Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-03 01:09:39 +01:00
Code Issues Projects Releases Wiki Activity
21,447 Commits 50 Branches 747 Tags 785 MiB
6bcd1665eb
Commit Graph

185 Commits

Author SHA1 Message Date
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments. 
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-02-14 22:51:06 +00:00
Sergey Biryukov
7a77f47f55 Use correct escaping function. fixes #23334. 
git-svn-id: http://core.svn.wordpress.org/trunk@23413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-02-14 05:52:23 +00:00
Ryan Boren
d4abd95449 Scope button classes so they can be used on the frontend without interfering with theme styles. 
Props helenyhou, koopersmith
fixes #22644


git-svn-id: http://core.svn.wordpress.org/trunk@22948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-11-30 13:40:59 +00:00
Ryan Boren
06ee370814 Pinking shears 
git-svn-id: http://core.svn.wordpress.org/trunk@22634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-11-17 15:11:29 +00:00
Ryan Boren
0794b91606 Use retina logo in install, upgrade, setup-config, repair, and confirmation screens. 
Props kopepasah, SergeyBiryukov
fixes #22375


git-svn-id: http://core.svn.wordpress.org/trunk@22419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-11-07 17:34:22 +00:00
Andrew Ozz
24537164ff Buttons: make install.css depend on buttons.css (so button styles are always loaded), see #21598 
git-svn-id: http://core.svn.wordpress.org/trunk@22327 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-10-30 16:28:13 +00:00
Andrew Ozz
efbc9d2336 Buttons: 
- Update the install/initial configuration/repair screens buttons, props DrewAPicture
- Fix the welcome screen buttons and fine-tune the buttons css, props lessbloat

fixes #21598


git-svn-id: http://core.svn.wordpress.org/trunk@22314 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-10-26 19:40:39 +00:00
ryan
8c114f0c54 Pinking shears 
git-svn-id: http://core.svn.wordpress.org/trunk@20715 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-05-03 16:41:59 +00:00
nacin
026289fa33 A more resilient check for the base table prefix. see #19970. 
git-svn-id: http://core.svn.wordpress.org/trunk@20700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-05-02 20:38:58 +00:00
nacin
c02d96890a Issue an error during the WordPress install process if wp-config.php is configured with an empty database table prefix, which is not supported. 
props SergeyBiryukov.
fixes #19970.



git-svn-id: http://core.svn.wordpress.org/trunk@20699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-05-02 20:37:18 +00:00
nacin
2f26bbdf8d Int cast a step variable. see #19786. props Caspie. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@20618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-04-27 18:57:08 +00:00
nacin
5ecb56896f Update login-logo.png to use proper color. Copy it over wordpress-logo.png. Make that one canonical, and stop using login-logo.png. Leave it for plugins. props iammattthomas. see #19955. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-02-17 04:57:56 +00:00
nacin
81bb2f7ed7 Use is_rtl() for html direction when possible. In sites.php, language_attributes() will always exist (MU vestige). When the DB is dead, language_attributes() is worse than a simple is_rtl() check. is_rtl() exists here due to wp_load_translations_early(). see #18180. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19862 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-02-08 06:05:35 +00:00
nacin
b94b02b316 Provide a more WordPress-like context for 'Welcome' on the install screen. see #19698. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19808 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-02-01 14:49:41 +00:00
nacin
c1b4310367 Provide contexts for a 'Welcome' string. Sometimes we're saying hello, other times referring to the welcome panel. props pavelevap, fixes #19698. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-02-01 14:47:49 +00:00
ryan
81b39f50fb Remove references to specific search engines. fixes #18605 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-30 20:51:00 +00:00
ryan
07ff8b216b Use one space, not two, after trailing punctuation. fixes #19537 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-12-13 23:45:31 +00:00
azaozz
52b5e282bd Fix styling for the installation screens, props chexee, fixes #18576 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-11-15 15:47:07 +00:00
nacin
44590b1d78 Revert [18817]. Adding the new HTML to setup-config would make translation files stale, and I'd rather i18n that file first (see #18180). fixes #18865, see #16413. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-10-05 23:42:11 +00:00
nacin
a418189fe2 Kill the tables in install.php. props andrewryno. see #16413. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-09-29 19:57:36 +00:00
dd32
6f5da88d81 Mark the install page as rtl for styling purposes. Props SergeyBiryukov. See #18314 and #18180 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-30 03:55:40 +00:00
nacin
4e4932296f Use wp_print_scripts() in install.php. Fixes issues with SCRIPT_DEBUG, removes l10n.js reference. fixes #18394. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-13 18:01:26 +00:00
azaozz
5256d7951f <!DOCTYPE html> for all, fixes #18202 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-07-22 00:25:41 +00:00
westi
caab05429f Use the l10n helper js file in the installer. See #15124. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-12 11:44:08 +00:00
nacin
0552424317 Revert submit_button() for wp-includes, setup-config, install, login, signup. see [16061], see #15064, fixes #15247. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-29 00:31:27 +00:00
markjaquith
fc6e89da45 Expand submit_button() capabilities. Replace all (or almost all) manual HTML instances in WP. props sbressler. see #15064 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-28 21:56:43 +00:00
westi
7186208818 Bring back a seperate js file for the password strength meter and correctly mark it as a dependancy of the user profile code. See #5919. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-27 06:39:20 +00:00
scribu
08e984e5e8 move password-strength-meter.js into user-profile.js. See #5919 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-12 20:29:19 +00:00
westi
f243603e64 Context for the medium password strength string to disabiguate it. Fixes #14431 for trunk props demetris. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-07-29 20:42:05 +00:00
dd32
f73a8ed7fc Do not stripslashes() passwords during Install, Matches Login/Updating password handling. Props johanee. See #13654 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15073 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-05-31 10:53:02 +00:00
westi
86bc8063c6 Style the error messages in the installer. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-05-24 08:18:48 +00:00
nacin
e64a657575 s/blog/site/ in even more places. props PeteMall, see #11644. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14315 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-04-30 03:17:49 +00:00
nacin
0e152503cb Poka yoke for username sanitization during install. see #13159. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-04-28 02:20:32 +00:00
nacin
3a11c693b7 Show the sanitized username on install.php completion page. Also add some help text. see #13159. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14264 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-04-28 02:17:19 +00:00
nbachiyski
a3f84296c5 Change user name to username for consistency 
git-svn-id: http://svn.automattic.com/wordpress/trunk@14172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-04-20 17:40:08 +00:00
dd32
db0706ea0e Add Password Mismatch feedback to the Password Strength Meter. Props dancole. Fixes #12576 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-31 08:45:51 +00:00
nacin
30d6eb32c6 Remove redundant isset() and empty() checks. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13770 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-19 21:29:21 +00:00
nacin
8c8bf5039f Remove unnecessary ternary operators such as (expr) ? true : false. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-19 21:15:00 +00:00
nacin
4ebde35485 install.php password UI cleanup. see #10396 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13696 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-14 02:30:50 +00:00
westi
da3765da55 Make the sanitity check html in the installer more poetic. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-11 20:45:24 +00:00
dd32
e2ef640d36 Do not display user specified password during install. Fixes #12479. See #10396 for feedback 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13592 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-03-05 12:25:30 +00:00
nacin
64d5d9e55c Add a sanity check in install.php, accounting for whether PHP is running. fixes #11728 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-26 06:31:40 +00:00
nacin
fc250d46f3 Show "Log In" button on install.php when already installed. fixes #10488 props dancole 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-24 01:58:27 +00:00
nacin
baa6ca4b2c Add links to the codex changelog in update notification strings. props dtoj, see #11739 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13250 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-20 12:28:10 +00:00
nacin
04212c36f3 Actually remove stray line ref. [13135]. see #10396 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-14 03:28:34 +00:00
nacin
b8a6d8add5 Manual L10n JS strings in install.php. Remove stray line, see #13134 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-14 03:24:25 +00:00
dd32
470f62dd8c First pass at allowing username/password selection upon install. Includes some extra cleanup of the patch. Props dancole. See #10396 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13134 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-14 03:07:47 +00:00
nacin
05f7724075 install.php whitespace cleanup, inline docs, function @sinces, fixes #11491 
git-svn-id: http://svn.automattic.com/wordpress/trunk@13124 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-02-13 20:40:42 +00:00
ryan
459326c932 Check PHP and MySQL versions in install.php. see #11666 
git-svn-id: http://svn.automattic.com/wordpress/trunk@12577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2009-12-29 22:07:35 +00:00
ryan
8e3808bce2 Remove trailing whitespace 
git-svn-id: http://svn.automattic.com/wordpress/trunk@11930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2009-09-14 14:03:32 +00:00