Commit Graph

196 Commits

Author SHA1 Message Date
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Peter Westwood f683fc7677 Tighten our braces. Fixes #23118 props evansolomon.
git-svn-id: http://core.svn.wordpress.org/trunk@23265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-04 10:13:51 +00:00
Andrew Nacin a8d599eae5 Fix disabling of the link manager on upgrade from 3.4.2 when there are no links.
In the 3.4 branch we bumped the DB version past the version used for disabling links in trunk, preventing it from running. In the future, we must avoid increasing branch DB version bumps to HEAD.

props SergeyBiryukov.
fixes #22626.



git-svn-id: http://core.svn.wordpress.org/trunk@22911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-29 00:37:30 +00:00
Andrew Nacin a5c0829f35 Remove the post-format-standard term on upgrade if it exists in the database. fixes #20697.
git-svn-id: http://core.svn.wordpress.org/trunk@22422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 18:01:31 +00:00
Andrew Nacin 582d46c937 Make Twenty Twelve the default theme for new installs. props markoheijnen, SergeyBiryukov. see #21789.
git-svn-id: http://core.svn.wordpress.org/trunk@22054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-27 07:47:51 +00:00
Andrew Nacin 557d9313a7 Introduce constants to allow for easier expression of time periods in seconds. Adds MINUTE_IN_SECONDS, HOUR_IN_SECONDS, DAY_IN_SECONDS, WEEK_IN_SECONDS, YEAR_IN_SECONDS. props nbachiyski, SergeyBiryukov. fixes #20987.
git-svn-id: http://core.svn.wordpress.org/trunk@21996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 05:26:19 +00:00
Andrew Nacin dc49f24a6c Remove ms-files.php rewriting from WordPress multisite. fixes #19235.
Keep existing networks compatible with a ms_files_rewriting network option.



git-svn-id: http://core.svn.wordpress.org/trunk@21823 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-11 22:22:20 +00:00
Andrew Nacin 9d204841ee Remove AtomPub from core.
* Will be replaced with http://wordpress.org/extend/plugins/atom-publishing-protocol/.
 * Introduces an action, xmlrpc_rsd_apis, to add APIs to xmlrpc.php?rsd.
 * Introduces support for 'error' being 403 and 50x in class-wp.php.
 * Removes 'Remote Publishing' from Writing Settings (see [21804]). Keeps the remote_publishing settings section.

DB version is bumped to generate the new wp-app rewrite rule and remove the old enable_app option.

props wonderboymusic.
fixes #21509.



git-svn-id: http://core.svn.wordpress.org/trunk@21818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-11 20:11:39 +00:00
Andrew Nacin d6b2024a7d Remove old edit_*_per_page usermeta keys.
These per-page values were when the post type or taxonomy name has a hyphen.
Previously, these were converted to underscores. This changed in [21322].

fixes #18958.



git-svn-id: http://core.svn.wordpress.org/trunk@21811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-11 02:08:29 +00:00
Andrew Nacin 26dc1e74e5 Turn XML-RPC on and remove the option on the Writing Settings page.
props markoheijnen for the initial patch.

Introduces a new filter, xmlrpc_enabled.

Respects any current callbacks registered to the pre_option_enable_xmlrpc
and option_enable_xmlrpc filters, for anyone forcing it off via code.

fixes #21509.



git-svn-id: http://core.svn.wordpress.org/trunk@21804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-11 00:37:31 +00:00
Andrew Nacin e79a56793c Disable the Link Manager on any future upgrade if it is still enabled but there are no links. see #21307.
git-svn-id: http://core.svn.wordpress.org/trunk@21536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-16 23:08:07 +00:00
Andrew Nacin 84c3a86036 Hide the link manager from the UI on upgrade, if the site has no links. New DB option, link_manager_enabled.
Enforce this by denying the 'manage_links' capability, which hides the All Links, Add New Link, and Link Categories screens. Hide WP_Widget_Links and the UI for the default_link_category as well.

Convert all references to 'posts and links' when handling reassignment on user deletion to just 'posts'.

see #21307.



git-svn-id: http://core.svn.wordpress.org/trunk@21501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-13 16:18:42 +00:00
Andrew Nacin 720e09ff5b Stop adding default links and the 'Blogroll' link category on install. props wonderboymusic. see #21307.
git-svn-id: http://core.svn.wordpress.org/trunk@21500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-13 15:55:15 +00:00
nacin 7127ed1197 Move most instances of new WP_User to get_userdata(). see #21120.
git-svn-id: http://core.svn.wordpress.org/trunk@21413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-03 01:06:05 +00:00
ryan fdae8f9b42 Fix some spelling errors. Props thee17. fixes #21191
git-svn-id: http://core.svn.wordpress.org/trunk@21333 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-25 18:06:13 +00:00
markjaquith ecea277a8a Insert a proper line break (instead of an HTML line break) into the "first comment". props nacin. fixes #16712
git-svn-id: http://core.svn.wordpress.org/trunk@21234 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-09 03:19:02 +00:00
nacin c64ed056ac Do not force table names to be lowercase in dbDelta, as this breaks sites using capital letters in table prefixes. props netweblogic. fixes #19748.
git-svn-id: http://core.svn.wordpress.org/trunk@20704 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-02 21:19:37 +00:00
nacin 0730535015 Introduce $wpdb->delete(). props justindgivens, scribu. fixes #18948.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-24 15:24:31 +00:00
nacin 2a6b9ea6db The allowed_themes rolling upgrade for individual sites should not add empty allowedthemes arrays. If there are no allowed themes, don't add an empty option. Move the network rolling upgrade to upgrade_network(). see #20146.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-08 03:22:39 +00:00
nacin 3985eae452 Don't autoload the uninstall_plugins option. fixes #16741.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20080 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-02 20:13:35 +00:00
duck_ a395e06896 Reduce references to the $wp_rewrite global because it's no longer used or a wrapper function can be used instead. Fixes #14546.#14546.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20023 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-28 20:29:33 +00:00
nacin b367a71d1a Do not save the last visited tab on the multisite Network Themes page and Site Themes tab. These are poor UX, see #18810 for plugins. Entering these screens will always default to 'all' themes view. see #20103.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20022 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-28 20:13:21 +00:00
nacin aefde50081 Deprecate ancient "debugging" tools.
* logIO() and the global $xmlrpc_logging in XML-RPC.
 * log_app() and the global $app_logging in APP.
 * debug_fwrite(), debug_fopen(), debug_fclose(), and $debug.
see #20051.



git-svn-id: http://svn.automattic.com/wordpress/trunk@19935 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-17 00:02:42 +00:00
ryan 5fd633b48b Drop the comment_approved index from the comments table. comment_approved_date_gmt is sufficient. fixes #19935
git-svn-id: http://svn.automattic.com/wordpress/trunk@19799 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-31 18:26:07 +00:00
ryan 0f80145c67 Drop the blog_id column from the options table during upgrade. Props barry. fixes #17188
git-svn-id: http://svn.automattic.com/wordpress/trunk@19798 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-31 17:45:22 +00:00
nacin 5d761c1cb6 Switch to Feedback, from Suggest Ideas, for a default link, based on 3.3 toolbar. see #19601.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19786 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-29 20:25:59 +00:00
nacin b905dc7122 Offer default links and applicable URLs for translation. Some of these are already translatable elsewhere. see #19601.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19781 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-29 05:14:59 +00:00
ryan e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
nacin 277a8131d2 Use array_filter() to remove empty values from an array, not jankiness.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 21:22:44 +00:00
nacin c94b474b17 Update some old upgrade functions to use untrailingslashit().
git-svn-id: http://svn.automattic.com/wordpress/trunk@19690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 21:21:51 +00:00
ryan 83b131f8e3 User lowercase true, false, null instead of uppercase. Props c3mdigital, mfields. fixes #16302
git-svn-id: http://svn.automattic.com/wordpress/trunk@19687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:50:54 +00:00
ryan 340e93324c Remove extraneous spaces. Props kenan3008, dimadin. fixes #19501 #19433
git-svn-id: http://svn.automattic.com/wordpress/trunk@19596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-14 17:36:38 +00:00
ryan 07ff8b216b Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
ryan b6b8a588bb Initialize active_sitewide_plugins during network install and upgrade. fixes #19385
git-svn-id: http://svn.automattic.com/wordpress/trunk@19470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-28 20:35:36 +00:00
nacin 28276e825c Move multisite-specific upgrade code from upgrade_330() to upgrade_network(). see #18693.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19469 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-28 20:04:00 +00:00
nacin dd697967bf Change show/hide storage mechanism for show_welcome_panel. 0 = hide, 1 = show, 2 = show if the multisite owner. Make welcome panel dismissable without JS (openable too via the URL). fixes #19338, fixes #19127.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-23 18:30:45 +00:00
markjaquith a1fb35ca98 Introduce initial_db_version and leverage it so that pointers only get shown to updated installs, not new 3.3 installs. props nacin. see #18693
git-svn-id: http://svn.automattic.com/wordpress/trunk@19410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-22 21:50:50 +00:00
nacin 00823b1deb Remove old dismissed pointers as the IDs have changed. Switch to underscores that way we don't need to translate them for method names. Avoid an empty pointer in the array. see #18693.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-21 23:04:35 +00:00
nacin f9d807d649 Merge upgrade_old_widgets_order_array() into upgrade_330(). see #18811, see #18821.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-25 05:50:39 +00:00
nacin 66125a116f Introduce upgrade_330() to clear usermeta keys show_admin_bar_admin and plugins_last_view. fixes #18811.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-25 05:48:09 +00:00
nacin 2b4b7aa211 Undent (by two tabs) a whole lot of code in dbDelta(). Thx. see #17998.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-21 22:40:30 +00:00
nacin 870d7860fd Have dbDelta() loop through tables it knows about, rather than loop through a potentially expensive and definitely unnecessary SHOW TABLES. fixes #17998.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-21 22:35:33 +00:00
ryan a0f6c4469d Introduce wp_get_db_schema() for rerieving the various flavors of the WP db schema. Eliminates need to use global. Allows multiple calls to wpmu_create_blog(). see #12028
git-svn-id: http://svn.automattic.com/wordpress/trunk@18899 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-06 00:21:24 +00:00
ryan 2edc82cd61 * Move the old sidebars_widgets array upgrade code to wp-admin/includes/upgrade.php
* Avoid infinite loop with wp_get_sidebars_widgets()
* Remove two unneeded wp_get_sidebars_widgets() calls
* Remove unused $wp_registered_sidebars variable from wp_get_sidebars_widgets().
* Combine  a couple of !empty( $sidebars_widgets ) checks in retrieve_widgets()
Props SergeyBiryukov, lancewillett. fixes #17979 #18598


git-svn-id: http://svn.automattic.com/wordpress/trunk@18821 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-29 21:41:22 +00:00
azaozz 9223d74720 Fix default widgets for the default theme (Twenty Eleven), props SergeyBiryukov, see #17979
git-svn-id: http://svn.automattic.com/wordpress/trunk@18643 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-06 16:15:47 +00:00
duck_ c1d1590171 Fix typos in documentation (wp-admin/). See #18560.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-03 14:18:10 +00:00
nacin 3503cc4b8d Remove beta upgrade code from 3.0.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18552 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-16 02:26:59 +00:00
nbachiyski 4870176ad0 Add filters for install/upgrade queries, so that unit tests installer can force creating InnoDB tables, so that we can use transactions to revert the database to its initial state after each test. See #17749
git-svn-id: http://svn.automattic.com/wordpress/trunk@18531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-11 04:42:59 +00:00
nacin 45f2e1a527 Don't process wpdb->tables('global') inside a loop. props wpmuguru, fixes #14503.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18522 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-10 19:00:45 +00:00
nacin d3d0fe2e2e s/example-about-page/sample-page/. see #14973.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16959 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-15 17:55:49 +00:00