Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-02 16:59:35 +01:00
Code Issues Projects Releases Wiki Activity
21,498 Commits 50 Branches 747 Tags 785 MiB
5f4ab78505
Commit Graph

73 Commits

Author SHA1 Message Date
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments. 
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-02-14 22:51:06 +00:00
Andrew Nacin
dc40f18228 Merge some strings. props pavelevap. fixes #22306. 
git-svn-id: http://core.svn.wordpress.org/trunk@22430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-11-07 19:37:54 +00:00
koopersmith
a5dacf7da5 Theme Customizer: Allow the customize iframe to be accessed directly (with full feature support). see #19910. 
* Move the 'Return to Manage Themes' and 'Collapse Sidebar' actions from themes.php to customize-controls.php.
* Create a postMessage connection between themes.php and customize-controls.php.
* Allow the theme customizer to be accessed directly (independent of themes.php and the customize loader).
* Add wp_customize_href() and wp_customize_url().
* Remove wp_customize_loader(). To include the loader, use wp_enqueue_script( 'customize-loader' ).
* The theme customizer now requires postMessage browser support.
* Add .hide-if-customize and .hide-if-no-customize CSS classes.
* Clean up customize-preview.js.

git-svn-id: http://svn.automattic.com/wordpress/trunk@20476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-04-16 14:02:28 +00:00
koopersmith
c2fb0c425b Replace all instances of thickbox theme preview with the theme customizer. fixes #20404. 
* Use theme customizer in theme install/update screens.
* Separate the customize loader from the customizer. Use wp_customize_loader() to include the loader script and markup.
* Deprecated: wp-admin/js/theme-preview.js is now no longer used by core.

git-svn-id: http://svn.automattic.com/wordpress/trunk@20419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-04-10 02:25:03 +00:00
nacin
98862a975b Support child theme installation in the theme installer. props otto42, dd32. fixes #13774. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@20267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-03-23 10:10:06 +00:00
dd32
ef278df299 Store Plugin/Theme uploads in the Media Library properly. Add Scheduled cleanup +2hrs to clean up any aborted installation attempts. See #18182 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18617 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-28 08:42:07 +00:00
dd32
b16b6f8a31 Only clean up the uploaded files after a successful (or failed) install. Allows files to persist past the FTP credential screen. See #18182 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-28 05:51:38 +00:00
dd32
ea3a169b6f Clean up Plugin/Theme uploads after successfully installing them. Restores pre-3.2 behaviour. See #18182 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-28 03:51:35 +00:00
nacin
1cdd5ad41a Remove more E_RECOVERABLE_ERROR checks. props duck_, see #16920. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-04-12 09:21:13 +00:00
nacin
c6c9ce82b3 IFRAME_REQUEST for network/update.php. props duck_, see #15724. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-10 18:25:18 +00:00
ryan
dfbd83784f Define IFRAME_REQUEST only for framed requests. Props ocean90. fixes #15721 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-07 23:05:27 +00:00
scribu
2c96912612 remove redundant require()s in wp-admin/update.php. See #15679 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-05 21:12:40 +00:00
scribu
c45f3936a7 More s/upgrade/update. Props michaelh. See #15656 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-03 09:16:28 +00:00
westi
ee291ef5a5 Remove WP_SHOW_ADMIN_BAR and go off existing and new defines on page type. See #15315 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-06 09:41:03 +00:00
scribu
80ce121521 Don't call activation hooks when upgrading. Props joelhardi for initial patch. See #14915 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16012 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-27 13:40:14 +00:00
dd32
4f3b9f7b7f Use Absolute URL's & API's in header redirects in more locations. See #14062 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-27 10:43:43 +00:00
ryan
6b6c2583a4 Add plugin update notifications, plugin install, plugin update to the network admin screen. Props PeteMall. see #15129 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-20 14:16:03 +00:00
ryan
580bf5eead Allow turning off the admin bar via WP_SHOW_ADMIN_BAR constant, no_admin_bar() function, or show_admin_bar filter. see #14772 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-18 17:58:36 +00:00
dd32
de6abc0ee1 Add Importer support to Plugin Install workflow, Offers to Activate Plugin & Run installer, and returning to Imports upon successful Importer Plugin Installation. See #13566 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14985 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-05-27 11:04:08 +00:00
nacin
ec38ce48e9 Support network-wide plugin re-activation in upgrades and edits. props PeteMall, fixes #13216 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-05-02 22:57:44 +00:00
nacin
f9df8a36ae s/blog/site/ in more places. props PeteMall, see #11644. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-04-30 01:54:32 +00:00
nacin
6ec7cb4540 Use relative paths when including files, avoiding include_path. fixes #12594, props sorich87. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-04-18 06:14:45 +00:00
dd32
ad72910597 Fix a typo in the Theme Bulk upgrader. Fixes upgrading for those using FTP. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14017 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-04-06 11:28:55 +00:00
dd32
96db88e1b8 Highlight correct submenu for Theme Installs. Fix PHP Notice for unset object properties (requires among others may not be set). 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-19 08:03:52 +00:00
ryan
e25a65b36a Trim trailing whitespace 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-17 16:27:25 +00:00
dd32
f07052a516 Bulk Theme Upgrades. See #12528 See #11232 for Bulk UI 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13686 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-13 03:59:40 +00:00
dd32
f3af366e3d First scrape at new UI for Bulk plugin upgrades. See #11232 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-06 08:39:50 +00:00
dd32
b90b27a6d6 Display PHP Start-up Errors/Warnings. Props Denis-de-Bernardy. Fixes #12395. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-28 12:19:09 +00:00
ryan
94859834fc i18n fixes. Props nbachiyski. fixes #11954 
git-svn-id: http://svn.automattic.com/wordpress/trunk@12789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-01-21 21:37:43 +00:00
ryan
8760e7da1b Coding standards, space after if 
git-svn-id: http://svn.automattic.com/wordpress/trunk@12752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-01-18 20:34:48 +00:00
azaozz
2d8cf34e49 Do not stop plugin activation due to E_DEPRECATED errors in php 5.3, props Denis-de-Bernardy, fixes #11250 
git-svn-id: http://svn.automattic.com/wordpress/trunk@12383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2009-12-12 09:20:07 +00:00
ryan
a61bc0ec8a Trailing whitespace cleanup 
git-svn-id: http://svn.automattic.com/wordpress/trunk@11013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2009-04-20 18:18:39 +00:00
ryan
79c63cfe7d Install/upgrade cleanups. Props DD32, sivel. see #7875 
git-svn-id: http://svn.automattic.com/wordpress/trunk@11012 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2009-04-20 18:15:08 +00:00
ryan
1cd542a5e2 consolidate plugin/theme/core upgrade/install functions. Props DD32. see #7875 
git-svn-id: http://svn.automattic.com/wordpress/trunk@11005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2009-04-19 19:36:28 +00:00
ryan
30f16a34a7 Fix upgrade theme nonce. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@10924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2009-04-13 16:26:00 +00:00
ryan
533114e89f Add screen icon for plugin upgrade. Props demetris. fixes #9410 
git-svn-id: http://svn.automattic.com/wordpress/trunk@10850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2009-03-30 16:26:48 +00:00
ryan
e89192b1a8 Strip trailing whitespace 
git-svn-id: http://svn.automattic.com/wordpress/trunk@10150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-12-09 18:03:31 +00:00
markjaquith
445884684a Hide scrollbar on plugin reactivation iframe. fixes #8498 
git-svn-id: http://svn.automattic.com/wordpress/trunk@10141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-12-09 12:08:40 +00:00
ryan
c3b1b5d5e3 Fix menu parents. see #8421 
git-svn-id: http://svn.automattic.com/wordpress/trunk@9967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-11-29 18:09:09 +00:00
ryan
f597bae652 More core update to update-core.php. Allow re-installing current version (requires api.wp.org changes) 
git-svn-id: http://svn.automattic.com/wordpress/trunk@9543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-11-06 03:31:41 +00:00
ryan
e55a05453a Better i18n support for automatic upgrade. Props nbachiyski. fixes #8023 
git-svn-id: http://svn.automattic.com/wordpress/trunk@9441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-10-31 18:51:06 +00:00
ryan
6ad29de92a Update backup link. Props MichaelH . fixes #7899 
git-svn-id: http://svn.automattic.com/wordpress/trunk@9279 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-10-22 16:41:01 +00:00
ryan
a9fc6fc48f Link to better codex article for backups. Props MichaelH. see #7899 
git-svn-id: http://svn.automattic.com/wordpress/trunk@9258 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-10-20 21:16:07 +00:00
ryan
45b8a2b4cd Link to codex for instructions on backing up the blog instead of suggesting export. see #7899 
git-svn-id: http://svn.automattic.com/wordpress/trunk@9253 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-10-20 17:32:45 +00:00
matt
00f08f8079 Unsquish text so it doesn't run into each other. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@9150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-10-14 01:33:27 +00:00
ryan
01ee36d7c8 Plugin install from DD32. see #6015 
git-svn-id: http://svn.automattic.com/wordpress/trunk@9141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-10-13 23:39:56 +00:00
ryan
6d4ca4de5e Verbage tweak 
git-svn-id: http://svn.automattic.com/wordpress/trunk@9034 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-09-29 23:48:48 +00:00
ryan
e446c11682 Suggest backing up before proceeding with upgrade 
git-svn-id: http://svn.automattic.com/wordpress/trunk@9033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-09-29 23:47:33 +00:00
westi
81aebef3b3 Theme update UI first pass. See #7519 props DD32. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@8989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-09-26 06:43:53 +00:00
ryan
b51249a60f Fix core upgrade redirect. Props DD32. fixes #5560 
git-svn-id: http://svn.automattic.com/wordpress/trunk@8885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-09-14 05:49:09 +00:00