Commit Graph

130 Commits

Author SHA1 Message Date
Gary Pendergast 007ec52958 Add `wp_json_encode()`, a wrapper for `json_encode()` that ensures everything is converted to UTF-8.
Change all core calls from `json_encode()` to `wp_json_encode()`.

Fixes #28786.


Built from https://develop.svn.wordpress.org/trunk@30055


git-svn-id: http://core.svn.wordpress.org/trunk@30055 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-28 18:35:19 +00:00
Andrew Nacin f7392ef917 Pinking shears.
Built from https://develop.svn.wordpress.org/trunk@29707


git-svn-id: http://core.svn.wordpress.org/trunk@29481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-09-04 15:23:16 +00:00
Andrew Ozz 4deee321e3 Editor: use the `post_edit_form_tag` action to add autocomplete="off" to the whole form on the Add/Edit Post screen in WebKit. Prevents editor problems when the browser's Back button is used. Fixes #28037.
Built from https://develop.svn.wordpress.org/trunk@29448


git-svn-id: http://core.svn.wordpress.org/trunk@29226 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-08 20:54:15 +00:00
Drew Jaynes 097dc8ee15 Fix syntax for single- and multi-line comments in wp-admin-directory files.
See #28931.

Built from https://develop.svn.wordpress.org/trunk@29206


git-svn-id: http://core.svn.wordpress.org/trunk@28990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-17 09:14:16 +00:00
Andrew Ozz 5168f9c7c6 Secure embeds in the editor (first run):
- When the user pastes an embeddable http URL, try to get the https embed.
- If an embed provider doesn't support ssl embeds, show a placeholder/error message.
- Revise the way we return error messages.
See #28195, #28507.
Built from https://develop.svn.wordpress.org/trunk@28919


git-svn-id: http://core.svn.wordpress.org/trunk@28718 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-30 05:49:16 +00:00
Andrew Ozz 84f3e30f7b wpView: improve handling of embed errors/error messages, see #28195
Built from https://develop.svn.wordpress.org/trunk@28754


git-svn-id: http://core.svn.wordpress.org/trunk@28568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-15 22:53:16 +00:00
Scott Taylor 69fbe27f48 Don't use variable variables in `wp_reset_vars()`. Test by searching in list tables, etc.
See #27881.

Built from https://develop.svn.wordpress.org/trunk@28746


git-svn-id: http://core.svn.wordpress.org/trunk@28560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-11 20:00:15 +00:00
Drew Jaynes a6e536fba6 Make sure to use 3-digit x.x.x style for two 3.9.0 `@since` versions.
Props netweb.
Fixes #28446.

Built from https://develop.svn.wordpress.org/trunk@28658


git-svn-id: http://core.svn.wordpress.org/trunk@28476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-04 05:35:16 +00:00
Drew Jaynes f609524261 Minor phpDoc fixes for the `got_rewrite`, `got_url_rewrite`, and `documentation_ignore_functions` hooks.
Props GaryJ.
See #26869.

Built from https://develop.svn.wordpress.org/trunk@28352


git-svn-id: http://core.svn.wordpress.org/trunk@28180 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-08 11:13:14 +00:00
Drew Jaynes 690481f8e8 Generalize the hook documentation for the `set-screen-option` filter.
The filter covers more than [items]_per_page screen options.

Fixes #26186.

Built from https://develop.svn.wordpress.org/trunk@27379


git-svn-id: http://core.svn.wordpress.org/trunk@27228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-03 17:51:14 +00:00
Drew Jaynes 849ce35cb9 Inline documentation for hooks in wp-admin/includes/misc.php.
Props JoshuaAbenazer.
Fixes #26186

Built from https://develop.svn.wordpress.org/trunk@27375


git-svn-id: http://core.svn.wordpress.org/trunk@27224 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-03 17:20:16 +00:00
Sergey Biryukov f291730aec Avoid an undefined index notice in wp_doc_link_parse().
props pross for initial patch.
fixes #27214.
Built from https://develop.svn.wordpress.org/trunk@27323


git-svn-id: http://core.svn.wordpress.org/trunk@27175 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-27 23:16:13 +00:00
Andrew Ozz 335add2573 Autosave: refactor autosave.js, use heartbeat for transport and move all "Add/Edit Post" related functionality to post.js. See #25272.
Built from https://develop.svn.wordpress.org/trunk@26995


git-svn-id: http://core.svn.wordpress.org/trunk@26872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-22 04:56:16 +00:00
Helen Hou-Sandí 60f3e98d51 Pass the $user_id to the `admin_color_scheme_picker` hook for context. props nacin. see #26607 for trunk.
Built from https://develop.svn.wordpress.org/trunk@26924


git-svn-id: http://core.svn.wordpress.org/trunk@26805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-08 21:49:10 +00:00
Drew Jaynes cd8cedc40d First there were two, and now there are three -- in the @since versions that came before and that shall be. And so it will be, says nacin.
Props JustinSainton, SergeyBiryukov, DrewAPicture.
Fixes #26713.

Built from https://develop.svn.wordpress.org/trunk@26868


git-svn-id: http://core.svn.wordpress.org/trunk@26754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-24 18:57:12 +00:00
Andrew Nacin 1fb828504e Avoid notices when default and light are not registered color schemes. see #26468.
Built from https://develop.svn.wordpress.org/trunk@26814


git-svn-id: http://core.svn.wordpress.org/trunk@26701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-09 00:49:09 +00:00
Andrew Nacin 7dbfca1778 Nonces are already per-user. see #22862.
Built from https://develop.svn.wordpress.org/trunk@26793


git-svn-id: http://core.svn.wordpress.org/trunk@26680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-08 07:05:10 +00:00
Andrew Nacin c09252b950 Core updates for the new color schemes.
* Update about page, there's now 8.
 * Display them four wide, not three, and ensure adequate spacing.
 * Use a dedicated nonce.
 * Push Light to the front in addition to Default.
 * Use user-profile.js on about.php. A few extra things are initialized but they are harmless.

see #26468, #26387.

Built from https://develop.svn.wordpress.org/trunk@26776


git-svn-id: http://core.svn.wordpress.org/trunk@26663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-07 07:46:21 +00:00
Drew Jaynes fdbc44ff48 Inline documentation fixes for `wp_heartbeat_set_suspension()`.
See #25073.

Built from https://develop.svn.wordpress.org/trunk@26732


git-svn-id: http://core.svn.wordpress.org/trunk@26621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-06 18:43:10 +00:00
Andrew Nacin 9b29ad0529 Allow for Dashicons and base64-encoded data:image/svg+xml URIs when specifying menu icons.
Both of these icons can be colored to match the color scheme, including hover states.
Both are accepted for register_post_type()'s menu_icon argument, and also add_menu_page()'s $icon_url argument.

To use a Dashicon, pass the name of the helper class, e.g. 'dashicons-piechart'.
To use an SVG, pass a valid data URI string starting with 'data:image/svg+xml;base64,'.

props helen.
fixes #25147.

Built from https://develop.svn.wordpress.org/trunk@26664


git-svn-id: http://core.svn.wordpress.org/trunk@26554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-05 06:38:09 +00:00
Andrew Ozz e6dd5fbf48 Svg-painter:
- Clean up the JS, better names, etc.
- Convert the base64 encode/decode code from jQuery plugin to local use.
- Add missing icon colors for the default theme.
- Make it more error-proof.
Fixes #26333.
Built from https://develop.svn.wordpress.org/trunk@26601


git-svn-id: http://core.svn.wordpress.org/trunk@26491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-04 04:13:11 +00:00
Andrew Ozz 0f20e57329 Heartbeat:
- Bring back heartbeat.interval().
- Rename wp_disable_heartbeat_suspend() to wp_heartbeat_set_suspension().
- Rename the option for disabling suspension from options.suspend to options.suspension.
Fixes #25073.
Built from https://develop.svn.wordpress.org/trunk@26549


git-svn-id: http://core.svn.wordpress.org/trunk@26441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-03 00:45:10 +00:00
Andrew Ozz a6ac0bea23 Improve the admin color scheme picker:
- Easier to extend.
- Remove the "drop-down" look, show all choices inline.
- Some PHP and JS cleanup.
Props ryelle, fixes #26336.
Built from https://develop.svn.wordpress.org/trunk@26506


git-svn-id: http://core.svn.wordpress.org/trunk@26400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-01 19:50:09 +00:00
Andrew Ozz 162037903d Heartbeat: introduce "suspend" functionality and enable it after 20 min. of inactivity, see #25073.
Built from https://develop.svn.wordpress.org/trunk@26428


git-svn-id: http://core.svn.wordpress.org/trunk@26328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-27 01:56:10 +00:00
Sergey Biryukov f0a4d5a991 Rename mp6_color_scheme JS global to wp_color_scheme.
props kovshenin.
see #26263.
Built from https://develop.svn.wordpress.org/trunk@26406


git-svn-id: http://core.svn.wordpress.org/trunk@26306 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-26 13:58:10 +00:00
Helen Hou-Sandí 603c1aff6d Merge the color schemes component from MP6. Introduces Light, Blue, and Midnight.
Color scheme selection on your own profile page gives you a preview and autosaves the selection.

Also introduces the usage of a preprocessor for core files, namely Sass. For 3.8, we will not expand its implementation past the color schemes. This does require Ruby as well as Sass 3.3.0+ due to the usage of the sourcemap option.

Note that only the default color scheme is available when running out of src. Use build to test the rest as well as the color picker.

props ryelle, melchoyce, tillkruess, drw158, littlethingsstudio, helen. see #25858, #22862.

Built from https://develop.svn.wordpress.org/trunk@26137


git-svn-id: http://core.svn.wordpress.org/trunk@26048 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 19:38:38 +00:00
Andrew Nacin d0cfa40983 Add jshintrc to qunit.
props jorbin.
see #25187.

Built from https://develop.svn.wordpress.org/trunk@25992


git-svn-id: http://core.svn.wordpress.org/trunk@25925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-30 14:39:10 +00:00
Andrew Nacin 82547b21b6 In show_message(), only print error data if it is a string.
see #25576, [25775].

Built from https://develop.svn.wordpress.org/trunk@25796


git-svn-id: http://core.svn.wordpress.org/trunk@25708 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-15 19:51:10 +00:00
Andrew Nacin d3b89d43fc Add nginx detection to the Permalink Settings screen.
Introduces got_url_rewrite() and a corresponding filter, which should now be used in lieu of the got_rewrite filter in got_mod_rewrite().

This does not write or even suggest nginx configuration; rather, it prevents nginx from being considered as either Apache or as an unrecognized server.

props johnbillion.
fixes #25098.

Built from https://develop.svn.wordpress.org/trunk@25456


git-svn-id: http://core.svn.wordpress.org/trunk@25377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-16 20:07:09 +00:00
Andrew Nacin c2a543566c Move _local_storage_notice() to admin/includes/template.php. props azaozz, see #24756.
git-svn-id: http://core.svn.wordpress.org/trunk@24762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-22 05:09:49 +00:00
Andrew Nacin 740d141e1d Support IIS 8 and above.
props hurtige for initial patch.
fixes #23533.



git-svn-id: http://core.svn.wordpress.org/trunk@24594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-08 20:27:06 +00:00
Andrew Ozz b8b66e2cc1 Nonce refresh:
- Update the heartbeat nonce when refreshing nonces on the Edit Post screen.
- After a user logs in from the auth-check dialog, speed up heatrbeat to check/refresh nonces on the Edit Post screen.
- Speeding up heartbeat: bring back the setting how long it should last (how many ticks).
- Add 'heartbeat-nonces-expired' jQuery event when nonces have expired and the user is logged in.
See #23295, see #23216.

git-svn-id: http://core.svn.wordpress.org/trunk@24528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-29 01:31:44 +00:00
Andrew Ozz 5642a56311 Post locks:
- When a post is locked, ensure the 'Go back' button doesn't reload the same screen. If no referrer, change the button from 'Go back' to 'Go to All Posts'/'Go to All Pages' etc.
- Remove restriction on checking locks only for posts.
See #23697.



git-svn-id: http://core.svn.wordpress.org/trunk@24408 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-05 03:01:59 +00:00
Andrew Ozz 0fff739949 Heartbeat: rename some vars/args to make them more intuitive, don't set user_id on every request, see #23216
git-svn-id: http://core.svn.wordpress.org/trunk@24406 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-05 00:13:40 +00:00
Ryan Boren ad4a081c0c Pinking shears
git-svn-id: http://core.svn.wordpress.org/trunk@24303 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-20 12:10:58 +00:00
Andrew Ozz 2f0c58960a Separate the nonces update from checking the post lock. Fix scheduling the logged out check. See #23697, see #23295.
git-svn-id: http://core.svn.wordpress.org/trunk@24273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-16 03:47:09 +00:00
Andrew Ozz d0c5c59c94 Post locks and autosave:
- Move nonces refreshing from autosave to lock checking.
- Do autosave only when there is something to save.
See #23295

git-svn-id: http://core.svn.wordpress.org/trunk@24209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-08 22:52:55 +00:00
Sergey Biryukov 57c10eadbb Use ellipsis instead of three dots. props tjsingleton, jordie23, wojtek.szkutnik, DrewAPicture, SergeyBiryukov. see #8714.
git-svn-id: http://core.svn.wordpress.org/trunk@24207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-08 21:27:31 +00:00
Andrew Ozz d2a8f064aa Post locks:
- Show 'Saving revision...' while autosaving after a post has been taken over. Change to 'Your latest changes were saved as a revision.' when autosave completes.
- Make sure a user exists before using $user->display_name.
- Add 'post_lock_text' action for extending the message text.

git-svn-id: http://core.svn.wordpress.org/trunk@24042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-22 03:08:51 +00:00
Andrew Ozz e9245269a7 Autosave to the browser's sessionStorage, compare this autosave to the post content on page load and let the user restore it when the data is not the same. First run, see #23220
git-svn-id: http://core.svn.wordpress.org/trunk@23683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-13 10:08:16 +00:00
Andrew Ozz 3b4b058275 Post locks on the posts list screen: new icons for the lock, props empireoflight, show avatar for the user currently editing, props dh-shredder, see #23312
git-svn-id: http://core.svn.wordpress.org/trunk@23681 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-13 00:28:07 +00:00
Andrew Ozz edb9333d40 Check post locks with heartbeat and display modal notifications when a post is locked or a user takes over editing, props dh-shredder, see #23697
git-svn-id: http://core.svn.wordpress.org/trunk@23661 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-12 03:22:30 +00:00
Sergey Biryukov f288da4b7b Use correct variable. see [23575]. see #21767.
git-svn-id: http://core.svn.wordpress.org/trunk@23584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-02 21:10:12 +00:00
Andrew Nacin 4e06d41b9f Assume that url_shorten() receives unslashed data, as it does in core usage. see #21767.
git-svn-id: http://core.svn.wordpress.org/trunk@23575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 17:56:31 +00:00
Ryan Boren 5f809d1d22 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 17:00:25 +00:00
Ryan Boren 43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Andrew Ozz 9a827a485e Post locks: use heartbeat to dynamically update locked posts on the Posts screen, first run, see #23312
git-svn-id: http://core.svn.wordpress.org/trunk@23487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-25 23:17:10 +00:00
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Ryan Boren b10f343480 Consistent escaping in admin_color_scheme_picker(). Props johnjamesjacoby. fixes #22326
git-svn-id: http://core.svn.wordpress.org/trunk@22375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-05 18:16:23 +00:00
Andrew Nacin fac0ce8ec7 Flush rewrite rules when page_on_front is updated. props SergeyBiryukov. fixes #21274.
git-svn-id: http://core.svn.wordpress.org/trunk@22301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-25 20:20:24 +00:00