Commit Graph

174 Commits

Author SHA1 Message Date
Sergey Biryukov 47ed56f38f Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant.
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.

This commit also includes:

* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
 * `wp-admin/admin-header.php`
 * `wp-admin/admin-footer.php`
 * `wp-includes/version.php`

Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes #48082.
Built from https://develop.svn.wordpress.org/trunk@47198


git-svn-id: http://core.svn.wordpress.org/trunk@46998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-06 06:33:11 +00:00
Sergey Biryukov 001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov 16b8d91baa I18N: Improve translator comments.
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.

Includes minor code layout fixes.

Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!

Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes #44360.
Built from https://develop.svn.wordpress.org/trunk@45926


git-svn-id: http://core.svn.wordpress.org/trunk@45737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-01 17:13:59 +00:00
Sergey Biryukov 62216de5d4 Docs: Move the `do_mu_upgrade` DocBlock out of the preceding `if` statement.
Props ChriCo, dkarfa.
Fixes #47710.
Built from https://develop.svn.wordpress.org/trunk@45643


git-svn-id: http://core.svn.wordpress.org/trunk@45454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-16 13:15:58 +00:00
Sergey Biryukov 62dc808103 Docs: Correct `@since` tag for `do_mu_upgrade` hook, for consistency with `after_mu_upgrade` and `wpmu_upgrade_site`.
See #47110.
Built from https://develop.svn.wordpress.org/trunk@45642


git-svn-id: http://core.svn.wordpress.org/trunk@45453 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-16 12:42:59 +00:00
Gary Pendergast a02b5cc2a8 Coding Standards: Mark the handful of hook names with uppercase characters or hyphens as ignored.
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45599


git-svn-id: http://core.svn.wordpress.org/trunk@45410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-05 01:45:56 +00:00
Sergey Biryukov dd7956c674 I18N: Use consistent error messages when importing or exporting content.
Props ramiy.
Fixes #42269.
Built from https://develop.svn.wordpress.org/trunk@45440


git-svn-id: http://core.svn.wordpress.org/trunk@45251 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-26 18:09:52 +00:00
Gary Pendergast 883ee72ed6 Coding Standards: Move an assignment out of a condition in `wp-admin/admin.php`.
Props subrataemfluence, jrf, pento.
Fixes #44363.


Built from https://develop.svn.wordpress.org/trunk@44598


git-svn-id: http://core.svn.wordpress.org/trunk@44429 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-15 05:48:50 +00:00
Gary Pendergast f9d879905d Docs: Document the `$page_hook` action.
Props johnbillion.
Fixes #43643.


Built from https://develop.svn.wordpress.org/trunk@44501


git-svn-id: http://core.svn.wordpress.org/trunk@44332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 06:14:51 +00:00
Gary Pendergast 56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Drew Jaynes 36b3f1707c Hooks: Standardize naming of dynamic hooks using values derived from superglobals to use interpolation vs concatenation.
This is a continuation of the work that happened in [38307] for #37748.

Props ramiy.
Fixes #42698.

Built from https://develop.svn.wordpress.org/trunk@42349


git-svn-id: http://core.svn.wordpress.org/trunk@42178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-01 11:36:50 +00:00
Gary Pendergast aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Sergey Biryukov 5dd45b38c8 Transients: After [41963], add missing cron task for `delete_expired_transients()`.
Props dlh.
Fixes #41699.
Built from https://develop.svn.wordpress.org/trunk@42008


git-svn-id: http://core.svn.wordpress.org/trunk@41842 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-24 23:00:47 +00:00
Sergey Biryukov ca832f66f3 Text Changes: Add a period to the only `wp_die()` message that didn't have it: "Invalid plugin page".
Props Presskopp.
Fixes #39664.
Built from https://develop.svn.wordpress.org/trunk@39941


git-svn-id: http://core.svn.wordpress.org/trunk@39878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-22 02:33:42 +00:00
Drew Jaynes 22adda2aa0 Hooks: Standardize naming of dynamic hooks to use interpolation vs concatenation.
Benefits gained in discoverability and self-documentation throughout core trump the negligible performance hit in using interpolation in hook names.

Props ramiy.
See #37748.

Built from https://develop.svn.wordpress.org/trunk@38307


git-svn-id: http://core.svn.wordpress.org/trunk@38248 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-22 18:25:31 +00:00
Dominik Schilling aa561e67a1 Bootstrap: Enhance core's memory limit handling.
* Don't lower memory limit if the current limit is greater than `WP_MAX_MEMORY_LIMIT`.
* Set `WP_MEMORY_LIMIT` and `WP_MAX_MEMORY_LIMIT` to current limit if the `memory_limit` setting can't be changed at runtime.
* Use `wp_convert_hr_to_bytes()` when parsing the value of the `memory_limit` setting because it can be a shorthand or an integer value.
* Introduce `wp_raise_memory_limit( $context )` to raise the PHP memory limit for memory intensive processes. This DRYs up some logic and includes the existing `admin_memory_limit` and `image_memory_limit` filters. The function can also be used for custom contexts, the `{$context}_memory_limit` filter allows to customize the limit.
* Introduce `wp_is_ini_value_changeable( $setting )` to determine whether a PHP ini value is changeable at runtime.
* Remove a `function_exists( 'memory_get_usage' )` check. Since PHP 5.2.1 support for memory limit is always enabled.

Related commits: [38011-38013]

Props jrf, A5hleyRich, swissspidy, ocean90.
Fixes #32075.
Built from https://develop.svn.wordpress.org/trunk@38015


git-svn-id: http://core.svn.wordpress.org/trunk@37956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-08 14:37:30 +00:00
Dominik Schilling 65eb29ad46 Import: Merge two similar strings.
Props ramiy.
See #34521.
Built from https://develop.svn.wordpress.org/trunk@37998


git-svn-id: http://core.svn.wordpress.org/trunk@37939 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-07 10:53:28 +00:00
Dominik Schilling 25e66e4f1e Text Changes: Unify permission error messages.
The new format looks like "Sorry, you are not allowed to <action>.". This provides a consistent experience for all error messages related to missing permissions. It also reduces the number of similar strings and allows translators to provide a consistent style in their language.

Props ramiy, Presskopp.
Fixes #34521.
Built from https://develop.svn.wordpress.org/trunk@37914


git-svn-id: http://core.svn.wordpress.org/trunk@37855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-29 15:16:29 +00:00
Drew Jaynes 1947f4d17c Docs: Apply inline `@see` tags to hooks referenced in DocBlocks for wp-admin/* files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.

See #36921.

Built from https://develop.svn.wordpress.org/trunk@37537


git-svn-id: http://core.svn.wordpress.org/trunk@37505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 17:28:27 +00:00
Drew Jaynes c3055cc190 Docs: Standardize hook docs in wp-admin/* to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37488


git-svn-id: http://core.svn.wordpress.org/trunk@37456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:01:30 +00:00
Drew Jaynes b1804afeaf Docs: Standardize on 'backward compatibility/compatible' nomenclature in core inline docs.
Also use 'back-compat' in some inline comments where backward compatibility is the subject and shorthand feels more natural.

Note: 'backwards compatibility/compatibile' can also be considered correct, though it's primary seen in regular use in British English.

Props ocean90.
Fixes #36835.

Built from https://develop.svn.wordpress.org/trunk@37431


git-svn-id: http://core.svn.wordpress.org/trunk@37397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-13 18:41:31 +00:00
Pascal Birchler b204d3ead2 Taxonomy: After [36874], run the correct `load-edit-tags.php` hook on the new term edit page.
When not misspelled, this hook is useful (and needed) for backward compatibility.

Unprops swissspidy.
Fixes #34988.
Built from https://develop.svn.wordpress.org/trunk@37084


git-svn-id: http://core.svn.wordpress.org/trunk@37051 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-27 15:16:29 +00:00
Pascal Birchler 033044a872 Taxonomy: Improve backward compatibility on the `wp-admin/term.php` page.
Specifically, run `do_action( 'edit-tags.php' );` on this new term edit page introduced in [36308]. Changes the GET param back to `tag_ID` and properly sets the screen base in `WP_Screen`.

See #34988.
Built from https://develop.svn.wordpress.org/trunk@36874


git-svn-id: http://core.svn.wordpress.org/trunk@36841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-07 12:56:28 +00:00
Dominik Schilling e5ea82d81a Spelling: Standardize on "front end"/"back end" (noun) and "front-end"/"back-end" (adjective).
Props obrienlabs, thewanderingbrit.
Fixes #34887.
Built from https://develop.svn.wordpress.org/trunk@36709


git-svn-id: http://core.svn.wordpress.org/trunk@36676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-25 12:53:27 +00:00
Eric Lewis 6bd2399382 Docs: Fix typo in wp-admin/admin.php.
Props sebastian.pisula 
Fixes #35423.


Built from https://develop.svn.wordpress.org/trunk@36271


git-svn-id: http://core.svn.wordpress.org/trunk@36238 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-12 20:43:28 +00:00
Pascal Birchler 624cb1445d Docs: Correct a parameter name for the `force_filtered_html_on_import` filter.
See #32246.
Built from https://develop.svn.wordpress.org/trunk@35973


git-svn-id: http://core.svn.wordpress.org/trunk@35938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-16 19:40:26 +00:00
Pascal Birchler 2e35e20010 Docs: Correct a parameter name for the `do_mu_upgrade` filter.
See #32246.
Built from https://develop.svn.wordpress.org/trunk@35970


git-svn-id: http://core.svn.wordpress.org/trunk@35935 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-16 19:30:28 +00:00
Ella Iseulde Van Dorpe 657d3b50af Make date format consistent across the admin
The 'date_format' and 'time_format' options shouldn't affect the backend.

See #30864


Built from https://develop.svn.wordpress.org/trunk@35811


git-svn-id: http://core.svn.wordpress.org/trunk@35775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-07 04:26:27 +00:00
Boone Gorges 0e7c1d3b14 Use `wp_installing()` instead of `WP_INSTALLING` constant.
The `WP_INSTALLING` constant is a flag that WordPress sets in a number of
places, telling the system that options should be fetched directly from the
database instead of from the cache, that WP should not ping wordpress.org for
updates, that the normal "not installed" checks should be bypassed, and so on.

A constant is generally necessary for this purpose, because the flag is
typically set before the WP bootstrap, meaning that WP functions are not yet
available.  However, it is possible - notably, during `wpmu_create_blog()` -
for the "installing" flag to be set after WP has already loaded. In these
cases, `WP_INSTALLING` would be set for the remainder of the process, since
there's no way to change a constant once it's defined. This, in turn, polluted
later function calls that ought to have been outside the scope of site
creation, particularly the non-caching of option data. The problem was
particularly evident in the case of the automated tests, where `WP_INSTALLING`
was set the first time a site was created, and remained set for the rest of the
suite.

The new `wp_installing()` function allows developers to fetch the current
installation status (when called without any arguments) or to set the
installation status (when called with a boolean `true` or `false`). Use of
the `WP_INSTALLING` constant is still supported; `wp_installing()` will default
to `true` if the constant is defined during the bootstrap.

Props boonebgorges, jeremyfelt.
See #31130.
Built from https://develop.svn.wordpress.org/trunk@34828


git-svn-id: http://core.svn.wordpress.org/trunk@34793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-05 15:06:28 +00:00
Helen Hou-Sandí 48befcf361 Superglobals: Revert [34059] until further notice.
see #33837.

Built from https://develop.svn.wordpress.org/trunk@34265


git-svn-id: http://core.svn.wordpress.org/trunk@34229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-17 12:33:26 +00:00
Scott Taylor cd7c0f0b0d Introduce `wp_validate_action( $action = '' )`, a helper function that checks `$_REQUEST` for `action` and returns it, or empty string if not present. If `$action` is passed, it checks to make sure they match before returning it, or an empty string. Strings are always returned to avoid returning multiple types.
Implementing this removes 27 uses of direct superglobal access in the admin.

For more reading:
https://codeclimate.com/github/WordPress/WordPress/wp-admin/edit-comments.php

See #33837.

Built from https://develop.svn.wordpress.org/trunk@34059


git-svn-id: http://core.svn.wordpress.org/trunk@34027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 21:08:26 +00:00
Scott Taylor b56b9b3e5c Add `@global` annotations for `wp-admin/*`.
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32642


git-svn-id: http://core.svn.wordpress.org/trunk@32612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-28 21:41:30 +00:00
Drew Jaynes de1f0a0487 Avoid confusion by clarifying an inline comment on logic for performing multisite upgrades.
Props dmchale for the initial patch.
Fixes #30837.

Built from https://develop.svn.wordpress.org/trunk@31297


git-svn-id: http://core.svn.wordpress.org/trunk@31278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-29 11:53:21 +00:00
Drew Jaynes f2bc30c03f Ensure we're using the correct `@ignore` phpDocumentor tag to mark elements that should be skipped when parsing.
Up to this point, various core elements' DocBlocks incorrectly included an `@internal` tag as a means for skipping the parsing process. When paired with a description (inline or otherwise), `@internal` is a valid tag meant to provide internal-only context, but not necessarily to skip parsing the entire element.

See #30987.

Built from https://develop.svn.wordpress.org/trunk@31170


git-svn-id: http://core.svn.wordpress.org/trunk@31151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-13 00:51:21 +00:00
Scott Taylor 84867b3e9c Admin globals:
* Declare `$wp_importers` as a global in `admin.php`
* Declare `$post_type`, `$post_type_object`, and  `$post` as globals where applicable

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31121


git-svn-id: http://core.svn.wordpress.org/trunk@31102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 05:29:22 +00:00
Scott Taylor 8ee598169f After [31105], don't ditch the `isset()` calls for BC. Declare `$page_hook` as `null` so it is initialized for all execution paths but will still fail `isset()` checks.
Fixes #30958.

Built from https://develop.svn.wordpress.org/trunk@31106


git-svn-id: http://core.svn.wordpress.org/trunk@31087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 22:52:22 +00:00
Scott Taylor 60e1dd409b Properly declare `$hook_suffix`, `$plugin_page`, `$typenow`, and `$taxnow` as globals in `wp-admin/admin.php`.
Fixes #30958.

Built from https://develop.svn.wordpress.org/trunk@31105


git-svn-id: http://core.svn.wordpress.org/trunk@31086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 22:15:24 +00:00
Scott Taylor 60b0cd7943 The keyword `elseif` should be used instead of `else if` so that all control keywords look like single words.
This was a mess, is now standardized across the codebase, except for a few 3rd-party libs. 

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31090


git-svn-id: http://core.svn.wordpress.org/trunk@31071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 07:05:25 +00:00
Drew Jaynes 2faf449f51 Docs Formatting: Backtick-escape inline code for all dynamic hook docs in wp-admin/*.
Also includes some changes to move hook docs to directly precede hook lines. This is necessary to prevent DocBlock-matching confusion when core is parsed.

Affects DocBlocks for the following hooks:
* `wp_ajax_ . $_REQUEST['action']`
* `wp_ajax_nopriv_ . $_REQUEST['action']`
* `admin_footer- . $GLOBALS['hook_suffix']`
* `admin_head-$hook_suffix`
* `admin_post_nopriv_{$action}`
* `admin_post_{$action}`
* `load-  . $page_hook`
* `load- . $plugin_page`
* `load-importer- . $importer`
* `load- . $pagenow`
* `admin_action_ . $_REQUEST['action']`
* `async_upload_{$type}`
* `add_meta_boxes_ . $post_type`
* `{$taxonomy}_pre_edit_form`
* `{$taxonomy}_term_edit_form_tag`
* `{$taxonomy}_edit_form_fields`
* `{$taxonomy}_edit_form`
* `after-{$taxonomy}-table`
* `{$taxonomy}_pre_add_form`
* `{$taxonomy}_term_new_form_tag`
* `{$taxonomy}_add_form_fields`
* `{$taxonomy}_add_form`
* `media_upload_$type`
* `media_upload_$tab`
* `install_plugins_pre_$tab`
* `install_plugins_$tab`
* `install_themes_pre_{$tab}`
* `install_themes_{$tab}`
* `update-core-custom_{$action}`
* `update-custom_{$action}`
* `user_{$name}_label`

See #30552.

Built from https://develop.svn.wordpress.org/trunk@30649


git-svn-id: http://core.svn.wordpress.org/trunk@30639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 11:42:24 +00:00
Drew Jaynes 097dc8ee15 Fix syntax for single- and multi-line comments in wp-admin-directory files.
See #28931.

Built from https://develop.svn.wordpress.org/trunk@29206


git-svn-id: http://core.svn.wordpress.org/trunk@28990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-17 09:14:16 +00:00
Scott Taylor 112ca4e055 Because the `WP_ADMIN` constant name can be bound in multiple files, all instances should check `! defined` first. `wp-admin/admin.php` already has this check.
See #27881.

Built from https://develop.svn.wordpress.org/trunk@28478


git-svn-id: http://core.svn.wordpress.org/trunk@28305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-18 20:42:16 +00:00
Drew Jaynes 40a738c21c Clarify inline documentation for back-compat `load-*` action hooks.
See #26869.

Built from https://develop.svn.wordpress.org/trunk@28393


git-svn-id: http://core.svn.wordpress.org/trunk@28221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-13 06:28:15 +00:00
Drew Jaynes ec88da1ee3 Clarify documentation for *what* gets "automatically fired" when the `do_mu_upgrade` filter evaluates to true in Multisite.
See #26869.

Built from https://develop.svn.wordpress.org/trunk@28376


git-svn-id: http://core.svn.wordpress.org/trunk@28204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-13 04:18:14 +00:00
Drew Jaynes 058ff61dec Mark the `$hook` and `$page_hook` hooks as `@internal` to skip parsing.
See #26869.

Built from https://develop.svn.wordpress.org/trunk@28216


git-svn-id: http://core.svn.wordpress.org/trunk@28046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-25 07:54:21 +00:00
Drew Jaynes 8eff8141ce Inline documentation for hooks in wp-admin/network/upgrade.php.
Props miyauchi for the initial patch.
Fixes #25881.

Built from https://develop.svn.wordpress.org/trunk@26914


git-svn-id: http://core.svn.wordpress.org/trunk@26795 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-07 04:23:11 +00:00
Andrew Nacin 34da946343 Hook documentation for wp-admin/admin.php.
props DrewAPicture for initial patch.
fixes #25442.

Built from https://develop.svn.wordpress.org/trunk@25747


git-svn-id: http://core.svn.wordpress.org/trunk@25660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-09 21:01:09 +00:00
Ryan Boren 5f809d1d22 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 17:00:25 +00:00
Ryan Boren 43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Andrew Nacin 83e0ce2ac1 Remove unused variables reset by wp_reset_vars(). Many of these haven't been used since b2. see #21767.
git-svn-id: http://core.svn.wordpress.org/trunk@23445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-16 18:28:41 +00:00
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00