Commit Graph

18043 Commits

Author SHA1 Message Date
Dominik Schilling
33bf516808 Customize: Ignore invalid customization sessions.
Merge of [40704] to the 4.3 branch.
Built from https://develop.svn.wordpress.org/branches/4.3@40709


git-svn-id: http://core.svn.wordpress.org/branches/4.3@40572 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 12:18:26 +00:00
Pascal Birchler
a21c779e19 Adjust post meta checks
Merges [40692] to the 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@40697


git-svn-id: http://core.svn.wordpress.org/branches/4.3@40560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 08:52:26 +00:00
Pascal Birchler
51f3fe2909 Whitelist post arguments in XML-RPC
Merges [40677] to the 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@40682


git-svn-id: http://core.svn.wordpress.org/branches/4.3@40545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 08:22:27 +00:00
Pascal Birchler
1897b61ccb Bump 4.3 branch to version 4.3.10.
Built from https://develop.svn.wordpress.org/branches/4.3@40491


git-svn-id: http://core.svn.wordpress.org/branches/4.3@40367 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-20 16:25:27 +00:00
James Nylen
a5ea8d5b6e Bump 4.3 branch to version 4.3.9.
Built from https://develop.svn.wordpress.org/branches/4.3@40206


git-svn-id: http://core.svn.wordpress.org/branches/4.3@40145 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 16:28:25 +00:00
Aaron Campbell
6751b328d9 Strip control characters before validating redirect.
Merges [40183] to 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@40188


git-svn-id: http://core.svn.wordpress.org/branches/4.3@40127 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 13:43:55 +00:00
Dominik Schilling
46c23960dc Embeds: URL encode YouTube video IDs for broader compatibility.
Merge of [40160] to the 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@40165


git-svn-id: http://core.svn.wordpress.org/branches/4.3@40104 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 12:06:59 +00:00
Aaron Campbell
d9d2157746 Bump 4.3 branch to version 4.3.8.
Built from https://develop.svn.wordpress.org/branches/4.3@40000


git-svn-id: http://core.svn.wordpress.org/branches/4.3@39937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-26 18:24:27 +00:00
Dominik Schilling
f6e6b58725 Query: Ensure that queries work correctly with post type names with special characters.
Merge of [39952] to the 4.3 branch.
Built from https://develop.svn.wordpress.org/branches/4.3@39960


git-svn-id: http://core.svn.wordpress.org/branches/4.3@39897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-26 13:51:29 +00:00
Aaron Campbell
b1b62d3ccd Bump 4.3 branch to version 4.3.7.
Built from https://develop.svn.wordpress.org/branches/4.3@39864


git-svn-id: http://core.svn.wordpress.org/branches/4.3@39801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 16:57:25 +00:00
Joe McGill
90cd7353b3 Media: Fix exif_imagetype check in wp_get_image_mime
This is a follow up to [39831].

Merges [39850] to the 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@39855


git-svn-id: http://core.svn.wordpress.org/branches/4.3@39792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 16:42:56 +00:00
Joe McGill
abebce20a6 Media: Improve image filetype checking.
This adds a new function `wp_get_image_mime()` which is used by
`wp_check_filetype_and_ext()` to validate image files using
`exif_imagetype()` if available instead of `getimagesize()`.

`getimagesize()` is less performant than `exif_imagetype()` and is
dependent on GD. If `exif_imagetype()` is not available, it falls back to
`getimagesize()` as before.

If `wp_check_filetype_and_ext()` can't validate the filetype, we now return
`false` for ext/MIME values.

Merges [39831] to the 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@39836


git-svn-id: http://core.svn.wordpress.org/branches/4.3@39774 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 13:17:24 +00:00
Dominik Schilling
624ab728c7 Themes: Fix markup for theme name fallbacks.
Merge of [39807] to the 4.3 branch.
Built from https://develop.svn.wordpress.org/branches/4.3@39813


git-svn-id: http://core.svn.wordpress.org/branches/4.3@39751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 11:11:26 +00:00
Jeremy Felt
a06e0059b1 Multisite: Use wp_rand() in signup key creation.
Merges [39795] to the 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@39800


git-svn-id: http://core.svn.wordpress.org/branches/4.3@39738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 05:34:27 +00:00
Dion Hulse
ed440a7cf4 Update PHPMailer to 5.2.22.
The full list of changes is available here:
https://github.com/PHPMailer/PHPMailer/compare/v5.2.21...v5.2.22

Merges [39759] to the 4.3 branch.
Fixes #37210 for 4.3.

Built from https://develop.svn.wordpress.org/branches/4.3@39788


git-svn-id: http://core.svn.wordpress.org/branches/4.3@39726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 05:24:24 +00:00
Dion Hulse
86a3e6e871 Mail: Upgrade PHPMailer to 5.2.21.
Merges [39645], [36083] to the 4.3 branch.
See #37210.

Built from https://develop.svn.wordpress.org/branches/4.3@39725


git-svn-id: http://core.svn.wordpress.org/branches/4.3@39665 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-06 22:05:31 +00:00
Jeremy Felt
180d083620 Bump 4.3 branch to 4.3.6.
Built from https://develop.svn.wordpress.org/branches/4.3@38552


git-svn-id: http://core.svn.wordpress.org/branches/4.3@38495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-07 14:59:23 +00:00
Boone Gorges
a240058e32 Bump 4.3 branch to 4.3.5.
Built from https://develop.svn.wordpress.org/branches/4.3@37830


git-svn-id: http://core.svn.wordpress.org/branches/4.3@37795 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 16:33:25 +00:00
Joe McGill
89394fe908 Media: Improve handling of extensionless filenames.
Merge of [37756] to the 4.3 branch.

See #37111.
Built from https://develop.svn.wordpress.org/branches/4.3@37814


git-svn-id: http://core.svn.wordpress.org/branches/4.3@37779 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:55:52 +00:00
Nikolay Bachiyski
a0e40393b4 Admin: Escape attachment name in case it contains special characters
Merge of [37774] to the 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@37786


git-svn-id: http://core.svn.wordpress.org/branches/4.3@37751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:25:24 +00:00
Jeremy Felt
a939b84057 Admin: Allow for the consistent filtering of auth_redirect_scheme
Merge of [37651] to the 4.3 branch.

See #37047.

Built from https://develop.svn.wordpress.org/branches/4.3@37760


git-svn-id: http://core.svn.wordpress.org/branches/4.3@37725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-21 14:12:19 +00:00
Dominik Schilling
4b5e93ba40 Bump 4.3 branch to 4.3.4.
Built from https://develop.svn.wordpress.org/branches/4.3@37386


git-svn-id: http://core.svn.wordpress.org/branches/4.3@37352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-06 18:12:22 +00:00
Nikolay Bachiyski
f1f6b9c2d6 External Libraries: Update plupload from upstream
Built from https://develop.svn.wordpress.org/branches/4.3@37380


git-svn-id: http://core.svn.wordpress.org/branches/4.3@37346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-06 18:00:24 +00:00
Dominik Schilling
032feff801 External Libraries: Update MediaElement.js from upstream.
Merge of [37370] to the 4.3 branch.
Built from https://develop.svn.wordpress.org/branches/4.3@37374


git-svn-id: http://core.svn.wordpress.org/branches/4.3@37340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-06 17:54:33 +00:00
Nikolay Bachiyski
7da41242f9 Taxonomies: make sure taxonomy functions work correctly with taxonomy names with special characters
The codex says that taxonomy names "should only contain lowercase letters and the underscore character", but that's not enforced. It's too late to enforce it, since some plugins haven't been following it and the official phpdoc doesn't mention this restriction.

Merge of [37133] to the 4.3 branch.

Built from https://develop.svn.wordpress.org/branches/4.3@37136


git-svn-id: http://core.svn.wordpress.org/branches/4.3@37103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-30 17:23:24 +00:00
Dominik Schilling
9046c96d95 HTTP: Improve detection of valid IP addresses.
Merge of [37115] to the 4.3 branch.
Built from https://develop.svn.wordpress.org/branches/4.3@37117


git-svn-id: http://core.svn.wordpress.org/branches/4.3@37084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-30 15:51:47 +00:00
Nikolay Bachiyski
9631f83b6f Snoopy: use escapeshellarg instead of escapeshellcmd
We are escaping arguments, not commands, so we'd better use the semantically correct function, even though they are similar.

Built from https://develop.svn.wordpress.org/branches/4.3@37096


git-svn-id: http://core.svn.wordpress.org/branches/4.3@37063 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-30 14:05:24 +00:00
Dominik Schilling
dd8b7de724 Bump 4.3 branch to 4.3.3.
Built from https://develop.svn.wordpress.org/branches/4.3@36456


git-svn-id: http://core.svn.wordpress.org/branches/4.3@36423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 17:28:22 +00:00
Dominik Schilling
eb0bd01048 Better validation of the URL used in HTTP redirects.
Merges [36444] to the 4.3 branch.
Built from https://develop.svn.wordpress.org/branches/4.3@36448


git-svn-id: http://core.svn.wordpress.org/branches/4.3@36415 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 16:59:51 +00:00
Dominik Schilling
224efaf1e0 HTTP: 0.1.2.3 is not a valid IP.
Merges [36435] to the 4.3 branch.
Built from https://develop.svn.wordpress.org/branches/4.3@36437


git-svn-id: http://core.svn.wordpress.org/branches/4.3@36404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 13:03:51 +00:00
Dominik Schilling
f6115d3bfe Bump 4.3 branch to 4.3.2.
Built from https://develop.svn.wordpress.org/branches/4.3@36197


git-svn-id: http://core.svn.wordpress.org/branches/4.3@36164 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 18:48:22 +00:00
Aaron Jorbin
424c4d9a59 Theme: Escape error messages
[36185] for 4.3 branch

Built from https://develop.svn.wordpress.org/branches/4.3@36187


git-svn-id: http://core.svn.wordpress.org/branches/4.3@36154 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 17:25:23 +00:00
Dion Hulse
a2cf26ef40 Background Updates: Remove the 7am/7pm background update check.
This changeset is a more basic version of [36180], clearing the extra now redundant schedule.
As the functionality for this was introduced in 3.9, [28129] has been backported to 3.7/3.8, allowing the API TTL to be respected by those versions.

See #27772.
Fixes #35323.

Built from https://develop.svn.wordpress.org/trunk@36184


git-svn-id: http://core.svn.wordpress.org/branches/4.3@36151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-06 13:24:33 +00:00
Weston Ruter
0b2de83d41 Customize: Fix live previewing of menu changes on subdirectory installs.
Merges [34278] from trunk.

Props adamsilverstein, westonruter.
Fixes #33916 for 4.3.

Built from https://develop.svn.wordpress.org/branches/4.3@34279


git-svn-id: http://core.svn.wordpress.org/branches/4.3@34243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-18 05:50:25 +00:00
Dominik Schilling
286bf05ea7 The 4.3 branch is now 4.3.2-alpha.
Built from https://develop.svn.wordpress.org/branches/4.3@34267


git-svn-id: http://core.svn.wordpress.org/branches/4.3@34231 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-17 16:21:25 +00:00
Helen Hou-Sandí
cbcc1cbaa3 Finish bumping the 4.3 branch to 4.3.1.
Built from https://develop.svn.wordpress.org/branches/4.3@34189


git-svn-id: http://core.svn.wordpress.org/branches/4.3@34157 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 14:49:29 +00:00
Dominik Schilling
9c57f3a429 XMLRPC: Don't allow private posts to be sticky.
Merge of [34135] to the 4.3 branch.

See #20662.
Built from https://develop.svn.wordpress.org/branches/4.3@34151


git-svn-id: http://core.svn.wordpress.org/branches/4.3@34119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 22:50:31 +00:00
Nikolay Bachiyski
f72b21af23 Shortcodes: don't allow unclosed HTML elements in attributes
Merges [34134] for 4.3 branch

Built from https://develop.svn.wordpress.org/branches/4.3@34144


git-svn-id: http://core.svn.wordpress.org/branches/4.3@34112 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 22:47:23 +00:00
Dominik Schilling
5fe5a0eb07 Passwords: Trigger a wp-check-valid-field event when the password field is filled with a password by generatePassword().
Updates event handler in `wpAjax.invalidateForm()` to support `wp-check-valid-field`.

Merge of [34114] to the 4.3 branch.

Fixes #33406.
Built from https://develop.svn.wordpress.org/branches/4.3@34120


git-svn-id: http://core.svn.wordpress.org/branches/4.3@34088 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 13:09:23 +00:00
Dominik Schilling
12b08da9c2 Settings, password field: Fix placement of the error icon and removal of the error class.
Merge of [34068] to the 4.3 branch.

Props liljimmi, adamsilverstein.
See #33406.
Built from https://develop.svn.wordpress.org/branches/4.3@34119


git-svn-id: http://core.svn.wordpress.org/branches/4.3@34087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 13:07:23 +00:00
Dominik Schilling
cca265971e Passwords: Deprecate second parameter of wp_new_user_notification().
The second parameter `$plaintext_pass` was removed in [33023] and restored as `$notify` in [33620] with a different behavior. If you have a plugin overriding `wp_new_user_notification()` which hasn't been updated you would get a notification with your username and the password "both".
To prevent this the second parameter is now deprecated and reintroduced as the third parameter.

Adds unit tests.

Merge of [34116] to the 4.3 branch.

Props kraftbj, adamsilverstein, welcher, ocean90.
See #33654.
Built from https://develop.svn.wordpress.org/branches/4.3@34118


git-svn-id: http://core.svn.wordpress.org/branches/4.3@34086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 13:03:24 +00:00
Dominik Schilling
e52a25130a Users: Import the global var $wp_hasher in wp_new_user_notification().
Adds `@global` entries to the DocBlock.

Merge of [34052] to the 4.3 branch.

See #33826.
Built from https://develop.svn.wordpress.org/branches/4.3@34053


git-svn-id: http://core.svn.wordpress.org/branches/4.3@34021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 19:18:23 +00:00
Andrew Ozz
a10c2ba8f3 TinyMCE: ensure the wordpress plugin is loaded before calling _createToolbar().
Props hauvong, azaozz.
Fixes #33393 for 4.3.
Built from https://develop.svn.wordpress.org/branches/4.3@34032


git-svn-id: http://core.svn.wordpress.org/branches/4.3@34000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 01:47:22 +00:00
Andrew Ozz
26093bdc3e TinyMCE: update to 4.2.5, changelog: http://www.tinymce.com/develop/changelog/?ctrl=version&act=index&pr_id=1.
Fixes #33782 for 4.3.
Built from https://develop.svn.wordpress.org/branches/4.3@34029


git-svn-id: http://core.svn.wordpress.org/branches/4.3@33998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 23:57:23 +00:00
Andrew Ozz
de170f4c55 Formatting: fix removing line break placeholders from HTML comments at the end of wpautop().
Props miqrogroove.
Fixes #33645 for 4.3.
Built from https://develop.svn.wordpress.org/branches/4.3@34024


git-svn-id: http://core.svn.wordpress.org/branches/4.3@33993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 22:23:23 +00:00
Gary Pendergast
e1149c9ff1 WPDB: get_table_from_query() didn't find table names with hyphens in them.
Merge of [33718] to the 4.3 branch.

Props dustinbolton, pento.

See #33470.


Built from https://develop.svn.wordpress.org/branches/4.3@33991


git-svn-id: http://core.svn.wordpress.org/branches/4.3@33960 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 06:55:24 +00:00
Boone Gorges
8c51f55fdd Pass the $public_only value to 'get_usernumposts' filter.
[32523] introduced the $public_only parameter to `count_user_posts()`. That
changeset was supposed to pass `$public_only` to the 'get_usernumposts' filter
at the end of the function, but only the documentation was modified, not the
filter itself.

This changeset also fixes an incorrect variable name in the docblock for
the same filter, and includes clarification on the accepted values for
the `$post_type` parameter.

Merges [33710] and [33716] to the 4.3 branch.

Props swisspidy, tmatsuur, tyxla, DrewAPicture.
Fixes #33481 for 4.3.1. 

Built from https://develop.svn.wordpress.org/branches/4.3@33953


git-svn-id: http://core.svn.wordpress.org/branches/4.3@33922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-08 20:58:22 +00:00
Boone Gorges
d8ab8aa97c In Walker_CategoryDropdown::start_el(), cast values to strings before deciding whether to append 'selected' attribute.
As of [32484], `wp_dropdown_categories()` uses the `$value_field` value to
decide whether a given `<option>` should be 'selected'. However, `$value_field`
can refer to a value that is a string, such as a category's slug. This causes
problems when doing a loose comparison (`==`) with the value of the 'selected'
parameter, which defaults to `0`, because when doing a loose comparison
between an integer and a string, PHP will cast the string to an integer. This
creates false matches, resulting in `<option>` elements getting a 'selected'
attribute incorrectly.

We address the issue by casting the comparison values to strings, and then
using the strict comparison operator `===`.

Merges [33681] to the 4.3 branch.

Fixes #33452 for 4.3.1.

Built from https://develop.svn.wordpress.org/branches/4.3@33949


git-svn-id: http://core.svn.wordpress.org/branches/4.3@33918 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-08 19:04:23 +00:00
Weston Ruter
758d53b709 Customizer: Collapse any expanded panel/sections before expanding other panel/sections.
Fix removes need for workaround introduced in [33488] for direct link from nav menu widget to the customizer widgets panel. The todo is now implemented.

Cherry-picks [33837] onto 4.3 branch.
Props celloexpressions, westonruter.
Fixes #33396 for 4.3.

Built from https://develop.svn.wordpress.org/branches/4.3@33942


git-svn-id: http://core.svn.wordpress.org/branches/4.3@33911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-07 06:20:23 +00:00
Weston Ruter
23ef1979f6 Customize: Fix logic for determining the container element when focusing on a panel, section, or control.
Cherry-picks [33939] on the 4.3 branch.
Fixes #33695 for 4.3

Built from https://develop.svn.wordpress.org/branches/4.3@33940


git-svn-id: http://core.svn.wordpress.org/branches/4.3@33909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-07 06:05:23 +00:00