WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
WordPress/wp-includes
History
Scott Taylor fc842e33c9 Users: when passing a `WP_User` instance to `wp_update_user()`, ensure that the user password is not accidentally double-hashed. This is terrifying. 
Adds unit tests.

Props tbcorr, salcode.
Fixes #28435.

Built from https://develop.svn.wordpress.org/trunk@35116


git-svn-id: http://core.svn.wordpress.org/trunk@35081 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 		2015-10-13 02:48:24 +00:00
..
ID3
SimplePie `callback` is not a valid type in PHP, PSR-5, or phpDocumentor. `callable` should be used instead. 2015-09-25 23:58:25 +00:00
Text
certificates HTTP: Update the Root Certificate bundle. 2015-09-18 08:43:26 +00:00
css Notices: Update one more instance of white-on-white. 2015-10-09 17:47:25 +00:00
fonts
images oEmbed: add fallback icons (not used yet) for older browsers. 2015-10-12 21:17:25 +00:00
js Plupload: update to 2.1.8. Changelog: https://github.com/moxiecode/plupload/releases. 2015-10-10 23:50:25 +00:00
pomo Pass `false` as the 2nd argument to `class_exists()` to disable autoloading and to not cause problems for those who define `__autoload()`. 2015-09-20 03:52:25 +00:00
random_compat Use PHP7's `random_int()` CSPRNG functionality in `wp_rand()` with a fallback to the `random_compat` library for PHP 5.x. 2015-10-09 04:28:24 +00:00
rest-api HTTP/REST API: move `WP_HTTP_Response` to `wp-includes/` with the rest (ha!) of the HTTP classes. This is PHP 5.2, so this class is global, and as per @rmccue, unrelated to REST specifically. 2015-10-08 19:27:28 +00:00
theme-compat Theme Compat: Remove two strings from `comments-popup.php`. 2015-09-20 08:49:27 +00:00
widgets RSS Widget: add a class, `rss-widget-icon`, to the RSS icon to allow devs to hide it. Not going to remove to not break visual BC. 2015-09-29 04:32:25 +00:00
admin-bar.php Docs: some `@global object` vernaculars should be converted to the actual object type. 2015-10-10 15:45:25 +00:00
atomlib.php
author-template.php Introduce `get_the_author_posts_link()`, which returns the HTML link to the author page for the current post's author. 2015-09-29 01:49:25 +00:00
bookmark-template.php
bookmark.php After [33843], update the location of some files in `This filter is documented in` docs 2015-09-08 22:17:26 +00:00
cache.php Docs: Improve documentation for the `WP_Object_Cache` class. 2015-09-16 10:03:26 +00:00
canonical.php Canonical: remove unused code (commented-out) from `redirect_canonical()`. 2015-10-01 05:09:50 +00:00
capabilities-functions.php Revert [34778], continue using `_site_option()` for the current network. 2015-10-07 17:11:25 +00:00
capabilities.php Docs: The Users subpackage is plural. 2015-09-22 13:46:25 +00:00
category-functions.php Introduce `WP_Term`. 2015-10-10 01:59:29 +00:00
category-template.php Don't cache `WP_Term` objects in `wp_get_object_cache()`. 2015-10-12 15:13:48 +00:00
category.php Docs: Clarify the file header for wp-includes/category.php. 2015-09-22 14:20:24 +00:00
class-IXR.php XML-RPC: Add a filter, `xmlrpc_memory_limit`, to allow the value of `$xmlrpc_memory_limit` to be increased. 2015-10-13 01:01:24 +00:00
class-feed.php Pass `false` as the 2nd argument to `class_exists()` to disable autoloading and to not cause problems for those who define `__autoload()`. 2015-09-20 03:52:25 +00:00
class-http.php Docs: object != class 2015-09-26 07:04:28 +00:00
class-json.php Docs: Put "it's" in its place (again). 2015-09-16 12:46:28 +00:00
class-oembed.php Update the explanatory text which accompanies the list of whitelisted oEmbed providers, following the change to the default value of the `discover` argument in `WP_oEmbed::get_provider()`. 2015-10-07 13:05:25 +00:00
class-phpass.php Remove closing PHP tag from `wp-includes/class-phpass.php`. 2015-10-06 23:45:25 +00:00
class-phpmailer.php
class-pop3.php Docs: Put "it's" in its place (again). 2015-09-16 12:46:28 +00:00
class-simplepie.php Pass `false` as the 2nd argument to `class_exists()` to disable autoloading and to not cause problems for those who define `__autoload()`. 2015-09-20 03:52:25 +00:00
class-smtp.php
class-snoopy.php Pass `false` as the 2nd argument to `class_exists()` to disable autoloading and to not cause problems for those who define `__autoload()`. 2015-09-20 03:52:25 +00:00
class-walker-category-dropdown.php Docs: Clarify the file header for wp-includes/class-walker-category-dropdown.php, introduced in [34110]. 2015-09-22 14:03:25 +00:00
class-walker-category.php Docs: Clarify the file header summary for wp-includes/class-walker-category.php, introduced in [34110]. 2015-09-22 14:01:25 +00:00
class-walker-comment.php Docs: some `@global object` vernaculars should be converted to the actual object type. 2015-10-10 15:45:25 +00:00
class-walker-page-dropdown.php Docs: Clarify the file header subpackage for wp-includes/class-walker-page-dropdown.php, introduced in [34109]. 2015-09-22 13:58:24 +00:00
class-walker-page.php Docs: Actually, the subpackage for `Walker_Page` should be Template. 2015-09-22 15:09:24 +00:00
class-wp-admin-bar.php
class-wp-ajax-response.php
class-wp-comment-query.php Prevent extra db queries in `WP_Comment::get_children()`. 2015-10-01 03:58:23 +00:00
class-wp-comment.php Prevent extra db queries in `WP_Comment::get_children()`. 2015-10-01 03:58:23 +00:00
class-wp-customize-control.php Customizer: `WP_Customize_Cropped_Image_Control` should extend `WP_Customize_Image_Control`, since Site Icon can only an image. 2015-10-10 23:25:24 +00:00
class-wp-customize-manager.php Customizer: Replace context for two strings added in [30306] with a translator comment. 2015-10-07 23:54:24 +00:00
class-wp-customize-nav-menus.php Customizer: Use the plural label for available menu item types. 2015-09-24 09:16:25 +00:00
class-wp-customize-panel.php Customize: Remove redundant `aria-label` attributes. 2015-09-13 06:16:26 +00:00
class-wp-customize-section.php Round 2 of: We should use ellipses … / … instead of three dots/periods ... e.g Loading… not Loading... 2015-09-09 04:39:25 +00:00
class-wp-customize-setting.php Customizer: Fix scalability performance problem for previewing multidimensional settings. 2015-10-10 09:06:25 +00:00
class-wp-customize-widgets.php Widgets: add a function, `is_registered_sidebar()` - helps us avoid touching the `$wp_registered_sidebars` global. 2015-10-13 01:33:25 +00:00
class-wp-editor.php Embeds: Add oEmbed provider support. 2015-10-07 10:36:25 +00:00
class-wp-embed.php Embeds: Add oEmbed provider support. 2015-10-07 10:36:25 +00:00
class-wp-error.php
class-wp-http-cookie.php Docs: object != class 2015-09-26 07:04:28 +00:00
class-wp-http-curl.php Don't set `CURLOPT_CAINFO` when `sslverify` is false when sending HTTP API requests through cURL. This avoids sending redundant information to cURL, and avoids a bug in Apple's SecureTransport library which causes a request to fail when a CA bundle is set but certificate verification is disabled. 2015-09-27 21:37:24 +00:00
class-wp-http-encoding.php Docs: Add a missing file header for wp-includes/class-wp-http-encoding.php, introduced in [33748]. 2015-09-03 03:28:21 +00:00
class-wp-http-ixr-client.php Docs: Update the hook doc summary for the `wp_http_ixr_client_headers` filter, introduced in [34164]. 2015-09-15 16:16:43 +00:00
class-wp-http-proxy.php Docs: Add a missing file header to wp-includes/class-wp-http-proxy.php, introduced in [33748]. 2015-09-03 03:30:21 +00:00
class-wp-http-response.php HTTP/REST API: move `WP_HTTP_Response` to `wp-includes/` with the rest (ha!) of the HTTP classes. This is PHP 5.2, so this class is global, and as per @rmccue, unrelated to REST specifically. 2015-10-08 19:27:28 +00:00
class-wp-http-streams.php Docs: object != class 2015-09-26 07:04:28 +00:00
class-wp-image-editor-gd.php Docs: Re-clarify the `$sizes[ $size ]` section of the hash notations for `WP_Image_Editor_GD::multi_resize()` and `WP_Image_Editor_Imagick::multi_resize()` as not fully-optional. 2015-10-12 16:34:23 +00:00
class-wp-image-editor-imagick.php Docs: Re-clarify the `$sizes[ $size ]` section of the hash notations for `WP_Image_Editor_GD::multi_resize()` and `WP_Image_Editor_Imagick::multi_resize()` as not fully-optional. 2015-10-12 16:34:23 +00:00
class-wp-image-editor.php `foreach` is a statement, not a function. 2015-08-25 20:28:22 +00:00
class-wp-meta-query.php Docs: Add a file header to wp-includes/class-wp-meta-query.php, introduced in [33761]. 2015-09-22 13:26:23 +00:00
class-wp-network.php MS: Adjust `_network_option()` parameter order, `$network_id` is first. 2015-10-11 22:44:27 +00:00
class-wp-oembed-controller.php Embeds: After [34903], remove an accidentally included text domain, and exclude a test failing in PHP 5.2. 2015-10-07 11:01:25 +00:00
class-wp-post.php Docs: Add a file header to wp-includes/class-wp-post.php, introduced in [33759]. 2015-09-22 13:10:24 +00:00
class-wp-rewrite.php Docs: Add a couple of strategically-placed spaces in `WP_Rewrite`. 2015-10-08 22:07:24 +00:00
class-wp-role.php Docs: The Users subpackage is plural. 2015-09-22 13:46:25 +00:00
class-wp-roles.php Docs: The Users subpackage is plural. 2015-09-22 13:46:25 +00:00
class-wp-tax-query.php Docs: Add a file header to wp-includes/class-wp-tax-query.php, introduced in [33760]. 2015-09-22 13:16:30 +00:00
class-wp-term.php Don't cache `WP_Term` objects in `wp_get_object_cache()`. 2015-10-12 15:13:48 +00:00
class-wp-theme.php Template: Make it possible to both ''add'' and ''remove'' items from the page templates list using the `theme_page_templates` filter. 2015-10-09 21:51:25 +00:00
class-wp-user-query.php Users: allow `-1` (no limit, use with extreme caution on large sites) as the value for `number` in `WP_User_Query` - similar to `posts_per_page => -1` in `WP_Query`. 2015-10-13 02:40:24 +00:00
class-wp-user.php Users: in `WP_User::__unset()`, don't reset the deprecated prop `id` to `ID`. Still throw the deprecated notice. 2015-09-24 00:49:25 +00:00
class-wp-walker.php Docs: Add missing parameter and return descriptions for `Walker::get_number_of_root_elements()`. 2015-09-14 15:33:27 +00:00
class-wp-widget-factory.php Docs: The Widgets subpackage is plural. 2015-09-22 13:48:25 +00:00
class-wp-widget.php Widgets: when getting settings, and none exist, set them to empty to avoid extraneous database queries on subsequent requests. 2015-10-13 01:13:24 +00:00
class-wp-xmlrpc-server.php XML-RPC: allow `wp_xmlrpc_server::wp_getPosts()` to receive `s` as a filter. 2015-10-06 13:41:26 +00:00
class-wp.php Embeds: Add oEmbed provider support. 2015-10-07 10:36:25 +00:00
class.wp-dependencies.php `foreach` is a statement, not a function. 2015-08-25 20:28:22 +00:00
class.wp-scripts.php Scripts: in `WP_Scripts::set_group()`, the `args` prop of the `_WP_Dependency` instance defaults to `null` - check that it is set before comparing. 2015-10-06 13:54:25 +00:00
class.wp-styles.php
comment-functions.php Docs: some `@global object` vernaculars should be converted to the actual object type. 2015-10-10 15:45:25 +00:00
comment-template.php Docs: some `@global object` vernaculars should be converted to the actual object type. 2015-10-10 15:45:25 +00:00
comment.php Docs: The Comment API is singular. 2015-09-22 13:44:25 +00:00
compat.php Use PHP7's `random_int()` CSPRNG functionality in `wp_rand()` with a fallback to the `random_compat` library for PHP 5.x. 2015-10-09 04:28:24 +00:00
cron.php Cron: In `spawn_cron()`, when using `ALTERNATE_WP_CRON`, return early for any non-`GET`, instead of naively checking `! empty( $_POST )`. 2015-09-26 04:51:26 +00:00
date.php Ensure that `WP_Date_Query` accepts a value of `0` for 'hour'. 2015-10-09 16:33:25 +00:00
default-constants.php Make `$blog_id` explicitly global. 2015-10-08 21:45:25 +00:00
default-filters.php Widgets: add a default filter for `widget_text` (used by the Text widget), `balanceTags`, which respects the option for `use_balanceTags`. 2015-10-13 01:40:26 +00:00
default-widgets.php Docs: Clarify the file header summary for wp-includes/default-widgets.php, the top-level file for bringing in the core widget classes. 2015-09-22 13:36:25 +00:00
deprecated.php Docs: Add an `@see` reference for the "use-instead-of" function in the DocBlock for `force_ssl_login()`, deprecated in [34700]. 2015-09-29 22:46:25 +00:00
embed-functions.php Docs: Add a missing `@since` version to the hook doc for the `the_excerpt_embed` filter, introduced in [34903]. 2015-10-08 23:25:24 +00:00
embed-template.php Format the number of comments in `wp-includes/embed-template.php` for the locale. 2015-10-13 01:02:25 +00:00
feed-atom-comments.php
feed-atom.php
feed-rdf.php
feed-rss.php
feed-rss2-comments.php
feed-rss2.php
feed.php Docs: Make a minor adjustment to the description syntax for the optional `$comment` argument in the DocBlock for `comment_link()`, introduced in [34071]. 2015-09-16 11:02:24 +00:00
formatting.php Avoid stripping square brackets from URLs, and instead correctly encode them. Square brackets must be encoded in the path, path parameters, query parameters, and fragment, but must not be encoded in anything up to the domain and port. 2015-10-07 23:39:23 +00:00
functions.php Feeds: Pass the feed name to `do_feed_{$feed}` action. 2015-10-13 02:44:23 +00:00
functions.wp-scripts.php
functions.wp-styles.php
general-template.php Replace `get_bloginfo( 'wpurl' )` with `site_url()` in `rsd_link()`. 2015-10-13 01:49:26 +00:00
http-functions.php HTTP: Add some new Cookie helper functions: 2015-09-22 03:14:25 +00:00
http.php After [34953], unbreak WordPress. 2015-10-08 19:29:25 +00:00
kses.php Allow these CSS properties in KSES: `min-height', 'max-height', 'min-width', 'max-width'` 2015-08-25 21:46:20 +00:00
l10n.php Revert [34778], continue using `_site_option()` for the current network. 2015-10-07 17:11:25 +00:00
link-template.php Template: Pass the `$post` parameter to the `the_permalink` filter. 2015-10-10 05:46:24 +00:00
load.php Move `wp_installing()` to load.php. 2015-10-07 03:02:23 +00:00
locale.php Docs: Add a summary, version, and `@access` tag to the property DocBlock for `WP_Locale->number_format`. 2015-09-24 13:26:24 +00:00
media-template.php After [34048], restore the `else` statement for `h` (height of video) in `wp_underscore_video_template()`. 2015-09-11 18:30:26 +00:00
media.php Media: avoid "divide by zero" in `wp_get_attachment_image_srcset_array()`. 2015-10-12 21:00:26 +00:00
meta-functions.php Docs: Clarify the file header summary for wp-includes/meta-functions.php, introduced in [33761]. 2015-09-22 13:27:24 +00:00
meta.php Docs: Clarify the file header summary for wp-includes/meta.php, the top-level file for the core Meta API. 2015-09-22 13:30:24 +00:00
ms-blogs.php
ms-default-constants.php Revert [34778], continue using `_site_option()` for the current network. 2015-10-07 17:11:25 +00:00
ms-default-filters.php Move new user notification emails to `add_action()` callbacks. 2015-09-16 22:19:24 +00:00
ms-deprecated.php Revert [34778], continue using `_site_option()` for the current network. 2015-10-07 17:11:25 +00:00
ms-files.php
ms-functions.php MS: Adjust `_network_option()` parameter order, `$network_id` is first. 2015-10-11 22:44:27 +00:00
ms-load.php Revert [34778], continue using `_site_option()` for the current network. 2015-10-07 17:11:25 +00:00
ms-settings.php Use `wp_installing()` instead of `WP_INSTALLING` constant. 2015-10-05 15:06:28 +00:00
nav-menu-template.php Add a `nav_menu_item_title` filter for filtering nav menu item titles. 2015-09-28 18:41:26 +00:00
nav-menu.php Introduce the `wp_add_nav_menu_item` action, fired immediately after a new nav menu item has been added. 2015-10-02 06:46:24 +00:00
option.php Add `$transient` as a parameter to the `set_transient_{transient}` action. 2015-10-12 21:02:25 +00:00
pluggable-deprecated.php Pass `false` as the 2nd argument to `class_exists()` to disable autoloading and to not cause problems for those who define `__autoload()`. 2015-09-20 03:52:25 +00:00
pluggable.php Fix typo in `get_avatar()` and `get_avatar_data()` docs. 2015-10-09 15:52:24 +00:00
plugin.php `callback` is not a valid type in PHP, PSR-5, or phpDocumentor. `callable` should be used instead. 2015-09-25 23:58:25 +00:00
post-formats.php `foreach` is a statement, not a function. 2015-08-25 20:28:22 +00:00
post-functions.php Posts: Add the `pre_get_lastpostmodified` filter to `get_lastpostmodified()`. 2015-10-08 05:57:25 +00:00
post-template.php Docs: Normalize spacing in the `wp_get_attachment_link` hook doc following [35065]. 2015-10-12 16:44:24 +00:00
post-thumbnail-template.php Docs: Adjust documentation for the `$size` parameter in `the_post_thumbnail_url()` to clarify the required order of width and height values when passing an array. 2015-10-12 17:00:26 +00:00
post.php Docs: Clarify the file header summary for wp-includes/post.php, the top-level file for the Post API. 2015-09-22 13:13:26 +00:00
query.php Remove dead code from `WP_Query::lazyload_term_meta()`. 2015-10-13 02:36:25 +00:00
registration-functions.php
registration.php
rest-api.php After [34953], unbreak WordPress. 2015-10-08 19:29:25 +00:00
revision.php Revert [34917] until the broken test is fixed. 2015-10-08 01:04:25 +00:00
rewrite-constants.php Docs: Clarify the file header summary for wp-includes/rewrite-constants.php, introduced in [33751]. 2015-09-04 01:52:24 +00:00
rewrite-functions.php Improve the parameter names and inline documentation for `add_rewrite_rule()`, `WP_Rewrite::add_rule()`, and `WP_Rewrite::add_external_rule()`. 2015-10-08 17:28:25 +00:00
rewrite.php Rewrite: move `WP_Rewrite` into its own file. `rewrite.php` loads the new files, so this is 100% BC if someone is loading `rewrite.php` directly. New files created using `svn cp`. 2015-08-26 04:42:20 +00:00
rss-functions.php
rss.php `foreach` is a statement, not a function. 2015-08-25 20:28:22 +00:00
script-loader.php Plupload: update to 2.1.8. Changelog: https://github.com/moxiecode/plupload/releases. 2015-10-10 23:50:25 +00:00
session.php
shortcodes.php Abstract the shortcode attribute parsing regex into its own function, update the JavaScript counterpart, and introduce a test to ensure they do not diverge again. 2015-10-08 03:12:24 +00:00
taxonomy-functions.php Don't cache `WP_Term` objects in `wp_get_object_cache()`. 2015-10-12 15:13:48 +00:00
taxonomy.php Introduce `WP_Term`. 2015-10-10 01:59:29 +00:00
template-loader.php Embeds: Add oEmbed provider support. 2015-10-07 10:36:25 +00:00
template.php Docs: some `@global object` vernaculars should be converted to the actual object type. 2015-10-10 15:45:25 +00:00
theme.php Use `wp_installing()` instead of `WP_INSTALLING` constant. 2015-10-05 15:06:28 +00:00
update.php Use `wp_installing()` instead of `WP_INSTALLING` constant. 2015-10-05 15:06:28 +00:00
user-functions.php Users: when passing a `WP_User` instance to `wp_update_user()`, ensure that the user password is not accidentally double-hashed. This is terrifying. 2015-10-13 02:48:24 +00:00
user.php Docs: The User API is singular. 2015-09-22 13:03:24 +00:00
vars.php Introduce a new `$is_edge` global for the Microsoft Edge browser. 2015-09-05 22:33:23 +00:00
version.php Users: when passing a `WP_User` instance to `wp_update_user()`, ensure that the user password is not accidentally double-hashed. This is terrifying. 2015-10-13 02:48:24 +00:00
widget-functions.php Widgets: When using `the_widget()`, the `$before_widget` argument only receives the widget class if using the default sidebar arguments. Run `sprintf` after parsing the args to fix this. 2015-10-13 01:49:48 +00:00
widgets.php Docs: Clarify the file header summary for wp-includes/widgets.php, the top-level file for the core Widgets API. 2015-09-03 03:14:20 +00:00
wlwmanifest.xml
wp-db.php Add `wp_load_translations_early()` to `wpdb::check_connection()`. 2015-10-08 17:11:24 +00:00
wp-diff.php Pass `false` as the 2nd argument to `class_exists()` to disable autoloading and to not cause problems for those who define `__autoload()`. 2015-09-20 03:52:25 +00:00