Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-15 07:05:37 +01:00
Code Issues Projects Releases Wiki Activity
29,800 Commits 50 Branches 748 Tags 792 MiB
aab268600a
Commit Graph

5297 Commits

Author SHA1 Message Date
Gary Pendergast
aab268600a Editor: Remove unwanted fields before saving posts. 
The `meta_input`, `file`, and `guid` fields are not intended to be updated through user input.

Merges [44047] to the 4.2 branch.


Built from https://develop.svn.wordpress.org/branches/4.2@44066


git-svn-id: http://core.svn.wordpress.org/branches/4.2@43896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 01:52:19 +00:00
Peter Wilson
303bd241f3 Multisite: Validate activation links. 
Merges [44048] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@44065


git-svn-id: http://core.svn.wordpress.org/branches/4.2@43895 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 01:51:37 +00:00
Dion Hulse
507c958ab6 External Libraries: Remove unnecessary / obsoleted MediaElement.js files. 
Merges [42478] to the 4.2 branch.
Fixes #42720 for 4.2.

Built from https://develop.svn.wordpress.org/branches/4.2@42484


git-svn-id: http://core.svn.wordpress.org/branches/4.2@42313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 08:12:32 +00:00
Dion Hulse
4b860b51ae Upgrade: When deleting old files, if deletion fails attempt to empty the file instead. 
Props joemcgill, dd32.
Merges [42434] to the 4.2 branch.
Fixes #42963 for 4.2.

Built from https://develop.svn.wordpress.org/branches/4.2@42472


git-svn-id: http://core.svn.wordpress.org/branches/4.2@42301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 06:57:57 +00:00
John Blackbourn
a59dfc257f Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues. 
Merges [41457] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@41464


git-svn-id: http://core.svn.wordpress.org/branches/4.2@41297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 14:43:56 +00:00
John Blackbourn
6ddef3f8ab General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area. 
Merges [41434] with changes to the 4.2 branch.

See #13377

Built from https://develop.svn.wordpress.org/branches/4.2@41445


git-svn-id: http://core.svn.wordpress.org/branches/4.2@41278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 13:32:30 +00:00
Aaron Campbell
566df4de1a Add nonce for updating file system credentials. 
Merges [40723] to 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40729


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 14:56:24 +00:00
Pascal Birchler
82c9b36ce7 Fix broken audio/video functions when sanitizing ID3 data 
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

See #40075, #40085.

Merges [40400] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40465


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40341 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-17 13:22:30 +00:00
John Blackbourn
8299a48476 Press This: Verify intent before fetching in-page resources using Press This. 
Props vortfu

Merges [40195] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40201


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40140 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 14:04:31 +00:00
Jeremy Felt
933f556e84 Validate video and audio metadata. 
Merge of [40148] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40154


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 08:09:31 +00:00
John Blackbourn
22688ca8c6 Posts, Post Types: When using Excerpt mode on the Posts list table, ensure the excerpt output matches what was manually entered into the Excerpt field. 
Merges [39956] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@39984


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:17:17 +00:00
Dominik Schilling
afc91088f4 Press This: Do not show Categories & Tags UI for users who cannot assign terms to posts anyways. 
Merge of [39968] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@39975


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:13:31 +00:00
Aaron Campbell
9f4a883e2f Add nonce for widget accessibility mode. 
Props vortfu.

See #23328.

Merges [39765] to 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@39766


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39704 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 01:49:32 +00:00
Joe McGill
8afdd2be32 Media: Improved media titles when created from filename. 
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.

Merge of [38615] to the 4.2 branch.

Fixes #37989.

Built from https://develop.svn.wordpress.org/branches/4.2@39714


git-svn-id: http://core.svn.wordpress.org/branches/4.2@39654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-06 22:01:02 +00:00
Jeremy Felt
f7adf3c9d2 Media: Sanitize upload filename. 
Merge of [38538] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@38543


git-svn-id: http://core.svn.wordpress.org/branches/4.2@38486 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 13:59:32 +00:00
Pascal Birchler
0e5485fe33 Upgrade/Install: Sanitize file name in File_Upload_Upgrader. 
Merge of [38524] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@38529


git-svn-id: http://core.svn.wordpress.org/branches/4.2@38470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-06 17:55:29 +00:00
Gary Pendergast
2c40eb4cf2 Database: dbDelta() will no longer try to downgrade the size of TEXT and BLOB columns. 
When upgrading to `utf8mb4`, `TEXT` fields will be upgraded to `MEDIUMTEXT` (and likewise for all other `*TEXT` and `*BLOB` fields). This is to allow for the additional space requirements of `utf8mb4`.

On the subsequent upgrade, `dbDelta()` would try and downgrade the fields to their original size again. At best, this it a waste of time, at worst, this could truncate any data larger than the original size. There's no harm in leaving them at their new size, so let's do that.

The `FULLTEXT` indexes are removed from the tests, as `dbDelta()`'s `FULLTEXT` support was added in WordPress 4.4.

This also includes the `setUp()` and `tearDown()` parts of [32270], to allow the tests to run, and fixes a typo them.

Merge of [37525] to the 4.2 branch.
Partial merge of [36552] to the 4.2 branch.
Partial merge of [32270] to the 4.2 branch.

See #36748.


Built from https://develop.svn.wordpress.org/branches/4.2@37939


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-07-01 11:51:28 +00:00
Nikolay Bachiyski
3c1876e6c5 Admin: escape URL-encoded permalinks 
Merge of [37801] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@37812


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37777 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:54:28 +00:00
Rachel Baker
d5a6676eb2 Revisions: Change the capability needed to view revision diffs to edit_post. 
Merge of [37779] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@37799


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37764 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:44:29 +00:00
Nikolay Bachiyski
437f727e8f Admin: Escape attachment name in case it contains special characters 
Merge of [37774] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@37789


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:26:11 +00:00
Boone Gorges
b4bf158d3a Taxonomy: More specific cap check when processing category data on post save. 
Ports [37691] to the 4.2 branch.

Props dlh.
Fixes #36379.
Built from https://develop.svn.wordpress.org/branches/4.2@37776


git-svn-id: http://core.svn.wordpress.org/branches/4.2@37741 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:21:38 +00:00
Dominik Schilling
ec4db723d2 XMLRPC: Don't allow private posts to be sticky. 
Merge of [33325], [33612], and [34135] to the 4.2 branch.

See #20662.
Built from https://develop.svn.wordpress.org/branches/4.2@34152


git-svn-id: http://core.svn.wordpress.org/branches/4.2@34120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-14 22:51:28 +00:00
Nikolay Bachiyski
c8d3901f8f List tables: escape user e-mails 
Merges [34133] for 4.2 branch

Built from https://develop.svn.wordpress.org/branches/4.2@34138


git-svn-id: http://core.svn.wordpress.org/branches/4.2@34106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-14 22:41:28 +00:00
Dominik Schilling
b0b028eacd Heartbeat: Ensure post locks are released. 
Merge of [33542] to the 4.2 branch.
Built from https://develop.svn.wordpress.org/branches/4.2@33543


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-08-04 04:54:59 +00:00
Gary Pendergast
c58e9ddf35 Don't blindly trust the output of glob() to be an array. 
Props kitchin.

Merge of [33447] to the 4.2 branch.

Fixes #33093.


Built from https://develop.svn.wordpress.org/branches/4.2@33481


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-29 06:53:28 +00:00
Gary Pendergast
fe2d10ea5c Capabilities: When creating an auto-draft, ensure that the current user still has permission to do so. 
Merge of [33357] to the 4.2 branch.


Built from https://develop.svn.wordpress.org/branches/4.2@33358


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33330 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-22 04:06:28 +00:00
Dion Hulse
b6058e2231 Updates: Correctly identify more failed update cases. 
This checks for a WP_Error being raised during an individual update, in addition to just the bootstrap error cases.
When a error occurs during the connection phase, pass the error message back as the ajax failure message.

Merges [32571] & [32778] to the 4.2 branch

See #32473, #32435

Built from https://develop.svn.wordpress.org/branches/4.2@33302


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-17 03:59:28 +00:00
Dion Hulse
8e96288144 Shiny Updates: Handle the case where the plugin is installed into a different directory than it previously existed in. 
A good example of this is when the plugin being updated is currently installed as 'Plugin-Name' but the canonical directory is 'plugin-name', but it can also occur when the plugin is installed in 'super-cool-plugin' and it's canonical name is 'average-plugin'.

Merges [32570] to the 4.2 branch.
Fixes #32465

Built from https://develop.svn.wordpress.org/branches/4.2@33301


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-17 03:55:28 +00:00
Dion Hulse
7090cf8980 Updates: When performing an ajax plugin update, rely upon wp_update_plugins() to check the contents of the transient and return early if no request needs to be made. 
This works around a bug where custom update handlers are injecting an update into an empty transient, malforming the transient and causing update failures.
Merges [33257] to the 4.2 branch.
Fixes #32198 for 4.2

Built from https://develop.svn.wordpress.org/branches/4.2@33258


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-14 08:04:27 +00:00
Dion Hulse
63f64d5909 Enable utf8mb4 for MySQL extension users. Previously utf8mb4 was limited to MySQLi users only unintentionally. 
Ports [33055] to the 4.2 branch
Fixes #32127 for 4.2.3

Built from https://develop.svn.wordpress.org/branches/4.2@33063


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33034 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-03 12:44:28 +00:00
Dion Hulse
61122743e2 Don't upgrade global tables to utf8mb4 when DO_NOT_UPGRADE_GLOBAL_TABLES is defined. 
This change also standardises on only checking `DO_NOT_UPGRADE_GLOBAL_TABLES` is defined, not it's value.

Fixes #32154 for 4.2

Built from https://develop.svn.wordpress.org/branches/4.2@33059


git-svn-id: http://core.svn.wordpress.org/branches/4.2@33030 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-03 05:59:27 +00:00
Dion Hulse
371db8aea1 Remove a redundant index drop, it'll be dropped and re-created a few lines further down. 
Fixes a warning during updating from 4.0 or earlier.
Merges [32852] to the 4.2 branch. Fixes #31388 for 4.2

Built from https://develop.svn.wordpress.org/branches/4.2@32853


git-svn-id: http://core.svn.wordpress.org/branches/4.2@32824 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-06-19 03:20:30 +00:00
Gary Pendergast
ca13bd76d5 Upgrades: If a table has already been converted to utf8mb4, there's no need to try and convert it again. 
Props gabrielperezs for the initial patch.

Merge of [32456] to the 4.2 branch.

Fixes #32310.


Built from https://develop.svn.wordpress.org/branches/4.2@32457


git-svn-id: http://core.svn.wordpress.org/branches/4.2@32427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-08 12:28:28 +00:00
Michael Adams
ba2de1e736 Upgrade: Since MySQL may auto-expand column widths when changing a column's character set, we must do our length-based comment checks prior to the character set changes. 
Props jorbin, et alii.

Merges [32440] for the 4.2 branch.

See #32165.

Built from https://develop.svn.wordpress.org/branches/4.2@32441


git-svn-id: http://core.svn.wordpress.org/branches/4.2@32411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-07 01:12:29 +00:00
Michael Adams
ff4c5d2767 Upgrade: $wpdb->get_col_length() sanity check: bail on unexpected return value. 
See #32165.

Built from https://develop.svn.wordpress.org/branches/4.2@32430


git-svn-id: http://core.svn.wordpress.org/branches/4.2@32400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 23:12:27 +00:00
Michael Adams
f3d41b7b38 Upgrade: Ensure unintelligible DB schemas don't result in content loss. 
Merge of [32417] to the 4.2 branch.

See #32165.

Props ocean90.

Built from https://develop.svn.wordpress.org/branches/4.2@32418


git-svn-id: http://core.svn.wordpress.org/branches/4.2@32388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 21:50:29 +00:00
Aaron Jorbin
ca97837cf3 When upgrading WordPress remove genericons example.html files 
[32385] for 4.2 branch

Props @dd32, @boone, @johnjamesjacoby, @drewapicture, @jorbin


Built from https://develop.svn.wordpress.org/branches/4.2@32386


git-svn-id: http://core.svn.wordpress.org/branches/4.2@32356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 18:39:28 +00:00
Gary Pendergast
5c01870b62 Upgrades: When converting to utf8mb4, we were trying to change the wrong index on wp_signups, causing the conversion to later fail. 
Merge [32378] to the 4.2 branch.

Props kovshenin, pento.

Fixes #32099.


Built from https://develop.svn.wordpress.org/branches/4.2@32380


git-svn-id: http://core.svn.wordpress.org/branches/4.2@32350 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 07:42:28 +00:00
Gary Pendergast
db8f915ee6 WPDB: When checking that a string can be sent to MySQL, we shouldn't use mb_convert_encoding(), as it behaves differently to MySQL's character encoding conversion. 
Merge of [32364] to the 4.2 branch.

Props mdawaffe, pento, nbachiyski, jorbin, johnjamesjacoby, jeremyfelt.

See #32165.


Built from https://develop.svn.wordpress.org/branches/4.2@32367


git-svn-id: http://core.svn.wordpress.org/branches/4.2@32337 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 03:30:30 +00:00
Dion Hulse
4202e36193 When creating a temporary file treat the / directory properly, to prevent it ending up in an endless self-calling loop. 
Props hnle, taka2. Fixes #32135. See #31811
Merges [32322] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@32324


git-svn-id: http://core.svn.wordpress.org/branches/4.2@32295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-29 03:20:29 +00:00
Gary Pendergast
a3a76fe665 4.2: When upgrading, remove any suspicious comments. 
Built from https://develop.svn.wordpress.org/branches/4.2@32311


git-svn-id: http://core.svn.wordpress.org/branches/4.2@32282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-27 17:10:29 +00:00
Dominik Schilling
89e45feb4c Don't focus input fields outside of the request filesystem credentials form. 
props valendesigns.
fixes #32055.
Built from https://develop.svn.wordpress.org/trunk@32266


git-svn-id: http://core.svn.wordpress.org/trunk@32237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-22 16:24:26 +00:00
Dominik Schilling
e0657e6904 Don't return empty themes in wp_prepare_themes_for_js(). 
see #32002.
Built from https://develop.svn.wordpress.org/trunk@32264


git-svn-id: http://core.svn.wordpress.org/trunk@32235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-22 16:11:25 +00:00
Andrew Ozz
60706015e1 Revert editing of video embed parameters in the media modal, [31620] and [31626] for now. Plan on revisiting in 4.3. 
Props iseulde. Fixes #31139, fixes #32006.
Built from https://develop.svn.wordpress.org/trunk@32258


git-svn-id: http://core.svn.wordpress.org/trunk@32229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-21 22:41:26 +00:00
Helen Hou-Sandí
1d1c026e8e Rename the pre_wp_prepare_themes_for_js filter to pre_prepare_themes_for_js. 
props DrewAPicture.
fixes #31789.

Built from https://develop.svn.wordpress.org/trunk@32246


git-svn-id: http://core.svn.wordpress.org/trunk@32217 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-21 14:23:27 +00:00
Gary Pendergast
e3f1f8fed1 Ensure post titles are correctly escaped on the Dashboard. 
Props helen, ocean90, dd32, pento.


Built from https://develop.svn.wordpress.org/trunk@32175


git-svn-id: http://core.svn.wordpress.org/trunk@32150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-20 07:39:25 +00:00
Sergey Biryukov
7f48138743 Press This: Update documentation for press_this_save_redirect filter after [31992]. 
props kraftbj.
fixes #31996.
Built from https://develop.svn.wordpress.org/trunk@32143


git-svn-id: http://core.svn.wordpress.org/trunk@32123 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-19 01:34:28 +00:00
Dominik Schilling
786bce5b9c Customizer: Escape theme preview URLs. 
props johnbillion, ocean90.
see #31896.
Built from https://develop.svn.wordpress.org/trunk@32134


git-svn-id: http://core.svn.wordpress.org/trunk@32113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-15 16:33:25 +00:00
Scott Taylor
5e4616039c Move the built media JS files up a directory to their previous location and naming convention. This fidgets with part of [31373] and will maintain BC for those who were loading those files directly (not using the enqueue system). 
Props iseulde, ocean90.
Fixes #31912.

Built from https://develop.svn.wordpress.org/trunk@32125


git-svn-id: http://core.svn.wordpress.org/trunk@32104 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-14 15:31:28 +00:00
Andrew Ozz
fe150b9ef2 Press This: do not show the bookmarklet upgrade notice when accessing directly press-this.php. 
Props kraftbj. Fixes #31968.
Built from https://develop.svn.wordpress.org/trunk@32122


git-svn-id: http://core.svn.wordpress.org/trunk@32101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-14 05:45:28 +00:00