Commit Graph

44 Commits

Author SHA1 Message Date
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
ryan
df7e72511a Restrict the media editor to posts with the attachment post type. Props helenyhou. fixes #20625
git-svn-id: http://core.svn.wordpress.org/trunk@20753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-09 16:16:03 +00:00
azaozz
817b932ed1 Don't hide links to the upload form and show an error for mobile devices that cannot upload, see #20410
git-svn-id: http://svn.automattic.com/wordpress/trunk@20449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-12 00:16:37 +00:00
azaozz
5de5c9a64d Consistently remove links to media-new.php for mobile devices, props SergeyBiryukov, see #20405
git-svn-id: http://svn.automattic.com/wordpress/trunk@20422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-10 03:18:48 +00:00
ryan
e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
ryan
616c35e71c One newline is enough.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:10:39 +00:00
ryan
8ace5a6b4c Use WP_Screen::add_help_tab(). see #19020
git-svn-id: http://svn.automattic.com/wordpress/trunk@19514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-01 02:22:07 +00:00
nacin
e62b1ce3c9 More help sidebars. see #19020.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-02 20:54:56 +00:00
nacin
1fdf0b9430 Add 'Add New' buttons to edit links, edit media, and edit user screens. props sbressler, fixes #17499.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-19 19:52:11 +00:00
nacin
9cb6e158fc Switch from Panel/SubPanel to Screen in inline documentation and Codex links. props michaelh, fixes #17265.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17748 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-28 15:24:49 +00:00
ryan
a821a154f0 Fix media form error display. Props andyblackwell. fixes #13810
git-svn-id: http://svn.automattic.com/wordpress/trunk@16812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-08 19:44:48 +00:00
ryan
847499e531 Pinking shears
git-svn-id: http://svn.automattic.com/wordpress/trunk@16438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-17 18:47:34 +00:00
ryan
12d42895ee Contextual help updates. Props dougwrites. see #15346
git-svn-id: http://svn.automattic.com/wordpress/trunk@16326 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-12 15:03:34 +00:00
markjaquith
fc6e89da45 Expand submit_button() capabilities. Replace all (or almost all) manual HTML instances in WP. props sbressler. see #15064
git-svn-id: http://svn.automattic.com/wordpress/trunk@16061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-28 21:56:43 +00:00
dd32
4f3b9f7b7f Use Absolute URL's & API's in header redirects in more locations. See #14062
git-svn-id: http://svn.automattic.com/wordpress/trunk@16008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-27 10:43:43 +00:00
scribu
799baf139c Use submit_button() in more places. See #15064
git-svn-id: http://svn.automattic.com/wordpress/trunk@15830 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-17 18:24:34 +00:00
nacin
6ec7cb4540 Use relative paths when including files, avoiding include_path. fixes #12594, props sorich87.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-18 06:14:45 +00:00
nacin
d562d6dd89 Remove unnecessary action attribute on a form. It should always post to itself. fixes #12165
git-svn-id: http://svn.automattic.com/wordpress/trunk@13521 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-01 01:09:29 +00:00
azaozz
4134133d53 Remove unused .fade CSS class, props nacin, fixes #11628
git-svn-id: http://svn.automattic.com/wordpress/trunk@12546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-26 09:00:58 +00:00
matt
1e15d7c64a More cleanup of the edit media screen:
* Simplified table to not need rowspan, and other markup where possible.
* Put more elements in a paragraph tag for better spacing.
* Brought edit image buton under the image.
* Everything is now in line with WordPress Coding Standards, particularly with regards to spacing and attribute quotes.
* Minor styling for better alignment.

TODO: We show the file URL here, but for images we should show the URL to each size, with its dimensions.



git-svn-id: http://svn.automattic.com/wordpress/trunk@12543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-25 23:04:48 +00:00
matt
6f824a6b3e Media editing: When you have many custom taxonomies this page can get rather long, or just normally, so adding a "save" button to the top as well, for easy access.
There was no place on this page that actually linked to the item being edited, so I hyperinked the thumbnail.


git-svn-id: http://svn.automattic.com/wordpress/trunk@12542 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-25 22:22:21 +00:00
ryan
8e3808bce2 Remove trailing whitespace
git-svn-id: http://svn.automattic.com/wordpress/trunk@11930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-14 14:03:32 +00:00
azaozz
1c161c23c2 Image editing (first run). Includes code by stephanreiter, see #10528
git-svn-id: http://svn.automattic.com/wordpress/trunk@11911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-10 22:07:33 +00:00
azaozz
39e4f05a15 Trash status updates for posts, pages, comments and attachments, props caesarsgrunt, see #4529
git-svn-id: http://svn.automattic.com/wordpress/trunk@11749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-07-30 13:39:34 +00:00
markjaquith
3ebf837ced Deprecate sanitize_url() and clean_url() in favor of esc_url_raw() and esc_url()
git-svn-id: http://svn.automattic.com/wordpress/trunk@11383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-18 16:00:33 +00:00
azaozz
87976207f8 Add .help css class for the media library, fixes #9790
git-svn-id: http://svn.automattic.com/wordpress/trunk@11294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-12 05:47:46 +00:00
markjaquith
6c2ffddf31 _a(), _ea(), _xa(), attr() are now esc_attr__(), esc_attr_e(), esc_attr_x(), esc_attr() -- still short, but less cryptic. see #9650
git-svn-id: http://svn.automattic.com/wordpress/trunk@11204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-05 19:43:53 +00:00
ryan
9ef2afc85b attr escaping. see #9650
git-svn-id: http://svn.automattic.com/wordpress/trunk@11110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-28 06:37:51 +00:00
azaozz
a12587214f Notice fixes, props sivel, see #9393
git-svn-id: http://svn.automattic.com/wordpress/trunk@11052 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-22 12:24:45 +00:00
markjaquith
19177023c9 Move from generic "Save" to better "Update X", more consistent use of button-primary for major actions. fixes #8374. props azaozz, FFEMTcJ
git-svn-id: http://svn.automattic.com/wordpress/trunk@10137 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-12-09 09:07:36 +00:00
ryan
d4a6710c19 Reset parent_file after admin_header include to fix screen icon
git-svn-id: http://svn.automattic.com/wordpress/trunk@9926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-11-27 20:36:01 +00:00
ryan
cc0f059004 Fix parent
git-svn-id: http://svn.automattic.com/wordpress/trunk@9925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-11-27 20:28:33 +00:00
azaozz
f0b7562b48 More screen icons and fixes, includes patch by johnconners, fixes #8380
git-svn-id: http://svn.automattic.com/wordpress/trunk@9912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-11-26 23:35:23 +00:00
azaozz
a6f7c12d48 Upload media from the Media Library page.
git-svn-id: http://svn.automattic.com/wordpress/trunk@8998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-09-27 08:17:55 +00:00
azaozz
fe921a53ec Reattaching of orphan attachments and choose post/page ajaxed search box
git-svn-id: http://svn.automattic.com/wordpress/trunk@8901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-09-16 04:24:28 +00:00
westi
7f894ae416 phpdoc for wp-admin. See #7496 props santosj.
git-svn-id: http://svn.automattic.com/wordpress/trunk@8645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-14 06:30:38 +00:00
ryan
68a874a4dd wp_admin_css() improvements. Props mdawaffe. see #7011
git-svn-id: http://svn.automattic.com/wordpress/trunk@7979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-05-22 00:06:41 +00:00
westi
a5dc032654 Add missing form end tag.
git-svn-id: http://svn.automattic.com/wordpress/trunk@7889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-05-04 21:31:29 +00:00
ryan
2fc180fa45 Move cap check up. Props mdawaffe. fixes #6838 for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@7829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-04-25 15:23:11 +00:00
ryan
77087fe6fa Add cap checks. see #6838
git-svn-id: http://svn.automattic.com/wordpress/trunk@7827 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-04-25 15:01:02 +00:00
ryan
585f442ec5 Redirect back to attachment permalink page after editing attachment via 'Edit This' link.
git-svn-id: http://svn.automattic.com/wordpress/trunk@7554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-03-27 22:05:51 +00:00
ryan
b9fff33927 Media edit and delete redirect fixes. WIP.
git-svn-id: http://svn.automattic.com/wordpress/trunk@7542 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-03-27 01:48:22 +00:00
ryan
577f7f557a Fix warning in media.php. Show sidemenu. Props andy. fixes #6206
git-svn-id: http://svn.automattic.com/wordpress/trunk@7346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-03-17 18:28:43 +00:00
ryan
3d0435bb58 Attachment editing from mdawaffe. fixes #6181
git-svn-id: http://svn.automattic.com/wordpress/trunk@7262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-03-12 05:50:07 +00:00