Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-06-29 16:25:03 +02:00
Code Issues Projects Releases Wiki Activity
46,406 Commits 49 Branches 744 Tags 928 MiB
e4a97cc8e9
Commit Graph

26 Commits

Author SHA1 Message Date
Sergey Biryukov
f891f6f0c6 Administration: Require a valid action parameter to be set for admin-ajax.php requests. 
This avoids `Array to string conversion` PHP notices when an array is passed as the `action` parameter.

Additionally, send an appropriate HTTP response status code when an invalid action is passed to `admin-post.php`.

Follow-up to [13175], [19738], [41120], [41926].

Props dd32.
Fixes #55212.
Built from https://develop.svn.wordpress.org/trunk@52813


git-svn-id: http://core.svn.wordpress.org/trunk@52402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2022-03-02 15:00:11 +00:00
Sergey Biryukov
47ed56f38f Code Modernization: Replace dirname( __FILE__ ) calls with __DIR__ magic constant. 
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.

This commit also includes:

* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
 * `wp-admin/admin-header.php`
 * `wp-admin/admin-footer.php`
 * `wp-includes/version.php`

Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes #48082.
Built from https://develop.svn.wordpress.org/trunk@47198


git-svn-id: http://core.svn.wordpress.org/trunk@46998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2020-02-06 06:33:11 +00:00
Gary Pendergast
4fa5437fc1 Admin: Use is_user_logged_in() instead of wp_validate_auth_cookie() in admin-post.php. 
This matches the authentication check in `admin-ajax.php`, and allows the authentication method to be filtered.

Props jmdodd.
Fixes #45475.


Built from https://develop.svn.wordpress.org/trunk@44615


git-svn-id: http://core.svn.wordpress.org/trunk@44446 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-01-16 05:41:50 +00:00
Drew Jaynes
92aa2f9e92 Docs: Fix a few minor inline documentation typos in a variety of files and contexts. 
Props ramizmanked.
Fixes #45463.

Built from https://develop.svn.wordpress.org/trunk@44331


git-svn-id: http://core.svn.wordpress.org/trunk@44161 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-19 07:42:49 +00:00
Gary Pendergast
aaf99e6913 Code is Poetry. 
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-11-30 23:11:00 +00:00
Dominik Schilling
e5ea82d81a Spelling: Standardize on "front end"/"back end" (noun) and "front-end"/"back-end" (adjective). 
Props obrienlabs, thewanderingbrit.
Fixes #34887.
Built from https://develop.svn.wordpress.org/trunk@36709


git-svn-id: http://core.svn.wordpress.org/trunk@36676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-02-25 12:53:27 +00:00
Helen Hou-Sandí
48befcf361 Superglobals: Revert [34059] until further notice. 
see #33837.

Built from https://develop.svn.wordpress.org/trunk@34265


git-svn-id: http://core.svn.wordpress.org/trunk@34229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-17 12:33:26 +00:00
Scott Taylor
cd7c0f0b0d Introduce wp_validate_action( $action = '' ), a helper function that checks $_REQUEST for action and returns it, or empty string if not present. If $action is passed, it checks to make sure they match before returning it, or an empty string. Strings are always returned to avoid returning multiple types. 
Implementing this removes 27 uses of direct superglobal access in the admin.

For more reading:
https://codeclimate.com/github/WordPress/WordPress/wp-admin/edit-comments.php

See #33837.

Built from https://develop.svn.wordpress.org/trunk@34059


git-svn-id: http://core.svn.wordpress.org/trunk@34027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-11 21:08:26 +00:00
Drew Jaynes
2faf449f51 Docs Formatting: Backtick-escape inline code for all dynamic hook docs in wp-admin/*. 
Also includes some changes to move hook docs to directly precede hook lines. This is necessary to prevent DocBlock-matching confusion when core is parsed.

Affects DocBlocks for the following hooks:
* `wp_ajax_ . $_REQUEST['action']`
* `wp_ajax_nopriv_ . $_REQUEST['action']`
* `admin_footer- . $GLOBALS['hook_suffix']`
* `admin_head-$hook_suffix`
* `admin_post_nopriv_{$action}`
* `admin_post_{$action}`
* `load-  . $page_hook`
* `load- . $plugin_page`
* `load-importer- . $importer`
* `load- . $pagenow`
* `admin_action_ . $_REQUEST['action']`
* `async_upload_{$type}`
* `add_meta_boxes_ . $post_type`
* `{$taxonomy}_pre_edit_form`
* `{$taxonomy}_term_edit_form_tag`
* `{$taxonomy}_edit_form_fields`
* `{$taxonomy}_edit_form`
* `after-{$taxonomy}-table`
* `{$taxonomy}_pre_add_form`
* `{$taxonomy}_term_new_form_tag`
* `{$taxonomy}_add_form_fields`
* `{$taxonomy}_add_form`
* `media_upload_$type`
* `media_upload_$tab`
* `install_plugins_pre_$tab`
* `install_plugins_$tab`
* `install_themes_pre_{$tab}`
* `install_themes_{$tab}`
* `update-core-custom_{$action}`
* `update-custom_{$action}`
* `user_{$name}_label`

See #30552.

Built from https://develop.svn.wordpress.org/trunk@30649


git-svn-id: http://core.svn.wordpress.org/trunk@30639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-11-30 11:42:24 +00:00
Scott Taylor
112ca4e055 Because the WP_ADMIN constant name can be bound in multiple files, all instances should check ! defined first. wp-admin/admin.php already has this check. 
See #27881.

Built from https://develop.svn.wordpress.org/trunk@28478


git-svn-id: http://core.svn.wordpress.org/trunk@28305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-05-18 20:42:16 +00:00
Drew Jaynes
a23cc5634f Properly split and document the admin_post* actions into the following four hooks: 
* `admin_post_nopriv` – for logged-out requests lacking a supplied action
* `admin_post_nopriv_$action – for logged-out requests with a supplied action
* `admin_post` – for logged-in requests lacking a supplied action
* `admin_post_$action` – for logged-in requests with a supplied action

See [28349], [28350], [28351].
See #26869.

Built from https://develop.svn.wordpress.org/trunk@28394


git-svn-id: http://core.svn.wordpress.org/trunk@28222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-05-13 07:24:15 +00:00
Drew Jaynes
c02696f43f Rename the $action hook in wp-admin/admin-post.php to admin_post{$action}. 
Also, clarify documentation of priv vs nopriv prefixing of the hook name.

See #26869.

Built from https://develop.svn.wordpress.org/trunk@28351


git-svn-id: http://core.svn.wordpress.org/trunk@28179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-05-08 11:00:15 +00:00
Drew Jaynes
f427187fa8 Revert [28349] in favor of retaining the single dynamic admin_post* hook. 
See #26869.

Built from https://develop.svn.wordpress.org/trunk@28350


git-svn-id: http://core.svn.wordpress.org/trunk@28178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-05-08 10:47:15 +00:00
Drew Jaynes
a6755201d8 Convert and rename the $action hook in wp-admin/admin-post to two dynamic hook sets. 
* `admin_post_nopriv{$request_action}` is fired for logged-out users
* `admin_post{$request_action}` is fired for logged-in users

Props Otto42, DrewAPicture.
See #26869.

Built from https://develop.svn.wordpress.org/trunk@28349


git-svn-id: http://core.svn.wordpress.org/trunk@28177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-05-08 10:27:14 +00:00
Andrew Nacin
5361a8abca Spell out duplicate hook locations. 
props DrewAPicture.
fixes #25658.

Built from https://develop.svn.wordpress.org/trunk@25868


git-svn-id: http://core.svn.wordpress.org/trunk@25868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-24 22:59:20 +00:00
Andrew Nacin
8ae8e01b67 Remove the old wp_auto_updates_maybe_update cron event. Schedule the new wp_maybe_auto_update event at 7 a.m. and 7 p.m. in the site's timezone. 
see #27704.

Built from https://develop.svn.wordpress.org/trunk@25825


git-svn-id: http://core.svn.wordpress.org/trunk@25825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-24 22:53:14 +00:00
Andrew Nacin
74488bdcb0 Spell out duplicate hook locations. 
props DrewAPicture.
fixes #25658.

Built from https://develop.svn.wordpress.org/trunk@25868


git-svn-id: http://core.svn.wordpress.org/trunk@25780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-22 17:22:11 +00:00
Andrew Nacin
fd57b239d2 Don't rely on include_path to include files. 
Always use dirname() or, once available, ABSPATH.

props ketwaroo, hakre.
fixes #17092.

Built from https://develop.svn.wordpress.org/trunk@25616


git-svn-id: http://core.svn.wordpress.org/trunk@25533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-09-25 00:18:11 +00:00
Drew Jaynes
774260c539 Inline documentation for hooks in wp-admin/admin-post.php. 
Props ericlewis, kpdesign.
Fixes #25361.

Built from https://develop.svn.wordpress.org/trunk@25589


git-svn-id: http://core.svn.wordpress.org/trunk@25506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-09-23 23:48:09 +00:00
Drew Jaynes
f7546cb45a Improve file header and description in wp-admin/admin-post.php. 
Props ericlewis.
Fixes #25362.

Built from https://develop.svn.wordpress.org/trunk@25561


git-svn-id: http://core.svn.wordpress.org/trunk@25479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-09-22 05:18:09 +00:00
Andrew Nacin
d5c4413aaa send_origin_headers() in admin-post.php. 
props nickdaugherty, fixes #24600.


Built from https://develop.svn.wordpress.org/trunk@25036


git-svn-id: http://core.svn.wordpress.org/trunk@25023 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-08-16 19:59:08 +00:00
ryan
e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307 
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2012-01-08 17:01:11 +00:00
nacin
9cb6e158fc Switch from Panel/SubPanel to Screen in inline documentation and Codex links. props michaelh, fixes #17265. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@17748 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2011-04-28 15:24:49 +00:00
ryan
33de670823 Fire nopriv actions from post and ajax handlers when user is not logged in. 
git-svn-id: http://svn.automattic.com/wordpress/trunk@10720 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2009-03-05 21:43:35 +00:00
ryan
175c2b6fb1 WP-Admin File Level Inline Documentation from santosj. see #7496 
git-svn-id: http://svn.automattic.com/wordpress/trunk@8618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-08-11 20:26:31 +00:00
ryan
ecd98d1aff Generic POST handler. see #7283 
git-svn-id: http://svn.automattic.com/wordpress/trunk@8315 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2008-07-11 20:24:35 +00:00