Commit Graph

91 Commits

Author SHA1 Message Date
John Blackbourn
b84023ea33 Taxonomy: Introduce more fine grained capabilities for managing taxonomy terms.
This introduces the singular `edit_term`, `delete_term`, and `assign_term` meta capabilities for terms, and switches the base capability name for tags from `manage_categories` to `manage_post_tags` and the corresponding `edit_post_tags`, `delete_post_tags`, and `assign_post_tags`.

All of these capabilities ultimately map to `manage_categories` so by default there is no change in the behaviour of the capabilities for categories, tags, or custom taxonomies. The `map_meta_cap` filter and the `capabilities` argument when registering a taxonomy now allow for control over editing, deleting, and assigning individual terms, as well as a separation of capabilities for tags from those of categories.

Fixes #35614
Props johnjamesjacoby for feedback

Built from https://develop.svn.wordpress.org/trunk@38698


git-svn-id: http://core.svn.wordpress.org/trunk@38641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-30 22:40:28 +00:00
Andrea Fercia
eeefec932f Administration: Improve the usage of the button CSS classes.
Introduces some consistency in the usage of the button CSS classes, fixes the
focus style for accessibility and responsiveness of the buttons.

- Adds the `button` class to all primary buttons make them responsive
- Removes all `secondary-button` classes and replaces it with button when needed. `button-secondary` shouldn't be used and exists just for backward compatibility reasons
- Replaces classes inside `submit_button()` with a shorthand for some buttons, and use an empty string for the default `button` class. Passing `button` is unnecessary
- Adjusts `get_submit_button()` to remove empty items

Props iseulde, dimchik, chris_d2d, mhowell, afercia.
Fixes #27314, #37138, #37448.

Built from https://develop.svn.wordpress.org/trunk@38672


git-svn-id: http://core.svn.wordpress.org/trunk@38615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-28 19:54:28 +00:00
John Blackbourn
01c3ae084b Taxonomy: Update various docs for parameters which are now WP_Term objects.
See #37770
See #14162

Built from https://develop.svn.wordpress.org/trunk@38489


git-svn-id: http://core.svn.wordpress.org/trunk@38430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-01 00:40:29 +00:00
Scott Taylor
b7812bd416 AJAX: add a new function, wp_doing_ajax(), which can replace... (wait for it...) DOING_AJAX checks via the constant.
Props Mte90, sebastian.pisula, swissspidy.
Fixes #25669.

Built from https://develop.svn.wordpress.org/trunk@38334


git-svn-id: http://core.svn.wordpress.org/trunk@38275 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-23 14:33:30 +00:00
Sergey Biryukov
7d421dbe42 Text Changes: Add a full stop to "Invalid taxonomy" and "Invalid term ID" strings, for consistency with similar post-related messages.
See #18218, #32329.
Built from https://develop.svn.wordpress.org/trunk@38077


git-svn-id: http://core.svn.wordpress.org/trunk@38018 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-17 16:15:34 +00:00
Drew Jaynes
c3055cc190 Docs: Standardize hook docs in wp-admin/* to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37488


git-svn-id: http://core.svn.wordpress.org/trunk@37456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:01:30 +00:00
Andrea Fercia
5bd888497d Accessibility: Remove title attributes from the Terms list table.
Fixes #35187.
Built from https://develop.svn.wordpress.org/trunk@36265


git-svn-id: http://core.svn.wordpress.org/trunk@36232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-11 23:30:26 +00:00
Andrea Fercia
282e7c36eb Accessibility: Add an ARIA role button to links that behave like buttons when JavaScript is on.
Introduces a simple way to give a proper semantics of `button` to links that behave
like UI controls when JavaScript is on and behave like actual links when JavaScript
is off. First implementation on the Terms list table.

Patch prepared during WordCamp US 2015 Contributor Day.

Props mcapybara, garusky, takayukister.

See #26504.
Fixes #34867.
Built from https://develop.svn.wordpress.org/trunk@35947


git-svn-id: http://core.svn.wordpress.org/trunk@35911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-15 13:25:28 +00:00
Andrea Fercia
5f93491286 Accessibility: improvements for the taxonomies Quick Edit form.
Changes the "Cancel" and "Update" controls in buttons for better semantics and
accessibility. On cancel and successful saving, moves focus back to the term title
to avoid a focus loss. Dispatches error and success messages to `wp.a11y.speak`
to give assistive technologies users an audible feedback.

Patch prepared at #wpcdit, first Italian WordPress Contributor Day.

Props garusky, chiara_09.
Fixes #34613.
Built from https://develop.svn.wordpress.org/trunk@35605


git-svn-id: http://core.svn.wordpress.org/trunk@35569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-11 00:24:28 +00:00
Drew Jaynes
8a386cb24f Docs: Add missing file headers to the list table classes and adjust class DocBlocks accordingly.
See #33701.

Built from https://develop.svn.wordpress.org/trunk@35241


git-svn-id: http://core.svn.wordpress.org/trunk@35207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-17 15:13:25 +00:00
Sergey Biryukov
1157540283 Replace Quick Edit and Bulk Edit headings with <legend> elements.
Props afercia.
Fixes #34289.
Built from https://develop.svn.wordpress.org/trunk@35234


git-svn-id: http://core.svn.wordpress.org/trunk@35200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-17 00:45:25 +00:00
Scott Taylor
f9c2a88a8a List Tables: when comparing string literals (non-numeric in nature) against vars, strict comparison can/should be used.
Props wonderboymusic, Viper007Bond.
Fixes #21249.

Built from https://develop.svn.wordpress.org/trunk@34383


git-svn-id: http://core.svn.wordpress.org/trunk@34347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 06:06:25 +00:00
Scott Taylor
d28e914a06 When applying the 'editable_slug' filter, add a second param that provides more context.
Props MikeSchinkel, jesin.
Fixes #31568.

Built from https://develop.svn.wordpress.org/trunk@34319


git-svn-id: http://core.svn.wordpress.org/trunk@34283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-19 05:49:24 +00:00
Helen Hou-Sandí
48befcf361 Superglobals: Revert [34059] until further notice.
see #33837.

Built from https://develop.svn.wordpress.org/trunk@34265


git-svn-id: http://core.svn.wordpress.org/trunk@34229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-17 12:33:26 +00:00
Scott Taylor
ff3ae0e747 Don't redirect to the Term list table after submitting the form on the Edit Term page.
Props chiragswadia, UmeshSingla, rhyswynne, afercia.
Fixes #17455.

Built from https://develop.svn.wordpress.org/trunk@34202


git-svn-id: http://core.svn.wordpress.org/trunk@34166 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 15:59:42 +00:00
Scott Taylor
cd7c0f0b0d Introduce wp_validate_action( $action = '' ), a helper function that checks $_REQUEST for action and returns it, or empty string if not present. If $action is passed, it checks to make sure they match before returning it, or an empty string. Strings are always returned to avoid returning multiple types.
Implementing this removes 27 uses of direct superglobal access in the admin.

For more reading:
https://codeclimate.com/github/WordPress/WordPress/wp-admin/edit-comments.php

See #33837.

Built from https://develop.svn.wordpress.org/trunk@34059


git-svn-id: http://core.svn.wordpress.org/trunk@34027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 21:08:26 +00:00
Scott Taylor
4d34e37311 List Tables:
* In `->handle_row_actions()`, bail immediately if `$primary` and `$column_name` do not match. Saves us a nesting level and avoids declaring code that is unusable.
* In `WP_List_Table::single_row_columns()`, allow `_column_{$name}` to be called dynamically by core to avoid having to override the entirety of `->single_row_columns()` in `WP_MS_Users_List_Table` and `WP_Posts_List_Table`
* In `WP_MS_Sites_List_Table`, `id` is not a column.

Props wonderboymusic, paulwilde.
Fixes #29881.

Built from https://develop.svn.wordpress.org/trunk@33270


git-svn-id: http://core.svn.wordpress.org/trunk@33242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-14 17:47:24 +00:00
Drew Jaynes
f9070e11b4 Fix summaries for two methods added to WP_Terms_List_Table in 4.3.
See [32644]. See #32891.

Built from https://develop.svn.wordpress.org/trunk@33207


git-svn-id: http://core.svn.wordpress.org/trunk@33179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 18:22:25 +00:00
Scott Taylor
d0aa8e4a6e In WP_Terms_List_Table::display_rows_or_placeholder():
* `get_terms()` can return `WP_Error`, so its return value should be checked before traversing.
* The 2nd call to `get_terms()` can be removed, it is redundant #OPTIMIZATION

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32739


git-svn-id: http://core.svn.wordpress.org/trunk@32710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-12 18:55:25 +00:00
Drew Jaynes
65f31bc52e Fix syntax and add missing return descriptions for inline documentation introduced in [32644] for WP_Terms_List_Table.
See #25408. See #32246.

Built from https://develop.svn.wordpress.org/trunk@32669


git-svn-id: http://core.svn.wordpress.org/trunk@32639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-31 01:44:26 +00:00
Scott Taylor
6a08b00632 Add @access annotations to methods that have no doc block in wp-admin/includes/*.
Makes it easier to search for no doc blocks via `}[\n\t\r ]+(protected|private|public)`.

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32656


git-svn-id: http://core.svn.wordpress.org/trunk@32626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 21:32:24 +00:00
Scott Taylor
c6a4512b1b Add missing doc blocks to wp-admin/includes/*.
Fix some egregious uses of tabbing.
Some functions can simply return `apply_filters(...)` instead of setting a variable that is immediately returned.

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32654


git-svn-id: http://core.svn.wordpress.org/trunk@32624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 20:17:26 +00:00
Helen Hou-Sandí
4c0c7fd7ba List tables: introduce the concept of a "primary" column.
This becomes the column that contains the row actions, and allows for a more flexibility, particularly with custom post types and list tables. To (re)define the primary column, use the `list_table_primary_column` filter, which receives the column name and the screen ID as arguments.

props stephdau, DaveAl, jesin.
see #25408.

Built from https://develop.svn.wordpress.org/trunk@32644


git-svn-id: http://core.svn.wordpress.org/trunk@32614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 02:41:25 +00:00
Scott Taylor
b56b9b3e5c Add @global annotations for wp-admin/*.
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32642


git-svn-id: http://core.svn.wordpress.org/trunk@32612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-28 21:41:30 +00:00
Helen Hou-Sandí
62e65c3a35 Accessibility: remove remaining instances of accesskey.
It is a poorly implemented browser feature, not particularly discoverable, and causes more problems than it helps solve.

props afercia.
fixes #29715.

Built from https://develop.svn.wordpress.org/trunk@31331


git-svn-id: http://core.svn.wordpress.org/trunk@31312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-04 03:46:24 +00:00
Scott Taylor
7f8b548df1 In HTML5, the action attribute is no longer required. Remove this attribute when empty.
The admin HTML is served with the HTML5 doctype.

"The action and formaction content attributes, if specified, must have a value that is a valid non-empty URL potentially surrounded by spaces." 
http://www.w3.org/html/wg/drafts/html/master/forms.html#attr-fs-action

Props voldemortensen.
Fixes #30126.

Built from https://develop.svn.wordpress.org/trunk@31200


git-svn-id: http://core.svn.wordpress.org/trunk@31181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-16 04:16:24 +00:00
Helen Hou-Sandí
62a197d6bf List tables: Use CSS :nth-child() selectors for zebra striping.
Note that this does not fix issues related to comment quick edit. Internal linking also continues to use the `.alternate` class for now. IE8 and below gracefully degrade by not having zebra striping.

There is some hoop jumping with adding an extra table row to maintain zebra striping during quick edit. Documenting that here for future reference; it is also in the inline documentation.

fixes #30981 and #26060. see #25060.

Built from https://develop.svn.wordpress.org/trunk@31181


git-svn-id: http://core.svn.wordpress.org/trunk@31162 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-14 22:14:22 +00:00
Scott Taylor
4f6de09a5b Add a private field to WP_Terms_List_Table, $level.
See #30891.

Built from https://develop.svn.wordpress.org/trunk@31166


git-svn-id: http://core.svn.wordpress.org/trunk@31147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-12 16:23:22 +00:00
Scott Taylor
190165cb32 Use the 'not_found' label when there are no items for a taxonomy in the terms list table.
Props SergeyBiryukov.
Fixes #30586.

Built from https://develop.svn.wordpress.org/trunk@31035


git-svn-id: http://core.svn.wordpress.org/trunk@31016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-03 06:20:21 +00:00
Scott Taylor
65ab522a51 Improve various @param docs for List Tables.
See #30224.

Built from https://develop.svn.wordpress.org/trunk@30679


git-svn-id: http://core.svn.wordpress.org/trunk@30669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-01 00:33:23 +00:00
Drew Jaynes
78bb3e5ff5 Docs Formatting: Backtick-escape inline code for all dynamic hook docs in wp-admin/includes/*.
Also adds a few inline `@see` cross-references as they apply.

Affects DocBlocks for the following hooks:
* `views_{$this->screen->id}`
* `bulk_actions-{$this->screen->id}`
* `manage_{$this->screen->id}_sortable_columns`
* `theme_action_links_$stylesheet`
* `after_theme_row_$stylesheet`
* `install_plugins_table_api_args_$tab`
* `$prefix . plugin_action_links`
* `after_plugin_row_$plugin_file`
* `manage_taxonomies_for_{$post_type}_columns`
* `manage_{$post_type}_posts_columns`
* `manage_{$post->post_type}_posts_custom_column`
* `{$taxonomy}_row_actions`
* `manage_{$this->screen->taxonomy}_custom_column`
* `install_themes_table_api_args_' . $tab`
* `auto_update_ . $type`
* `{$action}_prefilter`
* `admin_head_{$content_func}`
* `nav_menu_items_{$post_type_name}`
* `activate_ . $plugin`
* `deactivate_ . $plugin`
* `edit_{$post_type}_per_page`
* `postbox_classes_{$page}_{$id}`
* `_wp_post_revision_field_$field`
* `manage_{$screen->id}_columns`
* `in_plugin_update_message-{$file}`
* `in_theme_update_message-{$theme_key}`

See #30552.

Built from https://develop.svn.wordpress.org/trunk@30648


git-svn-id: http://core.svn.wordpress.org/trunk@30638 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 11:28:24 +00:00
Andrew Nacin
f7392ef917 Pinking shears.
Built from https://develop.svn.wordpress.org/trunk@29707


git-svn-id: http://core.svn.wordpress.org/trunk@29481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-09-04 15:23:16 +00:00
Drew Jaynes
d60a081137 Add @access tags to constructor docblocks in list table classes.
See #28679. See [29459].

Built from https://develop.svn.wordpress.org/trunk@29460


git-svn-id: http://core.svn.wordpress.org/trunk@29238 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-10 02:22:16 +00:00
Drew Jaynes
8e86454467 Document default arguments for the WP_List_Table class. Also add referenced docblocks to extending class constructors.
Props mikejolley for the initial patch.
Fixes #28679. See #28298.

Built from https://develop.svn.wordpress.org/trunk@29459


git-svn-id: http://core.svn.wordpress.org/trunk@29237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-10 02:18:17 +00:00
Helen Hou-Sandí
5d102f8e0b Use the word "Count" instead of the post type label in taxonomy list tables to prevent layout issues. It is also more accurate, as it represents a count of all post types, not just one.
props philipjohn, GaVrA, seanchayes. fixes #17209.

Built from https://develop.svn.wordpress.org/trunk@29343


git-svn-id: http://core.svn.wordpress.org/trunk@29121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-01 18:32:15 +00:00
Drew Jaynes
097dc8ee15 Fix syntax for single- and multi-line comments in wp-admin-directory files.
See #28931.

Built from https://develop.svn.wordpress.org/trunk@29206


git-svn-id: http://core.svn.wordpress.org/trunk@28990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-17 09:14:16 +00:00
Scott Taylor
176b9b2301 Fix mismatches in access modifiers for WP_List_Table + subclasses.
Fixes #28843, #28879.

Built from https://develop.svn.wordpress.org/trunk@29137


git-svn-id: http://core.svn.wordpress.org/trunk@28921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-13 22:09:16 +00:00
Scott Taylor
40725e9e67 Repent for our original OOP sins and doc blocks as pertains to access modifiers in List Table + subclasses.
Props SergeyBiryukov.
See #28843 and [28583].

Built from https://develop.svn.wordpress.org/trunk@29118


git-svn-id: http://core.svn.wordpress.org/trunk@28904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-12 03:27:14 +00:00
Scott Taylor
c403768fa2 Remove some dead variable assignments.
See #27882.


Built from https://develop.svn.wordpress.org/trunk@28629


git-svn-id: http://core.svn.wordpress.org/trunk@28449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-30 16:59:14 +00:00
Scott Taylor
d28f6344de Add access modifiers to methods and members of list table classes:
* `WP_List_Table` is the base class that implements `__get()` and `__call()` for BC
* Adds unit tests to confirm that subclasses properly inherit magic methods
* Add modifiers to subclasses: `WP_Links_List_Table`, `WP_Media_List_Table`, `WP_MS_Sites_List_Table`, `WP_MS_Themes_List_Table`, `WP_MS_Users_List_Table`, `WP_Plugin_Install_List_Table`, `WP_Plugins_List_Table`, `WP_Posts_List_Table`, `WP_Terms_List_Table`, `WP_Theme_Install_List_Table`, `WP_Themes_List_Table`

See #27881, #22234.

Built from https://develop.svn.wordpress.org/trunk@28493


git-svn-id: http://core.svn.wordpress.org/trunk@28319 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-19 01:17:15 +00:00
Scott Taylor
9476cd33a3 Eliminate use of extract() in WP_Terms_List_Table::display_rows_or_placeholder():
* Set variables for `$page` and `$number`
* `list(...) = $this->get_column_info()` can be removed, as none of the variables returned are used.
* `orderby` and `search` can be checked from `$args`, leaving no reason to extract		

See #22400.

Built from https://develop.svn.wordpress.org/trunk@28390


git-svn-id: http://core.svn.wordpress.org/trunk@28218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-13 05:37:14 +00:00
Scott Taylor
0b6729c3f9 In WP_Terms_List_Table::single_row(), call sanitize_term() on the passed term ($tag).
Props oso96_2000, c3mdigital, scribu. 
It takes a village.
Fixes #16864.

Built from https://develop.svn.wordpress.org/trunk@28360


git-svn-id: http://core.svn.wordpress.org/trunk@28188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-11 00:05:15 +00:00
Drew Jaynes
771f8dc244 Inline documentation for hooks in wp-admin/includes/class-wp-terms-list-table.php.
Props Ajay, kpdesign.
Fixes #26209.

Built from https://develop.svn.wordpress.org/trunk@27089


git-svn-id: http://core.svn.wordpress.org/trunk@26961 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-04 07:56:12 +00:00
Andrew Nacin
c1d022dc12 Terms list table: Only show 'View' links for public taxonomies. props SergeyBiryukov. fixes #24692.
git-svn-id: http://core.svn.wordpress.org/trunk@24824 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-28 21:06:19 +00:00
Sergey Biryukov
7bcdd673ed Remove unnecessary esc_attr() call and redundant title attributes. props zeo. fixes #24437.
git-svn-id: http://core.svn.wordpress.org/trunk@24380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-28 04:53:46 +00:00
Andrew Nacin
2ea564da8b Terms list table:
* Don't call single_row() with an undeclared and unused $taxonomy argument.
 * Don't define optional parameters before required parameters in the _rows() method. Make them required.
 * Move empty( $terms ) check above other operations. This function was improperly returning an else case until [24123].

props rlerdorf.
see #24210.



git-svn-id: http://core.svn.wordpress.org/trunk@24127 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-29 13:39:28 +00:00
Sergey Biryukov
dace3f0b6d Remove redundant echo calls from list tables. Don't mix string concatenation with direct output. see #24210.
git-svn-id: http://core.svn.wordpress.org/trunk@24123 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-29 01:10:50 +00:00
Ryan Boren
5f809d1d22 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 17:00:25 +00:00
Ryan Boren
43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00