markjaquith
|
a4db65e504
|
add_option()/update_option() should pass the option name to get_option() pre-escaped. fixes #4690 for 2.0.x
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-08-01 19:14:40 +00:00 |
|
ryan
|
a7903d9eeb
|
More clean_url and int casts for 2.0.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-27 23:47:02 +00:00 |
|
ryan
|
bb07c58477
|
More int casts
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5100 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-25 23:12:38 +00:00 |
|
markjaquith
|
1bdc18d904
|
use clean_url() instead of attribute_escape() when dealing with src/href to protect against XSS. props xknown. fixes #3986 for 2.0.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-17 09:04:56 +00:00 |
|
markjaquith
|
52c695b34f
|
nonce-protect comments by users with unfiltered_html cap to prevent xsrf/xss. fixes #3973 for 2.0
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-14 23:13:36 +00:00 |
|
markjaquith
|
9095f32844
|
More int casting, just to be safe.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5037 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-14 07:40:56 +00:00 |
|
ryan
|
f01df05ac1
|
Prophylactic casting.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5022 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-10 20:34:01 +00:00 |
|
ryan
|
4fd3f14d44
|
specialchars wp_explain_nonce() output.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-02-13 18:36:27 +00:00 |
|
ryan
|
81bf2a7ad7
|
estrict wp_remote_fopen to remote files.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4827 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-01-28 22:31:22 +00:00 |
|
ryan
|
093275f189
|
Make sure is_array before extract. Props idle. fixes #3626
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4777 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-01-21 20:02:45 +00:00 |
|
markjaquith
|
8dd70353ad
|
That'll teach me to trust a code snippet from php.net ... typo fix from last commit. relates to #3528
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-01-12 21:46:29 +00:00 |
|
markjaquith
|
6a11d0b794
|
Use http_response_code for in status_header() on PHP >= 4.3.0 per Ryan's suggestion. relates to #3528
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4724 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-01-12 21:41:48 +00:00 |
|
markjaquith
|
a2324a4487
|
Reverting non-essential stuff for a mean-and-lean 2.0.7 release
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-01-09 10:04:49 +00:00 |
|
markjaquith
|
c54fd7a243
|
burn in Hades, status_header(), destroyer of souls. fixes #3528
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-01-06 08:22:12 +00:00 |
|
markjaquith
|
be708ef9a7
|
new function for escaping within attributes: attribute_escape()
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-12-21 10:10:04 +00:00 |
|
ryan
|
16f9581218
|
Fix pregs. Props Mordred.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-12-01 22:42:14 +00:00 |
|
markjaquith
|
57ff8770c0
|
trying Ryan's suggestion for #3215
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-11-22 04:59:31 +00:00 |
|
markjaquith
|
22ad434597
|
silence the fopen() in wp_remote_fopen()
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-11-15 22:47:17 +00:00 |
|
markjaquith
|
00c98cc513
|
Set extract type and rename car to avoid overwrites (backport from trunk [4469])
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-11-15 22:29:20 +00:00 |
|
markjaquith
|
8a46b9e8c2
|
Questions should have question marks. Props Viper007Bond. Partially addresses: #3263
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-10-20 16:18:11 +00:00 |
|
markjaquith
|
2d8ad48991
|
Only run stripslashes() on strings in update_usermeta(). Props stm. fixes #3240
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4395 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-10-14 05:35:27 +00:00 |
|
markjaquith
|
2e621f422f
|
Prevent users from entering strings that will be interpreted as serialized arrays/objects on the way out. fixes #2591
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-10-13 00:24:51 +00:00 |
|
markjaquith
|
9e9f4de19f
|
Post meta caching fix by mdawaffe. fixes #3229
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4373 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-10-11 09:19:10 +00:00 |
|
markjaquith
|
23ddeba64d
|
allow timer_stop() to use number_format() when returning. Props mdawaffe and nbachiyski. fixes #991
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4344 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-10-04 22:00:26 +00:00 |
|
markjaquith
|
052b0b8c37
|
case insensitive sorting. props Nazgul. fixes #3108
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-10-04 03:50:14 +00:00 |
|
ryan
|
5077b4e5de
|
Keep the frag at the end. Props mdawaffe. fixes #3078
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4231 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-09-25 02:12:34 +00:00 |
|
ryan
|
abcbe47015
|
Make those chars feel special.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-09-25 02:09:08 +00:00 |
|
ryan
|
17af24fdff
|
Don't use blank user agent when pinging. Props error. fixes #2931
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4048 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-07-26 17:45:19 +00:00 |
|
ryan
|
b7a195b220
|
Trim theme and plugin data. fixes #2943
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-07-23 19:20:50 +00:00 |
|
ryan
|
9d3aff53ae
|
Use wp_die() in wp_nonce_ays(). fixes #2929
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-07-10 17:21:48 +00:00 |
|
ryan
|
fcb186c059
|
get_category filter form majelbstoat. fixes #2466
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-07-10 16:13:04 +00:00 |
|
ryan
|
006284f925
|
wp_specialchars() within wp_nonce_url(). Props Nazgul. fixes #2857
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3973 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-07-05 09:52:18 +00:00 |
|
ryan
|
928b059aa5
|
wp_explain_nonce() and wp_nonce_ays(). Props mdawaffe. #2734
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-06-27 22:57:49 +00:00 |
|
ryan
|
ecc5807556
|
Have wp_referer_field() set the referer to the current page. fixes #2858
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3920 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-06-24 18:22:57 +00:00 |
|
ryan
|
8fdd6dadab
|
wp_get_referer() and friends from robmiller and markjaquith. fixes #2800
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-06-24 05:41:59 +00:00 |
|
ryan
|
112ebb6172
|
Don't forget the protocol. Props tereshchenko. #2853
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-06-23 20:17:39 +00:00 |
|
ryan
|
c69c8bdfd8
|
Fix bug in add_query_arg when url like http://example.com (no trailing slash). Props skel to the ac.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-06-22 03:52:18 +00:00 |
|
ryan
|
dacaa7594f
|
Make replacement strings backref safe without using \${1} so as to preserve php <= 4.2 compatible. Props mdawaffe. fixes #2774
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-06-08 03:21:04 +00:00 |
|
ryan
|
c1d27f3113
|
Undef var fix from Denis-de-Bernardy. fixes #2780
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-06-04 21:07:18 +00:00 |
|
ryan
|
1204f35648
|
Enclosure redirect fix from aegrumet. fixes #2551
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-05-26 17:25:20 +00:00 |
|
ryan
|
7428c2fbbc
|
Backport nonces and pluggable cookies.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-05-11 23:05:45 +00:00 |
|
ryan
|
f9aeed2164
|
Fix backreferences in mysql2date(). Props tenpura. fixes #2564
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3745 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-04-22 00:22:28 +00:00 |
|
ryan
|
1c4d1096df
|
update_option() action fix. fixes #2553
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3744 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-04-22 00:18:35 +00:00 |
|
ryan
|
cab11a0488
|
Isolate backref. fixes #2521
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@3611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-03-04 22:42:01 +00:00 |
|
ryan
|
325a641cac
|
Delete usermeta field if set to empty string. Props David House. fixes #2341
git-svn-id: http://svn.automattic.com/wordpress/trunk@3495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-01-29 19:48:09 +00:00 |
|
ryan
|
cd678d9a32
|
Allow empty usermeta fields. Props David House. fixes #2341
git-svn-id: http://svn.automattic.com/wordpress/trunk@3494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-01-29 00:21:48 +00:00 |
|
ryan
|
5c166af378
|
CGI ping fixes. fixes #2197
git-svn-id: http://svn.automattic.com/wordpress/trunk@3491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-01-28 18:41:19 +00:00 |
|
matt
|
dd14d47290
|
Caching typo.
git-svn-id: http://svn.automattic.com/wordpress/trunk@3490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-01-28 06:19:11 +00:00 |
|
ryan
|
a191df007e
|
Make sure we have an array. Props David House. fixes #2344
git-svn-id: http://svn.automattic.com/wordpress/trunk@3489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-01-27 19:22:55 +00:00 |
|
ryan
|
10c1b81d0a
|
Use double quotes. fixes #2332
git-svn-id: http://svn.automattic.com/wordpress/trunk@3487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2006-01-26 02:33:14 +00:00 |
|