Commit Graph

747 Commits

Author SHA1 Message Date
Ryan Boren
315bfb019a Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-03 21:11:40 +00:00
Ryan Boren
43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Andrew Nacin
5cd77fdb99 Revert [23359]. The post_author and comment_count post object fields will remain numeric strings for back compat. see #22324.
git-svn-id: http://core.svn.wordpress.org/trunk@23531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-28 19:40:26 +00:00
Andrew Nacin
b88b1c1f53 Move revisions/autosave and post format functions from wp-includes/post.php into revision.php and post-formats.php.
git-svn-id: http://core.svn.wordpress.org/trunk@23466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-21 21:24:34 +00:00
Helen Hou-Sandí
ad85d07189 Edit screen UI for post formats: a first run for functionality.
* Adds a very basic tabbed interface for selecting a post format (requires JS).
* Extra fields, which are post meta, are shown/hidden based on the selected format.
* Introduce a helper function for retrieving formats-specific metadata: `get_post_format_meta()`.
* Image selection uses the media modal, although without filtering or from URL support at the moment.

props rachelbaker, wonderboymusic, aaroncampbell, helen. see #19570.


git-svn-id: http://core.svn.wordpress.org/trunk@23449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-18 19:11:24 +00:00
Sergey Biryukov
a395bb01b8 Properly truncate UTF-8 post slugs in wp_unique_post_slug(). fixes #21013.
git-svn-id: http://core.svn.wordpress.org/trunk@23420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-15 14:35:41 +00:00
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Peter Westwood
ae974b8495 Revisions: Allow a plugin to force us to skip the don't save this revision because it hasn't changed code if it knows better.
See #7392 and #9843. Also cleans up the whitespace.


git-svn-id: http://core.svn.wordpress.org/trunk@23415 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 16:45:43 +00:00
Peter Westwood
716d48e0cd Revisions: Before saving a new post revision make sure that something has changed in the fields that we are revisioning.
Fixes: #7392 and #9843 props adamsilverstein.


git-svn-id: http://core.svn.wordpress.org/trunk@23414 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 11:36:32 +00:00
Ryan Boren
353ef064ea Use microtime() instead of incrementors for last_changed to to avoid race conditions with cache evictions.
Props westi
fixes #23448


git-svn-id: http://core.svn.wordpress.org/trunk@23401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-11 18:08:14 +00:00
Sergey Biryukov
c569c15b6d Correct the documentation for _publish_post_hook(). Remove unused global declaration. props roulandf. fixes #23376.
git-svn-id: http://core.svn.wordpress.org/trunk@23387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-05 15:45:37 +00:00
Sergey Biryukov
6f00a2c1cc Sanitize post_author and comment_count as integer fields. props GeertDD. fixes #22324.
git-svn-id: http://core.svn.wordpress.org/trunk@23353 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-28 04:17:05 +00:00
Ryan Boren
1b2b394a91 Avoid the appearance of a magic number.
Props nacin
see #23167


git-svn-id: http://core.svn.wordpress.org/trunk@23320 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-22 15:52:13 +00:00
Ryan Boren
48058dfb99 Explicitly set last_changed to 1 instead of the result of wp_cache_set(). Avoids ambiguity and works with cache backends that return void instead of boolean.
see #23167


git-svn-id: http://core.svn.wordpress.org/trunk@23319 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-22 15:46:16 +00:00
Helen Hou-Sandí
b538d6163f Make sure .widefat border and background coloring only applies to tables. props MikeHansenMe. fixes #21936.
git-svn-id: http://core.svn.wordpress.org/trunk@23315 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-22 14:44:04 +00:00
Ryan Boren
1edf259b45 In get_pages(), cache queries to individual cache buckets instead of storing them in one cached array. Also, store post IDs instead of full objects. This reduces overall memory usage as well as the size of the cache buckets. Use incrementor style passive cache invalidation.
Props nprasath002
see #23167


git-svn-id: http://core.svn.wordpress.org/trunk@23300 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-15 17:32:35 +00:00
Peter Westwood
f683fc7677 Tighten our braces. Fixes #23118 props evansolomon.
git-svn-id: http://core.svn.wordpress.org/trunk@23265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-04 10:13:51 +00:00
Andrew Nacin
0d3d52a92a Always return arrays from get_post_ancestors(). Return an array when passed a value that evaluates to false.
props dannydehaan.
fixes #22882 for trunk.
Test: [1177/tests].



git-svn-id: http://core.svn.wordpress.org/trunk@23212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-27 15:48:18 +00:00
Andrew Nacin
8d52e9fc68 Always call get_post() in get_page_uri() to ensure we have a WP_Post object, which lazy-loads the ancestors this function requires.
props dd32
fixes #22883
Unit tests: [1175/tests]



git-svn-id: http://core.svn.wordpress.org/trunk@23208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-27 15:26:05 +00:00
Andrew Nacin
f9d07a1928 Revert [21942] and have wp_publish_post() deal with the database directly. clean_post_cache() is now also called directly due to [21943].
fixes #22944 for trunk.
Unit tests: [1174/tests].

see #11399. see #21963.



git-svn-id: http://core.svn.wordpress.org/trunk@23206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-27 15:14:43 +00:00
Andrew Nacin
3097cb315b Do not save an initial revision for a post created through the auto-draft mechanism. Prevents a bogus revision, often with the title 'Auto Draft'. Restores pre-auto-draft behavior made obvious by XML-RPC's implementation of both auto-drafts and the subsequent wp.getRevisions method. fixes #22687. see #22686.
git-svn-id: http://core.svn.wordpress.org/trunk@22989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-03 06:28:28 +00:00
Ryan Boren
cef3bc6abb Map the create_posts post type cap to upload_files for attachments.
Props nacin
fixes #16714


git-svn-id: http://core.svn.wordpress.org/trunk@22921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-29 16:14:07 +00:00
Ryan Boren
b237423e72 Clear the object term relationships cache in wp_set_object_terms() rather than wp_set_post_terms(). This should be done lower in the stack than wp_set_post_terms().
Props batmoo
fixes #22560


git-svn-id: http://core.svn.wordpress.org/trunk@22878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-27 19:42:38 +00:00
Daryl Koopersmith
5b11aea8f5 Media: Dynamically generate attachment filters using get_post_mime_types().
Moves `get_post_mime_types()` from `wp-admin/includes/post.php` to `wp-includes/post.php`.

fixes #22514, see #21390.


git-svn-id: http://core.svn.wordpress.org/trunk@22743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-21 10:18:59 +00:00
Ryan Boren
a2edda4b6a Don't bail from get_the_terms() if the post type is not registed for the taxonomy. This can break back compat when add_post_type_support( 'page', 'post-formats' ) is called but register_taxonomy_for_object_type( 'postr_-format', 'page' ) is not.
Props SergeyBiryukov
fixes #22473


git-svn-id: http://core.svn.wordpress.org/trunk@22722 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-20 18:31:06 +00:00
Andrew Nacin
2f77c7984b This should be a cache add, not a cache set. see #22503.
git-svn-id: http://core.svn.wordpress.org/trunk@22676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-19 08:39:52 +00:00
Andrew Nacin
a1dba4a709 Call wp_cache_set() with a group and then an expiration in wp_mime_type_icon(). fixes #22503. see #22186.
git-svn-id: http://core.svn.wordpress.org/trunk@22674 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-19 08:31:43 +00:00
Ryan Boren
cc2ddb8421 Always return a raw filtered post object from WP_Post::get_instance().
Props kovshenin, scribu, ntm
fixes #22448


git-svn-id: http://core.svn.wordpress.org/trunk@22635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-17 15:14:48 +00:00
Andrew Nacin
c67a081816 Revert [22445]. see #20376. fixes #22389.
git-svn-id: http://core.svn.wordpress.org/trunk@22464 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-08 03:30:56 +00:00
Andrew Nacin
8eb8948a2e Fix meta value querying in wp_list_pages(). props SergeyBiryukov. fixes #20376.
git-svn-id: http://core.svn.wordpress.org/trunk@22445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 21:48:38 +00:00
Andrew Nacin
c04587d409 Add a $public_only argument to count_many_users_posts() and get_posts_by_author_sql(). Defaults to false, and allows the counts to be returned for only public posts. props ryan, westi. fixes #21431.
git-svn-id: http://core.svn.wordpress.org/trunk@22386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-05 23:11:25 +00:00
Andrew Nacin
e04bdce3ca clean_post_cache() no longer calls itself recursively. see #11399.
git-svn-id: http://core.svn.wordpress.org/trunk@22357 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-02 16:13:53 +00:00
Ryan Boren
a550a6d489 Use the create_posts capability in more places.
In get_post_type_capabilities(), make sure create_posts reflects customizations to the edit_posts capability when create_posts is not specifically set.


git-svn-id: http://core.svn.wordpress.org/trunk@22291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-24 22:15:43 +00:00
Ryan Boren
a316671b85 Don't wp_cache_add() stdClass objects in get_post() to avoid polluting the cache with incomplete or otherwise compromised objects.
Declare the core properties of WP_Pist as proper public properties and provide them with defaults.

Props wonderboymusic
fixes #22223


git-svn-id: http://core.svn.wordpress.org/trunk@22264 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-19 21:53:17 +00:00
Andrew Nacin
2cc408d09c Avoid queries in wp_unique_post_slug() for nav menu items. see #22189.
git-svn-id: http://core.svn.wordpress.org/trunk@22232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-15 14:13:57 +00:00
Andrew Nacin
57681dda7a Remove whitespace from around the WP_Post/get_post SQL string.
git-svn-id: http://core.svn.wordpress.org/trunk@22230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-15 03:08:43 +00:00
Andrew Nacin
fd56fd3563 Use wp_update_post() rather than wp_insert_post() in wp_publish_post() to avoid stomping of values like categories. props ericmann, fixes #22167. see #21963.
git-svn-id: http://core.svn.wordpress.org/trunk@22189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-11 17:36:59 +00:00
Andrew Nacin
ac6f57de76 Add post_type_labels_{$post_type} filter. props scribu. fixes #21948.
git-svn-id: http://core.svn.wordpress.org/trunk@22164 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-10 13:50:42 +00:00
Ryan Boren
ac0011a77c Make sure cache bucket is an array to avoid warning. see #21309
git-svn-id: http://core.svn.wordpress.org/trunk@22163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-10 12:29:51 +00:00
Ryan Boren
faca571a3a Avoid 'Only variables should be assigned by reference' warning. Props wonderboymusic. see #21865
git-svn-id: http://core.svn.wordpress.org/trunk@22114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-04 18:21:47 +00:00
Ryan Boren
f8f60ac01b Introduce create_posts meta capability. Props scribu, nacin, casben79. see #16714
git-svn-id: http://core.svn.wordpress.org/trunk@22060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-27 15:33:19 +00:00
Ryan Boren
70edf4111b Fetch full terms for the post_category and tags_input queries and then wp_list_pluck() the desired fields. Fetching full terms primes the cache and reduces overall queries. Add cache invalidation to wp_set_post_terms(). Props scribu. see #21309
git-svn-id: http://core.svn.wordpress.org/trunk@21981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-24 20:35:56 +00:00
Ryan Boren
bc3c170305 Don't add empty _wp_attached_file, _wp_attachment_metadata, _thumbnail_id meta to posts. Delete these fields when set to empty. Props SergeyBiryukov, Caspie. fixes #16391
git-svn-id: http://core.svn.wordpress.org/trunk@21967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-24 13:07:34 +00:00
Andrew Nacin
29b7d26ca5 Properly indent after [21952]. see #11399.
git-svn-id: http://core.svn.wordpress.org/trunk@21953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-22 16:21:06 +00:00
Andrew Nacin
a42ce2353a Stop cleaning the cache of a post's children. Ancestors are no longer cached against the post object, which means this kind of walking is unnecessary. It is also prohibitively expensive with large hierarchies.
We need to remove post_ancestors non-persistent caching for this. get_post_ancestors() can simply rely on the caching of get_post() instead. Previously, it was a direct query, hence the extra layers of caching and clearing.

Child cache clearing stays in wp_delete_post() as children get a new parent.

fixes #11399.



git-svn-id: http://core.svn.wordpress.org/trunk@21952 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-22 15:55:02 +00:00
Andrew Nacin
33af30eb7f Use the regular post type UI for editing single media items (attachments).
* Attachments now go through post.php, edit_post(), the like, and have show_ui set to true.
 * Taxonomies attached to the media library now appear in the admin menu (if show_ui).
 * Editing, cropping, uploading, etc. is still very rough, but mostly functional.

API-wise:
 * New function: get_taxonomies_for_attachments(). Like get_taxonomies(), for taxonomies specifically registered against attachments.
 * Brings taxonomy support from the posts list table to the media list table. Expect them to converge soon.
 * wp_insert_attachment() now handles taxonomies like wp_insert_post(). Also expect them to converge soon.
 * New edit_form_after_title hook.

props helenyhou, ocean90. see #21391.



git-svn-id: http://core.svn.wordpress.org/trunk@21948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-21 22:52:54 +00:00
Andrew Nacin
5a362d3ace Call clean_post_cache() in wp_insert_post() after the manual query to change GUID. Remove the second call to clean_post_cache() previously done on the save_post hook. see #11399.
git-svn-id: http://core.svn.wordpress.org/trunk@21943 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-21 18:52:15 +00:00
Andrew Nacin
a4831c82f0 Have wp_publish_post() wrap wp_insert_post() directly. see #11399.
git-svn-id: http://core.svn.wordpress.org/trunk@21942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-21 18:49:45 +00:00
Peter Westwood
fa8a509ff3 Posting: Improve the invalid date protection code based on feedback from nacin.
* Introduce a wp_checkdate() function with a single filter to centralise the code that validates dates.
 * Improve the error message
 * Correctly handle the return value of wp_insert_post which is not always a WP_Error on failure

Fixes #17180


git-svn-id: http://core.svn.wordpress.org/trunk@21922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-20 10:46:50 +00:00
Peter Westwood
c05f6dc6dd Posting: Make it much harder to create posts with invalid dates by enforcing the post date tests in the UI and the backend code.
Previously you could quite easily send a new post into the back of beyond by specifying an invalid date like the 30th Feb and this was very confusing.
Sometimes it would seem to work and sometimes the post would end up very far in the past - depending on the mysql version and other factors.

Fixes #17180 props jkudish.


git-svn-id: http://core.svn.wordpress.org/trunk@21921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-19 21:43:35 +00:00