Commit Graph

252 Commits

Author SHA1 Message Date
John Blackbourn
a59dfc257f Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues.
Merges [41457] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@41464


git-svn-id: http://core.svn.wordpress.org/branches/4.2@41297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 14:43:56 +00:00
Aaron Campbell
566df4de1a Add nonce for updating file system credentials.
Merges [40723] to 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@40729


git-svn-id: http://core.svn.wordpress.org/branches/4.2@40587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 14:56:24 +00:00
Dion Hulse
4202e36193 When creating a temporary file treat the / directory properly, to prevent it ending up in an endless self-calling loop.
Props hnle, taka2. Fixes #32135. See #31811
Merges [32322] to the 4.2 branch.

Built from https://develop.svn.wordpress.org/branches/4.2@32324


git-svn-id: http://core.svn.wordpress.org/branches/4.2@32295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-29 03:20:29 +00:00
Dominik Schilling
89e45feb4c Don't focus input fields outside of the request filesystem credentials form.
props valendesigns.
fixes #32055.
Built from https://develop.svn.wordpress.org/trunk@32266


git-svn-id: http://core.svn.wordpress.org/trunk@32237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-22 16:24:26 +00:00
Aaron Jorbin
abfddb8f3e Update placeholder for FTP credentials
Two changes:
 * Remove superfluous __ function call
 * Update domain used

Fixes #31922
Props Tmeister


Built from https://develop.svn.wordpress.org/trunk@32077


git-svn-id: http://core.svn.wordpress.org/trunk@32056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-08 16:50:27 +00:00
Drew Jaynes
02810a305f Clarify the DocBlock description for wp_print_request_filesystem_credentials_modal().
See [31811]. See #31888.

Built from https://develop.svn.wordpress.org/trunk@32016


git-svn-id: http://core.svn.wordpress.org/trunk@31995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-04 21:13:26 +00:00
Aaron Jorbin
8f99fbeb8d Refine UI for FTP modal and shiny updates
Numerous changes to make the FTP modal experience a good one.  These include:
 * Update HTML used by both the form here and the form on the standalone screen
 * Allow users to cancel FTP install
 * Focus locking in the modal
 * Focus on modal form on load
 * ARIA Attributes
 * Style Enhancements
 * Add low screen height (such as phone and some tablets) friendly experience for entering credentials

Props ericlewis, afercia 
Fixes #31608


Built from https://develop.svn.wordpress.org/trunk@31949


git-svn-id: http://core.svn.wordpress.org/trunk@31928 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-01 02:48:28 +00:00
Dion Hulse
7e1e32909e Add some logic into wp_tempnam to prevent it creating 'falsey' directory names that might get used elsewhere within WordPress.
Although this logic looks a little strange at this low level, it's the best location within the Upgrades code for it to happen.
Fixes #31811

Built from https://develop.svn.wordpress.org/trunk@31936


git-svn-id: http://core.svn.wordpress.org/trunk@31915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-31 02:11:26 +00:00
Drew Jaynes
1ad0eaf416 Clean up DocBlock information and syntax for get_filesystem_method().
Props ericlewis, HarishChaudhari, valendesigns.
Fixes #31267.

Built from https://develop.svn.wordpress.org/trunk@31884


git-svn-id: http://core.svn.wordpress.org/trunk@31863 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-25 16:32:28 +00:00
Aaron Jorbin
2d64637ff8 Request FTP and SSH credentials when needed during shiny updates
This is a restoration of [31749] which was reverted in [31755].

It includes a number of enhancements from the original version.  Namely:
 * Not doing a credential check in src/wp-includes/script-loader.php
 * Add new function `wp_print_request_filesystem_credentials_modal`
 * update the version number in the list table when a plugin is updated

UI still needs further work, but this basic version should enable more testing

Props ericlewis, jorbin
See #31528


Built from https://develop.svn.wordpress.org/trunk@31811


git-svn-id: http://core.svn.wordpress.org/trunk@31793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-18 03:18:27 +00:00
Scott Taylor
eeda68bbda Fix some erroneous @param annotations.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31219


git-svn-id: http://core.svn.wordpress.org/trunk@31200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-16 22:44:25 +00:00
Scott Taylor
bc55996a0b @param cleanup:
* `get_metadata()` will return literally anything, needs to be `mixed`
* `wp()` and `WP_Query::__construct()` no longer just take a query string
* Clarify a few others

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31212


git-svn-id: http://core.svn.wordpress.org/trunk@31193 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-16 19:03:23 +00:00
Scott Taylor
60b0cd7943 The keyword elseif should be used instead of else if so that all control keywords look like single words.
This was a mess, is now standardized across the codebase, except for a few 3rd-party libs. 

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31090


git-svn-id: http://core.svn.wordpress.org/trunk@31071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 07:05:25 +00:00
Scott Taylor
ff98cfcf45 Pinking Shears.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31077


git-svn-id: http://core.svn.wordpress.org/trunk@31058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 05:03:23 +00:00
Dion Hulse
5661464d35 Background Updates: Pass back whether Group Writable support is being leveraged for an update to the WordPress.org API.
See #30245

Built from https://develop.svn.wordpress.org/trunk@30860


git-svn-id: http://core.svn.wordpress.org/trunk@30850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-15 14:08:23 +00:00
Drew Jaynes
23707b1ada Convert various uses of (optional) in core parameter descriptions to use the style prescribed in the inline documentation standards for PHP.
The style for marking parameters optional in inline PHP docs is: `@param type $var Optional. Description. Accepts. Default.`, where Accepts can be omitted on a case-by-case basis.

Props coffee2code.
Fixes #30591.

Built from https://develop.svn.wordpress.org/trunk@30753


git-svn-id: http://core.svn.wordpress.org/trunk@30743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-06 21:24:45 +00:00
Drew Jaynes
78bb3e5ff5 Docs Formatting: Backtick-escape inline code for all dynamic hook docs in wp-admin/includes/*.
Also adds a few inline `@see` cross-references as they apply.

Affects DocBlocks for the following hooks:
* `views_{$this->screen->id}`
* `bulk_actions-{$this->screen->id}`
* `manage_{$this->screen->id}_sortable_columns`
* `theme_action_links_$stylesheet`
* `after_theme_row_$stylesheet`
* `install_plugins_table_api_args_$tab`
* `$prefix . plugin_action_links`
* `after_plugin_row_$plugin_file`
* `manage_taxonomies_for_{$post_type}_columns`
* `manage_{$post_type}_posts_columns`
* `manage_{$post->post_type}_posts_custom_column`
* `{$taxonomy}_row_actions`
* `manage_{$this->screen->taxonomy}_custom_column`
* `install_themes_table_api_args_' . $tab`
* `auto_update_ . $type`
* `{$action}_prefilter`
* `admin_head_{$content_func}`
* `nav_menu_items_{$post_type_name}`
* `activate_ . $plugin`
* `deactivate_ . $plugin`
* `edit_{$post_type}_per_page`
* `postbox_classes_{$page}_{$id}`
* `_wp_post_revision_field_$field`
* `manage_{$screen->id}_columns`
* `in_plugin_update_message-{$file}`
* `in_theme_update_message-{$theme_key}`

See #30552.

Built from https://develop.svn.wordpress.org/trunk@30648


git-svn-id: http://core.svn.wordpress.org/trunk@30638 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 11:28:24 +00:00
Drew Jaynes
de809a5a86 Ensure inline code is markdown-escaped as such, HTML tags are removed from summaries, and that code snippets in descriptions are properly indented.
Affects DocBlocks for the following core elements:
* Remove HTML tag from parameter description in `comment_form()`
* Remove HTML tag from a summary for the `comment_form_top` hook
* Markdown-indent a code snippet in the description for `get_linkobjectsbyname()`
* Markdown-indent a code snippet and format an unordered list in the description for `get_linkobjects()`
* Backtick-escape some inline code in the description for `clean_pre()`
* Remove HTML tag from the summary for the `rss_tag_pre` hook
* Various formatting fixes in the descriptions for `get_filesystem_method()` and `request_filesystem_credentials()`

Props rarst for the initial patch.
See #30473.

Built from https://develop.svn.wordpress.org/trunk@30538


git-svn-id: http://core.svn.wordpress.org/trunk@30527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-24 05:19:23 +00:00
Dion Hulse
9b9289e0a3 Background Updates: Introduce support to take advantage of Group Writable (or World Writable) to Core Background updates.
This is only enabled when new files will not be installed during the update (as indicated by the WordPress.org API), and does not apply to Plugin/Theme/Translation Background Updates.

Additionally, the code to determine if the 'direct' filesystem transport should be used has been tweaked for wider support (where getmyuid() was unavailalbe) which fixes #10424

See #10205, #30245

Built from https://develop.svn.wordpress.org/trunk@30384


git-svn-id: http://core.svn.wordpress.org/trunk@30381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-19 05:40:23 +00:00
Scott Taylor
5e3a64e83d Correct some types in wp-admin/*-location files' doc blocks.
See #30224.

Built from https://develop.svn.wordpress.org/trunk@30203


git-svn-id: http://core.svn.wordpress.org/trunk@30203 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-03 07:09:23 +00:00
Drew Jaynes
f8657d5890 Remove redundant and erroneous @uses tag from most core inline documentation.
Per our inline documentation standards, no further use of the `@uses` tag is recommended as used and used-by relationships can be derived through other means. This removes most uses of the tag in core documentation, with remaining tags to be converted to `@global` or `@see` as they apply.

Fixes #30191.

Built from https://develop.svn.wordpress.org/trunk@30105


git-svn-id: http://core.svn.wordpress.org/trunk@30105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-30 01:05:24 +00:00
Scott Taylor
ee97a47c61 In _wp_handle_upload(), if test_upload is set to false in the array of dangerous overrides that the function allows, the only thing that happens when an upload fails is more potential breakage.
`$test_uploaded_file` lets is know if `$file['tmp_name']` exists, which allows to exit with an error, instead of continuing to attempt to move the file.

`$test_upload` override is now a noop.

Fixes #28208.

Built from https://develop.svn.wordpress.org/trunk@30076


git-svn-id: http://core.svn.wordpress.org/trunk@30076 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-28 21:17:22 +00:00
Andrew Nacin
1447092f6e Don't set ftp_credentials option when installling. see #29635.
Built from https://develop.svn.wordpress.org/trunk@29749


git-svn-id: http://core.svn.wordpress.org/trunk@29521 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-09-17 17:58:15 +00:00
Dominik Schilling
6c9853930a Add missing array keys for connection type in request_filesystem_credentials().
see [28456].
fixes #29347.

Built from https://develop.svn.wordpress.org/trunk@29580


git-svn-id: http://core.svn.wordpress.org/trunk@29354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-24 16:04:18 +00:00
Scott Taylor
a14f5b97d5 In sanitize_file_name(), replace %20 and + with dashes. Remove unnecessary code from _wp_handle_upload().
Adds unit tests.

Props ericmann.
Fixes #16330.

Built from https://develop.svn.wordpress.org/trunk@29290


git-svn-id: http://core.svn.wordpress.org/trunk@29072 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-24 22:09:16 +00:00
Scott Taylor
fa02568c42 Merge wp_handle_upload() and wp_handle_sideload() by making them each wrap a new function: _wp_handle_upload().
Props DrewAPicture for docs.
Fixes #23686.

Built from https://develop.svn.wordpress.org/trunk@29209


git-svn-id: http://core.svn.wordpress.org/trunk@28993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-17 18:58:44 +00:00
Drew Jaynes
097dc8ee15 Fix syntax for single- and multi-line comments in wp-admin-directory files.
See #28931.

Built from https://develop.svn.wordpress.org/trunk@29206


git-svn-id: http://core.svn.wordpress.org/trunk@28990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-17 09:14:16 +00:00
John Blackbourn
3f1c3dd4ca Normalise the schemes used in get_home_path() so it returns the correct path for sites using SSL in the admin area but not the front end. Fixes #25767. Props GregLone for the initial patch.
Built from https://develop.svn.wordpress.org/trunk@28893


git-svn-id: http://core.svn.wordpress.org/trunk@28692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-29 10:29:14 +00:00
Scott Taylor
8eb9f2ffe4 Eliminate use of extract() in request_filesystem_credentials().
The only property that doesn't need to be set to a variable is `$password`.

See #22400.

Built from https://develop.svn.wordpress.org/trunk@28456


git-svn-id: http://core.svn.wordpress.org/trunk@28283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-16 18:26:15 +00:00
Scott Taylor
39de969bf2 Update inline docs for wp_handle_upload|sideload to reflect their non-use of extract().
See #22400.


Built from https://develop.svn.wordpress.org/trunk@28452


git-svn-id: http://core.svn.wordpress.org/trunk@28279 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-16 17:41:16 +00:00
Scott Taylor
632eb5b17e Eliminate use of extract() in wp_handle_sideload().
See #22400.

Built from https://develop.svn.wordpress.org/trunk@28451


git-svn-id: http://core.svn.wordpress.org/trunk@28278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-16 16:15:14 +00:00
Scott Taylor
4caf3e79f3 Eliminate use of extract() in wp_handle_upload().
See #22400.

Built from https://develop.svn.wordpress.org/trunk@28450


git-svn-id: http://core.svn.wordpress.org/trunk@28277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-16 16:10:38 +00:00
Scott Taylor
d74272ecf5 Eliminate one of the uses of extract() in wp_handle_upload().
See #22400.

Built from https://develop.svn.wordpress.org/trunk@28417


git-svn-id: http://core.svn.wordpress.org/trunk@28244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 04:31:14 +00:00
Scott Taylor
fc59804352 Eliminate one of the uses of extract() in wp_handle_sideload().
See #22400.

Built from https://develop.svn.wordpress.org/trunk@28416


git-svn-id: http://core.svn.wordpress.org/trunk@28243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 04:29:15 +00:00
Scott Taylor
644024dfc4 Dead code in wp-admin/includes/file.php:
* In `wp_handle_upload()` and `wp_handle_sideload()`, `$ext` gets conditionally reset... and then is never used.
* In `request_filesystem_credentials()`, `$password` is initialized as an empty string. The variable is never used.

See #27882.


Built from https://develop.svn.wordpress.org/trunk@28268


git-svn-id: http://core.svn.wordpress.org/trunk@28096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-06 04:22:14 +00:00
Sergey Biryukov
2cb849fc52 Fix typo in verify_file_md5() description. see [25541].
props siobhan.
see #27651.
Built from https://develop.svn.wordpress.org/trunk@27938


git-svn-id: http://core.svn.wordpress.org/trunk@27768 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-04 00:03:14 +00:00
Drew Jaynes
8efd225e4d Inline documentation for hooks in wp-admin/includes/file.php.
Fixes #27429.

Built from https://develop.svn.wordpress.org/trunk@27672


git-svn-id: http://core.svn.wordpress.org/trunk@27515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-24 02:45:15 +00:00
Dion Hulse
87c6791a41 WP_Filesystem: Update request_filesystem_credentials() to handle the correct ssh value of FS_METHOD. Props jnielsendotnet. Fixes #27265
Built from https://develop.svn.wordpress.org/trunk@27546


git-svn-id: http://core.svn.wordpress.org/trunk@27389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-15 03:09:16 +00:00
Sergey Biryukov
bc036d0843 Avoid an undefined index notice in wp_handle_upload().
props tivnet.
fixes #27225.
Built from https://develop.svn.wordpress.org/trunk@27319


git-svn-id: http://core.svn.wordpress.org/trunk@27171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-27 21:16:15 +00:00
Andrew Nacin
912379a022 Simplify error in validate_file_to_edit().
props MattyRob for initial patch.
fixes #25924.

Built from https://develop.svn.wordpress.org/trunk@27219


git-svn-id: http://core.svn.wordpress.org/trunk@27076 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-21 14:46:14 +00:00
Andrew Ozz
eb1d21d782 Remove all "valign" attributes from tables in wp-admin, props MikeHansenMe, Marventus. Fixes #22712.
Built from https://develop.svn.wordpress.org/trunk@27029


git-svn-id: http://core.svn.wordpress.org/trunk@26905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-24 19:06:15 +00:00
Drew Jaynes
cd8cedc40d First there were two, and now there are three -- in the @since versions that came before and that shall be. And so it will be, says nacin.
Props JustinSainton, SergeyBiryukov, DrewAPicture.
Fixes #26713.

Built from https://develop.svn.wordpress.org/trunk@26868


git-svn-id: http://core.svn.wordpress.org/trunk@26754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-24 18:57:12 +00:00
Andrew Nacin
d61e188f23 Only enforce disk free space checks when doing background updates.
see #25652.

Built from https://develop.svn.wordpress.org/trunk@25869


git-svn-id: http://core.svn.wordpress.org/trunk@25869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:59:29 +00:00
Dion Hulse
8abd2f86d5 Silence PHP warnings from disk_free_space(). disk_free_space() will produce a warning in error conditions in addition to returning false, this includes a case where the bytes free is greater than PHP_INT_MAX (which is a error condition we don't need to check).
See #25576, #22704

Built from https://develop.svn.wordpress.org/trunk@25831


git-svn-id: http://core.svn.wordpress.org/trunk@25831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:54:05 +00:00
Andrew Nacin
8ae8e01b67 Remove the old wp_auto_updates_maybe_update cron event. Schedule the new wp_maybe_auto_update event at 7 a.m. and 7 p.m. in the site's timezone.
see #27704.

Built from https://develop.svn.wordpress.org/trunk@25825


git-svn-id: http://core.svn.wordpress.org/trunk@25825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:53:14 +00:00
Andrew Nacin
d5fdd66f9d Only enforce disk free space checks when doing background updates.
see #25652.

Built from https://develop.svn.wordpress.org/trunk@25869


git-svn-id: http://core.svn.wordpress.org/trunk@25781 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-22 18:18:09 +00:00
Dion Hulse
924e35d66a Silence PHP warnings from disk_free_space(). disk_free_space() will produce a warning in error conditions in addition to returning false, this includes a case where the bytes free is greater than PHP_INT_MAX (which is a error condition we don't need to check).
See #25576, #22704

Built from https://develop.svn.wordpress.org/trunk@25831


git-svn-id: http://core.svn.wordpress.org/trunk@25743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-17 18:40:10 +00:00
Dion Hulse
1c8e79353a Language Packs: Many many fixes such as:
- Add a "Update Translations" stand-alone button to the updates page
- Shift Language feedback to before update process completion action links & limit the verbosity of output (name + success/errors)
- Simplify/combine the language update descriptive string to only include a plugin/theme name
- Properly handle cache clearing after language updates to prevent langs being repeditively updated
- Display a "All items up to date" string when there's nothing to do
- Reduce the 'Connection Information' from a <h2> to a <h3> to remove duplicate h2's and screen icons from update screens
- Fix the Direct filesystem method not being used for Language updates because WP_LANG_DIR doesn't exist (check it's parent for writable instead)
See #18200, #22704


Built from https://develop.svn.wordpress.org/trunk@25806


git-svn-id: http://core.svn.wordpress.org/trunk@25718 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-16 04:15:09 +00:00
Andrew Nacin
95831a8a67 Remove accidental debug cruft in [25780]. see #22704.
Built from https://develop.svn.wordpress.org/trunk@25799


git-svn-id: http://core.svn.wordpress.org/trunk@25711 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-15 21:24:09 +00:00
Andrew Nacin
eeaad19a26 Use FS_CHMOD_FILE rather than an explicit 0644 in copy_dir() and _copy_dir().
This occurs when we can't copy a file. We chmod it and try again.

see #22704.

Built from https://develop.svn.wordpress.org/trunk@25793


git-svn-id: http://core.svn.wordpress.org/trunk@25705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-15 19:14:10 +00:00