markjaquith
|
7ed5ba96ac
|
Sanitize cat_id, fixes #4691 for 2.0.x
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-08-02 15:23:12 +00:00 |
|
markjaquith
|
9b7d5eda66
|
Sanitize option names in options.php, use current escaping functions. for 2.0.x
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-08-01 19:25:33 +00:00 |
|
markjaquith
|
a4db65e504
|
add_option()/update_option() should pass the option name to get_option() pre-escaped. fixes #4690 for 2.0.x
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-08-01 19:14:40 +00:00 |
|
markjaquith
|
d446bf0e42
|
escape before extracting. Props Alexander Concha.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5768 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-06-27 08:22:02 +00:00 |
|
markjaquith
|
dac513e9e5
|
bump to 2.0.11-RC4
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-06-20 19:23:25 +00:00 |
|
markjaquith
|
c26a4fa050
|
Prevent editing of protected meta keys for 2.0.x
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-06-20 19:21:08 +00:00 |
|
markjaquith
|
585d7513a8
|
js_escape improvements from Alexander Concha. Catches ' ' ' ' ' ' ' etc. for 2.0.x
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5736 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-06-20 19:13:29 +00:00 |
|
ryan
|
ac5691b028
|
attribute_escape REQUEST_URI
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-06-11 22:43:27 +00:00 |
|
ryan
|
2400af89a4
|
Remove comment_text filter from get_comment_to_edit. fixes #4403 for 2.0
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-06-05 14:41:49 +00:00 |
|
ryan
|
757a704cac
|
Run comment_text filter before format_to_edit() when getting a comment to edit. fixes #4403 for 2.0
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5648 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-06-04 17:49:02 +00:00 |
|
markjaquith
|
87065318f5
|
Bumping the version
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-06-03 21:46:51 +00:00 |
|
markjaquith
|
3881ccdc75
|
Older MySQL versions need "INNER" to be specified
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5644 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-06-03 21:45:49 +00:00 |
|
markjaquith
|
e0bd7dfb3e
|
attribute_escape()s and int casts for 2.0.x: see #4333
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5550 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-05-25 22:33:48 +00:00 |
|
markjaquith
|
a8de3da89b
|
Revert accidental debug commit in [5502]
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-05-21 18:18:03 +00:00 |
|
ryan
|
e44c069b1f
|
Set eol-style to CRLF for sample config file.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-05-21 18:09:00 +00:00 |
|
markjaquith
|
f177fa9f6e
|
2.0.11 coming soon
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-05-21 18:01:12 +00:00 |
|
ryan
|
f22f442c12
|
Escapage
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-05-11 00:59:06 +00:00 |
|
ryan
|
a13170d1d9
|
Add nonces to default theme.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-05-07 16:14:04 +00:00 |
|
ryan
|
74b548e41b
|
Add nonces to importers
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5406 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-05-07 16:10:20 +00:00 |
|
rob1n
|
7e1447ada8
|
Add in missing delimiter. fixes #4226 for 2.0, 2.2 and 2.3
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-05-05 02:51:20 +00:00 |
|
ryan
|
b4085d90cc
|
eol-style everywhere
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-05-04 21:48:43 +00:00 |
|
ryan
|
ab854f7625
|
Set eol-style
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-05-04 21:24:43 +00:00 |
|
ryan
|
a1c212e737
|
Ver bump
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-04-03 00:33:57 +00:00 |
|
ryan
|
a7903d9eeb
|
More clean_url and int casts for 2.0.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-27 23:47:02 +00:00 |
|
ryan
|
bb07c58477
|
More int casts
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5100 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-25 23:12:38 +00:00 |
|
ryan
|
a359d5977b
|
Some int casts
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-25 23:06:28 +00:00 |
|
ryan
|
bbd24106bd
|
Fix relative link mangling in clean_url. fixes #4017 for 2.1
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-23 23:33:19 +00:00 |
|
ryan
|
efd3bae515
|
Cast to int.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-22 23:02:20 +00:00 |
|
ryan
|
5e7cc6634b
|
Cast to int. Props xknown. fixes #4012 for 2.0
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5080 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-22 03:11:41 +00:00 |
|
ryan
|
d05906809b
|
Bump to RC3 before I forget.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-21 23:11:44 +00:00 |
|
ryan
|
b5ae53657a
|
Check for publish caps when editing via xmlrpc. For 2.0
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5076 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-21 22:21:18 +00:00 |
|
ryan
|
139fa55165
|
Use clean_url instead of inline preg. Props rob1n. fixes #3983 for 2.0
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-21 04:28:53 +00:00 |
|
ryan
|
b8f6940e18
|
Don't add http:// to relative links. Props donncha. fixes #4001 for 2.0
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-21 00:38:05 +00:00 |
|
markjaquith
|
1bdc18d904
|
use clean_url() instead of attribute_escape() when dealing with src/href to protect against XSS. props xknown. fixes #3986 for 2.0.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-17 09:04:56 +00:00 |
|
ryan
|
19d57a5326
|
Don't cast to string if empty. Props donncha. fixes #3979 for 2.0
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5053 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-16 22:05:15 +00:00 |
|
markjaquith
|
b3268bdec9
|
Sanitize output of previous_posts() and next_posts(). Props Alex Concha for the report.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-16 08:04:52 +00:00 |
|
ryan
|
0e0362a7a4
|
RC1
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-14 23:29:14 +00:00 |
|
markjaquith
|
52c695b34f
|
nonce-protect comments by users with unfiltered_html cap to prevent xsrf/xss. fixes #3973 for 2.0
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-14 23:13:36 +00:00 |
|
markjaquith
|
9095f32844
|
More int casting, just to be safe.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5037 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-14 07:40:56 +00:00 |
|
ryan
|
103b1d9eac
|
wp_title() fixes from dwc. fixes #3967
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-14 01:53:35 +00:00 |
|
ryan
|
fda7688049
|
Quote values heading to DB. Cast some ints.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5031 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-12 21:28:43 +00:00 |
|
ryan
|
4ac2b6d88d
|
Ignore redirect_to if already logged in.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5023 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-10 20:35:57 +00:00 |
|
ryan
|
f01df05ac1
|
Prophylactic casting.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5022 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-10 20:34:01 +00:00 |
|
ryan
|
4f26c48328
|
Use get_query_var()
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-09 20:58:05 +00:00 |
|
markjaquith
|
c50382e31d
|
Sanitize browser-bound add_query_arg() outputs. fixes #3937
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-09 04:36:24 +00:00 |
|
markjaquith
|
84c8810f5c
|
Reverting non-security-related DBX upgrade.
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-07 05:14:59 +00:00 |
|
markjaquith
|
0fc71bb322
|
Upgrade DBX to version 2.0.5 to fix occasional cookie error. fixes #3397
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-03-02 07:13:57 +00:00 |
|
ryan
|
ef812176a0
|
Handle array of mt_tb_ping_urls. Props bafonso. fixes #3721
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-02-22 01:34:56 +00:00 |
|
ryan
|
bc60dccc26
|
Bump
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-02-20 19:44:39 +00:00 |
|
ryan
|
a55320e85d
|
Bump
git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@4891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
|
2007-02-17 20:20:59 +00:00 |
|