Commit Graph

319 Commits

Author SHA1 Message Date
ryan
db253a3fe7 Perform a cap check on attachments in media_upload_form_handler(). For trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@18365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-28 21:44:56 +00:00
ryan
593659b8d0 Hardening. Santizers for WPLANG and new_admin_email. Prevent stomping ID and filter. Validate locale filename. Props westi.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-27 15:56:42 +00:00
dd32
ed5785c9ef Only hide the browser uploader by default if the Flash uploader is enabled. Fixes #17772
git-svn-id: http://svn.automattic.com/wordpress/trunk@18290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-12 12:47:18 +00:00
ryan
81a5f821fb Sanitize guid on save and display. Sanitize mime type on save. Don't allow changing mime type via edit form handlers. Protect hidden meta.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-22 23:19:42 +00:00
azaozz
33b0327924 Add JS detection to wp_iframe output, remove "display:none" from the Flash uploader button, props jacobwg, fixes #17473
git-svn-id: http://svn.automattic.com/wordpress/trunk@17971 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-19 16:12:13 +00:00
nacin
16e649f95f Remove type attribute from textarea. props solarissmoke.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-07 08:30:08 +00:00
ryan
924f783fda Add some nonce checks to the uploaders. Props duck_. For trunk.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-03-28 21:30:59 +00:00
ryan
498c93cb81 Revert [17327] and [15858]. Props markmcwilliams, JohnONolan, et al. see #16298 #8352
git-svn-id: http://svn.automattic.com/wordpress/trunk@17347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-22 03:25:29 +00:00
ryan
55d6d8af12 PHP4 compat. Props SergeyBiryukov, westi. see #16080
git-svn-id: http://svn.automattic.com/wordpress/trunk@17211 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-03 19:19:34 +00:00
nacin
9009245db5 Tag textareas escaped earlier with textarea_escaped. see #15454.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-25 17:58:01 +00:00
westi
56584f6801 Ensure that images added using Press This get the correct source url set. Fixes #15841 props duck_.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-23 15:41:05 +00:00
nacin
e1eec3925a More @since. props SergeyBiryukov, fixes #15445.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-20 09:25:21 +00:00
ryan
3a66c698ee Remove some unnecessary esc_textarea() calls. Props garyc40. see #15454
git-svn-id: http://svn.automattic.com/wordpress/trunk@17001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-16 17:48:20 +00:00
ryan
3949ce12d0 Pink trailing whites.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-13 21:21:50 +00:00
nacin
20bbf977a2 Fix the background colors for the Select Files upload buttons. props TECannon. fixes #8545.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16773 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-07 19:42:57 +00:00
nacin
fed2907095 Fix notice. props vericgar, fixes #11976.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16729 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-05 03:01:42 +00:00
scribu
c45f3936a7 More s/upgrade/update. Props michaelh. See #15656
git-svn-id: http://svn.automattic.com/wordpress/trunk@16701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-03 09:16:28 +00:00
nacin
85c0930679 define isRtl in the media upload iframe. props filosofo, fixes #15639.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-02 12:44:48 +00:00
markjaquith
5f15bf9db2 Prevent media upload links from being clicked before lightbox is ready to handle them. fixes #15621
git-svn-id: http://svn.automattic.com/wordpress/trunk@16669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-01 20:41:47 +00:00
ryan
3f72e340d6 Update since phpdoc. Props demetris. fixes #15445
git-svn-id: http://svn.automattic.com/wordpress/trunk@16660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-01 19:24:38 +00:00
nacin
69b3167678 Revert [15688], [15689], [15691]. Try again in 3.2. see #14966.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-22 17:17:26 +00:00
ryan
07d265659b get_media_item_args, swfupload_post_params, and swfupload_success_handler filters. Props simonwheatley. fixes #13817
git-svn-id: http://svn.automattic.com/wordpress/trunk@16476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-19 00:04:04 +00:00
nacin
931cecae63 Include a single-column option in gallery settings. props husobj, fixes #14836.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-18 03:30:55 +00:00
ryan
847499e531 Pinking shears
git-svn-id: http://svn.automattic.com/wordpress/trunk@16438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-17 18:47:34 +00:00
markjaquith
6482610f9a esc_textarea() and application for obvious textarea escaping. props alexkingorg. fixes #15454
git-svn-id: http://svn.automattic.com/wordpress/trunk@16431 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-17 17:12:01 +00:00
scribu
2dcfb8a55f Make media_handle_sideload() return attachment id instead of URL. Props joostdevalk. Fixes #15432
git-svn-id: http://svn.automattic.com/wordpress/trunk@16383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-15 12:53:11 +00:00
nacin
81a8f2d3ce Use square brackets instead of braces for string access. props hakre, fixes #13900.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-13 09:53:55 +00:00
nacin
fa3c017451 Use spaces for alignment. see #15343 [16236]
git-svn-id: http://svn.automattic.com/wordpress/trunk@16245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-09 00:42:35 +00:00
westi
136df0f262 Encode quotes and chevrons in the HTML editor version of the generated captions too. Fixes #15343.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16236 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-08 17:15:14 +00:00
nbachiyski
9f5c506a9f Introduce and use translate_nooped_plural(). Fixes #13996
* _n_noop() and _nx_noop() now return associative arrays for greater clarity
 * translate_nooped_plural() takes one such associative array and translates it
 * it works on both the result from _n_noop() and from _nx_noop()
 * this breaks backwards compatibility, but I doubt any plugin uses it (I will do a global grep to confirm)
 * translate_nooped_plural() is applied where applicable


git-svn-id: http://svn.automattic.com/wordpress/trunk@16073 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-29 13:12:14 +00:00
markjaquith
fc6e89da45 Expand submit_button() capabilities. Replace all (or almost all) manual HTML instances in WP. props sbressler. see #15064
git-svn-id: http://svn.automattic.com/wordpress/trunk@16061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-28 21:56:43 +00:00
ryan
2b86361848 Don't show private attachment taxonomies in the uploader. see #14746
git-svn-id: http://svn.automattic.com/wordpress/trunk@16057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-28 18:53:09 +00:00
westi
39fceab5b4 Add a filter to the mime type list displayed in the iframe media uploader when viewing the media library. Fixes #6348 props wojtek.szkutnik
git-svn-id: http://svn.automattic.com/wordpress/trunk@16047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-28 12:41:37 +00:00
ryan
779b8ff334 Default send to editor to true if the post parent is empty. Props blepoxp. fixes #14133
git-svn-id: http://svn.automattic.com/wordpress/trunk@15920 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-22 20:17:17 +00:00
nacin
54c498f974 Remove Lucida Grande from the sans serif font stack. fixes #8352, props iammattthomas.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-20 10:30:28 +00:00
nacin
4e666d5d44 Move some post and taxonomy functions from admin/includes to wp-includes in preparation for QuickPress template tag. Moves get_tags_to_edit, get_terms_to_edit, get_default_post_to_edit, media_buttons, _media_button, get_upload_iframe_src. Also introduce get_media_buttons as a wrapper for media_buttons. props jorbin, see #14966.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15688 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-03 02:58:59 +00:00
nacin
5a20c05d27 Phpdoc argument/@param cleanups. props duck_, see #14783.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-09-07 11:21:11 +00:00
dd32
fe89d62154 Fix typo in type_url_form_video() help text. Props mako09. Fixes #14003 for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@15292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-06-20 04:13:57 +00:00
markjaquith
100e81c448 Add ?ver=DATE query strings to all images that changed since 2.9, to expire browser cache. Bump versions on all CSS/JS files modified in that process. fixes #13562.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15072 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-31 06:33:46 +00:00
nbachiyski
8545387795 Prevent a notice if $_REQUEST['post_id'] is missing. Just use 0 in this case, which will be the same as using intval on an undefined value.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-27 11:42:46 +00:00
nacin
8845d1f61f Hide Flash uploader and theme/plugin editor documentation feature, if no JS. Also some validation fixes in the theme editor. props ocean90. see #13383.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-26 03:57:55 +00:00
markjaquith
e3ffb4c442 Update upload quota filled message to mention the limit and not suggest file deletion. fixes #13479
git-svn-id: http://svn.automattic.com/wordpress/trunk@14897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-25 17:53:31 +00:00
nacin
427a63a92a s/onclick/onClick/. props Gazzer from wp-testers.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14827 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-24 05:15:55 +00:00
dd32
da25731eae We're not as bold as some people make us out to be. Move the maximum upload size from a Heading to a paragraph text. Fix screen formatting on Multisite when over quota. see #12853
git-svn-id: http://svn.automattic.com/wordpress/trunk@14776 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-21 12:57:49 +00:00
markjaquith
20cb3ed21b Add nonce protection for setting/removing featured post image. fixes #13438
git-svn-id: http://svn.automattic.com/wordpress/trunk@14730 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-18 22:08:49 +00:00
wpmuguru
80a8899c0b boldly go where no man has gone before, see #12853
git-svn-id: http://svn.automattic.com/wordpress/trunk@14693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-16 18:44:51 +00:00
wpmuguru
be5268eefc show upload limit in media upload UI, see #12853
git-svn-id: http://svn.automattic.com/wordpress/trunk@14682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-15 23:57:32 +00:00
nacin
54a46870d3 Escape slash in inline JS for SWFUploader. props zeo, see #13383.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-15 06:14:06 +00:00
nacin
c6d21e7fbb Introduce _ex(), a hybrid between _e() and _x() -- translate with context, then echo. props westi, see #13395.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14647 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-14 21:46:25 +00:00
nacin
518b19a404 esc_url the URL from get_upload_iframe_src. props jshreve, see #13383.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14633 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-14 15:03:59 +00:00