* In `maybe_create_table()` and `maybe_add_column()`, the response of `$wpdb->query()` is set to a variable that is never used.
* In `make_db_current_silent()`, which is a wrapper for `dbDelta`, a variable is set that is not used. This function appears to be a copy-paste of `make_db_current()`'s `dbDelta()` call but is meant to return nothing, and still does not.
See #27882.
Built from https://develop.svn.wordpress.org/trunk@28305
git-svn-id: http://core.svn.wordpress.org/trunk@28133 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If left on, it introduces a lot of weird issues not easily diagnosed. MP6 will be updated before release to prevent itself from functioning 3.8+, but this will cut down on support requests by people who update core but not MP6, which was a fairly popular plugin.
fixes#26334.
Built from https://develop.svn.wordpress.org/trunk@26692
git-svn-id: http://core.svn.wordpress.org/trunk@26582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are a few places in core that were preventing this from working by explicity setting `$wpdb->suppress_errors` to `false`. Instead, they should inherit the value that existed before errors were suppressed.
This allows Multisite unit tests to run without explosive database errors, and allows `$wpdb->suppress_errors` to be overridden all the way down the chain.
Fixes#26102.
Built from https://develop.svn.wordpress.org/trunk@26252
git-svn-id: http://core.svn.wordpress.org/trunk@26158 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Reverts [25416], which had all transients being cleared. This leaves much to be desired, but we don't want a core update to be blamed for breaking a site that incorrectly assumes transients aren't transient.
props dartiss, pento.
fixes#20316.
Built from https://develop.svn.wordpress.org/trunk@25838
git-svn-id: http://core.svn.wordpress.org/trunk@25838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Reverts [25416], which had all transients being cleared. This leaves much to be desired, but we don't want a core update to be blamed for breaking a site that incorrectly assumes transients aren't transient.
props dartiss, pento.
fixes#20316.
Built from https://develop.svn.wordpress.org/trunk@25838
git-svn-id: http://core.svn.wordpress.org/trunk@25750 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Has the added benefit of ensuring the WordPress Beta Tester plugin allows updates of Twenty Thirteen.
props JustinSainton.
fixes#23573.
git-svn-id: http://core.svn.wordpress.org/trunk@23529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.
Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.
Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.
Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.
Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.
Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.
Plugins should use wp_unslash() on data being passed to core API.
Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.
Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.
Remove many no longer necessary calls to $wpdb->escape() and esc_sql().
In wp_get_referer() and wp_get_original_referer(), return unslashed data.
Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.
Switch several queries over to prepare().
Expect something to break.
Props alexkingorg
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the 3.4 branch we bumped the DB version past the version used for disabling links in trunk, preventing it from running. In the future, we must avoid increasing branch DB version bumps to HEAD.
props SergeyBiryukov.
fixes#22626.
git-svn-id: http://core.svn.wordpress.org/trunk@22911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Will be replaced with http://wordpress.org/extend/plugins/atom-publishing-protocol/.
* Introduces an action, xmlrpc_rsd_apis, to add APIs to xmlrpc.php?rsd.
* Introduces support for 'error' being 403 and 50x in class-wp.php.
* Removes 'Remote Publishing' from Writing Settings (see [21804]). Keeps the remote_publishing settings section.
DB version is bumped to generate the new wp-app rewrite rule and remove the old enable_app option.
props wonderboymusic.
fixes#21509.
git-svn-id: http://core.svn.wordpress.org/trunk@21818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These per-page values were when the post type or taxonomy name has a hyphen.
Previously, these were converted to underscores. This changed in [21322].
fixes#18958.
git-svn-id: http://core.svn.wordpress.org/trunk@21811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
props markoheijnen for the initial patch.
Introduces a new filter, xmlrpc_enabled.
Respects any current callbacks registered to the pre_option_enable_xmlrpc
and option_enable_xmlrpc filters, for anyone forcing it off via code.
fixes#21509.
git-svn-id: http://core.svn.wordpress.org/trunk@21804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Enforce this by denying the 'manage_links' capability, which hides the All Links, Add New Link, and Link Categories screens. Hide WP_Widget_Links and the UI for the default_link_category as well.
Convert all references to 'posts and links' when handling reassignment on user deletion to just 'posts'.
see #21307.
git-svn-id: http://core.svn.wordpress.org/trunk@21501 1a063a9b-81f0-0310-95a4-ce76da25c4cd