Commit Graph

166 Commits

Author SHA1 Message Date
Sergey Biryukov 15a1e0731e Use proper functions for escaped translations.
pros jcastaneda.
fixes #30012.
Built from https://develop.svn.wordpress.org/trunk@29961


git-svn-id: http://core.svn.wordpress.org/trunk@29708 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-18 20:11:18 +00:00
Sergey Biryukov 504d4ad5eb Change the default orderby value in wp_get_nav_menus() to 'name'.
props voldemortensen, igmoweb.
fixes #29460.
Built from https://develop.svn.wordpress.org/trunk@29792


git-svn-id: http://core.svn.wordpress.org/trunk@29564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-09-29 15:45:16 +00:00
Helen Hou-Sandí 23905f1616 Remove remaining title attributes from default-widgets.php, with the exception of the one on the link to WordPress.org. fixes #26552.
Built from https://develop.svn.wordpress.org/trunk@29338


git-svn-id: http://core.svn.wordpress.org/trunk@29118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-01 17:05:16 +00:00
Sergey Biryukov fdd0756e5a Add a class for get_comment_author_link() in Recent Comments widget.
props DrewAPicture, dannydehaan, 5um17.
fixes #27944.
Built from https://develop.svn.wordpress.org/trunk@29241


git-svn-id: http://core.svn.wordpress.org/trunk@29025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-19 02:44:14 +00:00
Scott Taylor b930c3a6fe Cleanup `wp_widget_rss_form()` after [28734]. "$$input used sanitized variables which contained actual values, unlike $inputs[$input] which in that context contains data about which input fields are hidden."
Props kovshenin.
Fixes #27881.

Built from https://develop.svn.wordpress.org/trunk@28787


git-svn-id: http://core.svn.wordpress.org/trunk@28600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-20 17:29:14 +00:00
Scott Taylor ecf0e4702f Don't use a variable variable in `wp_widget_rss_form()`. Sidenote: the logic to show hidden fields is bizarre - would result in duplicate fields.
See #27881.

Built from https://develop.svn.wordpress.org/trunk@28734


git-svn-id: http://core.svn.wordpress.org/trunk@28548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-11 16:18:17 +00:00
Sergey Biryukov f4a6632200 Clean up wp_widget_rss_output():
* Fix appending […] to $summary.
* Use wp_trim_words() instead of wp_html_excerpt().
* Trim $title before checking if it's empty. props UmeshSingla.
* Use correct escaping function for $title.

fixes #28356.
Built from https://develop.svn.wordpress.org/trunk@28586


git-svn-id: http://core.svn.wordpress.org/trunk@28411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-27 11:08:14 +00:00
Scott Taylor 49af14fde0 `WP_Date_Query` was only missing one access modifier.
Add access modifier (`public`) to all default widgets' class methods.

See #27881, #22234.

Built from https://develop.svn.wordpress.org/trunk@28532


git-svn-id: http://core.svn.wordpress.org/trunk@28358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-19 17:30:17 +00:00
Scott Taylor fdaea6b7f2 Eliminate use of `extract()` in `wp_widget_rss_form()`.
See #22400.

Built from https://develop.svn.wordpress.org/trunk@28449


git-svn-id: http://core.svn.wordpress.org/trunk@28276 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-16 15:38:14 +00:00
Scott Taylor 6e8e30bb1e Eliminate use of `extract()` in `wp_widget_rss_output()`.
Add `'items' => 0` to `$default_args`. When `0`, the value is set to `10` (the fallback). 
Every other default arg has a default value of `0`.

`items` is expected to always be passed to this function.

See #22400.

Built from https://develop.svn.wordpress.org/trunk@28440


git-svn-id: http://core.svn.wordpress.org/trunk@28267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 19:42:13 +00:00
Scott Taylor 157f811a5e Eliminate use of `extract()` in `WP_Widget_RSS::widget()`.
See #22400.

Built from https://develop.svn.wordpress.org/trunk@28439


git-svn-id: http://core.svn.wordpress.org/trunk@28266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 19:36:15 +00:00
Scott Taylor 67c51361d6 Eliminate use of `extract()` in `default-widgets.php`.
Props rzen, wonderboymusic.

See #22400.

Built from https://develop.svn.wordpress.org/trunk@28433


git-svn-id: http://core.svn.wordpress.org/trunk@28260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 16:33:15 +00:00
Mark Jaquith a43313fe12 Use '— Select —' instead of '-- Select --' for nav menus. Looks nicer.
see #27878
Built from https://develop.svn.wordpress.org/trunk@28205


git-svn-id: http://core.svn.wordpress.org/trunk@28035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-25 00:35:25 +00:00
Mark Jaquith 8c830cef80 Force users to choose a nav menu in the custom nav menu widget, for a better customizer UX
Before, they had to make a dummy change to get it to render. Now they
are made to choose a nav menu from the dropdown, which feels more
natural.

fixes #27878 for trunk. props westonruter
Built from https://develop.svn.wordpress.org/trunk@28197


git-svn-id: http://core.svn.wordpress.org/trunk@28027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-24 20:45:31 +00:00
Dominik Schilling 77beef348d Recent Posts Widget: Use `ob_end_flush()` instead of `ob_flush()`.
`ob_end_flush()` flushes the output buffer *and* turns output buffering off, same as `ob_get_flush()`.

props m_i_n.
see #28009 for trunk.

Built from https://develop.svn.wordpress.org/trunk@28195


git-svn-id: http://core.svn.wordpress.org/trunk@28025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-24 19:48:19 +00:00
Dominik Schilling 598907559c WP_Widget: Introduce `is_preview()` method.
With the Widget Customizer it's possible that previewed widgets can leak data outside of Customizer, when the widget uses the cache API.
The Customizer calls the regular update callback which should already refresh the cache. Since cache additions aren't blocked yet the cache can be filled with preview data.
To prevent this issue `WP_Widget::is_preview()` will return true, when `$wp_customize->is_preview()` returns true. If `is_preview()` is true, cache additions are suspended via `wp_suspend_cache_addition()`. Make sure your object cache drop-in has implemented `wp_suspend_cache_addition()`.

`is_preview()` can/should also be used inside `WP_Widget::widget()`, see WP_Widget_Recent_Posts or WP_Widget_Recent_Comments for examples.

For more info see IRC logs: http://irclogs.wordpress.org/chanlog.php?channel=wordpress-dev&day=2014-04-02&sort=asc#m824279

props westonruter.
fixes #27538.
Built from https://develop.svn.wordpress.org/trunk@27966


git-svn-id: http://core.svn.wordpress.org/trunk@27796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-06 18:48:16 +00:00
Drew Jaynes e6d9f04bcc Inline documentation for hooks in wp-includes/default-widgets.php.
Props janw.oostendorp and kpdesign.
Fixes #25638.

Built from https://develop.svn.wordpress.org/trunk@27697


git-svn-id: http://core.svn.wordpress.org/trunk@27536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-25 08:53:14 +00:00
Andrew Nacin 3ffc6dd559 RSS widgets: Omit the title attribute when the summary is shown.
Trim the title attribute to ensure whitespace isn't rendered.

props SergeyBiryukov.
fixes #26520. see #26552.

Built from https://develop.svn.wordpress.org/trunk@27691


git-svn-id: http://core.svn.wordpress.org/trunk@27530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-24 21:08:15 +00:00
Dominik Schilling e1fde8d510 In Recent Posts widget set default number to 5.
props afercia.
fixes #27417.
Built from https://develop.svn.wordpress.org/trunk@27561


git-svn-id: http://core.svn.wordpress.org/trunk@27404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-17 17:01:14 +00:00
John Blackbourn 79d274f2f6 Add context and a missing period to widget descriptions. Fixes #26668. Props pavelevap, Hanni
Built from https://develop.svn.wordpress.org/trunk@27412


git-svn-id: http://core.svn.wordpress.org/trunk@27259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-05 17:26:17 +00:00
Andrew Nacin 0c16c0477b Reference https://wordpress.org rather than http://wordpress.org in strings, links, comments, etc.
props Ipstenu, markjaquith.
see #27115.

Built from https://develop.svn.wordpress.org/trunk@27369


git-svn-id: http://core.svn.wordpress.org/trunk@27219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-03 02:34:27 +00:00
Andrew Ozz db074f8e65 Widgets: improve the help text on the Widgets screen, props siobhan, props Hanni, fixes #26244.
Built from https://develop.svn.wordpress.org/trunk@26505


git-svn-id: http://core.svn.wordpress.org/trunk@26399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-01 18:29:09 +00:00
Andrew Nacin 791e807f08 More dash updates.
* Shuffle around some pixels.
 * Rename some things that weren't caught in [26220].
 * Revert default-widgets.php change from [26144].
props lessbloat.
see #25824.

Built from https://develop.svn.wordpress.org/trunk@26230


git-svn-id: http://core.svn.wordpress.org/trunk@26137 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-15 22:23:09 +00:00
Andrew Nacin 809b335f7a Merge the new dashboard design into core.
Merges https://github.com/growthdesigner/wp-dash.

props lessbloat, joen, helen, dbernar1, kraftbj, ryelle, tillkruess, grapplerulrich, markjaquith.
see #25824.

Built from https://develop.svn.wordpress.org/trunk@26144


git-svn-id: http://core.svn.wordpress.org/trunk@26055 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 22:09:10 +00:00
Andrew Nacin ce637bdcb3 Remove redundant title attributes.
props sabreuse.
see #24766.

Built from https://develop.svn.wordpress.org/trunk@25675


git-svn-id: http://core.svn.wordpress.org/trunk@25591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-02 22:51:10 +00:00
Scott Taylor 569bcc5dad Use `wp_get_nav_menus()` instead of `get_terms('nav_menu')` in `WP_Nav_Menu_Widget` to preserve use of `wp_get_nav_menus' filter.
Props Frank Klein.
Fixes #25263.


Built from https://develop.svn.wordpress.org/trunk@25332


git-svn-id: http://core.svn.wordpress.org/trunk@25294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 23:30:10 +00:00
Sergey Biryukov 05d55a400b Avoid PHP notices when configuring the Incoming Links dashboard widget. fixes #25250.
Built from https://develop.svn.wordpress.org/trunk@25298


git-svn-id: http://core.svn.wordpress.org/trunk@25261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-07 18:17:10 +00:00
Dominik Schilling 79fffba674 Flush the cache in Recent Comments widget on edit_comment. props pento, fixes #24779.
Built from https://develop.svn.wordpress.org/trunk@25049


git-svn-id: http://core.svn.wordpress.org/trunk@25036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-17 09:30:09 +00:00
Sergey Biryukov 98d6c31f84 Avoid an undefined index notice in WP_Widget_Recent_Posts::update(). props jrf. fixes #24577.
git-svn-id: http://core.svn.wordpress.org/trunk@24504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-23 08:20:08 +00:00
Sergey Biryukov 633a6fb400 Don't append ellipsis in RSS widget if the entire content is shown. props kovshenin. fixes #21702.
git-svn-id: http://core.svn.wordpress.org/trunk@24213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-08 23:23:05 +00:00
Sergey Biryukov 13c93f4dd5 Simplify logic in WP_Widget_Recent_Posts and WP_Widget_Recent_Comments. fixes #23089.
git-svn-id: http://core.svn.wordpress.org/trunk@23597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-04 02:14:23 +00:00
Ryan Boren 43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Sergey Biryukov 7b62637af7 Add a missing closing tag. fixes #23510. see #14358.
git-svn-id: http://core.svn.wordpress.org/trunk@23454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-19 02:06:21 +00:00
Sergey Biryukov 6a8a7a76b4 Filter "Powered by WordPress" text in Meta widget. props Viper007Bond, wonderboymusic. fixes #14358.
git-svn-id: http://core.svn.wordpress.org/trunk@23424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-15 16:20:14 +00:00
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Sergey Biryukov 7a77f47f55 Use correct escaping function. fixes #23334.
git-svn-id: http://core.svn.wordpress.org/trunk@23413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 05:52:23 +00:00
Andrew Nacin f2f9551287 Add context to the 'Random' string. It is now used in two places: gallery order and the links widget. props pavelevap, fixes #22724.
git-svn-id: http://core.svn.wordpress.org/trunk@23021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-04 14:49:44 +00:00
Andrew Nacin 56c1b7c7ff Final HiDPI tweaks. Don't use rss-2x.png on a front-end widget. Improve selectors for favicons in the toolbar to avoid breaking existing images. Remove unnecessary RTL styles. FIXES #21019.
git-svn-id: http://core.svn.wordpress.org/trunk@22481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-09 02:06:59 +00:00
Andrew Ozz 1276bcefb5 More retina backgrounds and bits, props saracannon, empireoflight and lessbloat, see #21019
git-svn-id: http://core.svn.wordpress.org/trunk@22439 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 20:54:08 +00:00
Andrew Nacin dc40f18228 Merge some strings. props pavelevap. fixes #22306.
git-svn-id: http://core.svn.wordpress.org/trunk@22430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 19:37:54 +00:00
Andrew Nacin fb2c9e7e4f Prime post caches for the Recent Comments widget. props mitchoyoshitaka. see #15400.
git-svn-id: http://core.svn.wordpress.org/trunk@22278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-23 14:18:37 +00:00
Ryan Boren 77518e9c71 Objects no longer need to be explicitly passed by ref to call_user_func*() to be callable. Props wonderboymusic. fixes #21865
git-svn-id: http://core.svn.wordpress.org/trunk@22118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-04 20:00:16 +00:00
Andrew Nacin 0ced797e20 Close label. props lancewillett, fixes #21064.
git-svn-id: http://core.svn.wordpress.org/trunk@21978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-24 19:16:53 +00:00
Peter Westwood d8e08eb3c2 Widgets: Add support for display the post date in the Recent Posts widget. Fixes #21064 props lancewillett and SergeyBiryukov.
git-svn-id: http://core.svn.wordpress.org/trunk@21935 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-21 10:05:54 +00:00
Andrew Nacin a2b71e7fae Use selected() in default widgets. props SergeyBiryukov, iamfriendly. fixes #21451.
git-svn-id: http://core.svn.wordpress.org/trunk@21867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-16 16:51:12 +00:00
Andrew Nacin aa2fdd48ae Calendar widget: Don't print widget title markup when the title is empty. props jakub.tyrcha. fixes #17837.
git-svn-id: http://core.svn.wordpress.org/trunk@21841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-13 19:46:24 +00:00
Andrew Nacin 84c3a86036 Hide the link manager from the UI on upgrade, if the site has no links. New DB option, link_manager_enabled.
Enforce this by denying the 'manage_links' capability, which hides the All Links, Add New Link, and Link Categories screens. Hide WP_Widget_Links and the UI for the default_link_category as well.

Convert all references to 'posts and links' when handling reassignment on user deletion to just 'posts'.

see #21307.



git-svn-id: http://core.svn.wordpress.org/trunk@21501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-13 16:18:42 +00:00
nacin 64f77982ab Use get_taxonomies() instead of get_object_taxonomies() in the tag cloud widget. props GautamGupta, scribu. see #20238, see #16125.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-24 14:00:52 +00:00
duck_ 8750c95b4a Remove dead code from the Links widget. Props pavelevap, SergeyBiryukov. Fixes #19179.
The widget() method isn't called on the admin screen.


git-svn-id: http://svn.automattic.com/wordpress/trunk@20245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-21 21:01:05 +00:00
duck_ e8fb683689 Add a trailing colon for consistency with other widget labels. See #20158.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20083 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-02 20:25:12 +00:00