Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-03 01:09:39 +01:00
Code Issues Projects Releases Wiki Activity
21,447 Commits 50 Branches 747 Tags 785 MiB
6bcd1665eb
Commit Graph

177 Commits

Author SHA1 Message Date
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments. 
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-02-14 22:51:06 +00:00
Ryan Boren
d4abd95449 Scope button classes so they can be used on the frontend without interfering with theme styles. 
Props helenyhou, koopersmith
fixes #22644


git-svn-id: http://core.svn.wordpress.org/trunk@22948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-11-30 13:40:59 +00:00
Andrew Nacin
61caecfa93 Use the create_posts post type cap in more places. Remove the janky create_posts meta cap. see #16714. 
git-svn-id: http://core.svn.wordpress.org/trunk@22908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-11-28 22:28:20 +00:00
Andrew Nacin
2aa561013b Extend Press This by a few pixels to allow longer strings. props SergeyBiryukov. fixes #20975. 
git-svn-id: http://core.svn.wordpress.org/trunk@22427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-11-07 19:27:19 +00:00
Andrew Ozz
cbd737470c Kill use of colons in class names, props SergeyBiryukov, fixes #21152 
git-svn-id: http://core.svn.wordpress.org/trunk@22396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-11-06 01:01:52 +00:00
Ryan Boren
a550a6d489 Use the create_posts capability in more places. 
In get_post_type_capabilities(), make sure create_posts reflects customizations to the edit_posts capability when create_posts is not specifically set.


git-svn-id: http://core.svn.wordpress.org/trunk@22291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-10-24 22:15:43 +00:00
Andrew Nacin
1acd8b556f New HiDPI spinner. Uses clean <span class="spinner"></span> markup. 
Be on the lookout for weirdness.
props lessbloat. see #21456.



git-svn-id: http://core.svn.wordpress.org/trunk@22019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-09-26 19:57:44 +00:00
Andrew Ozz
563c7caac5 Main editor: maintain the height when switching Visual to Text and back, save the height when resizing as user state, output the height in the textarea tag when loading, (thanks @nacin for the help), fixes #21718 
git-svn-id: http://core.svn.wordpress.org/trunk@22007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-09-26 03:30:21 +00:00
azaozz
34535097b7 Remove nearly all tabindex attributes from the admin, leaving them only where absolutely necessary (for now that's only the toolbar). 
Add tabindex="-1" for the menu images links to avoid double tab stops there when the menu is expanded.

Fix/add auto-focus on the first input fields on the Add/Edit Post, all taxonomy, all edit taxonomy, Log In and Edit Comment screens.

See #21340.

git-svn-id: http://core.svn.wordpress.org/trunk@21311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-07-24 00:15:15 +00:00
markjaquith
6a1d888ea5 Better image extension regexes, so we don't just grab the "jpe" from "jpeg" files in media_sideload_image(). props sivel. fixes #16693 
git-svn-id: http://core.svn.wordpress.org/trunk@21219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-07-05 20:51:55 +00:00
nacin
a9ee3b61f5 Remove charset attribute from script elements. props neoxx, fixes #21146. 
git-svn-id: http://core.svn.wordpress.org/trunk@21204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-07-03 13:27:14 +00:00
ryan
7c214624b6 Add RTL and locale classes to the press this body. Props SergeyBiryukov. fixes #19603 
git-svn-id: http://core.svn.wordpress.org/trunk@21052 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-06-11 20:34:42 +00:00
nacin
ff8b21eb47 s/sumbit/submit/. props tollmanz, fixes #20744. 
git-svn-id: http://core.svn.wordpress.org/trunk@20896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-05-25 13:45:16 +00:00
nacin
bfeb575df9 Use relative paths for admin-ajax.php to avoid cross-domain issues with IDN domains in IE and Opera. props SergeyBiryukov, fixes #18952. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-02-08 16:12:11 +00:00
duck_
81a7ad2c81 split was deprecated in PHP 5.3.0, so use explode instead. Props garyc40. Fixes #16325. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-09 21:20:51 +00:00
nacin
fdd79a0960 Merge Press This inline styles into wp-admin.css. fixes #19735. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19671 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-04 17:44:15 +00:00
nacin
b776fe7071 Revert a piece of [19424], go back to cloning a div for adding images in Press This. props azaozz, see #19498 for trunk. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19664 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-03 19:05:05 +00:00
nacin
b566f92218 Fix header/message alignment in Press This. for trunk. see #19725. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-03 18:57:31 +00:00
ryan
340e93324c Remove extraneous spaces. Props kenan3008, dimadin. fixes #19501 #19433 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-12-14 17:36:38 +00:00
azaozz
d170df731a Fix inserting images from url in Press This, fixes #19341 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-11-23 20:32:21 +00:00
azaozz
8c67ff6831 Press This: fix duplicate HTML IDs, add the 'default_post_to_edit' ID, fix minor RTL css, fixes #18989 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-11-21 18:32:39 +00:00
duck_
a57f6b0271 Stop multiple loading spinners showing when repeatedly accessing Press This Add Photos box. Fixes #18992. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-11-09 16:46:05 +00:00
ryan
62afab8db3 Pinking shears 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-10-24 19:13:23 +00:00
nacin
43eae59235 Translated strings in attributes require esc_attr(). s/_e/esc_attr_e/g 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-10-20 15:04:46 +00:00
azaozz
9d05f1f94a Press This CSS cleanup, props andrewryno, see #18314 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-10-19 06:16:15 +00:00
azaozz
e849d3b270 Use IE conditionals when adding the ie8 class, introduce _wp_admin_html_begin(), props scribu, fixes #18966 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-10-17 20:57:32 +00:00
azaozz
0f2431e25a RTL, IE7 and IE7 RTL fixes, add class="ie8" to the html tag, see #18314 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-10-15 07:33:01 +00:00
azaozz
7efc9306f9 Fix insetring images in Quick Press and Press This, see #17144 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18920 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-10-07 20:14:21 +00:00
azaozz
40794ebcd5 Fix typo when setting post_format in Press This. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-10-03 16:22:38 +00:00
duck_
5a4061bb13 Make use of specific post format support in current_theme_supports(). See #18691. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18721 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-09-19 16:31:33 +00:00
nacin
4319712d64 Rename 'Post Tags' to 'Tags'. props scribu, fixes #17683. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18661 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-09-11 17:52:46 +00:00
azaozz
b9d9d11f4e Fix styling and quicktags error in press this, see #16695 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18619 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-28 20:48:05 +00:00
azaozz
1cdec6ff6e Merge most admin css files, first run, see #18314 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-21 03:46:43 +00:00
azaozz
4cca01b8c3 Another fix for Press This, see #17144 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18574 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-19 17:04:16 +00:00
azaozz
97ff3b4c7a Fix Press This editors, see #17144 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-19 01:14:56 +00:00
nbachiyski
c8721d2600 Add a gettext context to the Standard post format string in Press This to match other usages of Standard in a post format context 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-08-11 04:36:18 +00:00
azaozz
5256d7951f <!DOCTYPE html> for all, fixes #18202 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-07-22 00:25:41 +00:00
azaozz
192a616b7f More Press This cleanup and fixes, see #17757 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-06-11 23:12:21 +00:00
nacin
7542e878f0 UI refresh for Press This. props koopersmith, see #17757. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18279 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-06-11 19:37:23 +00:00
ryan
daa14c36f9 Bring out the pinking shears. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-06-10 23:01:45 +00:00
azaozz
55c55c8f7d Fix JS error in Press This, props greuben, fixes #17501 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-06-05 23:12:51 +00:00
westi
a9e78ba4a6 Output TinyMCE HTML inside the body for Press This. Fixes #17500 props greuben 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-06-05 12:36:12 +00:00
westi
45552f72d3 Whitespace fixes 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18144 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-06-05 09:04:29 +00:00
westi
0397b60c04 Mark two missed strings in Press This for translation. Fixes #16334 props SergeyBiryukov and ocean90. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18143 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-06-05 09:02:08 +00:00
ryan
117d081812 Use esc_url() once again. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-05-22 23:19:12 +00:00
ryan
78e15233b2 Validate post status against capabilities in press this. Props nacin. for trunk 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-04-26 17:15:44 +00:00
azaozz
c54adb08df Fix padding in DFW mode, add the new wpfullscreen plugin in wp-tinymce.js.gz, fix notices in press-this see #17136 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17697 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-04-25 14:27:11 +00:00
azaozz
258a8f6844 Distraction Free Writing mode, see #17136 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-04-25 01:01:34 +00:00
nacin
1d8f93ca24 Set the post format before publishing the post in Press This. props Otto42, fixes #16192. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-01-11 19:58:58 +00:00
nacin
a0313cde8c Delay wp_tiny_mce_preload_dialogs to the footer, as occurs in admin-header. props ocean90, fixes #15561. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17140 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-25 15:03:35 +00:00