Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-14 14:45:45 +01:00
Code Issues Projects Releases Wiki Activity
34,939 Commits 50 Branches 748 Tags 792 MiB
ef17e2b3b8
Commit Graph

15917 Commits

Author SHA1 Message Date
Sergey Biryukov
2a4ac1ce68 Escape the output in wp_ajax_upload_attachment(). 
Merges [45936] to the 4.6 branch.
Props whyisjake, sstoqnov.
Built from https://develop.svn.wordpress.org/branches/4.6@45948


git-svn-id: http://core.svn.wordpress.org/branches/4.6@45759 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-04 16:36:24 +00:00
Gary Pendergast
5db18ede70 WordPress 4.6.14 
Built from https://develop.svn.wordpress.org/branches/4.6@44874


git-svn-id: http://core.svn.wordpress.org/branches/4.6@44705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-13 01:18:21 +00:00
Sergey Biryukov
1ff333ca3b Comments: Improve comment content filtering. 
Merges [44842] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@44848


git-svn-id: http://core.svn.wordpress.org/branches/4.6@44680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-12 22:37:22 +00:00
Jeremy Felt
c046ee1abd Bump 4.6 branch to version 4.6.13. 
Built from https://develop.svn.wordpress.org/branches/4.6@44081


git-svn-id: http://core.svn.wordpress.org/branches/4.6@43911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 02:14:04 +00:00
Gary Pendergast
5a48d3af8b Editor: Remove unwanted fields before saving posts. 
The `meta_input`, `file`, and `guid` fields are not intended to be updated through user input.

Merges [44047] to the 4.6 branch.


Built from https://develop.svn.wordpress.org/branches/4.6@44058


git-svn-id: http://core.svn.wordpress.org/branches/4.6@43888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 01:43:21 +00:00
Peter Wilson
41a7a8e581 Multisite: Validate activation links. 
Merges [44048] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@44057


git-svn-id: http://core.svn.wordpress.org/branches/4.6@43887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 01:42:20 +00:00
Aaron Campbell
4f99911c22 Bump 4.6 branch to version 4.6.12 
Built from https://develop.svn.wordpress.org/branches/4.6@43410


git-svn-id: http://core.svn.wordpress.org/branches/4.6@43238 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-07-05 16:12:07 +00:00
Aaron Campbell
5798a9e9ae Bump 4.6 branch to version 4.6.11 
Built from https://develop.svn.wordpress.org/branches/4.6@42936


git-svn-id: http://core.svn.wordpress.org/branches/4.6@42766 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-04-03 20:28:04 +00:00
Dion Hulse
daf7cc8b30 Bump the 4.6 branch to 4.6.10. 
Built from https://develop.svn.wordpress.org/branches/4.6@42497


git-svn-id: http://core.svn.wordpress.org/branches/4.6@42326 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 21:41:36 +00:00
Dion Hulse
ce6ffb6d25 External Libraries: Remove unnecessary / obsoleted MediaElement.js files. 
Merges [42478] to the 4.6 branch.
Fixes #42720 for 4.6.

Built from https://develop.svn.wordpress.org/branches/4.6@42480


git-svn-id: http://core.svn.wordpress.org/branches/4.6@42309 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 08:06:35 +00:00
Dion Hulse
cf61ff994d Upgrade: When deleting old files, if deletion fails attempt to empty the file instead. 
Props joemcgill, dd32.
Merges [42434] to the 4.6 branch.
Fixes #42963 for 4.6.

Built from https://develop.svn.wordpress.org/branches/4.6@42468


git-svn-id: http://core.svn.wordpress.org/branches/4.6@42297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-01-16 06:55:34 +00:00
John Blackbourn
8b0e75a650 Bump 4.6 branch to version 4.6.9. 
Built from https://develop.svn.wordpress.org/branches/4.6@42319


git-svn-id: http://core.svn.wordpress.org/branches/4.6@42148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-11-29 18:59:35 +00:00
John Blackbourn
78c7ec883d Hardening: Use a properly generated hash for the newbloguser key instead of a determinate substring. 
Merges [42258] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@42276


git-svn-id: http://core.svn.wordpress.org/branches/4.6@42105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-11-29 16:21:34 +00:00
Gary Pendergast
9c29274681 Bump 4.6 branch to version 4.6.8. 
Built from https://develop.svn.wordpress.org/branches/4.6@42071


git-svn-id: http://core.svn.wordpress.org/branches/4.6@41900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-31 13:15:33 +00:00
Dominik Schilling
8dc1cd00a1 Taxonomy/Users: Use correct escaping function for URLs. 
Merge of [41522] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@41525


git-svn-id: http://core.svn.wordpress.org/branches/4.6@41358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 21:28:32 +00:00
Dominik Schilling
8d5d807270 Bump 4.6 branch to version 4.6.7. 
Built from https://develop.svn.wordpress.org/branches/4.6@41512


git-svn-id: http://core.svn.wordpress.org/branches/4.6@41345 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 19:59:33 +00:00
John Blackbourn
4733856aee Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues. 
Merges [41457] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@41460


git-svn-id: http://core.svn.wordpress.org/branches/4.6@41293 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 14:39:34 +00:00
Dominik Schilling
acd952f9c7 Taxonomy/Users: Provide a fallback for incorrect HTTP referrers. 
Merge of [41398] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@41419


git-svn-id: http://core.svn.wordpress.org/branches/4.6@41252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 11:12:41 +00:00
John Blackbourn
f12b16a291 General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area. 
Merges [41413] to the 4.6 branch

See #13377

Built from https://develop.svn.wordpress.org/branches/4.6@41414


git-svn-id: http://core.svn.wordpress.org/branches/4.6@41247 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 10:22:34 +00:00
Aaron Campbell
bacf919c26 Bump 4.7 branch to version 4.6.6. 
Built from https://develop.svn.wordpress.org/branches/4.6@40749


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 21:49:33 +00:00
Aaron Campbell
e07088f06e Add nonce for updating file system credentials. 
Merges [40723] to 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40725


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40583 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 14:53:33 +00:00
Dominik Schilling
f2f9b5e493 Customize: Ignore invalid customization sessions. 
Merge of [40704] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@40706


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 12:15:34 +00:00
Pascal Birchler
43c3b11cee Bump 4.6 branch to version 4.6.5. 
Built from https://develop.svn.wordpress.org/branches/4.6@40488


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-20 16:22:35 +00:00
Pascal Birchler
98c13fefb2 Fix broken audio/video functions when sanitizing ID3 data 
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

See #40075, #40085.

Merges [40400] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40461


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40337 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-17 13:07:36 +00:00
James Nylen
299bfe429c Bump 4.6 branch to version 4.6.4. 
Built from https://develop.svn.wordpress.org/branches/4.6@40203


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40142 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 16:08:34 +00:00
John Blackbourn
70a97d6789 Press This: Verify intent before fetching in-page resources using Press This. 
Props vortfu

Merges [40195] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40197


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 13:58:33 +00:00
Aaron Campbell
b67b8d56d9 Plugins: Add file check to plugin deletions. 
Merges [40169] to 4.6 branch.


Built from https://develop.svn.wordpress.org/branches/4.6@40171


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 12:59:34 +00:00
Jeremy Felt
fe1162e5f1 Validate video and audio metadata. 
Merge of [40148] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40150


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40089 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-06 08:04:35 +00:00
Aaron Campbell
baf66f786a Bump 4.6 branch to version 4.6.3. 
Built from https://develop.svn.wordpress.org/branches/4.6@39996


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39933 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 18:16:33 +00:00
Dominik Schilling
88e92019c3 Press This: Do not show Categories & Tags UI for users who cannot assign terms to posts anyways. 
Merge of [39968] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@39971


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:10:33 +00:00
John Blackbourn
df08ef2450 Posts, Post Types: When using Excerpt mode on the Posts list table, ensure the excerpt output matches what was manually entered into the Excerpt field. 
Merges [39956] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@39970


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-26 14:09:35 +00:00
Aaron Campbell
9cbfb359cb Use plural string 'Maintenance and Security Releases' since we have two now 
Built from https://develop.svn.wordpress.org/branches/4.6@39847


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 15:31:32 +00:00
Aaron Campbell
74ecd3d1f3 Bump 4.6 branch to version 4.6.2. 
Built from https://develop.svn.wordpress.org/branches/4.6@39846


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 15:24:33 +00:00
Dominik Schilling
b6f03a6084 Updates: Translate plugin data on the Updates screen. 
Merge of [39808] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@39821


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39759 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 11:40:06 +00:00
Aaron Campbell
ebbfc7179c Add nonce for widget accessibility mode. 
Props vortfu.

See #23328.

Merges [39760] to 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@39762


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-01-11 01:43:35 +00:00
Aaron Campbell
38430b0533 Media: Improved media titles when created from filename. 
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.

Merge of [38614] to the 4.6 branch.

Props joemcgill.
Fixes #37989.


Built from https://develop.svn.wordpress.org/branches/4.6@38615


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-17 06:27:31 +00:00
Jeremy Felt
1e85e502a0 Bump 4.6 branch to 4.6.1. 
Built from https://develop.svn.wordpress.org/branches/4.6@38549


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 14:57:32 +00:00
Jeremy Felt
e860e24b6e Media: Sanitize upload filename. 
Merge of [38538] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@38539


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-07 13:57:29 +00:00
Pascal Birchler
b9f38d1aa8 Upgrade/Install: Sanitize file name in File_Upload_Upgrader. 
Merge of [38524] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@38525


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-09-06 17:29:31 +00:00
Jeremy Felt
0c064f4ed8 Editor: fix jumpiness on pressing backspace and delete in the Text editor. 
Merge of [38426] to the 4.6 branch.

Props azaozz.
Fixes #37690.

Built from https://develop.svn.wordpress.org/branches/4.6@38487


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 23:13:30 +00:00
Jeremy Felt
b39313803a Upgrade/Install: After [37687], fix the number of params passed to the upgrade hooks. 
`wp_version_check()`, `wp_update_plugins()` and `wp_update_themes()` are all originally hooked to the `upgrader_process_complete` action with zero arguments passed to them. Zero arguments should be passed when re-adding them after translation updates, otherwise the sky will fall.

Merge of [38415] to the 4.6 branch.

Props ionutst, gitlost, swissspidy.
Fixes #37731.

Built from https://develop.svn.wordpress.org/branches/4.6@38475


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 18:12:30 +00:00
Dominik Schilling
73d78fbe90 About Page: Add release video and move images to CDN. 
Merge of [38267] to the 4.6 branch.

Props JerrySarcastic, rosso99, petya, hugobaeta, RoseAppleMedia.
See #37246.
Built from https://develop.svn.wordpress.org/branches/4.6@38268


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-16 18:02:01 +00:00
Dominik Schilling
9652a4916b About Page: Enhance responsive images. 
* Add `srcset` and `sizes` to the mobile image for streamlined updates.
* Modify the order of image candidate strings in each `srcset` to address a bug in iOS8 where the first candidate will always be selected when using `w` descriptors, see #35030.

Merge of [38257] to the 4.6 branch.

Props joemcgill.
See #37246.
Built from https://develop.svn.wordpress.org/branches/4.6@38258


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-13 19:33:31 +00:00
Dominik Schilling
05eb0237ce About Page: Fix punctuation errors in two strings. 
Merge of [38248] to the 4.6 branch.

See #37246.
Built from https://develop.svn.wordpress.org/branches/4.6@38249


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-11 20:54:54 +00:00
Dominik Schilling
73f3896134 About Page: Updates for 4.6. 
Merge of [38213], [38215], [38234], and [38244] to the 4.6 branch.

Props hugobaeta, Ipstenu, SergeyBiryukov, Presskopp, jeremyfelt, afragen, helen, Clorith, macmanx, DrewAPicture, voldemortensen, jorbin, joemcgill, MattyRob, ocean90.
Fixes #37246.
Built from https://develop.svn.wordpress.org/branches/4.6@38245


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38186 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-10 23:57:30 +00:00
Dominik Schilling
7fec14f382 Upgrader: Rename class-wp-automatic-upgrader.php to class-wp-automatic-updater.php. 
The class is named `WP_Automatic_Updater` not `WP_Automatic_Upgrader` like all the other upgrader classes. 

Introduced in [37409].

Merge of [38242] to the 4.6 branch.

Props DrewAPicture for review.
Fixes #37628.
Built from https://develop.svn.wordpress.org/branches/4.6@38243


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-10 19:57:30 +00:00
Andrew Ozz
ae8722f109 Update/Install error messages: do not escape from the template, escape the error message string before inserting it. 
Props swissspidy, ocean90.
Fixes #37623 for 4.6.
Built from https://develop.svn.wordpress.org/branches/4.6@38241


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-10 19:06:31 +00:00
Drew Jaynes
444cb81b45 Update/Install: Provide basic back-compat styling for the .update-message CSS class in the plugins list table. 
This change restores only the margin and padding styles for the `.update-message` class when used by plugins in the context of adding arbitrary rows to the list table. The inline-update colors and icon styles were not restored, expressly with a wide variety of plugin use-cases in mind.

Merge of [38237] to the 4.6 branch.

Props ovann86, rahulsprajapati, ocean90, DrewAPicture.
Props helen for review.
Fixes #37504. 

Built from https://develop.svn.wordpress.org/branches/4.6@38238


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-09 22:49:33 +00:00
Dominik Schilling
dd5cb26de2 Media: In _wp_handle_upload() use call_user_func_array() to call the upload error handler. 
The default error handler `wp_handle_upload_error()` expects a reference for the first parameter but `call_user_func()` doesn't pass parameters by reference. The current code didn't produce any issues until now. PHP 7.0.9 (and PHP 7.1) is now stricter and prevents calling the error handler with a warning:
> PHP Warning:  Parameter 1 to wp_handle_upload_error() expected to be a reference, value given.

To restore the error handler `_wp_handle_upload()` now uses `call_user_func_array()`.

Merge of [38235] to the 4.6 branch.

Props jbrinley.
Props jorbin for review.
See #37570.
Built from https://develop.svn.wordpress.org/branches/4.6@38236


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-09 21:56:30 +00:00
Dominik Schilling
9c0dfce2ac Updates: Add visual feedback when deleting themes/plugins. 
This corrects the selector for the delete link in `wp.updates.deletePlugin()` so the text can be changed to 'Deleting…'. `wp.updates.deleteTheme()` already worked on wp-admin/themes.php but not on wp-admin/network/themes.php because the network screen is similar to the plugins list table, this is now fixed too.
The `credential-modal-cancel` handler has been updated to support canceled delete jobs.

Merge of [38227] to the 4.6 branch.

Props swissspidy.
Props jorbin for review.
See #37603.
Built from https://develop.svn.wordpress.org/branches/4.6@38228


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-09 10:41:36 +00:00