Commit Graph

41 Commits

Author SHA1 Message Date
Scott Taylor
5df8338e0a Fix some undefined index notices related to Comment unit tests:
* There are several places where a `$_POST` index was unchecked before setting a variable
* In `wp_notify_postauthor()`, `$comment` was being returned null, but its properties were being accessed.
* In `check_ajax_referer()`, 3 different values can be checked for nonce on `$_REQUEST`, but only 1 had an `isset()`

See #25282.


Built from https://develop.svn.wordpress.org/trunk@25433


git-svn-id: http://core.svn.wordpress.org/trunk@25355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-13 22:18:08 +00:00
Andrew Nacin
9b0e21493d In the admin, do not use auto-generated Gravatar images for comment authors.
This makes it easier to recognize Gravatars (or lack thereof) when moderating comments.

props solarissmoke.
fixes #7054.


Built from https://develop.svn.wordpress.org/trunk@25091


git-svn-id: http://core.svn.wordpress.org/trunk@25075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-22 20:08:08 +00:00
Ryan Boren
43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Sergey Biryukov
34862544fe Correct return value for comment_exists(). fixes #20494.
git-svn-id: http://core.svn.wordpress.org/trunk@23433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-15 18:49:07 +00:00
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Sergey Biryukov
3d8a1289d2 Add missing inline descriptions.
props momo360modena, aaronholbrook.
see #20494, fixes #23304.

git-svn-id: http://core.svn.wordpress.org/trunk@23350 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-28 02:20:47 +00:00
ryan
e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
ryan
3baba9fd17 Use edit_comment cap. Props casben79. fixes #16129
git-svn-id: http://svn.automattic.com/wordpress/trunk@17232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-07 16:17:05 +00:00
nacin
15bc341696 phpdoc, @since, whitespace. Also require an argument in wp_insert_post(). props duck_, see #14783.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-09-05 02:45:39 +00:00
scribu
1b2fa98e2a Add the floated_admin_avatar filter from WP_Comments_Table. See #14637
git-svn-id: http://svn.automattic.com/wordpress/trunk@15512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-08-20 11:18:41 +00:00
westi
c7aa32c0ac Just pass the comment object to get_avatar in floated_admin_avatar rather than duplicating logic. Fixes #12291 props Otto42.
git-svn-id: http://svn.automattic.com/wordpress/trunk@13420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-25 22:19:03 +00:00
ryan
6da55f7792 Trailing whitespace cleanup
git-svn-id: http://svn.automattic.com/wordpress/trunk@12733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-15 22:11:12 +00:00
westi
2fabcf53fe Improve get_pending_comments_num() to be a little more predictable and revert the erroneous change in [12596]. See #11882.
git-svn-id: http://svn.automattic.com/wordpress/trunk@12715 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-12 22:38:26 +00:00
westi
99709adb4e phpDoc for get_pending_comments_num().
git-svn-id: http://svn.automattic.com/wordpress/trunk@12595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-02 17:15:11 +00:00
azaozz
8dff8f9f73 Properly escape comment_author_url when displaying, for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@11721 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-07-18 23:21:50 +00:00
markjaquith
3ebf837ced Deprecate sanitize_url() and clean_url() in favor of esc_url_raw() and esc_url()
git-svn-id: http://svn.automattic.com/wordpress/trunk@11383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-18 16:00:33 +00:00
westi
427e5aa3e5 Fix notice when registering admin avatar filter. See #9366 props sivel
git-svn-id: http://svn.automattic.com/wordpress/trunk@10821 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-03-19 21:52:50 +00:00
ryan
35eb4bca32 post_exists() and comment_exists() fixes. Fixes post duplication during import. Props tott. fixes #8460
git-svn-id: http://svn.automattic.com/wordpress/trunk@10722 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-03-05 22:16:29 +00:00
ryan
ae2c4bc50c Add opt-in optioon for comment hotkeys. Props nbachiyski. fixes #7643
git-svn-id: http://svn.automattic.com/wordpress/trunk@9217 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-10-16 22:23:32 +00:00
ryan
9ce46d3937 phpdoc for wp-admin. Props jacobsantos. see #7527
git-svn-id: http://svn.automattic.com/wordpress/trunk@9119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-10-10 18:21:16 +00:00
ryan
528d8c4ed2 Punt inbox
git-svn-id: http://svn.automattic.com/wordpress/trunk@9005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-09-27 20:41:29 +00:00
ryan
e3f6b2b271 phpdoc for wp-admin/includes from jacobsantos. see #7527
git-svn-id: http://svn.automattic.com/wordpress/trunk@8912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-09-17 00:40:10 +00:00
ryan
727c0fc3d5 Revert [8881], patch wasn't ready. see #7738
git-svn-id: http://svn.automattic.com/wordpress/trunk@8882 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-09-13 18:18:44 +00:00
ryan
32c9a1f7c4 Hook floated_admin_avatar to admin_init. Props DD32. fixes #7738
git-svn-id: http://svn.automattic.com/wordpress/trunk@8881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-09-13 18:16:42 +00:00
ryan
d3b414932c Collapse crazyhorse to trunk. Incoming! see #7552
git-svn-id: http://svn.automattic.com/wordpress/trunk@8691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-20 21:42:31 +00:00
westi
7f894ae416 phpdoc for wp-admin. See #7496 props santosj.
git-svn-id: http://svn.automattic.com/wordpress/trunk@8645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-14 06:30:38 +00:00
ryan
444391eaff Consolidate get_pending_comments_num() queries. see #6770
git-svn-id: http://svn.automattic.com/wordpress/trunk@7775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-04-22 21:26:01 +00:00
ryan
248a0c06e2 Prepare DB queries in more places. Props filosofo. see #6644
git-svn-id: http://svn.automattic.com/wordpress/trunk@7645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-04-14 16:13:25 +00:00
ryan
90952804da Update timestamp when only the minute value is changed. fixes #6456 for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@7609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-04-07 17:06:56 +00:00
markjaquith
15b17df867 moderation.php is no more. All hail edit-comments.php?comment_status=moderated
git-svn-id: http://svn.automattic.com/wordpress/trunk@7391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-03-18 23:24:04 +00:00
ryan
385677b909 Better date editing from MarkJaquith. see #6250
git-svn-id: http://svn.automattic.com/wordpress/trunk@7338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-03-16 23:05:16 +00:00
ryan
04c9051a7d Remove trailing whites.
git-svn-id: http://svn.automattic.com/wordpress/trunk@7130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-03-02 20:17:30 +00:00
ryan
89ee192797 Fix backend avatar display
git-svn-id: http://svn.automattic.com/wordpress/trunk@6883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-02-17 01:57:58 +00:00
matt
089c2f1d8d Avatars for backend.
git-svn-id: http://svn.automattic.com/wordpress/trunk@6868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-02-16 02:39:13 +00:00
ryan
dab1c792c7 Remove unused variables. Props DD32. fixes #5418
git-svn-id: http://svn.automattic.com/wordpress/trunk@6354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-12-05 00:29:05 +00:00
matt
51ce46e892 Shows pending moderation comments in title and bold comment numbers with comments that need attention.
git-svn-id: http://svn.automattic.com/wordpress/trunk@5821 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-07-29 19:56:55 +00:00
markjaquith
b1a12f6718 get_comment_to_edit() should return false when the comment does not exist or is marked as spam. props Westi. fixes #4533.
git-svn-id: http://svn.automattic.com/wordpress/trunk@5757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-06-25 21:30:18 +00:00
ryan
d5f3d0c2d7 Remove comment_text filter from get_comment_to_edit. fixes #4403 for 2.3
git-svn-id: http://svn.automattic.com/wordpress/trunk@5655 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-06-05 14:41:02 +00:00
ryan
e515401912 Run comment_text filter before format_to_edit() when getting a comment to edit. fixes #4403 for 2.3
git-svn-id: http://svn.automattic.com/wordpress/trunk@5646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-06-04 17:43:22 +00:00
ryan
8e547a3677 attribute_escape()s and int casts. see #4333
git-svn-id: http://svn.automattic.com/wordpress/trunk@5543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-05-25 09:41:04 +00:00
ryan
770613e763 Admin includes reorg. see #4334
git-svn-id: http://svn.automattic.com/wordpress/trunk@5542 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-05-25 07:16:21 +00:00