Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-05 02:10:45 +01:00
Code Issues Projects Releases Wiki Activity
30,913 Commits 50 Branches 747 Tags 789 MiB
1664811dec
Commit Graph

245 Commits

Author SHA1 Message Date
whyisjake
b8d6fd57e5 General: WordPress updates 
* XML-RPC: Improve error messages for unprivileged users.
* External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
* Embeds: Disable embeds on deactivated Multisite sites.
* Coding standards: Modify escaping functions to avoid potential false positives.
* XML-RPC: Return error message if attachment ID is incorrect.
* Upgrade/install: Improve logic check when determining installation status.
* Meta: Sanitize meta key before checking protection status.
* Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.

Brings the changes from [49380,49382-49388] to the 4.3 branch.

Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.

Built from https://develop.svn.wordpress.org/branches/4.3@49403


git-svn-id: http://core.svn.wordpress.org/branches/4.3@49162 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-10-29 19:06:19 +00:00
Pascal Birchler
a21c779e19 Adjust post meta checks 
Merges [40692] to the 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@40697


git-svn-id: http://core.svn.wordpress.org/branches/4.3@40560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 08:52:26 +00:00
Pascal Birchler
51f3fe2909 Whitelist post arguments in XML-RPC 
Merges [40677] to the 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@40682


git-svn-id: http://core.svn.wordpress.org/branches/4.3@40545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 08:22:27 +00:00
Dominik Schilling
9c57f3a429 XMLRPC: Don't allow private posts to be sticky. 
Merge of [34135] to the 4.3 branch.

See #20662.
Built from https://develop.svn.wordpress.org/branches/4.3@34151


git-svn-id: http://core.svn.wordpress.org/branches/4.3@34119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-14 22:50:31 +00:00
Dion Hulse
7f29687a55 Revert [33845] 
git-svn-id: http://core.svn.wordpress.org/branches/4.3@33847 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-03 03:33:24 +00:00
Dion Hulse
f0706a0895 Term Splitting: Switch to a faster cron unschedule process to benefit sites with thousands of affected jobs. Fix the cron hook name in the failsafe rescheduler. 
Merges [33727] to the 4.3 branch
Props Otto42, dd32, peterwilsoncc
Fixes #33423 for trunk

Built from https://develop.svn.wordpress.org/branches/4.3@33877


git-svn-id: http://core.svn.wordpress.org/branches/4.3@33845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-03 03:31:17 +00:00
Dion Hulse
7cfe2d293f Revert [33688] which removed all branches/4.3 files due to a sync script error. 
git-svn-id: http://core.svn.wordpress.org/branches/4.3@33692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-08-24 22:14:43 +00:00
Weston Ruter
4e96fc9fd7 Widgets: Switch back to using array_key_exists() instead of isset() for widget instance existence check. 
Reverts unnecessary change in [32602] since `array_key_exists()` does actually work with `ArrayIterator` objects.

Merges [33696] to the 4.3 branch.
See #32474.
Fixes #33442 for the 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@33721


git-svn-id: http://core.svn.wordpress.org/branches/4.3@33688 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-08-24 19:31:16 +00:00
Dion Hulse
0b648f198b Revert [33614] which removed all branches/4.3 files due to a sync script error. 
git-svn-id: http://core.svn.wordpress.org/branches/4.3@33616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-08-19 13:24:10 +00:00
Dion Hulse
7f86f37642 Term Splitting: Fix a reversal of parameters to wp_schedule_single_event() introduced in [33621]. 
The existing invalid cron entries will not be purged automatically (as the 'timestamp' is never matched) so we do this ourselves.

Merges [33646] to the 4.3 branch.
Props mechter for noticing!
See #30261.
Fixes #33423 for the 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@33647


git-svn-id: http://core.svn.wordpress.org/branches/4.3@33614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-08-19 11:37:14 +00:00
Scott Taylor
4a1f50f732 After [33325], supply a missing post_type in ->mw_editPost(). 
Add unit test.

Props ocean90.
Fixes #20662.

Built from https://develop.svn.wordpress.org/trunk@33612


git-svn-id: http://core.svn.wordpress.org/trunk@33579 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-08-13 15:28:27 +00:00
Drew Jaynes
bed02906f2 Docs: Fix incorrect indentation for the wp_xmlrpc_server->wp_getPostFormats() DocBlock. 
Also adds a missing return description.

Props TomHarrigan.
Fixes #33078.

Built from https://develop.svn.wordpress.org/trunk@33407


git-svn-id: http://core.svn.wordpress.org/trunk@33375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-23 13:19:27 +00:00
Scott Taylor
bf481ed496 After [33325], add a doc summary. 
Fixes #20662.

Built from https://develop.svn.wordpress.org/trunk@33343


git-svn-id: http://core.svn.wordpress.org/trunk@33315 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-21 15:18:25 +00:00
Scott Taylor
432f9891f7 Ensure that private posts cannot be made sticky via Quick Edit. 
DRY the logic for stickies in `wp_xmlrpc_server` by introducing `->_toggle_sticky()`.

Props wonderboymusic, obenland, chriscct7.
Fixes #20662.

Built from https://develop.svn.wordpress.org/trunk@33325


git-svn-id: http://core.svn.wordpress.org/trunk@33297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-19 18:09:25 +00:00
Konstantin Obenland
a4e803fbd4 Use get_default_comment_status() globally. 
Also makes the filter name static and passes the post type for context.

Props valendesigns.
Fixes #31168.


Built from https://develop.svn.wordpress.org/trunk@33054


git-svn-id: http://core.svn.wordpress.org/trunk@33025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-02 22:32:25 +00:00
Dion Hulse
2a35e075d7 XML-RPC: Only escape what we need to in wp.editPage, this allows for passwords with the special characters "' to work in a request. 
Props redsweater for initial Patch.
Fixes #32703

Built from https://develop.svn.wordpress.org/trunk@32993


git-svn-id: http://core.svn.wordpress.org/trunk@32964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-06-29 02:07:23 +00:00
Scott Taylor
5c6b63d3a6 if is a statment, not a function. 
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32800


git-svn-id: http://core.svn.wordpress.org/trunk@32771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-06-16 20:01:25 +00:00
Scott Taylor
f888767c73 $status shouldn't be loosely compared to true in wp_xmlrpc_server::wp_deleteComment(). 
`$initial` shouldn't be loosely compared to `true` in `get_calendar()`.
`current_user_can()` shouldn't be loosely compared to `false` in `kses_init()`
`$get_all` shouldn't be loosely compared to `true` in `get_blog_details()`.
`is_array()` and `in_array()` shouldn't be loosely compared in `wpmu_validate_user_signup()`.
`$result` should by strictly compared in `check_ajax_referer()`.
`wp_verify_nonce()` should by strictly compared in `_show_post_preview()`.
`is_user_logged_in()` should not be loosly compared against `false` in `wp-signup.php`.

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32733


git-svn-id: http://core.svn.wordpress.org/trunk@32704 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-06-12 17:48:26 +00:00
Scott Taylor
c502a281bb After [32656], add @access annotations to methods that have no doc block in wp-includes/*. 
Makes it easier to search for no doc blocks via `}[\n\t\r ]+(protected|private|public)`.

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32657


git-svn-id: http://core.svn.wordpress.org/trunk@32627 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-29 21:37:24 +00:00
Scott Taylor
19b8ef0c92 get_comments() can return int, so a few places need to check if the return value is traversable before passing what is assumed to be an array. 
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32600


git-svn-id: http://core.svn.wordpress.org/trunk@32570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-25 17:59:25 +00:00
Drew Jaynes
4c37f68b79 Fix inline documentation syntax in wp_xmlrpc_server. 
See #32246.

Built from https://develop.svn.wordpress.org/trunk@32591


git-svn-id: http://core.svn.wordpress.org/trunk@32561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-25 06:25:25 +00:00
Scott Taylor
bd8fafea54 Use void instead of null where appropriate when pipe-delimiting @return types. If a @return only contains void, remove it. 
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32568


git-svn-id: http://core.svn.wordpress.org/trunk@32538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-24 05:40:25 +00:00
Drew Jaynes
459ccb0d8b Add missing or incomplete argument and return descriptions for wp_xmlrpc_server->wp_editPost(). 
Also includes many small syntax fixes for inline documentation throughout the file.

See #32246.

Built from https://develop.svn.wordpress.org/trunk@32565


git-svn-id: http://core.svn.wordpress.org/trunk@32535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-23 19:47:25 +00:00
Drew Jaynes
2bebcf4c39 Add missing parameter and return descriptions to the DocBlock for wp_xmlrpc_server->_convert_date_gmt(). 
See #32246.

Built from https://develop.svn.wordpress.org/trunk@32564


git-svn-id: http://core.svn.wordpress.org/trunk@32534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-23 19:41:24 +00:00
Drew Jaynes
d94d97eab6 Add missing parameter and return descriptions to the DocBlock for wp_xmlrpc_server->_convert_date(). 
See #32246.

Built from https://develop.svn.wordpress.org/trunk@32563


git-svn-id: http://core.svn.wordpress.org/trunk@32533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-23 19:40:24 +00:00
Drew Jaynes
9f73a3351f Fix inline documentation syntax in the DocBlock for wp_xmlrpc_server->_prepare_taxonomy(). 
See #32246.

Built from https://develop.svn.wordpress.org/trunk@32562


git-svn-id: http://core.svn.wordpress.org/trunk@32532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-23 19:38:25 +00:00
Drew Jaynes
8aa163e65a Fix some inline documentation syntax in the DocBlock for wp_xmlrpc_server->minimum_args(). 
See #32246.

Built from https://develop.svn.wordpress.org/trunk@32561


git-svn-id: http://core.svn.wordpress.org/trunk@32531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-23 19:37:26 +00:00
Drew Jaynes
ebe60d1fc4 Use a valid parameter type of string for the $name parameter in the xmlrpc_call hook docs. 
See #32246.

Built from https://develop.svn.wordpress.org/trunk@32560


git-svn-id: http://core.svn.wordpress.org/trunk@32530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-23 19:36:26 +00:00
Drew Jaynes
18066945ae Add missing argument descriptions for the $args hash notation in wp_xmlrpc_server->wp_getUsersBlogs(). 
See #32246.

Built from https://develop.svn.wordpress.org/trunk@32559


git-svn-id: http://core.svn.wordpress.org/trunk@32529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-23 19:33:27 +00:00
Drew Jaynes
c76493d29b Properly notate the inline link to the xmlrpc_blog_options filter in the description for wp_xmlrpc_server->initialise_blog_option_info(). 
See #30224.

Built from https://develop.svn.wordpress.org/trunk@32558


git-svn-id: http://core.svn.wordpress.org/trunk@32528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-23 19:30:26 +00:00
Drew Jaynes
ed0421e7de Add a proper return description for the wp_xmlrpc_server->addTwoNumbers() method. 
See [30181]. See #30224.

Built from https://develop.svn.wordpress.org/trunk@32557


git-svn-id: http://core.svn.wordpress.org/trunk@32527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-23 19:26:26 +00:00
Drew Jaynes
7a93dda2d2 Add proper descriptions for the $methods, $blog_options, and $error properties in wp_xmlrpc_server. 
See [30181]. See #30224.

Built from https://develop.svn.wordpress.org/trunk@32556


git-svn-id: http://core.svn.wordpress.org/trunk@32526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-23 19:23:25 +00:00
Scott Taylor
ecf4c668b3 Upgrade the doc blocks in class-wp-xmlrpc-server.php. Rehabilitate some unfortunate use of tabbing. 
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32550


git-svn-id: http://core.svn.wordpress.org/trunk@32520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-22 19:37:24 +00:00
Dominik Schilling
60c9fdf9fd Merge similar error strings for invalid data. 
props pavelevap.
fixes #32329.
Built from https://develop.svn.wordpress.org/trunk@32477


git-svn-id: http://core.svn.wordpress.org/trunk@32447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-09 21:09:25 +00:00
Sergey Biryukov
7a6cba1308 Remove duplicate string with a typo, merge it with an existing string. 
props pavelevap.
fixes #32020.
Built from https://develop.svn.wordpress.org/trunk@32209


git-svn-id: http://core.svn.wordpress.org/trunk@32182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-20 15:27:25 +00:00
John Blackbourn
c996169c04 Correctly set the post author in wp_xmlrpc_server::mw_editPost() when the current user is not the author of the post. 
Props redsweater, markoheijnen, DrewAPicture
Fixes #24916

Built from https://develop.svn.wordpress.org/trunk@31983


git-svn-id: http://core.svn.wordpress.org/trunk@31962 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-02 15:49:30 +00:00
Sergey Biryukov
53a704a67a Fix a typo in [30138]. 
see #30224.
Built from https://develop.svn.wordpress.org/trunk@31279


git-svn-id: http://core.svn.wordpress.org/trunk@31260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-01-25 09:48:21 +00:00
Scott Taylor
fe6b5983df In PHP 5.0.0, is_a() became deprecated in favour of the instanceof operator. Calling is_a() would result in an E_STRICT warning. 
In PHP 5.3.0, `is_a()` is no longer deprecated, and will therefore no longer throw `E_STRICT` warnings.

To avoid warnings in PHP < 5.3.0, convert all `is_a()` calls to `$var instanceof WP_Class` calls.

`instanceof` does not throw any error if the variable being tested is not an object, it simply returns `false`.

Props markoheijnen, wonderboymusic.
Fixes #25672.

Built from https://develop.svn.wordpress.org/trunk@31188


git-svn-id: http://core.svn.wordpress.org/trunk@31169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-01-16 01:06:24 +00:00
Scott Taylor
0e84d59de5 In wp_xmlrpc_server, only allow __call() to run against ->_multisite_getUsersBlogs(). 
See #30891.

Built from https://develop.svn.wordpress.org/trunk@31149


git-svn-id: http://core.svn.wordpress.org/trunk@31130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-01-11 22:31:22 +00:00
Scott Taylor
0a511680f4 Adding a @return annotation to constructors is generally not recommended as a constructor does not have a meaningful return value. Constructors do not have meaningful return values, anything that is returned from here is discarded. 
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31126


git-svn-id: http://core.svn.wordpress.org/trunk@31107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-01-10 06:54:23 +00:00
Scott Taylor
ac6fddee35 In wp_xmlrpc_server, remove dead code. 
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31092


git-svn-id: http://core.svn.wordpress.org/trunk@31073 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-01-08 07:21:22 +00:00
Scott Taylor
60b0cd7943 The keyword elseif should be used instead of else if so that all control keywords look like single words. 
This was a mess, is now standardized across the codebase, except for a few 3rd-party libs. 

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31090


git-svn-id: http://core.svn.wordpress.org/trunk@31071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-01-08 07:05:25 +00:00
Scott Taylor
ac4e67b82e Perl-style comments should not be used 
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31079


git-svn-id: http://core.svn.wordpress.org/trunk@31060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-01-08 05:52:24 +00:00
Scott Taylor
e619abda6e Improve various @param docs for src/wp-includes/*. 
See #30224.

Built from https://develop.svn.wordpress.org/trunk@30681


git-svn-id: http://core.svn.wordpress.org/trunk@30671 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-12-01 01:34:24 +00:00
Scott Taylor
c598d35e41 Almost every method in wp_xmlrpc_server can also return IXR_Error and should be labeled as such. Rehabilitate some return syntax. 
See #30224.

Built from https://develop.svn.wordpress.org/trunk@30181


git-svn-id: http://core.svn.wordpress.org/trunk@30181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-11-03 03:04:22 +00:00
Scott Taylor
be707cd614 In wp_xmlrpc_server methods, for comprehensibility: 
* initialize arrays in loops, instead of overriding an uninitialized array each time
* in `->blogger_getRecentPosts()` and `->mw_getRecentPosts()`, remove the extra loops by only setting one `array`

See #30224.

Built from https://develop.svn.wordpress.org/trunk@30153


git-svn-id: http://core.svn.wordpress.org/trunk@30153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-11-01 19:45:25 +00:00
Scott Taylor
65ab0a188e In wp_xmlrpc_server->pingback_ping(), remove the internal variable $way each time it is set and not used. 
See #30224.

Built from https://develop.svn.wordpress.org/trunk@30139


git-svn-id: http://core.svn.wordpress.org/trunk@30139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-11-01 01:50:21 +00:00
Scott Taylor
4f6745e9aa In wp_xmlrpc_server methods, don't set $blog_id internally if it is never used, which is almost always. Updates the docs. 
See #30224.

Built from https://develop.svn.wordpress.org/trunk@30138


git-svn-id: http://core.svn.wordpress.org/trunk@30138 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-11-01 01:44:23 +00:00
Scott Taylor
0d3270282d In wp_xmlrpc_server->_prepare_comment(), $comment_date is set internally but never used. 
See #30224.

Built from https://develop.svn.wordpress.org/trunk@30137


git-svn-id: http://core.svn.wordpress.org/trunk@30137 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-11-01 01:29:24 +00:00
Sergey Biryukov
a32a75b9f4 XML-RPC: Check if category support was added for pages before calling wp_get_post_categories() to avoid unnecessary query in wp.getPage. 
props markoheijnen, nprasath002.
fixes #17920.
Built from https://develop.svn.wordpress.org/trunk@29731


git-svn-id: http://core.svn.wordpress.org/trunk@29505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-09-11 13:56:15 +00:00