Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-09 04:11:10 +01:00
Code Issues Projects Releases Wiki Activity
21,429 Commits 50 Branches 747 Tags 791 MiB
12c4b9bae9
Commit Graph

83 Commits

Author SHA1 Message Date
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments. 
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-02-14 22:51:06 +00:00
Ryan Boren
b10f343480 Consistent escaping in admin_color_scheme_picker(). Props johnjamesjacoby. fixes #22326 
git-svn-id: http://core.svn.wordpress.org/trunk@22375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-11-05 18:16:23 +00:00
Andrew Nacin
fac0ce8ec7 Flush rewrite rules when page_on_front is updated. props SergeyBiryukov. fixes #21274. 
git-svn-id: http://core.svn.wordpress.org/trunk@22301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-10-25 20:20:24 +00:00
Ryan Boren
bcbc0b65ac Allow numbers in screen option IDs. Fixes setting posts per page for custom post types containing 0-9. Props SergeyBiryukov. fixes #18323 
git-svn-id: http://core.svn.wordpress.org/trunk@22253 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-10-17 13:09:17 +00:00
Dion Hulse
a41af6219a Move win_is_writable() from wp-admin/includes to wp-includes so that it's always available for get_temp_dir(). Fixes #20778 
git-svn-id: http://core.svn.wordpress.org/trunk@22009 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-09-26 05:08:26 +00:00
ryan
f45383244d Fix per_page screen option for custom post types and taxonomies. Don't convert taxonomy and post type slugs from hyphen to underscore when saving the per_page usermeta. Props nacin. see #18958 
git-svn-id: http://core.svn.wordpress.org/trunk@21322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-07-25 16:13:13 +00:00
azaozz
1d12cd07b0 Introduce wp_is_mobile() and use it instead of $is_iphone global, see #20014 
git-svn-id: http://svn.automattic.com/wordpress/trunk@20417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-04-10 01:19:30 +00:00
duck_
a395e06896 Reduce references to the $wp_rewrite global because it's no longer used or a wrapper function can be used instead. Fixes #14546.#14546. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@20023 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-02-28 20:29:33 +00:00
ryan
e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-08 17:01:11 +00:00
ryan
616c35e71c One newline is enough. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-05 20:10:39 +00:00
ryan
02a1dd7ccb Best practice, use wp_safe_redirect() when dealing with referrers. Props nacin. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19579 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-12-10 18:26:48 +00:00
azaozz
eb5dbde246 Admin bar IE7, iPad and rtl refresh, see #81197 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19368 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-11-21 02:03:02 +00:00
azaozz
f85e0b3f00 Make iPad support usable again, add viewport meta, see #18863 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-10-10 04:19:05 +00:00
westi
b816f54124 Revert [18747] until we can discuss it further. See #18453. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-09-22 09:15:45 +00:00
azaozz
95e8b34104 Postpone warnings when WP_DEBUG and WP_DEBUG_DISPLAY are set, see #18453 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18747 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-09-22 02:27:00 +00:00
nacin
a4c18fc053 Use untrailingslashit in url_shorten() and recurse_dirsize(). Remove unnecessary camelCase variables. see #18592. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18637 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-09-05 16:53:19 +00:00
azaozz
06fd2002c5 Fix unfolding of the admin menu when no JS, fixes #17897 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-06-27 20:40:04 +00:00
westi
3c278d6421 Don't touch web.config when flushing rewrite rules if it is a multisite install. Fixes #16076 props nacin. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-01-19 16:49:46 +00:00
dd32
20e1171ae8 Fix fatal error on IIS after r16797. props peaceablewhale. Limit variable string searching when possible. See #10187 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-14 08:31:33 +00:00
ryan
3f72e340d6 Update since phpdoc. Props demetris. fixes #15445 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-01 19:24:38 +00:00
nbachiyski
44f183e8dd Add another pair of parentheses, so that the right-hand win_is_writable() isn't always called. Fixes #15616 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-30 21:41:57 +00:00
nbachiyski
db9eeb3019 Run the iis7_supports_permalinks() check first 
* It's cheapest, most of the others involve disk operations
 * Doesn't go through win_is_writable(), which can't avoid relying on the @ operator


git-svn-id: http://svn.automattic.com/wordpress/trunk@16634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-30 20:50:59 +00:00
nbachiyski
54886235ab Rename the $rm variable so that the logic in win_is_writable() makes more sense 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-30 19:57:39 +00:00
nbachiyski
ce7bc3977b Proper spacing in win_is_writable(), according to the coding standards 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-30 19:13:27 +00:00
nbachiyski
a3d185fd50 COonvert spaces to tabs 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-30 19:11:09 +00:00
PeteMall
652db28fad Add screen option in site-users. Props duck_, see #15558 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-24 16:54:53 +00:00
scribu
0324721ed2 Document url_shorten() and use in more places. Props latz for initial patch. Fixes #15540 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-22 17:17:31 +00:00
nacin
81a8f2d3ce Use square brackets instead of braces for string access. props hakre, fixes #13900. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-13 09:53:55 +00:00
ryan
0d489ee102 Add screen options to site-themes. Props PeteMall. see #14897 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16298 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-11 15:16:16 +00:00
scribu
b078890091 Fix screen options for the network admin themes and plugins. Props ocean90. Fixes #15269. Also fixes [16190] 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-04 20:49:30 +00:00
ryan
9c31fd7c70 First pass of user admin. Network admin and screen cleanups. see #14696 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15746 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-07 19:34:18 +00:00
scribu
020ce73746 Ajaxify list-type screens in the admin. See #14579 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-08-11 21:54:51 +00:00
markjaquith
e3d5fb602b Make the number of taxonomies to display per page setting actually stick. props nacin. fixes #13899 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-06-15 20:07:02 +00:00
nacin
c370c84d19 Remove autocomplete and codepress. for autocomplete, see #13283. for codepress, see #13307. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14718 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-05-18 03:48:22 +00:00
westi
2c1cc83750 Fix support for rewrites on IIS7. Fixes #12973 props Frumph and ruslany. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-04-29 21:41:20 +00:00
nacin
47b80515da Move send_nosniff_header() into wp-includes so it can be used in wp-ajax.php. props sivel, fixes #12683 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13806 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-23 19:13:58 +00:00
ryan
e25a65b36a Trim trailing whitespace 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-17 16:27:25 +00:00
ryan
b2c3ace49a Update ms-sites UI. Props ocean90. see #12460 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-06 18:31:10 +00:00
dd32
f3af366e3d First scrape at new UI for Bulk plugin upgrades. See #11232 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-06 08:39:50 +00:00
dd32
b1621c63ae Move Admin Colour Scheme picker to a hook. Props Jick. s/register_admin_color_themes()/register_admin_color_schemes/g. See #11625, Fixes #6837 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-28 06:34:31 +00:00
nacin
8b4e58529b A call to arms for grammarians. Fixes #12228 fixes #11875 props kurtmckee, filosofo, jjj 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-26 05:46:08 +00:00
westi
2372671879 Introduce send_nosniff_header() and use it to turn off content sniffing in supported browsers. Fixes #10671 props chrisscott and niallkennedy. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-25 21:41:33 +00:00
nacin
8bcc5969dc Spelling and grammar fun. Fixes #11875 props cnorris23 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13382 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-24 20:13:23 +00:00
nacin
2ce7dc4dac Don't use deprecated *_usermeta() functions. Props technosailor fixes #10837 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-22 21:25:32 +00:00
markjaquith
927472de19 Better wp_reset_vars() behavior when var is already set. props scribu. fixes #11974 
git-svn-id: http://svn.automattic.com/wordpress/trunk@12831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-01-26 06:06:14 +00:00
ryan
8760e7da1b Coding standards, space after if 
git-svn-id: http://svn.automattic.com/wordpress/trunk@12752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-01-18 20:34:48 +00:00
ryan
6da55f7792 Trailing whitespace cleanup 
git-svn-id: http://svn.automattic.com/wordpress/trunk@12733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-01-15 22:11:12 +00:00
ryan
05bf7382ff Merge edit-pages.php into edit.php. see #9674 
git-svn-id: http://svn.automattic.com/wordpress/trunk@12728 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-01-15 16:58:36 +00:00
wpmuguru
2653342f43 merge multisite wp-admin/includes except schema, See #11644 
git-svn-id: http://svn.automattic.com/wordpress/trunk@12726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-01-15 00:21:13 +00:00
ryan
8e9f48b472 Allow per_page settings for custom post type edit screens. see #9674 
git-svn-id: http://svn.automattic.com/wordpress/trunk@12707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-01-12 15:41:10 +00:00