Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-14 14:45:45 +01:00
Code Issues Projects Releases Wiki Activity
34,936 Commits 50 Branches 748 Tags 792 MiB
2a4ac1ce68
Commit Graph

34936 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pascal Birchler
5c4b703f38 Whitelist post arguments in XML-RPC 
Merges [40677] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40679


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40542 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 08:19:35 +00:00
Pascal Birchler
43c3b11cee Bump 4.6 branch to version 4.6.5. 
Built from https://develop.svn.wordpress.org/branches/4.6@40488


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-20 16:22:35 +00:00
Pascal Birchler
98c13fefb2 Fix broken audio/video functions when sanitizing ID3 data 
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

See #40075, #40085.

Merges [40400] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40461


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40337 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-17 13:07:36 +00:00
James Nylen
299bfe429c Bump 4.6 branch to version 4.6.4. 
Built from https://develop.svn.wordpress.org/branches/4.6@40203


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40142 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 16:08:34 +00:00
John Blackbourn
70a97d6789 Press This: Verify intent before fetching in-page resources using Press This. 
Props vortfu

Merges [40195] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40197


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 13:58:33 +00:00
Aaron Campbell
0e1bc61b1f Strip control characters before validating redirect. 
Merges [40183] to 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40185


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40124 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 13:41:33 +00:00
Aaron Campbell
b67b8d56d9 Plugins: Add file check to plugin deletions. 
Merges [40169] to 4.6 branch.


Built from https://develop.svn.wordpress.org/branches/4.6@40171


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 12:59:34 +00:00
Dominik Schilling
e61cac5d13 Embeds: URL encode YouTube video IDs for broader compatibility. 
Merge of [40160] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40162


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 12:05:34 +00:00
Jeremy Felt
fe1162e5f1 Validate video and audio metadata. 
Merge of [40148] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40150


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40089 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 08:04:35 +00:00
Aaron Campbell
baf66f786a Bump 4.6 branch to version 4.6.3. 
Built from https://develop.svn.wordpress.org/branches/4.6@39996


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39933 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 18:16:33 +00:00
Dominik Schilling
88e92019c3 Press This: Do not show Categories & Tags UI for users who cannot assign terms to posts anyways. 
Merge of [39968] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@39971


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:10:33 +00:00
John Blackbourn
df08ef2450 Posts, Post Types: When using Excerpt mode on the Posts list table, ensure the excerpt output matches what was manually entered into the Excerpt field. 
Merges [39956] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@39970


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:09:35 +00:00
Dominik Schilling
c3794cc9b3 Query: Ensure that queries work correctly with post type names with special characters. 
Merge of [39952] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@39955


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 13:40:34 +00:00
Joe McGill
18f8236b61 Media: Fix exif_imagetype check in wp_get_image_mime 
This is a follow up to [39831].

Merges [39850] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@39852


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 16:39:33 +00:00
Aaron Campbell
9cbfb359cb Use plural string 'Maintenance and Security Releases' since we have two now 
Built from https://develop.svn.wordpress.org/branches/4.6@39847


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 15:31:32 +00:00
Aaron Campbell
74ecd3d1f3 Bump 4.6 branch to version 4.6.2. 
Built from https://develop.svn.wordpress.org/branches/4.6@39846


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 15:24:33 +00:00
Joe McGill
db42241c13 Media: Improve image filetype checking. 
This adds a new function `wp_get_image_mime()` which is used by
`wp_check_filetype_and_ext()` to validate image files using
`exif_imagetype()` if available instead of `getimagesize()`.

`getimagesize()` is less performant than `exif_imagetype()` and is
dependent on GD. If `exif_imagetype()` is not available, it falls back to
`getimagesize()` as before.

If `wp_check_filetype_and_ext()` can't validate the filetype, we now return
`false` for ext/MIME values.

Merges [39831] to the 4.6 branch.


Built from https://develop.svn.wordpress.org/branches/4.6@39833


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 13:14:33 +00:00
Dominik Schilling
b6f03a6084 Updates: Translate plugin data on the Updates screen. 
Merge of [39808] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@39821


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39759 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 11:40:06 +00:00
Dominik Schilling
efc07abeb3 Themes: Fix markup for theme name fallbacks. 
Merge of [39807] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@39810


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39748 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 11:09:35 +00:00
Jeremy Felt
116a5c2fa7 Multisite: Use wp_rand() in signup key creation. 
Merges [39795] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@39797


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 05:32:07 +00:00
Dion Hulse
5694c55375 Update PHPMailer to 5.2.22. 
The full list of changes is available here:
https://github.com/PHPMailer/PHPMailer/compare/v5.2.21...v5.2.22

Merges [39759] to the 4.6 branch.
Fixes #37210 for 4.6.

Built from https://develop.svn.wordpress.org/branches/4.6@39785


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39723 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 05:22:39 +00:00
Jeremy Felt
3855756ad2 Mail: Disable wp-mail.php when mailserver_url is mail.example.com. 
Merges [39772] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@39774


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 05:16:34 +00:00
Aaron Campbell
ebbfc7179c Add nonce for widget accessibility mode. 
Props vortfu.

See #23328.

Merges [39760] to 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@39762


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 01:43:35 +00:00
Dion Hulse
53cecfcd72 Mail: Upgrade PHPMailer to 5.2.21. 
Merges [39645] to the 4.6 branch.
See #37210.

Built from https://develop.svn.wordpress.org/branches/4.6@39722


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-06 22:04:04 +00:00
Dion Hulse
9a487ee432 General: Update copyright year to 2017 in license.txt. 
Props Nikschavan.
Merges [39659] to the 4.6 branch.
Fixes #39433.

Built from https://develop.svn.wordpress.org/branches/4.6@39698


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39638 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-05 08:38:37 +00:00
Dion Hulse
f5f0032925 HTTP: Call mbstring_binary_safe_encoding() before making a request with Requests to avoid issues with mbstring.func_overload. 
Props SergeyBiryukov.
Merges [38894] to the 4.6 branch.
Fixes #38226.

Built from https://develop.svn.wordpress.org/branches/4.6@38895


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-25 00:47:30 +00:00
Dion Hulse
4d089ce55b HTTP: Update Requests to master (0048f3c) which fixes a number of outstanding issues. 
Merges [38727] to the 4.6 branch.

Fixes #38070, #37733 by reverting part of [38429] and using the fix in Requests.
Fixes #37992 allowing for connecting to SSL resources on ports other than 443.
Fixes #37991 by not sending default ports in the `Host:` header.
Fixes #37839 to match and decode Chunked responses correctly.
Fixes #38232 allowing a SSL connection to ignore the hostname of the certificate when verification is disabled.

Built from https://develop.svn.wordpress.org/branches/4.6@38728


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38671 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-05 03:27:31 +00:00
Aaron Campbell
38430b0533 Media: Improved media titles when created from filename. 
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.

Merge of [38614] to the 4.6 branch.

Props joemcgill.
Fixes #37989.


Built from https://develop.svn.wordpress.org/branches/4.6@38615


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-17 06:27:31 +00:00
Gary Pendergast
74d49a9288 Database: Fall back to utf8 when utf8mb4 isn't supported. 
Sometimes, `DB_CHARSET` will be set to `utf8mb4`, even if the current setup doesn't support `utf8mb4`. After [38442], this can cause significant character set failures, causing the connection to fall back to `latin1`.

Instead of doing this, we now check that the connection supports `utf8mb4` before trying to use it, and fall back to `utf8` when we need to.

Merge of [38580] to the 4.6 branch.
Fixes #37982.


Built from https://develop.svn.wordpress.org/branches/4.6@38581


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-08 23:54:31 +00:00
Jeremy Felt
17b03600af The 4.6 branch is now 4.6.2-alpha. 
Built from https://develop.svn.wordpress.org/branches/4.6@38570


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 17:18:32 +00:00
Jeremy Felt
1e85e502a0 Bump 4.6 branch to 4.6.1. 
Built from https://develop.svn.wordpress.org/branches/4.6@38549


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 14:57:32 +00:00
Jeremy Felt
e860e24b6e Media: Sanitize upload filename. 
Merge of [38538] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@38539


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 13:57:29 +00:00
Jeremy Felt
927e102a78 Comments: Revert [38497] 
Restore direct SQL query when fetching descendants.

See #37696, #37966.

Built from https://develop.svn.wordpress.org/branches/4.6@38537


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 13:41:34 +00:00
Dion Hulse
1df764bd45 Bump Akismet External. 
See #37961


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 02:07:29 +00:00
Pascal Birchler
b9f38d1aa8 Upgrade/Install: Sanitize file name in File_Upload_Upgrader. 
Merge of [38524] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@38525


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-06 17:29:31 +00:00
Jeremy Felt
bc85c9c739 Post 4.6.1-RC1 version bump 
Built from https://develop.svn.wordpress.org/branches/4.6@38499


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38440 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-01 15:41:30 +00:00
Jeremy Felt
f09c426ddd WordPress 4.6.1-RC1 
Built from https://develop.svn.wordpress.org/branches/4.6@38498


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38439 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-01 15:28:30 +00:00
Jeremy Felt
d873404562 Comments: Don't do direct SQL query when fetching decendants. 
The SQL query was built using the clauses compiled when querying for
top-level comments. But in cases where the top-level comment query
results are already in the cache, the SQL clauses are not built, and
so are unavailable for `fill_descendants()`. Instead, we call
`get_comments()`, using modified versions of the parameters passed
to the main `WP_Comment_Query` class.

Merge of [38446] to the 4.6 branch.

Props boonebgorges, Akeif, Rarst for testing.
Fixes #37696.

Built from https://develop.svn.wordpress.org/branches/4.6@38497


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-01 15:15:32 +00:00
Jeremy Felt
9214ae47a6 TinyMCE: fix toolbars alignment in RTL. 
Merge of [38349] to the 4.6 branch.

Props azaozz, geminorum for testing.
Fixes #37760.

Built from https://develop.svn.wordpress.org/branches/4.6@38488


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38429 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 23:43:29 +00:00
Jeremy Felt
0c064f4ed8 Editor: fix jumpiness on pressing backspace and delete in the Text editor. 
Merge of [38426] to the 4.6 branch.

Props azaozz.
Fixes #37690.

Built from https://develop.svn.wordpress.org/branches/4.6@38487


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 23:13:30 +00:00
Jeremy Felt
b6151949af HTTP: Handle an edgecase within the URI parsing library included in Requests, where if a double slash exists at the start of the path the URL is passed to cURL malformed. 
Merge of [38429] to the 4.6 branch.

Props dd32, flixos90 for initial patch.
Fixes #37733.

Built from https://develop.svn.wordpress.org/branches/4.6@38485


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38426 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 22:01:31 +00:00
Jeremy Felt
0d0310bcd6 Post Thumbnails: Prevent post thumbnail previews from spilling into other images. 
After [38118], when previewing a page with a secondary loop, all post
thumbnails would be filtered to display the post thumbnail for the
page being previewed. This ensures `_wp_preview_post_thumbnail_filter()`
is only applied if the `$post_id` of the post meta being filtered is
equal to the post or page being previewed.

Merge of [38433] to the 4.6 branch.

Props swissspidy, joemcgill.
Fixes #37697.

Built from https://develop.svn.wordpress.org/branches/4.6@38476


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 18:44:29 +00:00
Jeremy Felt
b39313803a Upgrade/Install: After [37687], fix the number of params passed to the upgrade hooks. 
`wp_version_check()`, `wp_update_plugins()` and `wp_update_themes()` are all originally hooked to the `upgrader_process_complete` action with zero arguments passed to them. Zero arguments should be passed when re-adding them after translation updates, otherwise the sky will fall.

Merge of [38415] to the 4.6 branch.

Props ionutst, gitlost, swissspidy.
Fixes #37731.

Built from https://develop.svn.wordpress.org/branches/4.6@38475


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 18:12:30 +00:00
Jeremy Felt
d6980d1c0d Script Loader: Close the <link> tag in wp_resource_hints(). 
Adjusts tests to match markup change.

Merge of [38443] and [38447] to the 4.6 branch.

Props Chaos Engine, SergeyBiryukov, swissspidy.
Fixes #37800.

Built from https://develop.svn.wordpress.org/branches/4.6@38473


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38414 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 17:26:31 +00:00
Jeremy Felt
575e4ef0db TinyMCE: change the default font for the vi locale to the same stack as he_IL. 
Merge of [38427] to the 4.6 branch.

Props azaozz, nmt90 for reporting and testing.
Fixes #37755.

Built from https://develop.svn.wordpress.org/branches/4.6@38472


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 17:16:31 +00:00
Dion Hulse
6ddc8affb1 HTTP: Accept non-string values in cookies, fixing a regression since 4.5. 
Props swissspidy.
Merges [38430] to the 4.6 branch.
Fixes #37768.

Built from https://develop.svn.wordpress.org/branches/4.6@38461


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 06:07:31 +00:00
Dion Hulse
c53ae0299a Bootstrap: Check that ini_get_all() exists before calling it, allows us to work around hosts who disable the function for "security purposes". 
Merges [38431] to the 4.6 branch.
Fixes #37680.

Built from https://develop.svn.wordpress.org/branches/4.6@38460


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 06:06:32 +00:00
Gary Pendergast
33c1c022e3 Database: Don't force an unsupported character set that previously would've silently failed. 
[37320] corrected some behaviour in how PHP and MySQL character sets are matched up. This was correct, but had the side effect of causing some incorrectly configured sites to start failing.

Prior to [37320], if `DB_CHARSET` was set to `utf8mb4`, but the PHP version didn't support `utf8mb4`, it would fall back to the default character set - usually `latin1`. After [37320], the `SET NAMES` query would force MySQL to treat the connection character set as `utf8mb4`, even if PHP wasn't able to understand it.

By checking if `mysqli_set_charset()` succeeded, we can simulate the old behaviour, while maintaining the fix in [37320].

Merge of [38441] to the 4.6 branch.

Props danielkanchev fo helping to diagnose this issue.
Fixes #37689.


Built from https://develop.svn.wordpress.org/branches/4.6@38442


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-30 07:42:49 +00:00
Gary Pendergast
1b8d23ca29 Database: Ensure that variables are defined correctly. 
There were some cases where some local variables in `wpdb::init_charset()` could be undefined when they were used.

Merge of [38439] to the 4.6 branch.

Props Frozzare.
Fixes #37683.


Built from https://develop.svn.wordpress.org/branches/4.6@38440


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-30 07:17:42 +00:00
Boone Gorges
97095d54c3 In is_object_in_term(), return error object rather than caching it. 
This change prevents an error object from being stored in the cache,
and prevents notices from being thrown when plucking term IDs to put
into the relationship cache.

See #32044, #36814.

Merges [38277] to the 4.6 branch.

Props rpayne7264.
Fixes #37721.

Built from https://develop.svn.wordpress.org/branches/4.6@38346


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-24 09:20:36 +00:00