Commit Graph

14673 Commits

Author SHA1 Message Date
Boone Gorges
39fb7992a9 Require numeric IDs in user deletion functions.
`wp_delete_user()` and `wpmu_delete_user()` both require an `$id` parameter.
Previously, the functions did not verify that the value passed was, in fact,
a number. As such, passing an object or any other entity that would be cast
to int `1` would result in user 1 being deleted. We fix this by enforcing
the requirement that `$id` be numeric.

Props dipesh.kakadiya, utkarshpatel, juliobox.
Fixes #33800.
Built from https://develop.svn.wordpress.org/trunk@34034


git-svn-id: http://core.svn.wordpress.org/trunk@34002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 02:25:23 +00:00
Gary Pendergast
0d85038ce6 Schema: Increase the length of wp_options.option_name.
It's pretty easy to run over the `option_name` length, which causes undefined behaviour when inserting and retrieving options. Increasing the length from `VARCHAR(64)` to `VARCHAR(191)` significantly reduces the risk of this occurring.

Because `option_name` has a `UNIQUE` index, we can only increase it to 191 characters, rather than 255. The index can only use a prefix of 191 characters, so will incorrectly restrict long different strings that have the same prefix, if we make the column longer.

Props scribu, OriginalEXE, khromov, MikeHansenMe, netweb, pento.

Fixes #13310.


Built from https://develop.svn.wordpress.org/trunk@34030


git-svn-id: http://core.svn.wordpress.org/trunk@33999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 01:26:24 +00:00
John Blackbourn
9bf86a74d0 Set the secure flag on the wp-saving-post cookie when using HTTPS.
This cookie doesn't contain any sensitive information, but this change brings its behaviour in line with all other core cookies.

Fixes #31056

Built from https://develop.svn.wordpress.org/trunk@34027


git-svn-id: http://core.svn.wordpress.org/trunk@33996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 22:42:23 +00:00
Scott Taylor
5918b30cdd Move network_settings_add_js() from wp-admin/network/settings.php to wp-admin/includes/ms.php.
See #33813.

Built from https://develop.svn.wordpress.org/trunk@34026


git-svn-id: http://core.svn.wordpress.org/trunk@33995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 22:24:24 +00:00
Scott Taylor
2d2e3c911e Move confirm_delete_users() from wp-admin/network/users.php to wp-admin/includes/ms.php.
See #33813.

Built from https://develop.svn.wordpress.org/trunk@34025


git-svn-id: http://core.svn.wordpress.org/trunk@33994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 22:23:46 +00:00
Scott Taylor
bd0a6bbf8c Create wp-admin/includes/network.php via svn cp and only load it in wp-admin/network.php. Move the functions there.
See #33813.

Built from https://develop.svn.wordpress.org/trunk@34023


git-svn-id: http://core.svn.wordpress.org/trunk@33992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 22:01:24 +00:00
Scott Taylor
1d68ccec25 Move ad hoc Options functions to wp-admin/includes/options.php:
* Move `options_discussion_add_js()` from `wp-admin/options-discussion.php`
* Move `options_general_add_js()` from `wp-admin/options-general.php`
* Move `options_permalink_add_js()` from `wp-admin/options-permalink.php`
* Move `options_reading_add_js()` from `wp-admin/options-reading.php`
* Move `options_reading_blog_charset()` from `wp-admin/options-reading.php`

See #33813.

Built from https://develop.svn.wordpress.org/trunk@34022


git-svn-id: http://core.svn.wordpress.org/trunk@33991 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 21:45:24 +00:00
Scott Taylor
a40e30e7f4 Move 2 ad hoc user admin functions:
* Move `use_ssl_preference()` from `wp-admin/user-edit.php` to `wp-admin/includes/user.php`.
* Move `admin_created_user_email()` from `wp-admin/user-new.php` to `wp-admin/includes/user.php`.

See #33813.

Built from https://develop.svn.wordpress.org/trunk@34021


git-svn-id: http://core.svn.wordpress.org/trunk@33990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 21:33:33 +00:00
Scott Taylor
503aa8b76d Move redirect_post() from wp-admin/post.php to wp-admin/includes/post.php.
See #33813.

Built from https://develop.svn.wordpress.org/trunk@34020


git-svn-id: http://core.svn.wordpress.org/trunk@33989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 21:31:24 +00:00
Scott Taylor
f0b95b7bcc Move comment_footer_die() from wp-admin/comment.php to wp-admin/includes/comment.php.
See #33813.

Built from https://develop.svn.wordpress.org/trunk@34019


git-svn-id: http://core.svn.wordpress.org/trunk@33988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 21:29:24 +00:00
Scott Taylor
a1d949f361 Move plugin_sandbox_scrape() from wp-admin/plugins.php to wp-admin/includes/plugin.php.
See #33813.

Built from https://develop.svn.wordpress.org/trunk@34018


git-svn-id: http://core.svn.wordpress.org/trunk@33987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 21:24:24 +00:00
Scott Taylor
f8d7a43920 Move wp_widgets_access_body_class() (a hook callback) from wp-admin/widgets.php to wp-admin/includes/widgets.php.
See #33813.

Built from https://develop.svn.wordpress.org/trunk@34017


git-svn-id: http://core.svn.wordpress.org/trunk@33986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 21:22:23 +00:00
Scott Taylor
21dd98695c After [34004], don't break apart the paragraph into multiple translatable strings.
Fixes #18418.

Built from https://develop.svn.wordpress.org/trunk@34016


git-svn-id: http://core.svn.wordpress.org/trunk@33985 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 21:00:24 +00:00
Scott Taylor
98acab10ea Comments/PHP Notices: check that a parent comment exists before displaying an orphan's link to it in the admin.
Props rachelbaker.
Fixes #33710.

Built from https://develop.svn.wordpress.org/trunk@34015


git-svn-id: http://core.svn.wordpress.org/trunk@33984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 20:51:23 +00:00
Scott Taylor
a5529285d1 _wpThemeSettings.l10n.searchPlaceholder is an input placeholder and doesn't handle UTF-8 or HTML entities properly. In lieu of using literal Unicode here, use ....
See #32875.

Built from https://develop.svn.wordpress.org/trunk@34014


git-svn-id: http://core.svn.wordpress.org/trunk@33983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 20:36:24 +00:00
Jeremy Felt
cc1aade8f5 Multisite: Display content attribution drop down when deleting a user
The previous move from `echo()` to `_e()` left some of the output hanging. Introduced in [32333].

Props figureone.
Fixes #33811 for trunk.

Built from https://develop.svn.wordpress.org/trunk@34012


git-svn-id: http://core.svn.wordpress.org/trunk@33981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 20:26:24 +00:00
Scott Taylor
d22fbc7545 Grunt RTL CSS: swap-dashicons-left-right-arrows in rtlcss:properties expects double-quoted content strings in CSS. It doesn't swap single-quoted values.
Props Ankit K Gupta, yoavf, netweb.
Fixes #33786.

Built from https://develop.svn.wordpress.org/trunk@34011


git-svn-id: http://core.svn.wordpress.org/trunk@33980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 20:22:25 +00:00
Scott Taylor
8cd584e6ed In wp_generate_attachment_metadata(), also pass $metadata to the intermediate_image_sizes_advanced filter.
Props amereservant, wonderboymusic.
Fixes #23401.

Built from https://develop.svn.wordpress.org/trunk@34007


git-svn-id: http://core.svn.wordpress.org/trunk@33976 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 18:04:24 +00:00
Scott Taylor
6e22d94488 Add a "View" row action for approved comments on the Dashboard screen, remove the link labeled #.
Props rachelbaker, zeo.
Fixes #18885. 

Built from https://develop.svn.wordpress.org/trunk@34006


git-svn-id: http://core.svn.wordpress.org/trunk@33975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 17:49:24 +00:00
Scott Taylor
527b5b1405 In WP_Posts_List_Table::column_date(), the order of status and time should be switched. It doesn't make sense for phrases like "Last Modified" to occur AFTER the date. Should be before.
Props johnbillion, wonderboymusic.
Fixes #18641. 

Built from https://develop.svn.wordpress.org/trunk@34005


git-svn-id: http://core.svn.wordpress.org/trunk@33974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 17:43:24 +00:00
Scott Taylor
39411b8e61 Cleanup the text for Publish Settings > Publish in the edit-form-advanced help tab. Clarify that Private posts aren't hidden from editors and administrators.
Props sillybean.
Fixes #18418. 

Built from https://develop.svn.wordpress.org/trunk@34004


git-svn-id: http://core.svn.wordpress.org/trunk@33973 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 17:36:24 +00:00
Scott Taylor
52498a8546 In wp_media_upload_handler(), replace a lingering instance of media_upload_gallery() with wp_iframe(...)
Props jeffstieler, antpb.
Fixes #17812. 

Built from https://develop.svn.wordpress.org/trunk@34003


git-svn-id: http://core.svn.wordpress.org/trunk@33972 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 17:24:23 +00:00
Scott Taylor
811f76699b media-new.php, when using the browser uploader, if the result of uploading is a WP_Error - wp_die() with the error, instead of redirecting with a generic error.
Props solarissmoke.
Fixes #16820. 

Built from https://develop.svn.wordpress.org/trunk@34002


git-svn-id: http://core.svn.wordpress.org/trunk@33971 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 17:18:24 +00:00
Scott Taylor
49b8ccec79 When deleting via User List Table, don't prompt for re-attribution if the user(s) do(es) not have any posts.
Props rajnikmit, wojtek.szkutnik, benjmay, wonderboymusic.
Fixes #6405. 

Built from https://develop.svn.wordpress.org/trunk@34000


git-svn-id: http://core.svn.wordpress.org/trunk@33969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 16:47:24 +00:00
Sergey Biryukov
f9e7fb306c Merge two similar strings.
Props dipesh.kakadiya.
Fixes #33777.
Built from https://develop.svn.wordpress.org/trunk@33998


git-svn-id: http://core.svn.wordpress.org/trunk@33967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 10:59:27 +00:00
Jeremy Felt
d1f818a61d Multisite: Allow users with manage_network_users to edit network users.
Other users in a network can now be given capabilities to manage users without also having global super admin privileges.

* Users with `manage_network_users` can not edit super admins.
* Users with `manage_network_users` can not promote users to super admin.
* Uses of `is_super_admin()` in `user-new.php` are now updated to `manage_network_users`.

Props daniellandau, chriscct7.
Fixes #16860.

Built from https://develop.svn.wordpress.org/trunk@33988


git-svn-id: http://core.svn.wordpress.org/trunk@33957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 03:34:23 +00:00
Scott Taylor
52516a68ab After the global churn in [33964], also set $post to null at the end of WP_Comments_List_Table::single_row() to ensure that an orphaned comment doesn't inherit the previous row's $post context.
See #33638.

Built from https://develop.svn.wordpress.org/trunk@33986


git-svn-id: http://core.svn.wordpress.org/trunk@33955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 03:12:23 +00:00
Scott Taylor
2c21d12232 Implement a priority system for Help Tabs to add them at specific positions.
Adds unit tests.

Props swissspidy.
Fixes #19828.

Built from https://develop.svn.wordpress.org/trunk@33985


git-svn-id: http://core.svn.wordpress.org/trunk@33954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 01:27:23 +00:00
Scott Taylor
b8c37073d8 Add @access docs to class-wp-filesystem-* files.
Props wenthemes.
Fixes #33725.

Built from https://develop.svn.wordpress.org/trunk@33984


git-svn-id: http://core.svn.wordpress.org/trunk@33953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 01:21:24 +00:00
Scott Taylor
2736486f5a Plugins page: re-word "No out of date plugins were selected." to "All selected plugins are up to date." since it's not really an error condition.
Props swissspidy.
Fixes #26494.

Built from https://develop.svn.wordpress.org/trunk@33983


git-svn-id: http://core.svn.wordpress.org/trunk@33952 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 01:11:24 +00:00
Scott Taylor
bbbbf11961 After [33821], when dynamically updating the document title text of the Comments List Table page, operate only on the fragment that contains the comment count. This prevents us from including other numbers that may be present in the other title parts (site title, etc).
See #33414.

Built from https://develop.svn.wordpress.org/trunk@33982


git-svn-id: http://core.svn.wordpress.org/trunk@33951 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 01:03:25 +00:00
Drew Jaynes
55f3b892fb Docs: Add a changelog entry to the DocBlock for touch_time() to mention the shift from accessing the global $comment to using get_comment().
See #33638.

Built from https://develop.svn.wordpress.org/trunk@33979


git-svn-id: http://core.svn.wordpress.org/trunk@33948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 15:48:25 +00:00
Scott Taylor
02ae926dfd Round 2 of: We should use ellipses … / … instead of three dots/periods ... e.g Loading… not Loading...
Props yoavf.
Fixes #32875.

Built from https://develop.svn.wordpress.org/trunk@33970


git-svn-id: http://core.svn.wordpress.org/trunk@33939 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 04:39:25 +00:00
Scott Taylor
6d4442ba12 Revisions screen: change language from "Return to post editor" to "Return to editor" - more generic for usage by custom post types.
Props lancewillett, adamsilverstein.
Fixes #31910.

Built from https://develop.svn.wordpress.org/trunk@33966


git-svn-id: http://core.svn.wordpress.org/trunk@33935 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 03:23:23 +00:00
Scott Taylor
246f2a6bd9 Use get_comment() instead of a global in touch_time().
See #33638.

Built from https://develop.svn.wordpress.org/trunk@33965


git-svn-id: http://core.svn.wordpress.org/trunk@33934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 03:05:24 +00:00
Scott Taylor
71f955dc84 In WP_Comments_List_Table, favor passing WP_Comment instances instead of $comment_ID to template functions. This allows us to bypass unnecessary cache lookups and simply pass the object through when it is set.
See #33638.

Built from https://develop.svn.wordpress.org/trunk@33964


git-svn-id: http://core.svn.wordpress.org/trunk@33933 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 03:00:24 +00:00
Scott Taylor
d973339738 After [33891], get_comment() returns global $comment if no args are passed and the global is set (after setting the default to null here). This allows us to ditch global comment imports.
See #33638.

Built from https://develop.svn.wordpress.org/trunk@33963


git-svn-id: http://core.svn.wordpress.org/trunk@33932 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 02:51:24 +00:00
Scott Taylor
8879565c0a In WP_User, add @property docs for description, first_name, and last_name. user_firstname and user_lastname only exist for back-compat.
See #33491.

Built from https://develop.svn.wordpress.org/trunk@33958


git-svn-id: http://core.svn.wordpress.org/trunk@33927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 01:13:24 +00:00
Scott Taylor
3d8199c4eb Multisite: Don't allow sites to be created with the following reserved slugs: wp-admin, wp-content, wp-includes
Props austinginder.
Fixes #33615.

Built from https://develop.svn.wordpress.org/trunk@33952


git-svn-id: http://core.svn.wordpress.org/trunk@33921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-08 19:32:24 +00:00
Andrea Fercia
a49f9ef68f Bump H3 headings to H2 on the Network Add New User screen for better accessibility.
Props Cheffheid.
Fixes #33605.
Built from https://develop.svn.wordpress.org/trunk@33945


git-svn-id: http://core.svn.wordpress.org/trunk@33914 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-07 16:03:25 +00:00
Weston Ruter
7c6534fd4c Customize: Fix logic for determining the container element when focusing on a panel, section, or control.
Fixes #33695 for trunk.

Built from https://develop.svn.wordpress.org/trunk@33939


git-svn-id: http://core.svn.wordpress.org/trunk@33908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-07 05:59:24 +00:00
Weston Ruter
274373afc6 Customize: Fix clearing of a color control's setting by using proper empty value.
Props stevehenty.
Fixes #30280.


Built from https://develop.svn.wordpress.org/trunk@33938


git-svn-id: http://core.svn.wordpress.org/trunk@33907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-07 05:48:23 +00:00
Sergey Biryukov
a3f82f92f1 Widgets: Don't display sidebar description container if it's empty.
Props paulwilde.
Fixes #32448.
Built from https://develop.svn.wordpress.org/trunk@33934


git-svn-id: http://core.svn.wordpress.org/trunk@33903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-06 07:59:24 +00:00
Sergey Biryukov
c177344508 Merge two permission error strings.
Props pavelevap.
Fixes #33745.
Built from https://develop.svn.wordpress.org/trunk@33933


git-svn-id: http://core.svn.wordpress.org/trunk@33902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-06 06:42:26 +00:00
Sergey Biryukov
c65f37f892 Correct description for version and current_version parameters in wp_check_browser_version() response.
Props extendwings.
Fixes #33753.
Built from https://develop.svn.wordpress.org/trunk@33932


git-svn-id: http://core.svn.wordpress.org/trunk@33901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-06 00:17:24 +00:00
Sergey Biryukov
4b5ef333a0 Correct the docblock for wp_list_widget_controls().
Props swissspidy.
Fixes #33751.
Built from https://develop.svn.wordpress.org/trunk@33930


git-svn-id: http://core.svn.wordpress.org/trunk@33899 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-05 23:38:25 +00:00
Sergey Biryukov
48a41a6663 List tables: Adjust the styles for checkbox column to align better with longer column names.
Props swissspidy.
Fixes #32825.
Built from https://develop.svn.wordpress.org/trunk@33928


git-svn-id: http://core.svn.wordpress.org/trunk@33897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-05 23:16:23 +00:00
Jeremy Felt
af557379da Multisite: Update help tab text for site-info.php to reference "site URL".
In [32759] and [33586], we combined the domain and path entry for a site to a single "Site URL" field. This updates the help text to reflect that.

Fixes #33748. See #22383.

Built from https://develop.svn.wordpress.org/trunk@33921


git-svn-id: http://core.svn.wordpress.org/trunk@33890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-05 20:53:24 +00:00
John Blackbourn
4d76ce2521 Implement a language chooser on the Network Admin -> Sites -> Add New screen.
Props DrewAPicture
Fixes #33528

Built from https://develop.svn.wordpress.org/trunk@33920


git-svn-id: http://core.svn.wordpress.org/trunk@33889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-05 20:47:24 +00:00
Jeremy Felt
122862b570 Multisite: Pass the ID of the site being updated to wpmu_update_blog_options action.
Props @swissspidy, @MikeHansenMe.
Fixes #32907.

Built from https://develop.svn.wordpress.org/trunk@33918


git-svn-id: http://core.svn.wordpress.org/trunk@33887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-05 20:39:24 +00:00