Commit Graph

15383 Commits

Author SHA1 Message Date
Andrew Nacin
ccf39f33c9 Prevent high resource usage when hashing large passwords. props mdawaffe, pento
Built from https://develop.svn.wordpress.org/trunk@30466


git-svn-id: http://core.svn.wordpress.org/trunk@30457 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 16:03:24 +00:00
Dominik Schilling
12b2ca45ad Simplify selectors in [30374].
props wonderboymusic, adamsilverstein.
see #29326.
Built from https://develop.svn.wordpress.org/trunk@30461


git-svn-id: http://core.svn.wordpress.org/trunk@30452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 15:37:22 +00:00
Dominik Schilling
4b65a37244 grunt autoprefixer for [30374].
see #29326.
Built from https://develop.svn.wordpress.org/trunk@30460


git-svn-id: http://core.svn.wordpress.org/trunk@30451 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 15:31:23 +00:00
Dominik Schilling
cffba3c1ba Customizer: Use deep-links for Backgrounds, Headers, and Widgets.
Replace links in admin menu and toolbar to Custom Background/Header screen with deep-links to the Customizer section.
On the Widgets screen display a link to the Customizer widgets panel.

props topher1kenobe, rzen, celloexpressions, westonruter
fixes #25569, #25571, #28032.
Built from https://develop.svn.wordpress.org/trunk@30459


git-svn-id: http://core.svn.wordpress.org/trunk@30450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 15:29:23 +00:00
Andrew Nacin
58dfcb9bb0 Validate image data.
Built from https://develop.svn.wordpress.org/trunk@30458


git-svn-id: http://core.svn.wordpress.org/trunk@30449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 15:25:22 +00:00
John Blackbourn
473324326d Improvements to the output of the new post navigation template functions, including swapping the position of the previous and next links.
See #29808
Props obenland

Built from https://develop.svn.wordpress.org/trunk@30457


git-svn-id: http://core.svn.wordpress.org/trunk@30448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 15:19:24 +00:00
Andrew Nacin
6e2f41a2a3 Anchor texturize to shortcodes to improve regex efficiency.
props miqrogroove.
see #29557 for segfault issues.

Built from https://develop.svn.wordpress.org/trunk@30449


git-svn-id: http://core.svn.wordpress.org/trunk@30443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 14:28:23 +00:00
Andrew Nacin
a6103b30f5 Better validation of the URL used in core HTTP requests.
Built from https://develop.svn.wordpress.org/trunk@30443


git-svn-id: http://core.svn.wordpress.org/trunk@30438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 14:01:23 +00:00
Andrew Nacin
432e4dcb50 Press This: Ensure the error message is printed. props johnbillion
Built from https://develop.svn.wordpress.org/trunk@30438


git-svn-id: http://core.svn.wordpress.org/trunk@30433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:58:23 +00:00
Andrew Nacin
87023d64b4 TinyMCE: Verify HTML in captions. props azaozz
Built from https://develop.svn.wordpress.org/trunk@30435


git-svn-id: http://core.svn.wordpress.org/trunk@30430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:49:22 +00:00
Andrew Nacin
fce07e17eb Invalidate password keys when a user's email changes.
Built from https://develop.svn.wordpress.org/trunk@30430


git-svn-id: http://core.svn.wordpress.org/trunk@30425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:40:23 +00:00
Andrew Nacin
e7614d6c45 Fix typo in style filter. props miqrogroove
Built from https://develop.svn.wordpress.org/trunk@30425


git-svn-id: http://core.svn.wordpress.org/trunk@30420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:15:24 +00:00
Andrew Nacin
c2f334bf3c Playlists are video by default. props duck_
Built from https://develop.svn.wordpress.org/trunk@30422


git-svn-id: http://core.svn.wordpress.org/trunk@30417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:11:23 +00:00
Andrew Nacin
b271e36f47 Form validation for password resets.
Built from https://develop.svn.wordpress.org/trunk@30417


git-svn-id: http://core.svn.wordpress.org/trunk@30412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 12:22:22 +00:00
Andrew Nacin
ddb3ee5057 Use hash_equals() for old md5 hashes.
Built from https://develop.svn.wordpress.org/trunk@30412


git-svn-id: http://core.svn.wordpress.org/trunk@30407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 11:49:23 +00:00
Dion Hulse
871176e42b Bump the $wp_version.
This version string controls more than you might first imagine, but the important thing to note for now, is that this needs to contain a revision number in order for nightly builds to include a revision number.
If a nightly build doesn't include a revision number, Background Updates won't occur for Development users (after all, 4.1-beta1 == 4.1-beta1, which is already installed).
See #30405

Built from https://develop.svn.wordpress.org/trunk@30411


git-svn-id: http://core.svn.wordpress.org/trunk@30406 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 11:36:22 +00:00
John Blackbourn
d0b10b5022 Apply a filter to the <script> tag for enqueued scripts in the same way a filter is applied to the <link> tag for enqueued styles.
Fixes #13592
Props quietnic, MikeHansenMe

Built from https://develop.svn.wordpress.org/trunk@30403


git-svn-id: http://core.svn.wordpress.org/trunk@30398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 05:18:25 +00:00
Boone Gorges
e2339bdb1b Return an empty array from get_approved_comments() when $post_id is empty.
This behavior was broken when moving the internals to `WP_Comment_Query` in
[30098]. As a result, `get_approved_comments( 0 )` was fetching *all* approved
comments, causing performance issues.

Props dd32.
Fixes #30412.
Built from https://develop.svn.wordpress.org/trunk@30402


git-svn-id: http://core.svn.wordpress.org/trunk@30397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 01:52:23 +00:00
Gary Pendergast
f17d168a0f WPDB: Force STRICT_ALL_TABLES to be enabled as soon as we connect to the MySQL server.
This improves data integrity when inserting and updating rows in the database, particularly when trying to insert emoji into posts stored with character sets that don't support emoji.

See #21212.

Built from https://develop.svn.wordpress.org/trunk@30400


git-svn-id: http://core.svn.wordpress.org/trunk@30396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 01:46:24 +00:00
Andrew Ozz
d4a36f2c7a TinyMCE: update to the latest dev. version, 4.1.6+. Fixes #30411.
Built from https://develop.svn.wordpress.org/trunk@30397


git-svn-id: http://core.svn.wordpress.org/trunk@30393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 00:50:23 +00:00
John Blackbourn
3e3c383e79 Introduce two new filters to the post revisions screen:
* `process_text_diff_html` for contextually filtering a diffed line. Allows for the line to be processed in a different manner to the default `htmlspecialchars`.
 * `revision_text_diff_options` for filtering the options passed to `wp_text_diff()` when viewing a post revision.

Fixes #24908
Props adamsilverstein

Built from https://develop.svn.wordpress.org/trunk@30396


git-svn-id: http://core.svn.wordpress.org/trunk@30392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-19 23:21:23 +00:00
John Blackbourn
64cd0ae134 Slide the admin menu out to the right when DFW mode kicks in and RTL is in use.
Fixes #30356
Props yoavf

Built from https://develop.svn.wordpress.org/trunk@30395


git-svn-id: http://core.svn.wordpress.org/trunk@30391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-19 22:46:22 +00:00
Andrew Ozz
e5f57d2870 TinyMCE: fix the tooltip for 'alignnone' button on the image toolbar. Props johnbillion, see #30147.
Built from https://develop.svn.wordpress.org/trunk@30385


git-svn-id: http://core.svn.wordpress.org/trunk@30382 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-19 17:27:22 +00:00
Dion Hulse
9b9289e0a3 Background Updates: Introduce support to take advantage of Group Writable (or World Writable) to Core Background updates.
This is only enabled when new files will not be installed during the update (as indicated by the WordPress.org API), and does not apply to Plugin/Theme/Translation Background Updates.

Additionally, the code to determine if the 'direct' filesystem transport should be used has been tweaked for wider support (where getmyuid() was unavailalbe) which fixes #10424

See #10205, #30245

Built from https://develop.svn.wordpress.org/trunk@30384


git-svn-id: http://core.svn.wordpress.org/trunk@30381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-19 05:40:23 +00:00
Boone Gorges
d95b5196cc Improvements to wp_make_link_relative().
* Support relative URL input.
* When the URL being made relative has another URL as a parameter, don't make the second URL relative.

Props voldemortensen.
Fixes #30373.
Built from https://develop.svn.wordpress.org/trunk@30383


git-svn-id: http://core.svn.wordpress.org/trunk@30380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-19 01:53:24 +00:00
Drew Jaynes
e34a587ea6 Add some missing inline documentation for methods in the WP_Widget class in wp-includes/widgets.php.
Props ericlewis, jazzs3quence.
See #30315.

Built from https://develop.svn.wordpress.org/trunk@30382


git-svn-id: http://core.svn.wordpress.org/trunk@30379 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-18 22:58:22 +00:00
Drew Jaynes
f7648300c8 Add missing documentation for the $password parameter, passed to the check_password hook.
Props coffee2code.
Fixes #30311.

Built from https://develop.svn.wordpress.org/trunk@30381


git-svn-id: http://core.svn.wordpress.org/trunk@30378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-18 18:56:21 +00:00
Drew Jaynes
51e7e8e695 Clarify/correct inline documentation in wp-includes/l10n.php.
* Add a missing `@return` description for `load_default_textdomain()`
* Clarify the `@param` description for `$locale` with an inline `@see` tag
* Ensure the correct parameter variable is used when documenting `$args` for `wp_dropdown_languages()`

Props camdensegal.
Fixes #30385.

Built from https://develop.svn.wordpress.org/trunk@30380


git-svn-id: http://core.svn.wordpress.org/trunk@30377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-18 18:47:22 +00:00
Drew Jaynes
5943966b69 Ensure the mixed type of string|int is reflected on the $title parameter in wp_die().
The ability to pass an error code as short-hand to the `$title` and `$args` parameters was added in r30355. Changes also include cleaned-up formatting and line-wraps for other documentation in the DocBlock.

See [30355]. Fixes #10551.

Built from https://develop.svn.wordpress.org/trunk@30379


git-svn-id: http://core.svn.wordpress.org/trunk@30376 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-18 16:47:23 +00:00
John Blackbourn
5945363d82 Update the inline docs for the keyEvent callback in the media grid.
Props adamsilverstein
See #29725

Built from https://develop.svn.wordpress.org/trunk@30378


git-svn-id: http://core.svn.wordpress.org/trunk@30375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-18 04:29:23 +00:00
John Blackbourn
02c773efb0 Avoid re-registering the keydown event controller in the media grid so arrow controls don't skip media items.
Fixes #30348
Props UmeshSingla

Built from https://develop.svn.wordpress.org/trunk@30377


git-svn-id: http://core.svn.wordpress.org/trunk@30374 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-18 04:28:22 +00:00
John Blackbourn
cca329174f Improve Thickbox's close button so it can be announced by screen readers.
Fixes #29455
Props SergeyBiryukov

Built from https://develop.svn.wordpress.org/trunk@30376


git-svn-id: http://core.svn.wordpress.org/trunk@30373 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-18 03:55:23 +00:00
Gary Pendergast
739a20a659 WPDB: When a db.php drop-in is being used, and it doesn't explicitly define itself as connecting to MySQL, skip the character set checks. This ensures that existing drop-ins won't accidentally run checks that they don't support.
See #21212.

Built from https://develop.svn.wordpress.org/trunk@30375


git-svn-id: http://core.svn.wordpress.org/trunk@30372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-18 03:38:23 +00:00
John Blackbourn
e2a0c6a86d Improve keyboard control of Edit Selection mode in the media manager.
See #29326
Props adamsilverstein

Built from https://develop.svn.wordpress.org/trunk@30374


git-svn-id: http://core.svn.wordpress.org/trunk@30371 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-18 03:34:25 +00:00
Drew Jaynes
254ff0a4c9 Add inline @see tags to the docs for the get_categories_taxonomy hook.
Props tw2113.
Fixes #30310.

Built from https://develop.svn.wordpress.org/trunk@30370


git-svn-id: http://core.svn.wordpress.org/trunk@30368 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-17 17:37:23 +00:00
Gary Pendergast
14bf4939e4 WPDB: When removing invalid characters from utf8 strings in older versions of PHP, the regex was too large to be compiled.
See #21212

Built from https://develop.svn.wordpress.org/trunk@30366


git-svn-id: http://core.svn.wordpress.org/trunk@30365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-17 11:58:22 +00:00
Dion Hulse
ddbb5a850f Remove a stray translator comment for a non-translatable string added in [30209] See #27238
Built from https://develop.svn.wordpress.org/trunk@30365


git-svn-id: http://core.svn.wordpress.org/trunk@30364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-17 04:36:25 +00:00
Andrew Ozz
c61a028898 TinyMCE: fix the border on the image toolbar arrow. Props afercia, see #30147.
Built from https://develop.svn.wordpress.org/trunk@30363


git-svn-id: http://core.svn.wordpress.org/trunk@30362 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-17 00:19:23 +00:00
Andrew Ozz
69b529024a Fix typo in [30361], see #30147.
Built from https://develop.svn.wordpress.org/trunk@30362


git-svn-id: http://core.svn.wordpress.org/trunk@30361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-16 23:15:23 +00:00
Andrew Ozz
22b760088c TinyMCE: don't show image toolbar for placeholder images. See #30147.
Built from https://develop.svn.wordpress.org/trunk@30361


git-svn-id: http://core.svn.wordpress.org/trunk@30360 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-16 23:12:22 +00:00
John Blackbourn
81858cdd99 Correctly wrap the text in long input labels in the media manager.
Fixes #23003
Props ramiabraham

Built from https://develop.svn.wordpress.org/trunk@30359


git-svn-id: http://core.svn.wordpress.org/trunk@30358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-16 19:01:22 +00:00
John Blackbourn
96e57d411b Add $depth parameter to the nav_menu_css_class, nav_menu_item_id, and nav_menu_link_attributes filters.
Fixes #19064
Props cyclometh, chriscct7, johnbillion

Built from https://develop.svn.wordpress.org/trunk@30358


git-svn-id: http://core.svn.wordpress.org/trunk@30357 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-16 07:37:22 +00:00
John Blackbourn
d88ed475b0 Switch to a 403 response code in places where it is more appropriate than a 500 due to permissions errors.
Fixes #10551
Props nacin

Built from https://develop.svn.wordpress.org/trunk@30356


git-svn-id: http://core.svn.wordpress.org/trunk@30355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-16 06:16:22 +00:00
John Blackbourn
5f30f13780 Allow the response code to be passed as a shorthand to the $title or $args parameter of wp_die(), for brevity.
See #10551 and #11286
Props nacin

Built from https://develop.svn.wordpress.org/trunk@30355


git-svn-id: http://core.svn.wordpress.org/trunk@30354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-16 06:11:22 +00:00
Andrew Ozz
b3e14b36ff TinyMCE: fix the cursor appearance while it is outside the editor body. Props miyauchi, fixes #30112.
Built from https://develop.svn.wordpress.org/trunk@30349


git-svn-id: http://core.svn.wordpress.org/trunk@30348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-15 01:21:22 +00:00
John Blackbourn
f561b53695 WordPress 4.1-beta1
Built from https://develop.svn.wordpress.org/trunk@30348


git-svn-id: http://core.svn.wordpress.org/trunk@30347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-14 21:57:24 +00:00
Boone Gorges
866cfdf19b Flush cache for newly created term in _split_shared_term().
The term itself does not have any cached values yet, but in some cases the new
term's taxonomy may need its cached hierarchy to be refreshed as a result of
the term splitting.

Props jorbin.
See #30335.
Built from https://develop.svn.wordpress.org/trunk@30347


git-svn-id: http://core.svn.wordpress.org/trunk@30346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-14 21:53:22 +00:00
Gary Pendergast
e61bebdbfc If a saving a post fails, remove any invalid characters (such as emoji) from the primary text fields, then try to save it again.
See #21212.


Built from https://develop.svn.wordpress.org/trunk@30346


git-svn-id: http://core.svn.wordpress.org/trunk@30345 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-14 21:34:22 +00:00
Gary Pendergast
ecc27d0b27 When creating a post containing emoji, the post can be saved incorrectly if MySQL isn't using a character set that supports emoji.
This change prevents the save from occurring, so it can be handled correctly in the UI.

See #21212.

Built from https://develop.svn.wordpress.org/trunk@30345


git-svn-id: http://core.svn.wordpress.org/trunk@30344 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-14 21:28:22 +00:00
Boone Gorges
c5bb06dafe Reinstate term splitting on term update.
Originally introduced in [30241] and reverted in [30336], term splitting is
back and better than ever. Now with *more unit tests* and *improved treatment
of child terms*!

See #30335.
Built from https://develop.svn.wordpress.org/trunk@30344


git-svn-id: http://core.svn.wordpress.org/trunk@30343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-14 21:27:24 +00:00