Commit Graph

28543 Commits

Author SHA1 Message Date
Dominik Schilling cd0d7d699d Multisite: Validate new email address confirmations.
Merge of [37103] to the 4.1 branch.
Built from https://develop.svn.wordpress.org/branches/4.1@37107


git-svn-id: http://core.svn.wordpress.org/branches/4.1@37074 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-30 14:50:48 +00:00
Nikolay Bachiyski 63bde8f97e Snoopy: use escapeshellarg instead of escapeshellcmd
We are escaping arguments, not commands, so we'd better use the semantically correct function, even though they are similar.

Merges [37094] to the 4.1 branch.

Built from https://develop.svn.wordpress.org/branches/4.1@37098


git-svn-id: http://core.svn.wordpress.org/branches/4.1@37065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-30 14:10:23 +00:00
Dominik Schilling 7df345b1cc Bump 4.1 branch to 4.1.10.
Built from https://develop.svn.wordpress.org/branches/4.1@36458


git-svn-id: http://core.svn.wordpress.org/branches/4.1@36425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 17:29:22 +00:00
Dominik Schilling 5b076e981c Better validation of the URL used in HTTP redirects.
Merges [36444] to the 4.1 branch.
Built from https://develop.svn.wordpress.org/branches/4.1@36450


git-svn-id: http://core.svn.wordpress.org/branches/4.1@36417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 17:00:50 +00:00
Dominik Schilling ac434506e1 HTTP: `0.1.2.3` is not a valid IP.
Merges [36435] to the 4.1 branch.
Built from https://develop.svn.wordpress.org/branches/4.1@36439


git-svn-id: http://core.svn.wordpress.org/branches/4.1@36406 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 13:04:42 +00:00
Dominik Schilling 197d5128b2 Bump 4.1 branch to 4.1.9.
Built from https://develop.svn.wordpress.org/branches/4.1@36199


git-svn-id: http://core.svn.wordpress.org/branches/4.1@36166 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 18:50:23 +00:00
Aaron Jorbin e253e4e3d6 Theme: Escape error messages
[36185] for 4.1 branch

Built from https://develop.svn.wordpress.org/branches/4.1@36189


git-svn-id: http://core.svn.wordpress.org/branches/4.1@36156 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 17:26:50 +00:00
Dion Hulse 3ff8fa5386 Background Updates: Remove the 7am/7pm background update check.
This changeset is a more basic version of [36180], clearing the extra now redundant schedule.
As the functionality for this was introduced in 3.9, [28129] has been backported to 3.7/3.8, allowing the API TTL to be respected by those versions.

See #27772.
Fixes #35323.

Built from https://develop.svn.wordpress.org/trunk@36184


git-svn-id: http://core.svn.wordpress.org/branches/4.1@36151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 13:24:33 +00:00
Dion Hulse a86aa0bf8e Update Akismet externals
git-svn-id: http://core.svn.wordpress.org/branches/4.1@35107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-13 17:19:01 +00:00
Helen Hou-Sandí a39030c223 Finish bumping the 4.1 branch to 4.1.8.
Built from https://develop.svn.wordpress.org/branches/4.1@34192


git-svn-id: http://core.svn.wordpress.org/branches/4.1@34160 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 14:51:36 +00:00
Helen Hou-Sandí a4add78415 Bump 4.1 branch to 4.1.8.
Built from https://develop.svn.wordpress.org/branches/4.1@34183


git-svn-id: http://core.svn.wordpress.org/branches/4.1@34151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 14:28:10 +00:00
Dominik Schilling d38d60223d XMLRPC: Don't allow private posts to be sticky.
Merge of [33325], [33612], and [34135] to the 4.1 branch.

See #20662.
Built from https://develop.svn.wordpress.org/branches/4.1@34153


git-svn-id: http://core.svn.wordpress.org/branches/4.1@34121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 23:01:22 +00:00
Nikolay Bachiyski 76e13dd238 Shortcodes: don't allow unclosed HTML elements in attributes
Merges [34134] for 4.1 branch

Built from https://develop.svn.wordpress.org/branches/4.1@34146


git-svn-id: http://core.svn.wordpress.org/branches/4.1@34114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 22:48:48 +00:00
Nikolay Bachiyski 0da231a2d9 List tables: escape user e-mails
Merges [34133] for 4.1 branch

Built from https://develop.svn.wordpress.org/branches/4.1@34139


git-svn-id: http://core.svn.wordpress.org/branches/4.1@34107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 22:42:23 +00:00
Gary Pendergast 76718f2ec0 WPDB: `get_table_from_query()` didn't find table names with hyphens in them.
Merge of [33718] to the 4.1 branch.

Props dustinbolton, pento.

See #33470.


Built from https://develop.svn.wordpress.org/branches/4.1@33993


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33962 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 07:00:23 +00:00
Gary Pendergast a3540aa14d Capabilities: Fall back to the `edit_posts` capability for orphaned comments.
Merge of the `capabilities.php` part of [33614] to the 4.2 branch.

Props pento, dd32.

See #33154.


Built from https://develop.svn.wordpress.org/branches/4.1@33973


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 06:06:23 +00:00
Dominik Schilling 9460b427a2 Bump 4.1 branch to version 4.1.7.
Built from https://develop.svn.wordpress.org/branches/4.1@33574


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33541 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 11:51:21 +00:00
Dion Hulse c1e878721b Fix `do_shortcode('<[shortcode]')` edge case.
Props miqrogroove.

Merges [33499] to the 4.1 branch.
See #33116.

Built from https://develop.svn.wordpress.org/branches/4.1@33564


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 07:17:21 +00:00
Dominik Schilling 738c837a58 Comments: IDs are integers.
Merge of [33555] to the 4.1 branch.
Built from https://develop.svn.wordpress.org/branches/4.1@33557


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 04:59:20 +00:00
Dominik Schilling e32ef74d05 Themes: Fix some broken links in the legacy theme preview.
Merge of [33549] to the 4.1 branch.
Built from https://develop.svn.wordpress.org/branches/4.1@33550


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33517 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 04:57:08 +00:00
Dominik Schilling f5171862ba Heartbeat: Ensure post locks are released.
Merge of [33542] to the 4.1 branch.
Built from https://develop.svn.wordpress.org/branches/4.1@33544


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 04:55:19 +00:00
Dominik Schilling a967da1a9e Customizer: Use `hash_equals()` for widgets.
Merge of [33535] to the 4.1 branch.
Built from https://develop.svn.wordpress.org/branches/4.1@33537


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 04:52:35 +00:00
Dominik Schilling 3b8a94550b Nav menus: Consistent titles in widgets.
Merge of [33529] to the 4.1 branch.
Built from https://develop.svn.wordpress.org/branches/4.1@33530


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33497 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-03 20:58:03 +00:00
Andrew Ozz 922040e867 Backport r33469 and r33470 to 4.1.
See #33106.
Built from https://develop.svn.wordpress.org/branches/4.1@33521


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-31 01:43:23 +00:00
Gary Pendergast cec063ad22 WPDB: When checking the encoding of strings against the database, make sure we're only relying on the return value of strings that were sent to the database. Also make sure that we're not trying to sanity check strings that've been marked as not needing sanity checking.
Merge of [33455] to the 4.1 branch.

See #32279.


Built from https://develop.svn.wordpress.org/branches/4.1@33480


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-29 06:49:21 +00:00
Gary Pendergast 50e855410b WPDB: `::strip_text_from_query()` doesn't pass a length to `::strip_invalid_text()`, which was causing queries to fail when they contained characters that needed to be sanity checked by MySQL.
Props dd32, mdawaffe, pento.

Merges [33310] to the 4.1 branch.

See #32279.

Built from https://develop.svn.wordpress.org/branches/4.1@33479


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33446 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-29 06:46:21 +00:00
Gary Pendergast 0f529b177c WPDB: Remove some of the complexities in `::strip_invalid_text()` associated with switching character sets between queries. Instead of trying to dynamically change connection character sets, we now rely on the value of `::charset`. This also fixes the case where queries were being blocked when `DB_CHARSET` was `utf8`, but the column character set was non-`utf8`.
Merge of [33308] to the 4.1 branch.

See #32165.


Built from https://develop.svn.wordpress.org/branches/4.1@33478


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-29 06:35:21 +00:00
Gary Pendergast eb9a250ae8 WPDB: When checking that text isn't too long to insert into a column, `LONGTEXT` columns could fail, as their length is longer than `PHP_INT_MAX`. Treating their length as a `float` instead of an `int` fixes this.
Merge of [33276] to the 4.1 branch.

See #32165.


Built from https://develop.svn.wordpress.org/branches/4.1@33477


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33444 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-29 06:29:22 +00:00
Gary Pendergast fae5374051 Bump 4.1 branch to version 4.1.6.
Built from https://develop.svn.wordpress.org/branches/4.1@33396


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 11:05:21 +00:00
Gary Pendergast 00ffae7300 Shortcodes: Improve the reliablity of shortcodes inside HTML tags.
Merge of [33359] to the 4.1 branch.

Props miqrogroove.

See #15694.


Built from https://develop.svn.wordpress.org/branches/4.1@33380


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 04:37:22 +00:00
Gary Pendergast a9e97c7ad5 Capabilities: When creating an auto-draft, ensure that the current user still has permission to do so.
Merge of [33357] to the 4.1 branch.


Built from https://develop.svn.wordpress.org/branches/4.1@33375


git-svn-id: http://core.svn.wordpress.org/branches/4.1@33346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 03:54:21 +00:00
Michael Adams 3989e1f450 Upgrade: `$wpdb->get_col_length()` sanity check: bail on unexpected return value.
Merges [32429] for the 4.1 branch.

See #32165.

Built from https://develop.svn.wordpress.org/branches/4.1@32431


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 23:13:22 +00:00
Dominik Schilling 3e3300395a Add closing paragraph tag for the 4.1.5 changelog entry.
Built from https://develop.svn.wordpress.org/branches/4.1@32428


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 23:04:23 +00:00
Dominik Schilling 3aa108639d 4.1.5 version bumps.
Built from https://develop.svn.wordpress.org/branches/4.1@32425


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32395 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 22:18:23 +00:00
Michael Adams 2b8283ed89 Upgrade: Ensure unintelligible DB schemas don't result in content loss.
Merge of [32417] to the 4.1 branch.

See #32165.

Props ocean90.

Built from https://develop.svn.wordpress.org/branches/4.1@32419


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 21:51:24 +00:00
John Blackbourn 4d1c0c85a6 WPDB: Allow queries to reference tables in the dbname.tablename format, and allow table names to contain any valid character, rather than just ASCII.
Merge of [32368] to the 4.1 branch.

Props pento, willstedt for the initial patch.

See #32090.

Built from https://develop.svn.wordpress.org/branches/4.1@32412


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32382 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 21:02:23 +00:00
Dominik Schilling dc0748284b WPDB: When sanity checking query character sets, there's no need to check queries that don't return user data.
Merges [32374] to the 4.1 branch.

props pento.
see #32104.
Built from https://develop.svn.wordpress.org/branches/4.1@32402


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 20:02:23 +00:00
Aaron Jorbin 26563868af When upgrading WordPress remove genericons example.html files
[32385] for 4.1 branch

Props @dd32, @boonebgorges, @johnjamesjacoby, @drewapicture, @jorbin


Built from https://develop.svn.wordpress.org/branches/4.1@32401


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32371 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:58:22 +00:00
Helen Hou-Sandí e258184716 The UTF-8 regex can occasionally fail on very low memory machines. Reduce the amount of memory it uses.
Merges [32375] to the 4.1 branch.

props pento.
See #32204.

Built from https://develop.svn.wordpress.org/branches/4.1@32396


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:42:23 +00:00
Dominik Schilling 4f3aedcdbe Bundled Themes: Remove Genericons example.html files.
Merge [32392] to the 4.1 branch.
Built from https://develop.svn.wordpress.org/branches/4.1@32394


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:34:22 +00:00
Michael Adams bb96e5b686 WPDB: When checking that a string can be sent to MySQL, we shouldn't use `mb_convert_encoding()`, as it behaves differently to MySQL's character encoding conversion.
Merge of [32364] to the 4.1 branch.

Props mdawaffe, pento, nbachiyski, jorbin, johnjamesjacoby, jeremyfelt.

See #32165.

Built from https://develop.svn.wordpress.org/branches/4.1@32387


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32357 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 19:07:25 +00:00
Andrew Ozz f70e3c08da TinyMCE: work-around a bug in the tags matching regex.
For 4.1.
Built from https://develop.svn.wordpress.org/branches/4.1@32371


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32341 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 05:33:26 +00:00
Gary Pendergast 9037f65f7a 4.1: When upgrading, remove any suspicious comments.
Built from https://develop.svn.wordpress.org/branches/4.1@32312


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-27 17:13:24 +00:00
Andrew Nacin dbe23fa6f9 WPDB: Sanity check that any strings being stored in the DB are not too long to store correctly.
Merge [32299] to the 4.1 and 4.2 branches.

Built from https://develop.svn.wordpress.org/@32307


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-27 15:31:44 +00:00
Gary Pendergast b502bf4430 4.1 branch is now 4.1.4.
Built from https://develop.svn.wordpress.org/branches/4.1@32301


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-27 14:07:23 +00:00
Helen Hou-Sandí 5f82891015 The 4.1 branch is now 4.1.3.
Built from https://develop.svn.wordpress.org/branches/4.1@32281


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-23 19:57:25 +00:00
Gary Pendergast ee5a9ef1a0 The 4.1 branch is now 4.1.3-RC1.
Built from https://develop.svn.wordpress.org/branches/4.1@32263


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32234 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-22 15:06:22 +00:00
Gary Pendergast 08c78f29d4 WPDB: When sanity checking a string by sending it to MySQL for conversion checks, the incorrect data structure was being returned from `wpdb::strip_invalid_text()`, causing all write queries to fail for some character sets when the query contained non-ASCII characters.
Merge of [32261] to the 4.1 branch.

See #32051.

Built from https://develop.svn.wordpress.org/branches/4.1@32262


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32233 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-22 15:05:22 +00:00
Gary Pendergast d110b87090 The 4.1 branch is now 4.1.2.
Built from https://develop.svn.wordpress.org/branches/4.1@32244


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-21 14:18:26 +00:00
Gary Pendergast e467eb6c93 WPDB: When deciding if a query needs extra sanity checking based on collation, return early when we can. Merges [32232] and [32233] to the 4.1 branch.
See #32029.


Built from https://develop.svn.wordpress.org/branches/4.1@32234


git-svn-id: http://core.svn.wordpress.org/branches/4.1@32208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-21 05:44:23 +00:00