Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-14 22:56:19 +01:00
Code Issues Projects Releases Wiki Activity
23,847 Commits 50 Branches 748 Tags 792 MiB
d7915c3e73
Commit Graph

11753 Commits

Author SHA1 Message Date
John Blackbourn
82f8529ad5 Hardening: Use a properly generated hash for the newbloguser key instead of a determinate substring. 
Merges [42258] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@42312


git-svn-id: http://core.svn.wordpress.org/branches/3.7@42141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-11-29 16:49:10 +00:00
Gary Pendergast
2fd667487f Bump 3.7 branch to version 3.7.23. 
Built from https://develop.svn.wordpress.org/branches/3.7@42080


git-svn-id: http://core.svn.wordpress.org/branches/3.7@41909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-31 13:47:10 +00:00
Dominik Schilling
99d97c76b0 Users: Use correct escaping function for URLs. 
Merge of [41522] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@41534


git-svn-id: http://core.svn.wordpress.org/branches/3.7@41367 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 21:40:34 +00:00
Aaron Campbell
67bf4cd7e1 Bump 3.7 branch to version 3.7.22. 
Built from https://develop.svn.wordpress.org/branches/3.7@41521


git-svn-id: http://core.svn.wordpress.org/branches/3.7@41354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 20:14:20 +00:00
John Blackbourn
1d5a7892f2 Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues. 
Merges [41457] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@41469


git-svn-id: http://core.svn.wordpress.org/branches/3.7@41302 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 14:47:09 +00:00
John Blackbourn
8d241beedb General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area. 
Merges [41434] with changes to the 3.7 branch.

See #13377

Built from https://develop.svn.wordpress.org/branches/3.7@41456


git-svn-id: http://core.svn.wordpress.org/branches/3.7@41289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 13:52:09 +00:00
Dominik Schilling
774f81b780 Users: Provide a fallback for incorrect HTTP referrers. 
Merge of [41398] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@41428


git-svn-id: http://core.svn.wordpress.org/branches/3.7@41261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 11:15:50 +00:00
Aaron Campbell
fe080e84db Bump 3.7 branch to version 3.7.21. 
Built from https://develop.svn.wordpress.org/branches/3.7@40758


git-svn-id: http://core.svn.wordpress.org/branches/3.7@40616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 21:54:15 +00:00
Aaron Campbell
f5fca82e63 Add nonce for updating file system credentials. 
Merges [40723] to 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@40734


git-svn-id: http://core.svn.wordpress.org/branches/3.7@40592 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 14:58:09 +00:00
Dominik Schilling
303264210a Customize: Ignore invalid customization sessions. 
Merge of [40704] to the 3.7 branch.
Built from https://develop.svn.wordpress.org/branches/3.7@40715


git-svn-id: http://core.svn.wordpress.org/branches/3.7@40578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 12:23:10 +00:00
Pascal Birchler
a2797f26d2 Bump 3.7 branch to version 3.7.20. 
Built from https://develop.svn.wordpress.org/branches/3.7@40497


git-svn-id: http://core.svn.wordpress.org/branches/3.7@40373 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-20 16:30:10 +00:00
Pascal Birchler
63b4b6a006 Fix broken audio/video functions when sanitizing ID3 data 
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

See #40075, #40085.

Merges [40400] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@40470


git-svn-id: http://core.svn.wordpress.org/branches/3.7@40346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-17 13:48:09 +00:00
James Nylen
85e61d7921 Bump 3.7 branch to version 3.7.19. 
Built from https://develop.svn.wordpress.org/branches/3.7@40212


git-svn-id: http://core.svn.wordpress.org/branches/3.7@40151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 16:50:09 +00:00
Aaron Campbell
c6ab9f325b Plugins: Add file check to plugin deletions. 
Merges [40169] to 3.7 branch.


Built from https://develop.svn.wordpress.org/branches/3.7@40180


git-svn-id: http://core.svn.wordpress.org/branches/3.7@40119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 13:06:09 +00:00
Jeremy Felt
ec48ddfb4e Validate video and audio metadata. 
Merge of [40148] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@40159


git-svn-id: http://core.svn.wordpress.org/branches/3.7@40098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 08:14:10 +00:00
Aaron Campbell
44b16a7d23 Bump 3.7 branch to version 3.7.18. 
Built from https://develop.svn.wordpress.org/branches/3.7@40006


git-svn-id: http://core.svn.wordpress.org/branches/3.7@39943 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 18:31:11 +00:00
John Blackbourn
0a1cbe9d09 Posts, Post Types: When using Excerpt mode on the Posts list table, ensure the excerpt output matches what was manually entered into the Excerpt field. 
Merges [39956] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@39989


git-svn-id: http://core.svn.wordpress.org/branches/3.7@39926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:24:09 +00:00
Dominik Schilling
9669f73c62 Press This: Do not show Categories & Tags UI for users who cannot assign terms to posts anyways. 
Merge of [39968] to the 3.7 branch.
Built from https://develop.svn.wordpress.org/branches/3.7@39982


git-svn-id: http://core.svn.wordpress.org/branches/3.7@39919 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:16:21 +00:00
Aaron Campbell
0a294916d9 Bump 3.7 branch to version 3.7.17. 
Built from https://develop.svn.wordpress.org/branches/3.7@39870


git-svn-id: http://core.svn.wordpress.org/branches/3.7@39807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 17:00:22 +00:00
Dominik Schilling
dbb5bf710f Updates: Translate plugin data on the Updates screen. 
Merge of [39808] to the 3.7 branch.
Built from https://develop.svn.wordpress.org/branches/3.7@39830


git-svn-id: http://core.svn.wordpress.org/branches/3.7@39768 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 11:44:10 +00:00
Aaron Campbell
bf3ac93baf Add nonce for widget accessibility mode. 
Props vortfu.

See #23328.

Merges [39765] to 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@39771


git-svn-id: http://core.svn.wordpress.org/branches/3.7@39709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 01:54:09 +00:00
Joe McGill
b01225018a Media: Improved media titles when created from filename. 
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.

Merge of [38615] to the 3.7 branch.

Fixes #37989.

Built from https://develop.svn.wordpress.org/branches/3.7@39719


git-svn-id: http://core.svn.wordpress.org/branches/3.7@39659 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-06 22:02:17 +00:00
Jeremy Felt
4afbabc9ca Bump 3.7 branch to 3.7.16. 
Built from https://develop.svn.wordpress.org/branches/3.7@38558


git-svn-id: http://core.svn.wordpress.org/branches/3.7@38501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 15:02:36 +00:00
Jeremy Felt
2d1b0ab4c6 Media: Sanitize upload filename. 
Merge of [38538] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@38548


git-svn-id: http://core.svn.wordpress.org/branches/3.7@38491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 14:01:10 +00:00
Pascal Birchler
b40b064e8a Upgrade/Install: Sanitize file name in File_Upload_Upgrader. 
Merge of [38524] to the 3.7 branch.
Built from https://develop.svn.wordpress.org/branches/3.7@38534


git-svn-id: http://core.svn.wordpress.org/branches/3.7@38475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-06 18:07:12 +00:00
Boone Gorges
afe460ad19 Bump 3.7 branch to 3.7.15. 
Built from https://develop.svn.wordpress.org/branches/3.7@37836


git-svn-id: http://core.svn.wordpress.org/branches/3.7@37801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 16:52:09 +00:00
Nikolay Bachiyski
7fab797d2c Admin: escape URL-encoded permalinks 
Merge of [37801] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@37823


git-svn-id: http://core.svn.wordpress.org/branches/3.7@37788 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 15:00:10 +00:00
Rachel Baker
6319a5f7ea Revisions: Change the capability needed to view revision diffs to edit_post. 
Merge of [37779] to the 3.7 branch.
Built from https://develop.svn.wordpress.org/branches/3.7@37808


git-svn-id: http://core.svn.wordpress.org/branches/3.7@37773 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:51:37 +00:00
Boone Gorges
9aed168b89 Taxonomy: More specific cap check when processing category data on post save. 
Ports [37691] to the 3.7 branch.

Props dlh.
Fixes #36379.
Built from https://develop.svn.wordpress.org/branches/3.7@37788


git-svn-id: http://core.svn.wordpress.org/branches/3.7@37753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:25:40 +00:00
Dominik Schilling
7b14133f66 Customize: Make sure that preview and return URLs are URLs. 
Merge of [37527] to the 3.7 branch.
Built from https://develop.svn.wordpress.org/branches/3.7@37780


git-svn-id: http://core.svn.wordpress.org/branches/3.7@37745 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-21 14:22:34 +00:00
Dominik Schilling
5543fabff3 Bump 3.7 branch to 3.7.14. 
Built from https://develop.svn.wordpress.org/branches/3.7@37392


git-svn-id: http://core.svn.wordpress.org/branches/3.7@37358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-05-06 18:16:17 +00:00
Nikolay Bachiyski
f5195ba547 External Libraries: Disable Flash backend for Plupload 
Built from https://develop.svn.wordpress.org/branches/3.7@37368


git-svn-id: http://core.svn.wordpress.org/branches/3.7@37334 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-05-06 17:36:10 +00:00
Jeremy Felt
d38dbe39a7 Multisite: Improve escaping in network settings. 
Merge of [37124] to the 3.7 branch.

Built from https://develop.svn.wordpress.org/branches/3.7@37132


git-svn-id: http://core.svn.wordpress.org/branches/3.7@37099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-03-30 16:07:17 +00:00
Dominik Schilling
8523aeed0b Multisite: Validate new email address confirmations. 
Merge of [37103] to the 3.7 branch.
Built from https://develop.svn.wordpress.org/branches/3.7@37111


git-svn-id: http://core.svn.wordpress.org/branches/3.7@37078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-03-30 14:51:31 +00:00
Dominik Schilling
c7fa2a8205 Bump 3.7 branch to 3.7.13. 
Built from https://develop.svn.wordpress.org/branches/3.7@36462


git-svn-id: http://core.svn.wordpress.org/branches/3.7@36429 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-02-02 17:30:30 +00:00
Dominik Schilling
fdcacfe365 Bump 3.7 branch to 3.7.12. 
Built from https://develop.svn.wordpress.org/branches/3.7@36203


git-svn-id: http://core.svn.wordpress.org/branches/3.7@36170 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-01-06 18:52:08 +00:00
Helen Hou-Sandí
297e946ba6 Bump 3.7 branch to 3.7.11. 
Built from https://develop.svn.wordpress.org/branches/3.7@34187


git-svn-id: http://core.svn.wordpress.org/branches/3.7@34155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-15 14:30:10 +00:00
Dominik Schilling
79809190ac XMLRPC: Don't allow private posts to be sticky. 
Merge of [33325], [33612], and [34135] to the 3.7 branch.

See #20662.
Built from https://develop.svn.wordpress.org/branches/3.7@34157


git-svn-id: http://core.svn.wordpress.org/branches/3.7@34125 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-14 23:03:17 +00:00
Nikolay Bachiyski
24a1b34acc List tables: escape user e-mails 
Merges [34133] for 3.7 branch

Built from https://develop.svn.wordpress.org/branches/3.7@34143


git-svn-id: http://core.svn.wordpress.org/branches/3.7@34111 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-14 22:45:19 +00:00
Dominik Schilling
1f59bf6469 Bump 3.7 branch to version 3.7.10. 
Built from https://develop.svn.wordpress.org/branches/3.7@33577


git-svn-id: http://core.svn.wordpress.org/branches/3.7@33544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-08-04 11:53:08 +00:00
Dominik Schilling
54da7d4786 Heartbeat: Ensure post locks are released. 
Merge of [33542] to the 3.7 branch.
Built from https://develop.svn.wordpress.org/branches/3.7@33548


git-svn-id: http://core.svn.wordpress.org/branches/3.7@33515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-08-04 04:56:22 +00:00
Gary Pendergast
630d4c7c8e Bump 3.7 branch to version 3.7.9. 
Built from https://develop.svn.wordpress.org/branches/3.7@33400


git-svn-id: http://core.svn.wordpress.org/branches/3.7@33368 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-23 11:10:08 +00:00
Gary Pendergast
8a6a7d323e Capabilities: When creating an auto-draft, ensure that the current user still has permission to do so. 
Partial merge of [33357] to the 3.7 branch.


Built from https://develop.svn.wordpress.org/branches/3.7@33379


git-svn-id: http://core.svn.wordpress.org/branches/3.7@33350 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-23 04:27:09 +00:00
Dominik Schilling
1cef8c9e5a 3.7.8 version bumps. 
Built from https://develop.svn.wordpress.org/branches/3.7@32439


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 23:35:08 +00:00
Michael Adams
2b1b2ebaf2 Upgrade: $wpdb->get_col_length() sanity check: bail on unexpected return value. 
Merges [32429] for the 3.7 branch.

See #32165.

Built from https://develop.svn.wordpress.org/branches/3.7@32435


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 23:15:09 +00:00
Michael Adams
a021bbe537 Upgrade: Ensure unintelligible DB schemas don't result in content loss. 
Merge of [32417] to the 3.7 branch.

See #32165.

Props ocean90.

Built from https://develop.svn.wordpress.org/branches/3.7@32423


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 21:53:34 +00:00
Aaron Jorbin
f702a97f8c When upgrading WordPress remove genericons example.html files 
[32385] for 3.7 branch

Props @dd32, @boonebgorges, @johnjamesjacoby, @drewapicture, @jorbin


Built from https://develop.svn.wordpress.org/branches/3.7@32411


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 20:50:09 +00:00
Michael Adams
15a2afed1e Upgrade: Fix typo in [32391]/3.7. 
See #32165.

Built from https://develop.svn.wordpress.org/branches/3.7@32395


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 19:41:09 +00:00
Michael Adams
18fcca2916 WPDB: When checking that a string can be sent to MySQL, we shouldn't use mb_convert_encoding(), as it behaves differently to MySQL's character encoding conversion. 
Merge of [32364] to the 3.7 branch.

Props mdawaffe, pento, nbachiyski, jorbin, johnjamesjacoby, jeremyfelt.

See #32165.

Built from https://develop.svn.wordpress.org/branches/3.7@32391


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-06 19:17:09 +00:00
Michael Adams
cd63ed5102 3.7: 
- WPDB: Sanity check that any strings being stored in the DB are not too long to store correctly.
- When upgrading, remove any suspicious comments.

Built from https://develop.svn.wordpress.org/branches/3.7@32318


git-svn-id: http://core.svn.wordpress.org/branches/3.7@32289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-27 18:35:09 +00:00