WordPress/wp-includes
Sergey Biryukov aa842e13b1 Always escape the URL echoed by header_image(). fixes #23664.
git-svn-id: http://core.svn.wordpress.org/trunk@23633 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-07 05:30:00 +00:00
..
SimplePie SimplePie: Return nothing and throw an error in SimplePie_Sanitize when DOMDocument is disabled. 2012-12-02 16:43:12 +00:00
Text Update Text_Diff. Props simek. Fixes #9467 2010-02-19 01:25:26 +00:00
css * Simplify jQuery UI slider CSS and bring into line with admin styles. 2013-03-01 19:24:03 +00:00
images Copy wpspin_light to wp-includes as wpspin.gif. Use it in media views. see #22728. 2012-12-04 16:18:53 +00:00
js Compress scripts/styles: 3.6-alpha-23617. 2013-03-05 14:49:17 +00:00
pomo Avoid 'Only variables should be passed by reference' warning. fixes #23232. 2013-01-31 01:01:19 +00:00
theme-compat Don't return encoded ampersands from get_post_comments_feed_link() to avoid canonical redirect issues. Apply esc_url() when appropriate. 2012-11-07 19:56:10 +00:00
admin-bar.php Move admin bar initialization from init to template_redirect, so conditional tags may be used in the show_admin_bar filter. props scribu. fixes #20101. 2013-02-28 16:56:35 +00:00
atomlib.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
author-template.php esc_url() when printing a URL into an attribute, even when it is known to be safe. (see #17562) 2013-02-28 18:58:52 +00:00
bookmark-template.php In wp_list_bookmarks(), don't stomp the categorize argument. Fixes categorized display in the links widget. 2012-11-28 23:19:03 +00:00
bookmark.php Don't cache a non-existent link in get_bookmark(). props wonderboymusic, fixes #21159. 2012-09-13 16:41:43 +00:00
cache.php Correct inline docs for cache.php. props ocean90. fixes #23058. 2013-01-22 20:44:30 +00:00
canonical.php Consistently use $wp_rewrite->index instead of hardcoding "index.php". 2013-01-18 13:44:22 +00:00
capabilities.php Pass old roles to set_user_role action. props awellis13. fixes #19134. 2013-01-31 01:15:25 +00:00
category-template.php Don't bail from get_the_terms() if the post type is not registed for the taxonomy. This can break back compat when add_post_type_support( 'page', 'post-formats' ) is called but register_taxonomy_for_object_type( 'postr_-format', 'page' ) is not. 2012-11-20 18:31:06 +00:00
category.php Pinking shears 2012-11-17 15:11:29 +00:00
class-IXR.php Specify the encoding in IXR_Server::output(). Props solarissmoke, sergey.s.betke@novgaro.ru, SergeyBiryukov. fixes #4794 2012-08-15 20:12:00 +00:00
class-feed.php Do SimplePie sanitization with wp_kses_post() rather than DOMDocument, which cannot be guaranteed to be available. 2012-11-22 07:23:43 +00:00
class-http.php WP_HTTP: Prevent the 'max_body_length' and 'stream_handle' properties of the curl class from leaking between requests by specifically initializing them in every case. See #23472 & r23605 2013-03-04 05:40:43 +00:00
class-json.php Update to Services_JSON 1.0.3. props bpetty. fixes #21568. 2013-02-02 02:09:01 +00:00
class-oembed.php Check for DOMDocument when parsing oEmbed XML responses. 2012-12-10 22:49:45 +00:00
class-phpass.php Fix typos in documentation (wp-includes/[a-h]). See #18560. 2011-09-03 16:02:41 +00:00
class-phpmailer.php Update to PHPMailer 5.2.4. props bpetty. fixes #21074. 2013-02-28 18:33:13 +00:00
class-pop3.php Update pop3 class. Props aaroncampbell. fixes #17064 2011-04-21 20:40:32 +00:00
class-simplepie.php Update SimplePie to 1.3.1. Props rmccue, ocean90. fixes #22321 2012-11-05 14:25:25 +00:00
class-smtp.php Update to PHPMailer 5.2.4. props bpetty. fixes #21074. 2013-02-28 18:33:13 +00:00
class-snoopy.php Fix typos in phpdoc. props bradparbs. fixes #23481. 2013-03-04 04:23:00 +00:00
class-wp-admin-bar.php Skip To links: visually hide by only setting top: -1000em; (this should make them work well in all screen readers), fixes #21312 2012-11-20 21:14:49 +00:00
class-wp-ajax-response.php Specify the charset in WP_Ajax_Response::send(). Props sergey.s.betke@novgaro.ru, SergeyBiryukov. fixes #19448 2012-08-15 18:17:21 +00:00
class-wp-customize-control.php Customizer uploader control: Pass arrays of extensions around instead. see #22149. 2012-11-10 04:59:46 +00:00
class-wp-customize-manager.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
class-wp-customize-section.php Refactor the Customizer accordion so that it can be used in other locations. 2013-02-14 22:58:04 +00:00
class-wp-customize-setting.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
class-wp-editor.php Ensure [23122] gets parsed as context. props TobiasBg. fixes #22808. 2012-12-07 18:50:16 +00:00
class-wp-embed.php Use correct escaping function. props duck_. 2013-01-22 16:37:54 +00:00
class-wp-error.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
class-wp-http-ixr-client.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
class-wp-image-editor-gd.php Only unset() after we have confirmed we are not dealing with a WP_Error. props DH-Shredder. fixes #22824. 2012-12-09 17:02:22 +00:00
class-wp-image-editor-imagick.php Only unset() after we have confirmed we are not dealing with a WP_Error. props DH-Shredder. fixes #22824. 2012-12-09 17:02:22 +00:00
class-wp-image-editor.php Image editors: After cropping, request new sizes from the image. If we rely on the values passed in, they may be floats. We must see what the image results in. 2012-12-06 07:56:04 +00:00
class-wp-theme.php Make Twenty Thirteen the default theme. 2013-02-28 19:01:07 +00:00
class-wp-walker.php Make sure the array exists before adding an element to it. props rodrigosprimo. fixes #23272. 2013-01-25 12:24:10 +00:00
class-wp-xmlrpc-server.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
class-wp.php Remove double-strip on HTTP_IF_NONE_MATCH, which was done years ago (in #2597). see #21767. 2013-03-01 17:51:16 +00:00
class.wp-dependencies.php Revert [21420] and [21481]. Accepting a string caused back compat problems including the possibility of revealing previously hidden circular dependencies resulting in infinite loops. 2012-10-23 20:32:12 +00:00
class.wp-scripts.php Allow protocol-relative URLs when registering/enqueueing scripts and styles. 2012-06-28 20:18:38 +00:00
class.wp-styles.php Allow protocol-relative URLs when registering/enqueueing scripts and styles. 2012-06-28 20:18:38 +00:00
comment-template.php Add filters to comments_link_feed(), comment_link(), and get_comments_link(). esc_url() the echoed output of comments_link(). 2013-03-06 19:57:31 +00:00
comment.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
compat.php Restore compat for json_decode and json_encode. fixes #18015 for trunk. 2011-07-06 23:33:05 +00:00
cron.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
default-constants.php Make Twenty Thirteen the default theme. 2013-02-28 19:01:07 +00:00
default-filters.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
default-widgets.php Simplify logic in WP_Widget_Recent_Posts and WP_Widget_Recent_Comments. fixes #23089. 2013-03-04 02:14:23 +00:00
deprecated.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
feed-atom-comments.php its <=> it's in documentation, along with a rogue the, The, and looses. props trepmal. fixes #22665. 2012-12-20 15:55:32 +00:00
feed-atom.php Don't return encoded ampersands from get_post_comments_feed_link() to avoid canonical redirect issues. Apply esc_url() when appropriate. 2012-11-07 19:56:10 +00:00
feed-rdf.php Add the generator element in feeds through the {rss2|atom|rdf|rss|opml}_head hooks. Fixes #6947 props sivel. 2010-02-13 16:45:16 +00:00
feed-rss.php Use the site's locale for the feed language. Provides the same result as language_attributes(). Removes the rss_language option. fixes #13440. see #5517. 2012-01-29 19:56:33 +00:00
feed-rss2-comments.php Use get_search_query() in feed-rss2-comments.php. Props SergeyBiryukov. fixes #21365 2012-07-25 18:04:17 +00:00
feed-rss2.php Use the_content_feed() when looking for zero-length post content for RSS2 feeds. Now you can have blank posts with content generated by the_content filters. props SergeyBiryukov. fixes #15604 2012-07-09 03:33:01 +00:00
feed.php Add filters to comments_link_feed(), comment_link(), and get_comments_link(). esc_url() the echoed output of comments_link(). 2013-03-06 19:57:31 +00:00
formatting.php Properly handle timezones in get_date_from_gmt() rather than relying on the implicit gmt_offset. This offset is only good for the current time, rather than the passed time, which causes problems when converting a DST date when DST is not in effect, or vice versa. 2013-03-05 16:14:14 +00:00
functions.php Ensure the referer functions operate completely on unslashed data: wp_referer_field(), wp_original_referer_field(), wp_get_referer(), wp_get_original_referer(). 2013-03-01 17:58:43 +00:00
functions.wp-scripts.php Add underscore and backbone to the do-not-deregister list of scripts. 2013-02-08 05:11:27 +00:00
functions.wp-styles.php Stop recommending the init hook in the _doing_it_wrong() message for too-early scripts and styles. Instead, recommend the three _enqueue_scripts hooks. If they're noticing they are doing it wrong, let's push them to 100% correct, not partly correct. 2013-02-02 02:42:09 +00:00
general-template.php Fix typo in wp_heartbeat_settings, see #23216 2013-02-25 04:19:51 +00:00
http.php Handle pre-flighted OPTIONS requests in send_origin_headers(). Props nacin. fixes #21024 2012-09-24 21:39:04 +00:00
kses.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
l10n.php Theme Translations: Allow for theme pomo files to be loaded from WP_LANG_DIR/themes/{$domain}-{$locale}.(p|m)o. 2012-10-31 21:30:33 +00:00
link-template.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
load.php Ensure we have a charset before calling mb_internal_encoding(), avoiding an unnecessary (if suppressed) warning. props dfavor. fixes #23093. 2013-02-02 02:01:29 +00:00
locale.php Add a translator's comment. see #19924. 2012-02-06 19:43:26 +00:00
media-template.php Media: Restore 3.4 behavior by consulting the old-school DB options for default align, size, and link properties. 2013-01-04 08:02:16 +00:00
media.php Add shortcode_atts_$shortcode filter for when the name of the shortcode is passed to shortcode_atts(). props coffee2code. fixes #15155. 2013-03-06 20:07:40 +00:00
meta.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
ms-blogs.php Remove unused global reference. props aaroncampbell. fixes #23541. 2013-02-20 00:18:15 +00:00
ms-default-constants.php Multisite in a subdirectory: For subdomain installs, use a root admin cookie path, not a wp-admin specific one. 2012-12-04 00:51:02 +00:00
ms-default-filters.php Remove ms-files.php rewriting from WordPress multisite. fixes #19235. 2012-09-11 22:22:20 +00:00
ms-deprecated.php Deprecate get_user_id_from_string() in favor of get_user_by( $field ) where $field is 'email' or 'login'. props SergeyBiryukov. fixes #23190. 2013-02-16 03:02:15 +00:00
ms-files.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
ms-functions.php Use correct variable. see [23592]. see #21767. 2013-03-03 22:04:33 +00:00
ms-load.php Merge two strings. props pavelevap, see #22306. 2012-11-07 22:03:23 +00:00
ms-settings.php Resurrect the switched global. Some are still using it. see #21459 2012-08-22 03:34:00 +00:00
nav-menu-template.php Add a filter for attributes on menu item links. props simonwheatley, DrewAPicture, SergeyBiryukov, nacin. fixes #16738. 2013-03-01 17:06:35 +00:00
nav-menu.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
option.php Ensure we strictly compare 'alloptions' and 'notoptions' when protecting these special options. 2013-02-28 16:49:20 +00:00
pluggable-deprecated.php Correct the deprecated notice in AtomPub's deprecated class. see #22855. 2012-12-26 20:35:27 +00:00
pluggable.php Remove unnecessary stripslashes(). 2013-03-03 20:55:30 +00:00
plugin.php Correct phpdoc for wp-includes/plugin.php: wp-content/plugins/, not wp-content/plugin/. props technosailor. fixes #23024. 2012-12-20 15:49:55 +00:00
post-formats.php Remove default content from post format compat output. We shouldn't magically create content for display not specified by the user, especially given that the current compat is handling the case of new data, old theme. see #23347. 2013-02-27 22:10:08 +00:00
post-template.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 21:11:40 +00:00
post-thumbnail-template.php Fix the PHPDoc for the_post_thumbnail(). props georgestephanis. fixes #22885 2012-12-29 17:59:08 +00:00
post.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 21:11:40 +00:00
query.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
registration-functions.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
registration.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
revision.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 21:11:40 +00:00
rewrite.php Remove bogus pagination rules from the comments permastruct. (As in, comments/page/?([0-9]{1,})/?$.) props wonderboymusic, fixes #21138. 2013-02-28 18:35:13 +00:00
rss-functions.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
rss.php its <=> it's in documentation, along with a rogue the, The, and looses. props trepmal. fixes #22665. 2012-12-20 15:55:32 +00:00
script-loader.php Update Backbone to 0.9.10. Update media to handle breaking changes. 2013-03-03 07:04:06 +00:00
shortcodes.php Add shortcode_atts_$shortcode filter for when the name of the shortcode is passed to shortcode_atts(). props coffee2code. fixes #15155. 2013-03-06 20:07:40 +00:00
taxonomy.php Remove unnecessary error suppression from get_terms(). fixes #21887. 2013-03-04 02:52:43 +00:00
template-loader.php Clean up [22347] a bit. see #14348 2012-10-31 23:01:13 +00:00
template.php Make sure .widefat border and background coloring only applies to tables. props MikeHansenMe. fixes #21936. 2013-01-22 14:44:04 +00:00
theme.php Always escape the URL echoed by header_image(). fixes #23664. 2013-03-07 05:30:00 +00:00
update.php Tighten our braces. Fixes #23118 props evansolomon. 2013-01-04 10:13:51 +00:00
user.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 21:11:40 +00:00
vars.php TinyMCE: better exclusion of Opera mobile, fixes #21416 2012-07-30 19:40:52 +00:00
version.php Compress scripts/styles: 3.6-alpha-23627. 2013-03-06 22:58:49 +00:00
widgets.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
wlwmanifest.xml Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
wp-db.php Enforce a minimum of two arguments for wpdb::prepare(). The first argument is the query (or fragment thereof), which is required. Additional arguments are values to substitute into placeholders. 2012-11-07 19:30:59 +00:00
wp-diff.php Revisions: First pass an implementing a new UI/UX for reviewing the revisions of posts. See #23497 props adamsilverstein for the initial patch. 2013-02-28 15:14:34 +00:00