Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
21,426 Commits 48 Branches 719 Tags 907 MiB
Commit Graph

86 Commits

Author SHA1 Message Date
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments. 
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-02-14 22:51:06 +00:00
Sergey Biryukov 08269aa6b0 Remove unused error string. props pavelevap. fixes #22107. 
git-svn-id: http://core.svn.wordpress.org/trunk@23412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-02-14 05:36:28 +00:00
Andrew Ozz cbd737470c Kill use of colons in class names, props SergeyBiryukov, fixes #21152 
git-svn-id: http://core.svn.wordpress.org/trunk@22396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-11-06 01:01:52 +00:00
ryan 104b50cf58 s/newuserconfimation/newuserconfirmation/ 
Props Jayjdk, lesteph
fixes #21415


git-svn-id: http://core.svn.wordpress.org/trunk@21362 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-07-30 16:13:18 +00:00
ryan 5ac8a32840 Translate role names in the new user notification email. Props obenland. fixes #20764 
git-svn-id: http://core.svn.wordpress.org/trunk@21316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-07-24 17:32:40 +00:00
nacin 3ebea2f218 Remove user/site suggestions (autocompletion) from search inputs, as the UX isn't proper. 
* Removes all instances of site-search, so away it goes. Sidesteps a number of bugs with site-search.
 * Renames user-search to user-suggest, which means it better describes the current behavior (autocompletion) while allowing for future behavior (instant search).
 * Ties user suggestions to a single .wp-suggest-user class.

with help from markjaquith, helenyhou, wonderboymusic. 
fixes #20835.



git-svn-id: http://core.svn.wordpress.org/trunk@21003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-06-05 18:51:33 +00:00
nacin 4ffc5dd0f4 After adding a user, take them back to users.php with an 'Edit user' link in the message. 
This removes the (possibly ineffective) search from the redirect, as well as the URL hash that will get covered up by the toolbar.

fixes #19470. props merty and SergeyBiryukov for initial patches.



git-svn-id: http://svn.automattic.com/wordpress/trunk@20631 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-04-27 23:13:39 +00:00
nacin 81407efd05 Clean up cap checks for autocompletes for sites and users in a network. see #19810. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@20332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-03-30 21:04:48 +00:00
duck_ af2eb34f8a Correct faulty logic when dealing with autocomplete_users_for_site_admins, and break logic into multiple lines. See #19810. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-02-16 17:12:10 +00:00
markjaquith 481959acec Autocomplete for add-user screens in multisite. props boonebgorges, Japh, DrewAPicture, PeteMall, nacin, koopersmith, markjaquith. see #19810. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-02-10 08:45:17 +00:00
ryan e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-08 17:01:11 +00:00
duck_ 5fbd6657f4 s/add_user()/edit_user()/, see r19686 and #18749. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19689 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-05 21:02:42 +00:00
ryan 37e65bddcd Use home_url() instead of site_url(). Props johnbillion. fixes #18293 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-04 20:02:11 +00:00
ryan aa8a3f89d8 Use home_url() instead of site_url(). Props johnbillion. fixes #18293 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19674 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-04 19:29:03 +00:00
ryan 340e93324c Remove extraneous spaces. Props kenan3008, dimadin. fixes #19501 #19433 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-12-14 17:36:38 +00:00
markjaquith 429faf564a Fix a spelling error in user-new.php. props SergeyBiryukov. fixes #19518 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-12-14 02:56:59 +00:00
ryan 07ff8b216b Use one space, not two, after trailing punctuation. fixes #19537 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-12-13 23:45:31 +00:00
ryan 6bba5a265b Pinking shears 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-12-01 04:51:35 +00:00
nacin 3d51303ca3 Help tweaks for users, tools. props jane, see #19020. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19509 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-12-01 01:17:14 +00:00
ryan 094ebdb120 Indent cleanup. see #19020 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-11-23 23:08:02 +00:00
ryan c4b72bf705 Help tabs. Props Ipstenu. see #19020 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-11-23 23:06:52 +00:00
ryan 04831b81ec Used numbered format specifiers. Add translator note. Props SergeyBiryukov. fixes #19090 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19255 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-11-11 18:37:04 +00:00
nacin bfb98c193e s/add_help_sidebar/set_help_sidebar/g and introduce screen->remove_help_tab($id) and screen->remove_help_tabs(). see #19020, #18785. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-11-02 20:14:10 +00:00
ryan 3ad1f67958 Use add_help_sidebar(). see #19020 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19111 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-11-02 03:12:37 +00:00
ryan a733b40730 Fix inviting existing users to a site with email confirmation. Props johnbillion. fixes #18295 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-10-13 18:32:31 +00:00
ryan 7e94f474cd Grammar fix. Props SergeyBiryukov, johnbillion. fixes #18291 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-07-29 21:36:45 +00:00
nacin 60bdbe765f Don't add extra spaces. props duck_, see #16861. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18250 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-06-10 22:30:54 +00:00
nacin 57f51582b1 Translate a missing string. props ldebrouwer, fixes #16861. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@18249 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-06-10 22:28:02 +00:00
nacin 9cb6e158fc Switch from Panel/SubPanel to Screen in inline documentation and Codex links. props michaelh, fixes #17265. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17748 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-04-28 15:24:49 +00:00
ryan ba47c80ef7 Add additional promote_users checks. Show Add existing button only for multisite. Don't show bulk actions if user can't promote users. Show add new user menu if user has create_users but not promote_users. Props nacin. fixes #16501 for trunk 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17431 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-02-09 17:30:26 +00:00
westi ae4c6c70c0 Improve the button and header test to give a clearer picture between Adding New Users and Adding Exiting Users to a site. Fixes #14756 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17069 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-19 22:27:30 +00:00
ryan e6282fa608 Clarify button text. fixes #14756 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17049 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-19 00:53:45 +00:00
ryan 93908c2670 Skip confirmation email fixes. Props ocean90, duck_. see #15725 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-12-15 16:04:19 +00:00
markjaquith 8b3cead70e Fix duplicate HTML IDs for wp-admin/user-new.php on MS installs. props duck_. fixes #15562 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-24 16:43:24 +00:00
ryan f6451774bd Notice fixes for user-new.php. Props wpdavis. see #15456 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-21 16:56:08 +00:00
ryan 3fbd603f40 Fixes for user-new.php. Props wpdavis. see #15456 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16518 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-20 22:36:46 +00:00
nacin 00d0835151 Revert extra stuff from [16455]. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-18 05:38:53 +00:00
nacin 27c21a741e Every time you nest a ternary operator, a kitten dies. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16455 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-18 05:37:00 +00:00
ryan 6559aa57a5 Fix logic. Props nacin. see #15357 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-11 14:34:51 +00:00
ryan 59f55bea72 user-new.php revamp. Separate caps for adding users vs. creating users. Allow supes to add via email or username. Split adding existing users and creating new users into separate forms. see #15357 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-11 14:29:15 +00:00
westi 75b8d5a560 Much better description for the noconfirmation check box. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16164 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-11-03 15:04:34 +00:00
nacin b51eb08234 Restore submit_button() for user-new. props markmcwilliams, see #15064. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-29 00:32:03 +00:00
markjaquith fc6e89da45 Expand submit_button() capabilities. Replace all (or almost all) manual HTML instances in WP. props sbressler. see #15064 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-28 21:56:43 +00:00
nacin 05fde90357 Move registration.php functions to user.php. Deprecate registration.php, everything is now included by default. fixes #13761. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@16009 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-27 10:46:24 +00:00
scribu 799baf139c Use submit_button() in more places. See #15064 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15830 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-17 18:24:34 +00:00
scribu 08e984e5e8 move password-strength-meter.js into user-profile.js. See #5919 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-10-12 20:29:19 +00:00
nbachiyski 33b3236c3c I18n fixes 
Do not leave more than %s in a translatable string and add a comment for translators what each placeholder means


git-svn-id: http://svn.automattic.com/wordpress/trunk@15522 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-08-23 18:53:38 +00:00
nacin 8e62707d40 s/site/network/ in user-new.php. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15310 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-06-24 05:38:58 +00:00
nacin de1776af71 Fix typo in user-new help. see #14038 for trunk. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15304 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-06-22 23:04:49 +00:00
nacin 6c7120ff14 target=blank help fixes. props zeo, fixes #13467. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@15135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2010-06-04 03:42:43 +00:00