Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
WordPress/wp-includes
History
Ryan Boren 315bfb019a Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 		2013-03-03 21:11:40 +00:00
..
SimplePie SimplePie: Return nothing and throw an error in SimplePie_Sanitize when DOMDocument is disabled. 2012-12-02 16:43:12 +00:00
Text
css * Simplify jQuery UI slider CSS and bring into line with admin styles. 2013-03-01 19:24:03 +00:00
images Copy wpspin_light to wp-includes as wpspin.gif. Use it in media views. see #22728. 2012-12-04 16:18:53 +00:00
js Media: Reset modal after gallery insertion. 2013-03-03 07:36:21 +00:00
pomo Avoid 'Only variables should be passed by reference' warning. fixes #23232. 2013-01-31 01:01:19 +00:00
theme-compat Don't return encoded ampersands from get_post_comments_feed_link() to avoid canonical redirect issues. Apply esc_url() when appropriate. 2012-11-07 19:56:10 +00:00
admin-bar.php Move admin bar initialization from init to template_redirect, so conditional tags may be used in the show_admin_bar filter. props scribu. fixes #20101. 2013-02-28 16:56:35 +00:00
atomlib.php
author-template.php esc_url() when printing a URL into an attribute, even when it is known to be safe. (see #17562) 2013-02-28 18:58:52 +00:00
bookmark-template.php In wp_list_bookmarks(), don't stomp the categorize argument. Fixes categorized display in the links widget. 2012-11-28 23:19:03 +00:00
bookmark.php Don't cache a non-existent link in get_bookmark(). props wonderboymusic, fixes #21159. 2012-09-13 16:41:43 +00:00
cache.php Correct inline docs for cache.php. props ocean90. fixes #23058. 2013-01-22 20:44:30 +00:00
canonical.php Consistently use $wp_rewrite->index instead of hardcoding "index.php". 2013-01-18 13:44:22 +00:00
capabilities.php Pass old roles to set_user_role action. props awellis13. fixes #19134. 2013-01-31 01:15:25 +00:00
category-template.php Don't bail from get_the_terms() if the post type is not registed for the taxonomy. This can break back compat when add_post_type_support( 'page', 'post-formats' ) is called but register_taxonomy_for_object_type( 'postr_-format', 'page' ) is not. 2012-11-20 18:31:06 +00:00
category.php Pinking shears 2012-11-17 15:11:29 +00:00
class-IXR.php Specify the encoding in IXR_Server::output(). Props solarissmoke, sergey.s.betke@novgaro.ru, SergeyBiryukov. fixes #4794 2012-08-15 20:12:00 +00:00
class-feed.php Do SimplePie sanitization with wp_kses_post() rather than DOMDocument, which cannot be guaranteed to be available. 2012-11-22 07:23:43 +00:00
class-http.php HTTP API: Introduce wp_is_writable() to wrap win_is_writable() and is_writable() to work around PHP Windows ACL issues. See #22900 for trunk 2013-01-03 08:04:11 +00:00
class-json.php Update to Services_JSON 1.0.3. props bpetty. fixes #21568. 2013-02-02 02:09:01 +00:00
class-oembed.php Check for DOMDocument when parsing oEmbed XML responses. 2012-12-10 22:49:45 +00:00
class-phpass.php
class-phpmailer.php Update to PHPMailer 5.2.4. props bpetty. fixes #21074. 2013-02-28 18:33:13 +00:00
class-pop3.php
class-simplepie.php Update SimplePie to 1.3.1. Props rmccue, ocean90. fixes #22321 2012-11-05 14:25:25 +00:00
class-smtp.php Update to PHPMailer 5.2.4. props bpetty. fixes #21074. 2013-02-28 18:33:13 +00:00
class-snoopy.php
class-wp-admin-bar.php Skip To links: visually hide by only setting top: -1000em; (this should make them work well in all screen readers), fixes #21312 2012-11-20 21:14:49 +00:00
class-wp-ajax-response.php Specify the charset in WP_Ajax_Response::send(). Props sergey.s.betke@novgaro.ru, SergeyBiryukov. fixes #19448 2012-08-15 18:17:21 +00:00
class-wp-customize-control.php Customizer uploader control: Pass arrays of extensions around instead. see #22149. 2012-11-10 04:59:46 +00:00
class-wp-customize-manager.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
class-wp-customize-section.php Refactor the Customizer accordion so that it can be used in other locations. 2013-02-14 22:58:04 +00:00
class-wp-customize-setting.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
class-wp-editor.php Ensure [23122] gets parsed as context. props TobiasBg. fixes #22808. 2012-12-07 18:50:16 +00:00
class-wp-embed.php Use correct escaping function. props duck_. 2013-01-22 16:37:54 +00:00
class-wp-error.php
class-wp-http-ixr-client.php
class-wp-image-editor-gd.php Only unset() after we have confirmed we are not dealing with a WP_Error. props DH-Shredder. fixes #22824. 2012-12-09 17:02:22 +00:00
class-wp-image-editor-imagick.php Only unset() after we have confirmed we are not dealing with a WP_Error. props DH-Shredder. fixes #22824. 2012-12-09 17:02:22 +00:00
class-wp-image-editor.php Image editors: After cropping, request new sizes from the image. If we rely on the values passed in, they may be floats. We must see what the image results in. 2012-12-06 07:56:04 +00:00
class-wp-theme.php Make Twenty Thirteen the default theme. 2013-02-28 19:01:07 +00:00
class-wp-walker.php Make sure the array exists before adding an element to it. props rodrigosprimo. fixes #23272. 2013-01-25 12:24:10 +00:00
class-wp-xmlrpc-server.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
class-wp.php Remove double-strip on HTTP_IF_NONE_MATCH, which was done years ago (in #2597). see #21767. 2013-03-01 17:51:16 +00:00
class.wp-dependencies.php Revert [21420] and [21481]. Accepting a string caused back compat problems including the possibility of revealing previously hidden circular dependencies resulting in infinite loops. 2012-10-23 20:32:12 +00:00
class.wp-scripts.php Allow protocol-relative URLs when registering/enqueueing scripts and styles. 2012-06-28 20:18:38 +00:00
class.wp-styles.php Allow protocol-relative URLs when registering/enqueueing scripts and styles. 2012-06-28 20:18:38 +00:00
comment-template.php Put required field indicators within labels. Update styling of bundled themes to accommodate. Props MikeHansenMe. fixes #21897 2012-10-05 16:34:32 +00:00
comment.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
compat.php
cron.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
default-constants.php Make Twenty Thirteen the default theme. 2013-02-28 19:01:07 +00:00
default-filters.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
default-widgets.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
deprecated.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
feed-atom-comments.php its <=> it's in documentation, along with a rogue the, The, and looses. props trepmal. fixes #22665. 2012-12-20 15:55:32 +00:00
feed-atom.php Don't return encoded ampersands from get_post_comments_feed_link() to avoid canonical redirect issues. Apply esc_url() when appropriate. 2012-11-07 19:56:10 +00:00
feed-rdf.php
feed-rss.php
feed-rss2-comments.php Use get_search_query() in feed-rss2-comments.php. Props SergeyBiryukov. fixes #21365 2012-07-25 18:04:17 +00:00
feed-rss2.php Use the_content_feed() when looking for zero-length post content for RSS2 feeds. Now you can have blank posts with content generated by the_content filters. props SergeyBiryukov. fixes #15604 2012-07-09 03:33:01 +00:00
feed.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
formatting.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
functions.php Ensure the referer functions operate completely on unslashed data: wp_referer_field(), wp_original_referer_field(), wp_get_referer(), wp_get_original_referer(). 2013-03-01 17:58:43 +00:00
functions.wp-scripts.php Add underscore and backbone to the do-not-deregister list of scripts. 2013-02-08 05:11:27 +00:00
functions.wp-styles.php Stop recommending the init hook in the _doing_it_wrong() message for too-early scripts and styles. Instead, recommend the three _enqueue_scripts hooks. If they're noticing they are doing it wrong, let's push them to 100% correct, not partly correct. 2013-02-02 02:42:09 +00:00
general-template.php Fix typo in wp_heartbeat_settings, see #23216 2013-02-25 04:19:51 +00:00
http.php Handle pre-flighted OPTIONS requests in send_origin_headers(). Props nacin. fixes #21024 2012-09-24 21:39:04 +00:00
kses.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
l10n.php Theme Translations: Allow for theme pomo files to be loaded from WP_LANG_DIR/themes/{$domain}-{$locale}.(p|m)o. 2012-10-31 21:30:33 +00:00
link-template.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
load.php Ensure we have a charset before calling mb_internal_encoding(), avoiding an unnecessary (if suppressed) warning. props dfavor. fixes #23093. 2013-02-02 02:01:29 +00:00
locale.php
media-template.php Media: Restore 3.4 behavior by consulting the old-school DB options for default align, size, and link properties. 2013-01-04 08:02:16 +00:00
media.php Deprecate wp_convert_bytes_to_hr() in favor of size_format(). props F J Kaiser. fixes #19067. 2013-02-16 03:07:56 +00:00
meta.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
ms-blogs.php Remove unused global reference. props aaroncampbell. fixes #23541. 2013-02-20 00:18:15 +00:00
ms-default-constants.php Multisite in a subdirectory: For subdomain installs, use a root admin cookie path, not a wp-admin specific one. 2012-12-04 00:51:02 +00:00
ms-default-filters.php Remove ms-files.php rewriting from WordPress multisite. fixes #19235. 2012-09-11 22:22:20 +00:00
ms-deprecated.php Deprecate get_user_id_from_string() in favor of get_user_by( $field ) where $field is 'email' or 'login'. props SergeyBiryukov. fixes #23190. 2013-02-16 03:02:15 +00:00
ms-files.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 16:30:38 +00:00
ms-functions.php In ms-functions.php, remove unnecessary slashing, don't strip the return of get_site_option, s/stripslashes*/wp_unslash/. 2013-03-03 16:55:53 +00:00
ms-load.php Merge two strings. props pavelevap, see #22306. 2012-11-07 22:03:23 +00:00
ms-settings.php Resurrect the switched global. Some are still using it. see #21459 2012-08-22 03:34:00 +00:00
nav-menu-template.php Add a filter for attributes on menu item links. props simonwheatley, DrewAPicture, SergeyBiryukov, nacin. fixes #16738. 2013-03-01 17:06:35 +00:00
nav-menu.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
option.php Ensure we strictly compare 'alloptions' and 'notoptions' when protecting these special options. 2013-02-28 16:49:20 +00:00
pluggable-deprecated.php Correct the deprecated notice in AtomPub's deprecated class. see #22855. 2012-12-26 20:35:27 +00:00
pluggable.php Remove unnecessary stripslashes(). 2013-03-03 20:55:30 +00:00
plugin.php Correct phpdoc for wp-includes/plugin.php: wp-content/plugins/, not wp-content/plugin/. props technosailor. fixes #23024. 2012-12-20 15:49:55 +00:00
post-formats.php Remove default content from post format compat output. We shouldn't magically create content for display not specified by the user, especially given that the current compat is handling the case of new data, old theme. see #23347. 2013-02-27 22:10:08 +00:00
post-template.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 21:11:40 +00:00
post-thumbnail-template.php Fix the PHPDoc for the_post_thumbnail(). props georgestephanis. fixes #22885 2012-12-29 17:59:08 +00:00
post.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 21:11:40 +00:00
query.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
registration-functions.php
registration.php
revision.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 21:11:40 +00:00
rewrite.php Remove bogus pagination rules from the comments permastruct. (As in, comments/page/?([0-9]{1,})/?$.) props wonderboymusic, fixes #21138. 2013-02-28 18:35:13 +00:00
rss-functions.php
rss.php its <=> it's in documentation, along with a rogue the, The, and looses. props trepmal. fixes #22665. 2012-12-20 15:55:32 +00:00
script-loader.php Update Backbone to 0.9.10. Update media to handle breaking changes. 2013-03-03 07:04:06 +00:00
shortcodes.php Update shortcode regular expression commentary. See #17657. 2012-11-06 14:47:33 +00:00
taxonomy.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 21:11:40 +00:00
template-loader.php Clean up [22347] a bit. see #14348 2012-10-31 23:01:13 +00:00
template.php Make sure .widefat border and background coloring only applies to tables. props MikeHansenMe. fixes #21936. 2013-01-22 14:44:04 +00:00
theme.php Implement theme support for structured-post-formats, which will supercede theme support for post-formats. Usage is the same as declaring support for post-formats: `add_theme_support( 'structured-post-formats', array( 'quote', 'video' ) )`. Adding `structured-post-formats` support also adds `post-formats` support for the given format(s) underneath. 2013-02-21 22:48:09 +00:00
update.php Tighten our braces. Fixes #23118 props evansolomon. 2013-01-04 10:13:51 +00:00
user.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-03 21:11:40 +00:00
vars.php TinyMCE: better exclusion of Opera mobile, fixes #21416 2012-07-30 19:40:52 +00:00
version.php Remove the three default contact methods (AIM, YIM, Jabber) for new installs. fixes #11541. 2013-03-03 03:00:34 +00:00
widgets.php Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 2013-03-01 16:28:40 +00:00
wlwmanifest.xml
wp-db.php Enforce a minimum of two arguments for wpdb::prepare(). The first argument is the query (or fragment thereof), which is required. Additional arguments are values to substitute into placeholders. 2012-11-07 19:30:59 +00:00
wp-diff.php Revisions: First pass an implementing a new UI/UX for reviewing the revisions of posts. See #23497 props adamsilverstein for the initial patch. 2013-02-28 15:14:34 +00:00