Commit Graph

162 Commits

Author SHA1 Message Date
Scott Taylor
b930c3a6fe Cleanup wp_widget_rss_form() after [28734]. "$$input used sanitized variables which contained actual values, unlike $inputs[$input] which in that context contains data about which input fields are hidden."
Props kovshenin.
Fixes #27881.

Built from https://develop.svn.wordpress.org/trunk@28787


git-svn-id: http://core.svn.wordpress.org/trunk@28600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-20 17:29:14 +00:00
Scott Taylor
ecf0e4702f Don't use a variable variable in wp_widget_rss_form(). Sidenote: the logic to show hidden fields is bizarre - would result in duplicate fields.
See #27881.

Built from https://develop.svn.wordpress.org/trunk@28734


git-svn-id: http://core.svn.wordpress.org/trunk@28548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-11 16:18:17 +00:00
Sergey Biryukov
f4a6632200 Clean up wp_widget_rss_output():
* Fix appending […] to $summary.
* Use wp_trim_words() instead of wp_html_excerpt().
* Trim $title before checking if it's empty. props UmeshSingla.
* Use correct escaping function for $title.

fixes #28356.
Built from https://develop.svn.wordpress.org/trunk@28586


git-svn-id: http://core.svn.wordpress.org/trunk@28411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-27 11:08:14 +00:00
Scott Taylor
49af14fde0 WP_Date_Query was only missing one access modifier.
Add access modifier (`public`) to all default widgets' class methods.

See #27881, #22234.

Built from https://develop.svn.wordpress.org/trunk@28532


git-svn-id: http://core.svn.wordpress.org/trunk@28358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-19 17:30:17 +00:00
Scott Taylor
fdaea6b7f2 Eliminate use of extract() in wp_widget_rss_form().
See #22400.

Built from https://develop.svn.wordpress.org/trunk@28449


git-svn-id: http://core.svn.wordpress.org/trunk@28276 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-16 15:38:14 +00:00
Scott Taylor
6e8e30bb1e Eliminate use of extract() in wp_widget_rss_output().
Add `'items' => 0` to `$default_args`. When `0`, the value is set to `10` (the fallback). 
Every other default arg has a default value of `0`.

`items` is expected to always be passed to this function.

See #22400.

Built from https://develop.svn.wordpress.org/trunk@28440


git-svn-id: http://core.svn.wordpress.org/trunk@28267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 19:42:13 +00:00
Scott Taylor
157f811a5e Eliminate use of extract() in WP_Widget_RSS::widget().
See #22400.

Built from https://develop.svn.wordpress.org/trunk@28439


git-svn-id: http://core.svn.wordpress.org/trunk@28266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 19:36:15 +00:00
Scott Taylor
67c51361d6 Eliminate use of extract() in default-widgets.php.
Props rzen, wonderboymusic.

See #22400.

Built from https://develop.svn.wordpress.org/trunk@28433


git-svn-id: http://core.svn.wordpress.org/trunk@28260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 16:33:15 +00:00
Mark Jaquith
a43313fe12 Use '— Select —' instead of '-- Select --' for nav menus. Looks nicer.
see #27878
Built from https://develop.svn.wordpress.org/trunk@28205


git-svn-id: http://core.svn.wordpress.org/trunk@28035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-25 00:35:25 +00:00
Mark Jaquith
8c830cef80 Force users to choose a nav menu in the custom nav menu widget, for a better customizer UX
Before, they had to make a dummy change to get it to render. Now they
are made to choose a nav menu from the dropdown, which feels more
natural.

fixes #27878 for trunk. props westonruter
Built from https://develop.svn.wordpress.org/trunk@28197


git-svn-id: http://core.svn.wordpress.org/trunk@28027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-24 20:45:31 +00:00
Dominik Schilling
77beef348d Recent Posts Widget: Use ob_end_flush() instead of ob_flush().
`ob_end_flush()` flushes the output buffer *and* turns output buffering off, same as `ob_get_flush()`.

props m_i_n.
see #28009 for trunk.

Built from https://develop.svn.wordpress.org/trunk@28195


git-svn-id: http://core.svn.wordpress.org/trunk@28025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-24 19:48:19 +00:00
Dominik Schilling
598907559c WP_Widget: Introduce is_preview() method.
With the Widget Customizer it's possible that previewed widgets can leak data outside of Customizer, when the widget uses the cache API.
The Customizer calls the regular update callback which should already refresh the cache. Since cache additions aren't blocked yet the cache can be filled with preview data.
To prevent this issue `WP_Widget::is_preview()` will return true, when `$wp_customize->is_preview()` returns true. If `is_preview()` is true, cache additions are suspended via `wp_suspend_cache_addition()`. Make sure your object cache drop-in has implemented `wp_suspend_cache_addition()`.

`is_preview()` can/should also be used inside `WP_Widget::widget()`, see WP_Widget_Recent_Posts or WP_Widget_Recent_Comments for examples.

For more info see IRC logs: http://irclogs.wordpress.org/chanlog.php?channel=wordpress-dev&day=2014-04-02&sort=asc#m824279

props westonruter.
fixes #27538.
Built from https://develop.svn.wordpress.org/trunk@27966


git-svn-id: http://core.svn.wordpress.org/trunk@27796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-06 18:48:16 +00:00
Drew Jaynes
e6d9f04bcc Inline documentation for hooks in wp-includes/default-widgets.php.
Props janw.oostendorp and kpdesign.
Fixes #25638.

Built from https://develop.svn.wordpress.org/trunk@27697


git-svn-id: http://core.svn.wordpress.org/trunk@27536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-25 08:53:14 +00:00
Andrew Nacin
3ffc6dd559 RSS widgets: Omit the title attribute when the summary is shown.
Trim the title attribute to ensure whitespace isn't rendered.

props SergeyBiryukov.
fixes #26520. see #26552.

Built from https://develop.svn.wordpress.org/trunk@27691


git-svn-id: http://core.svn.wordpress.org/trunk@27530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-24 21:08:15 +00:00
Dominik Schilling
e1fde8d510 In Recent Posts widget set default number to 5.
props afercia.
fixes #27417.
Built from https://develop.svn.wordpress.org/trunk@27561


git-svn-id: http://core.svn.wordpress.org/trunk@27404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-17 17:01:14 +00:00
John Blackbourn
79d274f2f6 Add context and a missing period to widget descriptions. Fixes #26668. Props pavelevap, Hanni
Built from https://develop.svn.wordpress.org/trunk@27412


git-svn-id: http://core.svn.wordpress.org/trunk@27259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-05 17:26:17 +00:00
Andrew Nacin
0c16c0477b Reference https://wordpress.org rather than http://wordpress.org in strings, links, comments, etc.
props Ipstenu, markjaquith.
see #27115.

Built from https://develop.svn.wordpress.org/trunk@27369


git-svn-id: http://core.svn.wordpress.org/trunk@27219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-03 02:34:27 +00:00
Andrew Ozz
db074f8e65 Widgets: improve the help text on the Widgets screen, props siobhan, props Hanni, fixes #26244.
Built from https://develop.svn.wordpress.org/trunk@26505


git-svn-id: http://core.svn.wordpress.org/trunk@26399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-01 18:29:09 +00:00
Andrew Nacin
791e807f08 More dash updates.
* Shuffle around some pixels.
 * Rename some things that weren't caught in [26220].
 * Revert default-widgets.php change from [26144].
props lessbloat.
see #25824.

Built from https://develop.svn.wordpress.org/trunk@26230


git-svn-id: http://core.svn.wordpress.org/trunk@26137 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-15 22:23:09 +00:00
Andrew Nacin
809b335f7a Merge the new dashboard design into core.
Merges https://github.com/growthdesigner/wp-dash.

props lessbloat, joen, helen, dbernar1, kraftbj, ryelle, tillkruess, grapplerulrich, markjaquith.
see #25824.

Built from https://develop.svn.wordpress.org/trunk@26144


git-svn-id: http://core.svn.wordpress.org/trunk@26055 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 22:09:10 +00:00
Andrew Nacin
ce637bdcb3 Remove redundant title attributes.
props sabreuse.
see #24766.

Built from https://develop.svn.wordpress.org/trunk@25675


git-svn-id: http://core.svn.wordpress.org/trunk@25591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-02 22:51:10 +00:00
Scott Taylor
569bcc5dad Use wp_get_nav_menus() instead of get_terms('nav_menu') in WP_Nav_Menu_Widget to preserve use of `wp_get_nav_menus' filter.
Props Frank Klein.
Fixes #25263.


Built from https://develop.svn.wordpress.org/trunk@25332


git-svn-id: http://core.svn.wordpress.org/trunk@25294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 23:30:10 +00:00
Sergey Biryukov
05d55a400b Avoid PHP notices when configuring the Incoming Links dashboard widget. fixes #25250.
Built from https://develop.svn.wordpress.org/trunk@25298


git-svn-id: http://core.svn.wordpress.org/trunk@25261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-07 18:17:10 +00:00
Dominik Schilling
79fffba674 Flush the cache in Recent Comments widget on edit_comment. props pento, fixes #24779.
Built from https://develop.svn.wordpress.org/trunk@25049


git-svn-id: http://core.svn.wordpress.org/trunk@25036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-17 09:30:09 +00:00
Sergey Biryukov
98d6c31f84 Avoid an undefined index notice in WP_Widget_Recent_Posts::update(). props jrf. fixes #24577.
git-svn-id: http://core.svn.wordpress.org/trunk@24504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-23 08:20:08 +00:00
Sergey Biryukov
633a6fb400 Don't append ellipsis in RSS widget if the entire content is shown. props kovshenin. fixes #21702.
git-svn-id: http://core.svn.wordpress.org/trunk@24213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-08 23:23:05 +00:00
Sergey Biryukov
13c93f4dd5 Simplify logic in WP_Widget_Recent_Posts and WP_Widget_Recent_Comments. fixes #23089.
git-svn-id: http://core.svn.wordpress.org/trunk@23597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-04 02:14:23 +00:00
Ryan Boren
43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Sergey Biryukov
7b62637af7 Add a missing closing tag. fixes #23510. see #14358.
git-svn-id: http://core.svn.wordpress.org/trunk@23454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-19 02:06:21 +00:00
Sergey Biryukov
6a8a7a76b4 Filter "Powered by WordPress" text in Meta widget. props Viper007Bond, wonderboymusic. fixes #14358.
git-svn-id: http://core.svn.wordpress.org/trunk@23424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-15 16:20:14 +00:00
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Sergey Biryukov
7a77f47f55 Use correct escaping function. fixes #23334.
git-svn-id: http://core.svn.wordpress.org/trunk@23413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 05:52:23 +00:00
Andrew Nacin
f2f9551287 Add context to the 'Random' string. It is now used in two places: gallery order and the links widget. props pavelevap, fixes #22724.
git-svn-id: http://core.svn.wordpress.org/trunk@23021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-04 14:49:44 +00:00
Andrew Nacin
56c1b7c7ff Final HiDPI tweaks. Don't use rss-2x.png on a front-end widget. Improve selectors for favicons in the toolbar to avoid breaking existing images. Remove unnecessary RTL styles. FIXES #21019.
git-svn-id: http://core.svn.wordpress.org/trunk@22481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-09 02:06:59 +00:00
Andrew Ozz
1276bcefb5 More retina backgrounds and bits, props saracannon, empireoflight and lessbloat, see #21019
git-svn-id: http://core.svn.wordpress.org/trunk@22439 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 20:54:08 +00:00
Andrew Nacin
dc40f18228 Merge some strings. props pavelevap. fixes #22306.
git-svn-id: http://core.svn.wordpress.org/trunk@22430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 19:37:54 +00:00
Andrew Nacin
fb2c9e7e4f Prime post caches for the Recent Comments widget. props mitchoyoshitaka. see #15400.
git-svn-id: http://core.svn.wordpress.org/trunk@22278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-23 14:18:37 +00:00
Ryan Boren
77518e9c71 Objects no longer need to be explicitly passed by ref to call_user_func*() to be callable. Props wonderboymusic. fixes #21865
git-svn-id: http://core.svn.wordpress.org/trunk@22118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-04 20:00:16 +00:00
Andrew Nacin
0ced797e20 Close label. props lancewillett, fixes #21064.
git-svn-id: http://core.svn.wordpress.org/trunk@21978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-24 19:16:53 +00:00
Peter Westwood
d8e08eb3c2 Widgets: Add support for display the post date in the Recent Posts widget. Fixes #21064 props lancewillett and SergeyBiryukov.
git-svn-id: http://core.svn.wordpress.org/trunk@21935 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-21 10:05:54 +00:00
Andrew Nacin
a2b71e7fae Use selected() in default widgets. props SergeyBiryukov, iamfriendly. fixes #21451.
git-svn-id: http://core.svn.wordpress.org/trunk@21867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-16 16:51:12 +00:00
Andrew Nacin
aa2fdd48ae Calendar widget: Don't print widget title markup when the title is empty. props jakub.tyrcha. fixes #17837.
git-svn-id: http://core.svn.wordpress.org/trunk@21841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-13 19:46:24 +00:00
Andrew Nacin
84c3a86036 Hide the link manager from the UI on upgrade, if the site has no links. New DB option, link_manager_enabled.
Enforce this by denying the 'manage_links' capability, which hides the All Links, Add New Link, and Link Categories screens. Hide WP_Widget_Links and the UI for the default_link_category as well.

Convert all references to 'posts and links' when handling reassignment on user deletion to just 'posts'.

see #21307.



git-svn-id: http://core.svn.wordpress.org/trunk@21501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-13 16:18:42 +00:00
nacin
64f77982ab Use get_taxonomies() instead of get_object_taxonomies() in the tag cloud widget. props GautamGupta, scribu. see #20238, see #16125.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-24 14:00:52 +00:00
duck_
8750c95b4a Remove dead code from the Links widget. Props pavelevap, SergeyBiryukov. Fixes #19179.
The widget() method isn't called on the admin screen.


git-svn-id: http://svn.automattic.com/wordpress/trunk@20245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-21 21:01:05 +00:00
duck_
e8fb683689 Add a trailing colon for consistency with other widget labels. See #20158.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20083 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-02 20:25:12 +00:00
duck_
44202223d8 Unhide the Select Link Category label. Fixes #20158.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20081 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-02 20:21:43 +00:00
duck_
aea371da0d Add sorting and limiting to the links widget. Props yoavf. Fixes #12785.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-02 13:58:58 +00:00
nacin
814d899e88 Add widget_comments_args and widget_post_args filters. props ramiy, fixes #16159.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-29 21:56:24 +00:00
duck_
6b5a66022c Echo "WordPress.org" as well as translating it in the Meta widget. See #19603.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-06 19:52:42 +00:00