audrasjb
f28c97fa8c
Grouped backports to the 5.7 branch.
...
- Editor: Bump @wordpress packages for the branch,
- Media: Refactor search by filename within the admin,
- REST API: Lockdown post parameter of the terms endpoint,
- Customize: Escape blogname option in underscores templates,
- Query: Validate relation in `WP_Date_Query`,
- Posts, Post types: Apply KSES to post-by-email content,
- General: Validate host on "Are you sure?" screen,
- Posts, Post types: Remove emails from post-by-email logs,
- Pings/trackbacks: Apply KSES to all trackbacks,
- Mail: Reset PHPMailer properties between use,
- Comments: Apply kses when editing comments,
- Widgets: Escape RSS error messages for display.
Merges [54521-54530] to the 5.7 branch.
Props audrasjb, costdev, cu121, dd32, davidbaumwald, ehtis, johnbillion, johnjamesjacoby, martinkrcho, matveb, oztaser, paulkevan, peterwilsoncc, ravipatel, SergeyBiryukov, talldanwp, timothyblynjacobs, tykoted, voldemortensen, vortfu, xknown.
Built from https://develop.svn.wordpress.org/branches/5.7@54553
git-svn-id: http://core.svn.wordpress.org/branches/5.7@54108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-17 17:55:21 +00:00
Sergey Biryukov
a4f6f2beae
Mail: Make the check for empty post title in wp-mail.php
more resilient.
...
This addresses a regression in [47054], which caused posts sent via email to published with an empty title.
Props whyisjake, Otto42, MarkRH, MattyRob, mukesh27, afragen, pikamander2.
Fixes #49853 .
Built from https://develop.svn.wordpress.org/trunk@47580
git-svn-id: http://core.svn.wordpress.org/trunk@47355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-14 11:32:06 +00:00
Sergey Biryukov
47ed56f38f
Code Modernization: Replace dirname( __FILE__ )
calls with __DIR__
magic constant.
...
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.
This commit also includes:
* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
* `wp-admin/admin-header.php`
* `wp-admin/admin-footer.php`
* `wp-includes/version.php`
Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes #48082 .
Built from https://develop.svn.wordpress.org/trunk@47198
git-svn-id: http://core.svn.wordpress.org/trunk@46998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-06 06:33:11 +00:00
Sergey Biryukov
001ffe81fb
Docs: Improve inline comments per the documentation standards.
...
Includes minor code layout fixes for better readability.
See #48303 .
Built from https://develop.svn.wordpress.org/trunk@47122
git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov
d784ebbcb4
Coding Standards: Use strict comparison and Yoda conditions in the root directory files.
...
Props pikamander2.
Fixes #48965 .
Built from https://develop.svn.wordpress.org/trunk@47054
git-svn-id: http://core.svn.wordpress.org/trunk@46854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-09 00:55:05 +00:00
Sergey Biryukov
e199663322
I18N: Capitalize translator comments consistently, add trailing punctuation.
...
Includes minor code layout fixes.
See #44360 .
Built from https://develop.svn.wordpress.org/trunk@45932
git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
Gary Pendergast
a02b5cc2a8
Coding Standards: Mark the handful of hook names with uppercase characters or hyphens as ignored.
...
See #47632 .
Built from https://develop.svn.wordpress.org/trunk@45599
git-svn-id: http://core.svn.wordpress.org/trunk@45410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-05 01:45:56 +00:00
Gary Pendergast
aaf99e6913
Code is Poetry.
...
WordPress' code just... wasn't.
This is now dealt with.
Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057 .
Built from https://develop.svn.wordpress.org/trunk@42343
git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Jeremy Felt
061e878881
Mail: Disable wp-mail.php when mailserver_url
is mail.example.com.
...
Built from https://develop.svn.wordpress.org/trunk@39772
git-svn-id: http://core.svn.wordpress.org/trunk@39710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 05:13:43 +00:00
John Blackbourn
c2d709e9d6
I18n: Introduce more translator comments for strings that contain placeholders but don't have an accompanying translator comment.
...
See #38882
Built from https://develop.svn.wordpress.org/trunk@39326
git-svn-id: http://core.svn.wordpress.org/trunk@39266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 02:46:30 +00:00
Scott Taylor
a3ffebce30
Bootstrap: do not go gentle into that good night r38411, r38412, and parts of r38389.
...
See #36335 .
Built from https://develop.svn.wordpress.org/trunk@38470
git-svn-id: http://core.svn.wordpress.org/trunk@38411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 16:31:29 +00:00
Scott Taylor
390ceba6c7
Bootstrap: after r38409 and r38410, revert r38402 which reverted r38399.
...
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.
See #36335 .
Built from https://develop.svn.wordpress.org/trunk@38411
git-svn-id: http://core.svn.wordpress.org/trunk@38352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 22:32:37 +00:00
Dion Hulse
0e31a46161
Bootstrap: Revert [38399] as it's broken /build/
and subsequently core.svn.wordpress.org.
...
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.
See #36335
Built from https://develop.svn.wordpress.org/trunk@38402
git-svn-id: http://core.svn.wordpress.org/trunk@38343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 14:37:32 +00:00
Scott Taylor
6a529648cf
Bootstrap: Autoload classes using a Composer-generated PHP 5.2-compatible Autoloader.
...
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.
The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php
We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php
When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.
The future is now.
See #36335 .
Built from https://develop.svn.wordpress.org/trunk@38399
git-svn-id: http://core.svn.wordpress.org/trunk@38340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 09:15:29 +00:00
Sergey Biryukov
0955ea66da
WP Mail: If post-by-email functionality is disabled, wp-mail.php
should return a 403 Forbidden
status code instead if 500 Internal Server Error
.
...
Props Presskopp, tomdxw.
Fixes #37572 .
Built from https://develop.svn.wordpress.org/trunk@38332
git-svn-id: http://core.svn.wordpress.org/trunk@38273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-23 14:02:39 +00:00
Dominik Schilling
834f0809fc
WP Mail: Remove an unused variable.
...
Unused since [34864].
Props vishalkakadiya.
Fixes #37346 .
Built from https://develop.svn.wordpress.org/trunk@38045
git-svn-id: http://core.svn.wordpress.org/trunk@37986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-13 12:37:29 +00:00
Drew Jaynes
f82641ad0e
Docs: Standardize filter docs in root folder files to use third-person singular verbs per the inline documentation standards for PHP.
...
Fixes #36913 .
Built from https://develop.svn.wordpress.org/trunk@37535
git-svn-id: http://core.svn.wordpress.org/trunk@37503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 16:44:27 +00:00
Scott Taylor
53060a8987
WP Mail: replace logic that was mimicking strtotime()
with strtotime()
. Without this, the date parsing wasn't accounting for half-hour and quarter-hour timezones.
...
Props neoscrib, solarissmoke.
Fixes #16993 .
Built from https://develop.svn.wordpress.org/trunk@34864
git-svn-id: http://core.svn.wordpress.org/trunk@34829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 14:07:24 +00:00
Scott Taylor
beb61ff909
WP Mail: Avoid using HTML tags in translation strings, add translator strings.
...
Props ramiy.
Fixes #31871 .
Built from https://develop.svn.wordpress.org/trunk@34343
git-svn-id: http://core.svn.wordpress.org/trunk@34307 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-20 02:53:25 +00:00
Drew Jaynes
e731028303
Fix syntax for single- and multi-line comments in root-directory files.
...
See #28931 .
Built from https://develop.svn.wordpress.org/trunk@29205
git-svn-id: http://core.svn.wordpress.org/trunk@28989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-17 09:12:16 +00:00
Sergey Biryukov
256e24c0ed
Inline documentation for hooks in wp-mail.php.
...
props kpdesign, radices.
fixes #25551 .
Built from https://develop.svn.wordpress.org/trunk@26129
git-svn-id: http://core.svn.wordpress.org/trunk@26041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 11:58:12 +00:00
Andrew Nacin
5361a8abca
Spell out duplicate hook locations.
...
props DrewAPicture.
fixes #25658 .
Built from https://develop.svn.wordpress.org/trunk@25868
git-svn-id: http://core.svn.wordpress.org/trunk@25868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:59:20 +00:00
Andrew Nacin
de7977d66c
Move upgrader_process_complete for core to its proper place in Core_Upgrader.
...
This means it will be firing as a JS redirect is taking place if the update is from pre-3.4. Acceptable.
props dd32.
fixes #25659 .
Built from https://develop.svn.wordpress.org/trunk@25861
git-svn-id: http://core.svn.wordpress.org/trunk@25861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:58:23 +00:00
Drew Jaynes
4d1482cd0d
Inline documentation for the WP_Date_Query
class in wp-includes/date.php.
...
- Adds a complete hash notation for the `WP_Date_Query` arguments array.
- Adds missing documentation for the `date_query_valid_columns` and `get_date_sql` filter hooks.
Props aeg0125 for the incremental patches.
Fixes #25552 .
Built from https://develop.svn.wordpress.org/trunk@25860
git-svn-id: http://core.svn.wordpress.org/trunk@25860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:58:12 +00:00
Andrew Nacin
8ae8e01b67
Remove the old wp_auto_updates_maybe_update cron event. Schedule the new wp_maybe_auto_update event at 7 a.m. and 7 p.m. in the site's timezone.
...
see #27704 .
Built from https://develop.svn.wordpress.org/trunk@25825
git-svn-id: http://core.svn.wordpress.org/trunk@25825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:53:14 +00:00
Andrew Nacin
74488bdcb0
Spell out duplicate hook locations.
...
props DrewAPicture.
fixes #25658 .
Built from https://develop.svn.wordpress.org/trunk@25868
git-svn-id: http://core.svn.wordpress.org/trunk@25780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-22 17:22:11 +00:00
Ryan Boren
315bfb019a
Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
...
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-03 21:11:40 +00:00
Ryan Boren
43a7e695e9
Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
...
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Ryan Boren
cc5ed3a485
Change all core API to expect unslashed rather than slashed arguments.
...
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.
Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.
Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.
Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.
Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.
Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.
Plugins should use wp_unslash() on data being passed to core API.
Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.
Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.
Remove many no longer necessary calls to $wpdb->escape() and esc_sql().
In wp_get_referer() and wp_get_original_referer(), return unslashed data.
Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.
Switch several queries over to prepare().
Expect something to break.
Props alexkingorg
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Andrew Nacin
557d9313a7
Introduce constants to allow for easier expression of time periods in seconds. Adds MINUTE_IN_SECONDS, HOUR_IN_SECONDS, DAY_IN_SECONDS, WEEK_IN_SECONDS, YEAR_IN_SECONDS. props nbachiyski, SergeyBiryukov. fixes #20987 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 05:26:19 +00:00
nacin
95ab5d397e
Anchor a regular expression in wp-mail.php to ensure we are matching the Reply-To: header, not the In-Reply-To: header.
...
Per RFCs *822, mail headers must start at the beginning of a line. This same pattern could be continued throughout this file.
props solarissmoke.
fixes #18923 .
git-svn-id: http://core.svn.wordpress.org/trunk@20682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-02 13:32:19 +00:00
ryan
e3b46b25d3
Lose EOF ?>. Clean up EOF newlines. fixes #12307
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
ryan
07ff8b216b
Use one space, not two, after trailing punctuation. fixes #19537
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
ryan
ec4ccf2900
Deprecate get_userdatabylogin() and get_user_by_email(). Props scribu. fixes #18333
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-05 16:57:31 +00:00
ryan
1a552dd029
Strip trailing whitespace
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-26 02:42:15 +00:00
nacin
1d8718e03d
Adjust POP3 error checks in wp-mail.php. props solarissmoke, fixes #13163 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14518 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-08 19:34:59 +00:00
dd32
442d41291a
Tweak new strings for better typography. Props demetris. Fixes #12962
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-11 10:41:54 +00:00
westi
3e4ce6e9a3
Switch from POST_BY_EMAIL constant to enable post-by-email when multisite to a filter. See #12381 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-25 22:06:10 +00:00
ryan
9f1aa91f37
Integrate maybe_cancel_post_by_email() into wp-mail.php. see #11644
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-26 20:53:59 +00:00
westi
ad83f73957
Make the action name for post-by-email takeover actually unique so the plugins are not triggered every time WP tries to send an email!
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-18 20:43:05 +00:00
westi
8772775a15
Post by Email plugins might want to use there own POP3 class so move the action earlier.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-10 20:05:24 +00:00
westi
91582e7d2c
Allow a plugin to do a complete takeover of Post by Email
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-28 07:18:05 +00:00
westi
46ffb5bbbc
Allow a plugin to do a complete takeover of Post by Email
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-28 07:17:03 +00:00
westi
45ec67dc13
Set the interval to 5 minutes like I meant. See #7245 props aaroncampbell.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11786 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-07 17:11:39 +00:00
westi
1199fd75f0
Limit wp-mail blog by email checks to every 5 minutes. Fixes #7245 based on patches from lilyfan and Denis-de-Bernardy.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11782 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-06 19:58:47 +00:00
markjaquith
119b39cec2
deprecate wp_specialchars() in favor of esc_html(). Encode quotes for esc_html() as in esc_attr(), to improve plugin security.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-18 15:11:07 +00:00
azaozz
83f674bf9a
Banishing ASCII quotes and apostrophes, props demetris, fixes #9655
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-05 04:28:05 +00:00
ryan
47aa41a9e6
Don't absint gmt_offset. Props Hirvine. fixes #9162
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-23 07:03:21 +00:00
ryan
e8b6fe7347
Trim trailing whitespace
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-03-18 02:43:45 +00:00
westi
48f9d53e41
Add a filter to allow post-by-email plugins better control over the content.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@10412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-01-22 22:31:27 +00:00