Commit Graph

793 Commits

Author SHA1 Message Date
Ryan Boren
f3a83744e9 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
git-svn-id: http://core.svn.wordpress.org/trunk@23567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 17:14:09 +00:00
Ryan Boren
43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Andrew Nacin
401e88e387 Ignore protected meta keys in meta_form(). see #18786.
git-svn-id: http://core.svn.wordpress.org/trunk@23534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-28 19:51:29 +00:00
Sergey Biryukov
b5c34dc411 Fix typo in phpdoc. see #17515.
git-svn-id: http://core.svn.wordpress.org/trunk@23457 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-19 23:40:03 +00:00
Sergey Biryukov
bc2ff9d342 Deprecate wp_convert_bytes_to_hr() in favor of size_format(). props F J Kaiser. fixes #19067.
git-svn-id: http://core.svn.wordpress.org/trunk@23439 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-16 03:07:56 +00:00
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Mark Jaquith
00dbfdf89e Document the mysterious seventh parameter of add_meta_box().
props wonderboymusic, markjaquith. fixes #17515

git-svn-id: http://core.svn.wordpress.org/trunk@23397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-08 18:37:34 +00:00
Mark Jaquith
2fb915f860 Display post formats in the posts list table.
props nacin, garyc40, DrewAPicture, wonderboymusic, aaroncampbell.

fixes #16047

git-svn-id: http://core.svn.wordpress.org/trunk@23392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-08 16:10:05 +00:00
Sergey Biryukov
72784ad6c2 Consistently use a helper function instead of directly printing the disabled attribute.
Remove an erroneous esc_attr() call.

fixes #23194.

git-svn-id: http://core.svn.wordpress.org/trunk@23352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-28 03:23:01 +00:00
Sergey Biryukov
3e917ac75f Make sure the post exists before checking its ID. fixes #23026.
git-svn-id: http://core.svn.wordpress.org/trunk@23351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-28 02:55:06 +00:00
Ryan Boren
d4abd95449 Scope button classes so they can be used on the frontend without interfering with theme styles.
Props helenyhou, koopersmith
fixes #22644


git-svn-id: http://core.svn.wordpress.org/trunk@22948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-30 13:40:59 +00:00
Andrew Nacin
fe3ace4f05 Feature pointers:
* Finalize the text for the media pointer. Offer it for translation.
 * Remove the favorites pointer.
fixes #22454.



git-svn-id: http://core.svn.wordpress.org/trunk@22874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-27 18:58:07 +00:00
Andrew Nacin
67b5e59b68 Two initial feature pointers for WordPress 3.5: plugin favorites and the media dialog. One offered for translation. props nacin, lessbloat, DrewAPicture. see #22454.
git-svn-id: http://core.svn.wordpress.org/trunk@22815 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-22 09:24:11 +00:00
Andrew Nacin
3da5e3a7fc Fix up the 'Attach' dialog on upload.php.
We are de-emphasising attaching (see [22630]) but this is existing
core functionality and will remain for now. This commit just cleans
it up a bit so as to be less embarrassing.

props lessbloat, helenyhou.
fixes #20164.



git-svn-id: http://core.svn.wordpress.org/trunk@22723 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-20 18:50:15 +00:00
Andrew Nacin
b9b9ebeeae Forms with the class .wp-upload-form will now have their submit button disabled until a file is selected. props kovshenin, helenyhou, lessbloat, SergeyBiryukov, tommcfarlin. fixes #20855.
git-svn-id: http://core.svn.wordpress.org/trunk@22459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 23:54:03 +00:00
Andrew Ozz
cbd737470c Kill use of colons in class names, props SergeyBiryukov, fixes #21152
git-svn-id: http://core.svn.wordpress.org/trunk@22396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-06 01:01:52 +00:00
Ryan Boren
3eabc7db5a Use esc_attr() for attributes. Props johnjamesjacoby. fixes #22327
git-svn-id: http://core.svn.wordpress.org/trunk@22373 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-05 18:04:50 +00:00
Daryl Koopersmith
a918ec9135 Refine button styles, notably the gray buttons.
* Crisper edges, fewer outer shadows.
* Higher contrast borders on the gray buttons.
* Separates `button-large` from `button-primary`, and removes the `regular` override class.

props hugobaeta, helenyhou, lessbloat. see #21598.


git-svn-id: http://core.svn.wordpress.org/trunk@22099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-02 23:38:21 +00:00
Ryan Boren
21d38d35d4 Initialize to avoid notice. Props bradyvercher. fixes #22050
git-svn-id: http://core.svn.wordpress.org/trunk@22091 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-01 16:09:16 +00:00
Daryl Koopersmith
eb54ac6373 Move wp_max_upload_size and dependencies to wp-includes. props johnjamesjacoby. see #21390, fixes #21867.
git-svn-id: http://core.svn.wordpress.org/trunk@22073 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-27 20:59:57 +00:00
Andrew Nacin
1acd8b556f New HiDPI spinner. Uses clean <span class="spinner"></span> markup.
Be on the lookout for weirdness.
props lessbloat. see #21456.



git-svn-id: http://core.svn.wordpress.org/trunk@22019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-26 19:57:44 +00:00
Andrew Nacin
76bc5c7c21 Better alignment in the ustom fields metabox. props SergeyBiryukov, ocean90, fixes #21847.
git-svn-id: http://core.svn.wordpress.org/trunk@21955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-23 17:42:46 +00:00
Andrew Nacin
c1b0670c2d Updates and fixes to the new button styles. By default, buttons are now the same size as they were in 3.4. Then there is a smaller button (designed for minor elements) and a larger button (designed for things like Publish and Save Changes). Better focus styles. props lessbloat. see #21598.
git-svn-id: http://core.svn.wordpress.org/trunk@21944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-21 19:34:23 +00:00
Andrew Nacin
0d43250e2d Move the Cancel button for replying and quick-editing a comment to after the primary update/reply button so tabbing from the comment field takes you to the primary action. see #21340.
git-svn-id: http://core.svn.wordpress.org/trunk@21883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-17 22:13:53 +00:00
Andrew Nacin
7fd32ab9fc Fold Privacy Settings into Reading Settings, moving blog_public (search engine/robots) to options-reading and removing options-privacy.
When blog_public only has two values (as judged by whether the blog_privacy_selector action is used), convert from radio buttons to a checkbox, and rename from 'Site Visibility' to a more specific 'Search Engine Visibility'.

The text and implementation may change a bit. see #16416.



git-svn-id: http://core.svn.wordpress.org/trunk@21838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-13 17:28:57 +00:00
Ryan Boren
daa6757a9b Check for an empty post in wp_popular_terms_checklist(). _wp_ajax_add_hierarchical_term() doesn't set up global post info. Props SergeyBiryukov. see #21309
git-svn-id: http://core.svn.wordpress.org/trunk@21791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-10 16:45:49 +00:00
Daryl Koopersmith
67894a3407 New button styles.
Using the new buttons:

* Button classes are now stackable.
* All buttons should use a base class of "button".
* Buttons default to the gray style (formerly "button-secondary"). Buttons can add a style by adding additional classes. To make a primary button, add the "button-primary" class.
* Buttons can be rendered in various sizes. In addition to the default size, you can add "button-large", "button-small", or "button-tiny".

For backwards compatibility reasons, "button-primary" and "button-secondary" both work as standalone classes.

get_submit_button() has been adjusted to handle shorthand button classes (i.e. button classes can be passed without the "button-" prefix).

props lessbloat, helenyhou, trepmal, nacin. see #21598.



git-svn-id: http://core.svn.wordpress.org/trunk@21789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-08 04:58:34 +00:00
Andrew Nacin
aa543734b8 Fix adding and updating from the Custom Fields meta box. Broken in [21205]. props SergeyBiryukov. see #21829 for trunk.
git-svn-id: http://core.svn.wordpress.org/trunk@21781 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-07 15:49:20 +00:00
Ryan Boren
999d31c237 Make the callback optional for add_settings_section(). Props lightningspirit. fixes #21630
git-svn-id: http://core.svn.wordpress.org/trunk@21742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-04 20:55:20 +00:00
Ryan Boren
cfb35a9d85 Use get_post() instead of global $post.
Make the $post argument to get_post() optional, defaulting to the current post in The Loop.

Props nacin
see #21309


git-svn-id: http://core.svn.wordpress.org/trunk@21735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-04 16:29:28 +00:00
Andrew Nacin
3331a345bc Update some code comments from .dev.js to .js. props georgestephanis. see #21633.
git-svn-id: http://core.svn.wordpress.org/trunk@21659 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-30 02:15:57 +00:00
Ryan Boren
f56d8278bb Remove return ref from all calls to get_post()
Return WP_Post from get_default_post_to_edit()
Replace all calls to get_page() with get_post()
see #21309


git-svn-id: http://core.svn.wordpress.org/trunk@21597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-23 20:01:10 +00:00
Ryan Boren
65f5267604 Send Content-Type with charset for iframe_header(). Props SergeyBiryukov, sergey.s.betke@novgaro.ru. fixes #19454
git-svn-id: http://core.svn.wordpress.org/trunk@21538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-17 14:19:03 +00:00
ryan
e02ea8023e Remove debug cruft. Props ocean90. fixes #21315
git-svn-id: http://core.svn.wordpress.org/trunk@21349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-26 15:01:44 +00:00
ryan
91ab52d443 For get_settings_errors(), make sure errors from transient get added to the global variable and not unset when checking for an error of a specific setting. Also always return an array, as noted in the documentation. Props obenland. fixes #20833
git-svn-id: http://core.svn.wordpress.org/trunk@21315 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-24 15:13:46 +00:00
azaozz
34535097b7 Remove nearly all tabindex attributes from the admin, leaving them only where absolutely necessary (for now that's only the toolbar).
Add tabindex="-1" for the menu images links to avoid double tab stops there when the menu is expanded.

Fix/add auto-focus on the first input fields on the Add/Edit Post, all taxonomy, all edit taxonomy, Log In and Edit Comment screens.

See #21340.

git-svn-id: http://core.svn.wordpress.org/trunk@21311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-24 00:15:15 +00:00
duck_
ea548d7891 Hide pointers introduced in 3.4 from new users. Fixes #20941.
git-svn-id: http://core.svn.wordpress.org/trunk@21075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-13 17:38:42 +00:00
nacin
08c3cb242a Prevent a scrollbar in the admin caused by padding given to the toolbar. props SergeyBiryukov, ocean90. fixes #19196.
git-svn-id: http://core.svn.wordpress.org/trunk@21025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-07 22:05:01 +00:00
azaozz
c4942fae11 Pointers: fix check for defer_loading, fixes #20554
git-svn-id: http://core.svn.wordpress.org/trunk@20891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-24 22:50:30 +00:00
azaozz
7729e3742e Pointers: center pointer on Themes screen, fixes #20554
git-svn-id: http://core.svn.wordpress.org/trunk@20880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-24 16:34:51 +00:00
azaozz
453ab841d0 s/deffer/defer, see #20554
git-svn-id: http://core.svn.wordpress.org/trunk@20869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-24 07:02:25 +00:00
azaozz
b0e634031f Pointers: add arg to pointer options to load at window.loaded (after all images have been loaded and the layout is finalized) and use it on the custom header screen, see #20554
git-svn-id: http://core.svn.wordpress.org/trunk@20867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-24 06:45:49 +00:00
ryan
2f97993537 Updated text for Customize pointer. Props jane. see #20554
git-svn-id: http://core.svn.wordpress.org/trunk@20854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-23 19:49:14 +00:00
ryan
17f9635a45 Feature pointers for choosing an image from the library on the custom header and background pages. see #20554
git-svn-id: http://core.svn.wordpress.org/trunk@20839 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-21 20:34:20 +00:00
ryan
e44a0c3930 First pass at 3.4 pointers. Add pointer to the customize link for the current theme on themes.php. Support multiple pointers per page. Props scribu. see #20554
git-svn-id: http://core.svn.wordpress.org/trunk@20774 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-11 20:29:08 +00:00
nacin
1963cc8070 Add a filter to wp_terms_checklist() that wraps the function's arguments.
Mainly designed to allow checked_ontop to be turned off.

props husobj.
fixes #20054.



git-svn-id: http://core.svn.wordpress.org/trunk@20710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-03 01:15:18 +00:00
duck_
457d2db64b Add some missing documentation and fix a couple of typos. Props roscius. Fixes #19756.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-04 17:32:03 +00:00
azaozz
47feb0640f Revert type="number" for the date/time fields as it introduces UI/styling issues, fixes #20217, see #17863
git-svn-id: http://svn.automattic.com/wordpress/trunk@20217 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-19 19:30:07 +00:00
nacin
8c841df86d Revert type="email" (HTML5) as some browsers that do validation on these fields do not work for IDN domains yet. Core does not support these well either, but server-side validation can at least be dealt with by a plugin. see #17863.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-15 18:09:14 +00:00
azaozz
f3b63e4537 Set proper HTML5 input types in the admin, props georgestephanis, fixes #17863
git-svn-id: http://svn.automattic.com/wordpress/trunk@20168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-10 01:23:48 +00:00