Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-06-21 20:35:00 +02:00
Code Issues Projects Releases Wiki Activity
3,826 Commits 48 Branches 719 Tags 918 MiB
2.0-branch
Commit Graph

461 Commits

Author SHA1 Message Date
markjaquith
a4db65e504 add_option()/update_option() should pass the option name to get_option() pre-escaped. fixes #4690 for 2.0.x 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-08-01 19:14:40 +00:00
ryan
a7903d9eeb More clean_url and int casts for 2.0. 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-03-27 23:47:02 +00:00
ryan
bb07c58477 More int casts 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5100 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-03-25 23:12:38 +00:00
markjaquith
1bdc18d904 use clean_url() instead of attribute_escape() when dealing with src/href to protect against XSS. props xknown. fixes #3986 for 2.0. 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-03-17 09:04:56 +00:00
markjaquith
52c695b34f nonce-protect comments by users with unfiltered_html cap to prevent xsrf/xss. fixes #3973 for 2.0 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-03-14 23:13:36 +00:00
markjaquith
9095f32844 More int casting, just to be safe. 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5037 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-03-14 07:40:56 +00:00
ryan
f01df05ac1 Prophylactic casting. 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5022 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-03-10 20:34:01 +00:00
ryan
4fd3f14d44 specialchars wp_explain_nonce() output. 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-02-13 18:36:27 +00:00
ryan
81bf2a7ad7 estrict wp_remote_fopen to remote files. 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4827 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-01-28 22:31:22 +00:00
ryan
093275f189 Make sure is_array before extract. Props idle. fixes #3626 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4777 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-01-21 20:02:45 +00:00
markjaquith
8dd70353ad That'll teach me to trust a code snippet from php.net ... typo fix from last commit. relates to #3528 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-01-12 21:46:29 +00:00
markjaquith
6a11d0b794 Use http_response_code for in status_header() on PHP >= 4.3.0 per Ryan's suggestion. relates to #3528 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4724 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-01-12 21:41:48 +00:00
markjaquith
a2324a4487 Reverting non-essential stuff for a mean-and-lean 2.0.7 release 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-01-09 10:04:49 +00:00
markjaquith
c54fd7a243 burn in Hades, status_header(), destroyer of souls. fixes #3528 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2007-01-06 08:22:12 +00:00
markjaquith
be708ef9a7 new function for escaping within attributes: attribute_escape() 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-12-21 10:10:04 +00:00
ryan
16f9581218 Fix pregs. Props Mordred. 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-12-01 22:42:14 +00:00
markjaquith
57ff8770c0 trying Ryan's suggestion for #3215 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-11-22 04:59:31 +00:00
markjaquith
22ad434597 silence the fopen() in wp_remote_fopen() 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-11-15 22:47:17 +00:00
markjaquith
00c98cc513 Set extract type and rename car to avoid overwrites (backport from trunk [4469]) 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-11-15 22:29:20 +00:00
markjaquith
8a46b9e8c2 Questions should have question marks. Props Viper007Bond. Partially addresses: #3263 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-10-20 16:18:11 +00:00
markjaquith
2d8ad48991 Only run stripslashes() on strings in update_usermeta(). Props stm. fixes #3240 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4395 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-10-14 05:35:27 +00:00
markjaquith
2e621f422f Prevent users from entering strings that will be interpreted as serialized arrays/objects on the way out. fixes #2591 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-10-13 00:24:51 +00:00
markjaquith
9e9f4de19f Post meta caching fix by mdawaffe. fixes #3229 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4373 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-10-11 09:19:10 +00:00
markjaquith
23ddeba64d allow timer_stop() to use number_format() when returning. Props mdawaffe and nbachiyski. fixes #991 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4344 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-10-04 22:00:26 +00:00
markjaquith
052b0b8c37 case insensitive sorting. props Nazgul. fixes #3108 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-10-04 03:50:14 +00:00
ryan
5077b4e5de Keep the frag at the end. Props mdawaffe. fixes #3078 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4231 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-09-25 02:12:34 +00:00
ryan
abcbe47015 Make those chars feel special. 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-09-25 02:09:08 +00:00
ryan
17af24fdff Don't use blank user agent when pinging. Props error. fixes #2931 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4048 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-07-26 17:45:19 +00:00
ryan
b7a195b220 Trim theme and plugin data. fixes #2943 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-07-23 19:20:50 +00:00
ryan
9d3aff53ae Use wp_die() in wp_nonce_ays(). fixes #2929 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-07-10 17:21:48 +00:00
ryan
fcb186c059 get_category filter form majelbstoat. fixes #2466 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-07-10 16:13:04 +00:00
ryan
006284f925 wp_specialchars() within wp_nonce_url(). Props Nazgul. fixes #2857 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3973 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-07-05 09:52:18 +00:00
ryan
928b059aa5 wp_explain_nonce() and wp_nonce_ays(). Props mdawaffe. #2734 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-06-27 22:57:49 +00:00
ryan
ecc5807556 Have wp_referer_field() set the referer to the current page. fixes #2858 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3920 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-06-24 18:22:57 +00:00
ryan
8fdd6dadab wp_get_referer() and friends from robmiller and markjaquith. fixes #2800 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-06-24 05:41:59 +00:00
ryan
112ebb6172 Don't forget the protocol. Props tereshchenko. #2853 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-06-23 20:17:39 +00:00
ryan
c69c8bdfd8 Fix bug in add_query_arg when url like http://example.com (no trailing slash). Props skel to the ac. 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-06-22 03:52:18 +00:00
ryan
dacaa7594f Make replacement strings backref safe without using \${1} so as to preserve php <= 4.2 compatible. Props mdawaffe. fixes #2774 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-06-08 03:21:04 +00:00
ryan
c1d27f3113 Undef var fix from Denis-de-Bernardy. fixes #2780 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-06-04 21:07:18 +00:00
ryan
1204f35648 Enclosure redirect fix from aegrumet. fixes #2551 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-05-26 17:25:20 +00:00
ryan
7428c2fbbc Backport nonces and pluggable cookies. 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-05-11 23:05:45 +00:00
ryan
f9aeed2164 Fix backreferences in mysql2date(). Props tenpura. fixes #2564 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3745 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-04-22 00:22:28 +00:00
ryan
1c4d1096df update_option() action fix. fixes #2553 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3744 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-04-22 00:18:35 +00:00
ryan
cab11a0488 Isolate backref. fixes #2521 
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-03-04 22:42:01 +00:00
ryan
325a641cac Delete usermeta field if set to empty string. Props David House. fixes #2341 
git-svn-id: http://svn.automattic.com/wordpress/trunk@3495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-01-29 19:48:09 +00:00
ryan
cd678d9a32 Allow empty usermeta fields. Props David House. fixes #2341 
git-svn-id: http://svn.automattic.com/wordpress/trunk@3494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-01-29 00:21:48 +00:00
ryan
5c166af378 CGI ping fixes. fixes #2197 
git-svn-id: http://svn.automattic.com/wordpress/trunk@3491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-01-28 18:41:19 +00:00
matt
dd14d47290 Caching typo. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@3490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-01-28 06:19:11 +00:00
ryan
a191df007e Make sure we have an array. Props David House. fixes #2344 
git-svn-id: http://svn.automattic.com/wordpress/trunk@3489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-01-27 19:22:55 +00:00
ryan
10c1b81d0a Use double quotes. fixes #2332 
git-svn-id: http://svn.automattic.com/wordpress/trunk@3487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2006-01-26 02:33:14 +00:00