get_gmt_from_date() to make these functions match in formatting, as they are complementary and just reverse a few operations.

props scholesmafia
Tests: [1233/tests]

fixes #20328.



git-svn-id: http://core.svn.wordpress.org/trunk@23618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-05 16:14:14 +00:00
Ryan Boren 15a06a35ab Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #WP21767


git-svn-id: http://core.svn.wordpress.org/trunk@23591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-03 16:30:38 +00:00
Ryan Boren 53f9496a2f Introduce wp_slash() and wp_unslash(). This will be used to cleanup the myriad calls to addslashes*, add_magic_quotes, stripslashes*. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:34:48 +00:00
Ryan Boren 43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Andrew Nacin b88b1c1f53 Move revisions/autosave and post format functions from wp-includes/post.php into revision.php and post-formats.php.
git-svn-id: http://core.svn.wordpress.org/trunk@23466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-21 21:24:34 +00:00
Helen Hou-Sandí 6d49a9cc8c Output fallbacks / theme compat for post format metadata.
* Currently handles link, quote, image, gallery, audio, and video formats.
* `add_theme_support()` for a given post format is now an indicator that the theme handles format-specific metadata.
* If no support for a given format is defined, fallback output will be generated and hooked onto the_content if a post has metadata for that format.
* Fallbacks attempt to be smart about not duplicating data already appearing in the post content itself. Gallery is particularly liberal, looking for any instance of the gallery shortcode in the content, not just an exact match to the gallery shortcode defined in the format-specific meta.
* Compat output defaults to being wrapped in a `div` with a class of `post-format-content`.

Theme authors: please test and evaluate, keeping in mind that the goal is to support user expectations of not losing format-specific data they've entered in the admin when viewing the front-end of their site.

props wonderboymusic, beaulebens, helen. see #23347.


git-svn-id: http://core.svn.wordpress.org/trunk@23450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-18 19:22:58 +00:00
Sergey Biryukov 8fb830eeda Fix typos in phpdoc. props markmcwilliams. fixes #23481.
git-svn-id: http://core.svn.wordpress.org/trunk@23434 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-15 18:59:56 +00:00
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Sergey Biryukov 9b347300e5 Correct the documentation for balanceTags(). Remove unnecessary boolean inversion. props TobiasBg. fixes #22537.
git-svn-id: http://core.svn.wordpress.org/trunk@23368 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-01 22:20:06 +00:00
Sergey Biryukov 8cfd9e3c81 PHPDoc fixes and additions. props bananastalktome, DrewAPicture. fixes #23313.
git-svn-id: http://core.svn.wordpress.org/trunk@23365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-01 18:07:08 +00:00
Sergey Biryukov 8dbeee25b9 Use digraphs for German umlauts in remove_accents(). props SergeyBiryukov, ocean90. fixes #3782.
git-svn-id: http://core.svn.wordpress.org/trunk@23361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-31 01:55:09 +00:00
Andrew Ozz 50ceba1323 Autop: <samp> is not a block tag, props toscho, fixes #18807
git-svn-id: http://core.svn.wordpress.org/trunk@23327 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-22 19:05:21 +00:00
Andrew Nacin c9a6c4ba0c Treat URL schemes as case insensitive when sanitizing them in esc_url().
props mdawaffe.
fixes #23187.
tests: [1184/tests]



git-svn-id: http://core.svn.wordpress.org/trunk@23303 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-17 15:07:32 +00:00
Peter Westwood f683fc7677 Tighten our braces. Fixes #23118 props evansolomon.
git-svn-id: http://core.svn.wordpress.org/trunk@23265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-04 10:13:51 +00:00
Helen Hou-Sandí ba9220bd1f s/Santizes/Sanitizes/ in phpdoc for sanitize_html_class(). props cais. fixes #22890.
git-svn-id: http://core.svn.wordpress.org/trunk@23189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-20 15:40:37 +00:00
Andrew Nacin 11e2073d89 Remove additional acute accents from permalink slugs via sanitize_title_with_dashes(). props SergeyBiryukov. fixes #22395.
git-svn-id: http://core.svn.wordpress.org/trunk@23176 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-13 09:59:28 +00:00
Andrew Nacin 97032e08aa Revert page on front changes. Reverts [22127] [22129] [22135] [22136]. see #16379.
git-svn-id: http://core.svn.wordpress.org/trunk@22653 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-19 01:28:32 +00:00
Andrew Nacin a73aa40cb5 Avoid an uncaught exception in get_gmt_from_date(). The return value is imperfect - date( $format, 0 ) - but better than a fatal error. props wonderboymusic. fixes #20942.
git-svn-id: http://core.svn.wordpress.org/trunk@22435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 20:07:41 +00:00
Jon Cave df39c7be71 Update shortcode regular expression commentary. See #17657.
git-svn-id: http://core.svn.wordpress.org/trunk@22401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-06 14:47:33 +00:00
Ryan Boren 3757d63f6b Allow hyphens in shortcode names.
Props kovshenin, solarissmoke, aaroncampbell
fixes #17657


git-svn-id: http://core.svn.wordpress.org/trunk@22382 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-05 22:27:36 +00:00
Ryan Boren 21d6dbc4a8 Fix wp_basename() for Windows by replacing %5C with /.
Props SergeyBiryukov
fixes #22138


git-svn-id: http://core.svn.wordpress.org/trunk@22310 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-25 22:31:17 +00:00
Ryan Boren 80a142c6a4 Pass each url in ping_sites through esc_url_raw() upin save. This ensures the urls have a valid protocol and avoids "Unable to parse URL" warning in WP_Http. Props SergeyBiryukov. fixes #21966
git-svn-id: http://core.svn.wordpress.org/trunk@22255 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-17 17:44:40 +00:00
Andrew Nacin 853184672d Set show_on_front to 'posts' when no value is set. This occurs when the show_on_front checkbox is left unchecked and then sent through options.php. fixes #22131.
git-svn-id: http://core.svn.wordpress.org/trunk@22135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-08 18:41:19 +00:00
Andrew Nacin 1009245fa1 Remove the 'Size of the post box' (default_post_edit_rows) option. This will instead be handled by a user cookie tracking the resizing of both TinyMCE and the main textarea. see #21718.
git-svn-id: http://core.svn.wordpress.org/trunk@22006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-26 03:17:28 +00:00
Andrew Nacin a6c93e2f65 Always attempt to embed URLs in content, removing the Auto-embeds (autoembed_urls) option.
Remove the UI for setting the default width and height for embeds. Width was confusing as it
was blank by default (inheriting the content width from the theme, or 500px). The height is
now calculated as 1.5x the content width, or 1000px, whichever is smaller.

The [embed] shortcode can still receive manual height and width attributes. This just removes
the global settings.

props wonderboymusic. see #21719.



git-svn-id: http://core.svn.wordpress.org/trunk@21998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 07:10:09 +00:00
Andrew Nacin 557d9313a7 Introduce constants to allow for easier expression of time periods in seconds. Adds MINUTE_IN_SECONDS, HOUR_IN_SECONDS, DAY_IN_SECONDS, WEEK_IN_SECONDS, YEAR_IN_SECONDS. props nbachiyski, SergeyBiryukov. fixes #20987.
git-svn-id: http://core.svn.wordpress.org/trunk@21996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 05:26:19 +00:00
Andrew Nacin 0d37467603 Move sanitization for the multisite illegal_names, limited_email_domains, and banned_email_domains options to sanitize_option(). props wonderboymusic. fixes #21552.
git-svn-id: http://core.svn.wordpress.org/trunk@21993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 01:54:12 +00:00
Andrew Nacin 8fd2fb4998 Synchronize block-level elements between the JS and PHP versions of wpautop. props SergeyBiryukov. fixes #18534.
git-svn-id: http://core.svn.wordpress.org/trunk@21888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-18 17:32:44 +00:00
Andrew Nacin 1beb18d241 Add Pinyin diacritics to remove_accents(). Remove these diacritics in sanitize_title_with_dashes() on save as well. props bolo1988, SergeyBiryukov. fixes #20772.
git-svn-id: http://core.svn.wordpress.org/trunk@21859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-15 20:01:08 +00:00
Andrew Nacin a8a78b8975 "[ ] Discourage search engines from indexing this site". fixes #16416.
git-svn-id: http://core.svn.wordpress.org/trunk@21851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-14 20:26:20 +00:00
Andrew Nacin f4c9c9ce0d Use the non-slashing variants of kses functions in sanitize_option() to avoid slash ping pong. fixes #21892.
git-svn-id: http://core.svn.wordpress.org/trunk@21850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-14 19:32:53 +00:00
Andrew Nacin f54edf701a When balancing tags, properly close tags that shouldn't be self-closed but are. Support all self-closing tags.
props coffee2code.
fixes #1597.



git-svn-id: http://core.svn.wordpress.org/trunk@21828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-13 16:39:06 +00:00