WordPress/wp-admin
Sergey Biryukov f891f6f0c6 Administration: Require a valid action parameter to be set for `admin-ajax.php` requests.
This avoids `Array to string conversion` PHP notices when an array is passed as the `action` parameter.

Additionally, send an appropriate HTTP response status code when an invalid action is passed to `admin-post.php`.

Follow-up to [13175], [19738], [41120], [41926].

Props dd32.
Fixes #55212.
Built from https://develop.svn.wordpress.org/trunk@52813


git-svn-id: http://core.svn.wordpress.org/trunk@52402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-02 15:00:11 +00:00
..
css Administration: Further enhancements on small text fields after [52649]. 2022-02-25 15:49:02 +00:00
images Help/About: Update the About section for 5.9. 2022-01-11 18:36:00 +00:00
includes Filesystem API: Include the `ssh-ed25519` public key signature algorithm as an alternative to `ssh-rsa`. 2022-02-27 15:02:04 +00:00
js Administration: Revert [51946]. 2022-01-17 19:55:04 +00:00
maint Database: Check the correct value for displaying the "Successfully repaired table" or "Failed to repair" messages on Database Repair screen. 2020-12-04 15:50:12 +00:00
network Administration: Add "File" to Theme/Plugin Editor menu names and relocate "Plugin File Editor" to Tools for block themes. 2021-12-21 20:06:02 +00:00
user
about.php Help/About: Revert [52783]. 2022-02-22 11:01:11 +00:00
admin-ajax.php Administration: Require a valid action parameter to be set for `admin-ajax.php` requests. 2022-03-02 15:00:11 +00:00
admin-footer.php Coding Standards: Simplify a condition in `wp-admin/admin-footer.php`. 2021-06-01 11:30:57 +00:00
admin-functions.php
admin-header.php External Libraries: Further fix jQuery deprecations in WordPress core. 2021-11-30 17:18:01 +00:00
admin-post.php Administration: Require a valid action parameter to be set for `admin-ajax.php` requests. 2022-03-02 15:00:11 +00:00
admin.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
async-upload.php Media: Remove target blank attribute from media uploader edit links. 2022-01-27 22:17:00 +00:00
authorize-application.php App Passwords: Remove placeholder from the app password name input field. 2021-10-01 13:49:00 +00:00
comment.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
credits.php Help/About: WordPress 5.9 About Page. 2022-01-04 18:35:03 +00:00
custom-background.php
custom-header.php
customize.php Admin/Help: add docs links to several screens. 2021-11-08 21:43:01 +00:00
edit-comments.php Admin/Comments: remove bespoke truncation from search string HTML. 2021-11-02 15:57:59 +00:00
edit-form-advanced.php Editor: Use a consistent way to retrieve post ID on Edit Post screens. 2021-04-09 11:31:09 +00:00
edit-form-blocks.php Global Styles: Load the global styles before the theme styles in the editor. 2022-02-17 14:14:01 +00:00
edit-form-comment.php Comments: Escape comment author's email in the Edit Comment form. 2021-06-07 18:47:02 +00:00
edit-link-form.php Posts, Post Types: Update the styling of the legacy Links editing screen. 2021-02-16 18:50:03 +00:00
edit-tag-form.php Taxonomy: Clarify the taxonomy labels for customizing the field descriptions on Edit Tags screen: 2021-11-15 16:45:01 +00:00
edit-tags.php Taxonomy: Clarify the taxonomy labels for customizing the field descriptions on Edit Tags screen: 2021-11-15 16:45:01 +00:00
edit.php General: Fix code quality issues which were identified by static analysis. 2021-09-22 21:01:00 +00:00
erase-personal-data.php Coding Standards: Remove wrapping HTML tags from translatable strings. 2021-07-08 17:07:58 +00:00
export-personal-data.php Coding Standards: Remove wrapping HTML tags from translatable strings. 2021-07-08 17:07:58 +00:00
export.php External Libraries: Further fix jQuery deprecations in WordPress core. 2021-11-30 17:18:01 +00:00
freedoms.php Help/About: Update Freedoms page for 5.9. 2022-01-24 09:41:03 +00:00
import.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
index.php Help/About: Improve typography in the `Welcome to your WordPress Dashboard!` text. 2021-11-03 03:16:57 +00:00
install-helper.php Docs: Improve documentation for functions in `wp-admin/install-helper.php` per the documentation standards. 2020-05-12 18:40:07 +00:00
install.php Coding Standards: Move some translator comments to the correct place. 2021-03-21 13:13:03 +00:00
link-add.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
link-manager.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
link-parse-opml.php XML-RPC: Explicitly unset the reference to the parser resource after calling `xml_parser_free()` to avoid memory leaks in PHP 7.0.0 or higher. 2020-07-05 15:22:01 +00:00
link.php Coding Standards: Apply some alignment fixes from `composer format`. 2021-07-27 19:01:59 +00:00
load-scripts.php Docs: Update a comment in `wp-admin/load-styles.php` per the documentation standards. 2021-12-12 14:52:02 +00:00
load-styles.php Docs: Update a comment in `wp-admin/load-styles.php` per the documentation standards. 2021-12-12 14:52:02 +00:00
media-new.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
media-upload.php Docs: Add examples of possible names for various hooks whose name contains a dynamic portion. 2021-03-07 12:32:09 +00:00
media.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
menu-header.php Coding Standards: Replace alias PHP functions with the canonical names. 2020-10-18 17:27:06 +00:00
menu.php Administration: Make sure the `$customize_url` variable is always defined in the admin menu. 2021-12-25 03:32:03 +00:00
moderation.php
ms-admin.php
ms-delete-site.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
ms-edit.php
ms-options.php
ms-sites.php
ms-themes.php
ms-upgrade-network.php
ms-users.php
my-sites.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
nav-menus.php Menus: Add audible notice on menu item add or remove. 2021-11-15 20:00:59 +00:00
network.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
options-discussion.php Admin/Discussion Settings: attempt to clarify intent of "Default post settings" section. 2021-11-02 16:42:59 +00:00
options-general.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
options-head.php
options-media.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
options-permalink.php Administration: Consistency fixes on keyboard shortcuts instructions. 2022-02-27 22:49:01 +00:00
options-privacy.php Admin/Help: add commas to end of multi-line array items. 2021-11-08 21:55:00 +00:00
options-reading.php Coding Standards: Use strict comparison in `wp-admin/options-reading.php`. 2022-01-02 16:47:05 +00:00
options-writing.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
options.php Coding Standards: Use strict comparison in `wp-admin/options.php`. 2022-01-03 21:28:01 +00:00
plugin-editor.php Administration: Add "File" to Theme/Plugin Editor menu names and relocate "Plugin File Editor" to Tools for block themes. 2021-12-21 20:06:02 +00:00
plugin-install.php Taxonomy: Typo correction in context used for the navigation link block title. 2022-01-07 11:21:04 +00:00
plugins.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
post-new.php Coding Standards: Use strict comparison where static strings are involved. 2020-05-16 18:42:12 +00:00
post.php Block Editor: Use a unique name for the nonce of the custom fields toggle form. 2021-02-08 21:39:16 +00:00
press-this.php
privacy-policy-guide.php Coding Standards: Use static closures when not using `$this`. 2021-08-26 12:59:02 +00:00
privacy.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
profile.php
revision.php Coding Standards: Use strict comparison in `wp-admin/revision.php`. 2022-01-07 16:47:00 +00:00
setup-config.php Upgrade/Install: Use consistent capitalization for "web host" in setup messages. 2021-08-14 12:06:59 +00:00
site-editor.php Editor: Explicitly load remote block patterns in the block and site editor screens. 2022-01-17 22:42:03 +00:00
site-health-info.php Site Health: Internationalizes count in the info section headings. 2021-11-01 22:36:59 +00:00
site-health.php Site Health: Typo correction in Site Health help tab. 2021-12-18 21:02:04 +00:00
term.php Coding Standards: Use strict type check for `in_array()` and `array_search()` where strings are involved. 2020-04-05 03:02:11 +00:00
theme-editor.php Administration: Add "File" to Theme/Plugin Editor menu names and relocate "Plugin File Editor" to Tools for block themes. 2021-12-21 20:06:02 +00:00
theme-install.php Help/About: Correction on the documentation link about adding new themes. 2022-01-05 22:14:59 +00:00
themes.php Administration: Replace "Current theme" with "Active theme" in user facing strings. 2022-01-15 08:44:03 +00:00
tools.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
update-core.php Upgrade/Install: Make sure the "Show hidden updates" button is visible and works as expected. 2022-01-26 13:11:29 +00:00
update.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
upgrade-functions.php
upgrade.php Coding Standards: Move some translator comments to the correct place. 2021-03-21 13:13:03 +00:00
upload.php Coding Standards: Use strict comparisons in `wp-admin/upload.php`. 2021-08-05 03:37:56 +00:00
user-edit.php Coding Standards: Rename the `$profileuser` variable to `$profile_user` in `wp-admin/user-edit.php`. 2022-02-07 15:26:01 +00:00
user-new.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
users.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
widgets-form-blocks.php REST API: Support custom namespaces for custom post types. 2021-10-31 23:16:58 +00:00
widgets-form.php Widgets: Revert [51705]. 2021-09-09 21:40:57 +00:00
widgets.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00