Commit Graph

57 Commits

Author SHA1 Message Date
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Helen Hou-Sandí
1c816c795b Open external links to plugin homepages, plugin author homepages, and theme author homepages in a new window/tab. props SergeyBiryukov. fixes #20839.
git-svn-id: http://core.svn.wordpress.org/trunk@23394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-08 16:20:01 +00:00
Andrew Nacin
346e45c56b Adjust size of the 'Clear List' list table button. Fix placement of other buttons next to bulk actions. props johnbillion, SergeyBiryukov, fixes #22621.
git-svn-id: http://core.svn.wordpress.org/trunk@22906 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-28 22:20:45 +00:00
Ryan Boren
44774b52ab Fix strict warnings for WP_Plugins_List_Table::bulk_actions() and WP_Plugins_List_Table::single_row(). Props kurtpayne. fixes #22224
git-svn-id: http://core.svn.wordpress.org/trunk@22376 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-05 18:29:20 +00:00
Andrew Nacin
557d9313a7 Introduce constants to allow for easier expression of time periods in seconds. Adds MINUTE_IN_SECONDS, HOUR_IN_SECONDS, DAY_IN_SECONDS, WEEK_IN_SECONDS, YEAR_IN_SECONDS. props nbachiyski, SergeyBiryukov. fixes #20987.
git-svn-id: http://core.svn.wordpress.org/trunk@21996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 05:26:19 +00:00
Ryan Boren
a3cfe28527 Reduce reliance on global variables in the list tables. Allow passing a screen ID to the list tables so that ajax handlers can set the needed screen.
Props nacin
fixes #21871


git-svn-id: http://core.svn.wordpress.org/trunk@21914 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-19 12:43:31 +00:00
Daryl Koopersmith
67894a3407 New button styles.
Using the new buttons:

* Button classes are now stackable.
* All buttons should use a base class of "button".
* Buttons default to the gray style (formerly "button-secondary"). Buttons can add a style by adding additional classes. To make a primary button, add the "button-primary" class.
* Buttons can be rendered in various sizes. In addition to the default size, you can add "button-large", "button-small", or "button-tiny".

For backwards compatibility reasons, "button-primary" and "button-secondary" both work as standalone classes.

get_submit_button() has been adjusted to handle shorthand button classes (i.e. button classes can be passed without the "button-" prefix).

props lessbloat, helenyhou, trepmal, nacin. see #21598.



git-svn-id: http://core.svn.wordpress.org/trunk@21789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-08 04:58:34 +00:00
Andrew Nacin
55e3541896 Only show network-only plugins in the network admin. props SergeyBiryukov. see #21187, for trunk.
git-svn-id: http://core.svn.wordpress.org/trunk@21700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-03 19:42:31 +00:00
ryan
73addbbd24 More screen reader text for list table checkboxes and theme install search. Props MikeLittle, SergeyBiryukov. see #21325
git-svn-id: http://core.svn.wordpress.org/trunk@21323 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-25 16:18:14 +00:00
nacin
9d20dfc4e1 Enforce multisite plugins menu preference in map_meta_cap(). This means a simple current_user_can('activate_plugins') check will handle the 'Enable administration menus' setting.
Remove bogus checks for enabling/disabling the 'themes' menu (something core does not handle out of the box) when in the network admin.

fixes #21123.



git-svn-id: http://core.svn.wordpress.org/trunk@21198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-30 12:40:25 +00:00
nacin
f3ec4f06c6 Remove debug cruft from [20852].
git-svn-id: http://core.svn.wordpress.org/trunk@20853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-23 18:00:09 +00:00
nacin
95e1c32720 Customize API shuffling.
* Rename WP_Customize to WP_Customize_Manager.
 * Move customize-controls.php to wp-admin/customize.php.
 * Make customize.php the formal entry point, rather than admin.php?customize=on.
 * Rename is_current_theme_active() to is_theme_active().
 * Add getters for the theme, settings, controls, and sections properties.
 * Allow customize.php (no ?theme=) to load the active theme. Not used yet.
see #20736.



git-svn-id: http://core.svn.wordpress.org/trunk@20852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-23 17:56:42 +00:00
nacin
c23bf21079 Clean up plugins.php with regards to recently edited files, deactivations, and the network admin. see #20468, #20104.
* Limit recently_activated to the site dashboard, and properly remove bulk-activated plugins from the array.
 * Remove code used from before the network admin, such as the unused 'network' plugin_status.
 * Don't try to deactivate a plugin already deactivated.
 * Use more specific caps (manage_network_plugins) rather than is_super_admin().



git-svn-id: http://svn.automattic.com/wordpress/trunk@20525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-19 03:41:29 +00:00
nacin
29bc67a989 Visually merge a plugin with its update notice. Same applies to themes in the network admin. Move from 'update automatically' to 'update now'. fixes #20273.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20236 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-21 16:19:27 +00:00
nacin
f11938fde4 'Network Activate' should be the bulk action on network/plugins.php, to match the action link. props ampt, fixes #19946.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-29 21:52:27 +00:00
ryan
e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
nacin
e296e48b3d Stop remembering the last viewed plugins screen. Always show all plugins when returning to plugins.php. fixes #18810.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-29 05:54:05 +00:00
nacin
7b3569ab29 Plugins per page should default to 999, not 20. Fixes minor (but annoying) 3.0 to 3.1 regression.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18319 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-18 15:02:58 +00:00
ryan
daa14c36f9 Bring out the pinking shears.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-10 23:01:45 +00:00
ryan
44a218c639 Fix paging through plugin search results. Props dd32. fixes #17285
git-svn-id: http://svn.automattic.com/wordpress/trunk@18093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-01 16:03:41 +00:00
dd32
dad316dccc * Allow Pagination for Must-Use/Dropin plugins
* Respect WP_CONTENT_DIR & WPMU_PLUGIN_DIR for help text
 * Move help text into WP_Plugins_List_Table
See #17327

git-svn-id: http://svn.automattic.com/wordpress/trunk@17806 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-05 05:24:15 +00:00
ryan
04487fc268 Constructor cleanup. Props ocean90. fixes #16768
git-svn-id: http://svn.automattic.com/wordpress/trunk@17771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-29 20:05:12 +00:00
ryan
65702d0ad1 Make plugin and theme title columns narrower. Props garyc40. fixes #16563 for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@17449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-02-15 03:43:47 +00:00
nacin
7061e7efe0 Don't sort the plugin name column. It doesn't stick between actions and is quite useless, so out it goes. fixes #16322.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-20 22:09:46 +00:00
nacin
37075f7f71 Remove AJAX from list tables. first pass. see #16262.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-16 21:47:24 +00:00
ryan
85f1feed84 Bring out the shears.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-06 04:11:14 +00:00
nacin
b0be8cd9f4 Validation fixes. props ocean90, fixes #15287.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17129 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-24 14:19:41 +00:00
ryan
587ea006b5 Translations in title attributes require esc_attr().
git-svn-id: http://svn.automattic.com/wordpress/trunk@17102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-21 17:17:58 +00:00
ryan
26129ad9a1 Search query string tweaks for net plugins. Props PeteMall. see #15872
git-svn-id: http://svn.automattic.com/wordpress/trunk@17038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-17 23:47:40 +00:00
ryan
1d304b55c6 Remove the delete action link from the network admin if the plugin is active on the main site. Remove the plugin(s) from the deletion list for the bulk actions and shows an error if no other plugin was selected for bulk-deletion. Props PeteMall. see #15709
git-svn-id: http://svn.automattic.com/wordpress/trunk@17033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-17 21:53:47 +00:00
PeteMall
b9c491d090 New filter for network admin plugins action link. Fixes #15850.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-16 19:22:46 +00:00
nacin
a189f21c45 Replace check_permissions() with ajax_user_can(). New method returns true/false to current_user_can(), which we then handle in admin ajax. see #15326.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-16 09:18:28 +00:00
nacin
cc08068dba Remove check_permissions() calls outside of AJAX context. Also only check for switch_themes in check_permissions() for the themes table. see #15326.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-16 08:43:22 +00:00
nacin
8c03934da4 We don't apply markup here. see #15742.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-16 08:04:54 +00:00
nacin
9998836363 Don't show plugin edit link in the site admin. fixes #15722. fixes logic in [16777].
git-svn-id: http://svn.automattic.com/wordpress/trunk@16778 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-07 21:14:44 +00:00
nacin
bc39153b2e Don't show plugin edit link in the site admin. fixes #15722.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16777 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-07 21:06:44 +00:00
nacin
fde64e232f Restore bottom padding in plugin rows. fixes #15547.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16745 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-06 15:15:09 +00:00
PeteMall
70ab4e218f Show network only plugins for !is_multisite. Fixes #15666
git-svn-id: http://svn.automattic.com/wordpress/trunk@16709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-03 18:05:37 +00:00
markjaquith
df1887a81a Standardize around "Update" instead of "Upgrade." props RanYanivHartstein. props latz. fixes #14107
git-svn-id: http://svn.automattic.com/wordpress/trunk@16696 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-02 21:45:47 +00:00
nacin
9576fc93bf Don't include Network Only plugins in the site admin plugin counts. props PeteMall, fixes #15502.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16498 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-20 01:23:44 +00:00
ryan
847499e531 Pinking shears
git-svn-id: http://svn.automattic.com/wordpress/trunk@16438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-17 18:47:34 +00:00
scribu
2bcb10213c Don't display upgradeable plugins in site admin and only translate plugin data for currently displayed plugins. See #14435
git-svn-id: http://svn.automattic.com/wordpress/trunk@16372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-14 18:34:59 +00:00
scribu
2c9faf261b Make custom plugin columns hideable. See #15318
git-svn-id: http://svn.automattic.com/wordpress/trunk@16350 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-13 17:21:40 +00:00
scribu
59ccc3815c Rename action to 'manage_plugins_custom_column' to be consistent with other screens. See #15318
git-svn-id: http://svn.automattic.com/wordpress/trunk@16349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-13 17:01:57 +00:00
scribu
c37e363bc8 Add 'manage_plugin_custom_column' action and properly hide plugin columns. See #15318
git-svn-id: http://svn.automattic.com/wordpress/trunk@16348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-13 16:57:25 +00:00
scribu
7184b861c3 Introduce WP_Plugins_List_table:single_row(). See #15318
git-svn-id: http://svn.automattic.com/wordpress/trunk@16347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-13 16:30:20 +00:00
scribu
37f29e649e Move network only status check out of foreach. See #15318
git-svn-id: http://svn.automattic.com/wordpress/trunk@16346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-13 16:25:56 +00:00
scribu
bdbfca56a7 Begin rework of plugins list table. Props edward mindreantre. See #15318
git-svn-id: http://svn.automattic.com/wordpress/trunk@16345 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-13 15:58:23 +00:00
scribu
3d8f4b6b2e Use get_current_screen() in list table classes. Fixes #15338
git-svn-id: http://svn.automattic.com/wordpress/trunk@16235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-08 15:43:44 +00:00
scribu
c0b067fcf5 remove leading <li> from get_views() and add it later. Fixes #15321
git-svn-id: http://svn.automattic.com/wordpress/trunk@16205 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-05 14:34:09 +00:00