Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-07-04 02:35:47 +02:00
Code Issues Projects Releases Wiki Activity
39fb7992a9
WordPress/wp-includes
History
Boone Gorges 39fb7992a9 Require numeric IDs in user deletion functions. 
`wp_delete_user()` and `wpmu_delete_user()` both require an `$id` parameter.
Previously, the functions did not verify that the value passed was, in fact,
a number. As such, passing an object or any other entity that would be cast
to int `1` would result in user 1 being deleted. We fix this by enforcing
the requirement that `$id` be numeric.

Props dipesh.kakadiya, utkarshpatel, juliobox.
Fixes #33800.
Built from https://develop.svn.wordpress.org/trunk@34034


git-svn-id: http://core.svn.wordpress.org/trunk@34002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 02:25:23 +00:00
..
certificates
css Grunt RTL CSS: swap-dashicons-left-right-arrows in rtlcss:properties expects double-quoted content strings in CSS. It doesn't swap single-quoted values. 2015-09-10 20:22:25 +00:00
fonts
ID3
images
js Set the secure flag on the wp-saving-post cookie when using HTTPS. 2015-09-10 22:42:23 +00:00
pomo
SimplePie
Text
theme-compat Drop the hyphen from e-mail and standardize on email. 2015-08-28 03:17:21 +00:00
widgets Docs: Use the $widget_links_args parameter in the hook doc for the widget_links_args filter, introduced when the args array was split out to a variable in [33971]. 2015-09-09 15:45:27 +00:00
admin-bar.php
atomlib.php
author-template.php
bookmark-template.php
bookmark.php After [33843], update the location of some files in This filter is documented in docs 2015-09-08 22:17:26 +00:00
cache.php Clarify wp-includes/cache.php docs with some more precise language. 2015-09-10 18:24:24 +00:00
canonical.php Avoid PHP notices in redirect_canonical() and _wp_menu_item_classes_by_context() if $_SERVER['HTTP_HOST'] is not set. 2015-08-28 03:31:20 +00:00
capabilities-functions.php Multisite: Allow users with manage_network_users to edit network users. 2015-09-10 03:34:23 +00:00
capabilities.php Roles: move classes into their own file. capbilities.php loads the new files, so this is 100% BC if someone is loading capbilities.php directly. New files created using svn cp. 2015-08-26 04:58:21 +00:00
category-template.php In wp_list_categories(), 'current_category' should accept an array of values. 2015-08-29 19:46:23 +00:00
category.php
class-feed.php
class-http.php Docs: Add a missing file header for wp-includes/class-http.php. 2015-09-03 03:39:21 +00:00
class-IXR.php
class-json.php
class-oembed.php Space out. 2015-08-31 21:25:21 +00:00
class-phpass.php
class-phpmailer.php
class-pop3.php
class-simplepie.php
class-smtp.php
class-snoopy.php After [33843], update the location of some files in This filter is documented in docs 2015-09-08 22:17:26 +00:00
class-walker-comment.php Walker_Comment should be in its own file. Loaded now via wp-includes/comment.php, which makes it 100% BC. 2015-09-09 02:41:24 +00:00
class-wp-admin-bar.php
class-wp-ajax-response.php
class-wp-comment-query.php Docs: Add a missing file header for wp-includes/class-wp-comment-query.php, introduced in [33750]. 2015-09-04 01:38:24 +00:00
class-wp-comment.php Docs: Add complete file, class, property, and method documentation for the new WP_Comment class, introduced in [33891]. 2015-09-03 19:58:24 +00:00
class-wp-customize-control.php foreach is a statement, not a function. 2015-08-25 20:28:22 +00:00
class-wp-customize-manager.php After [33970], swap UTF-8 characters for their \u2026 escape sequence. 2015-09-10 20:30:24 +00:00
class-wp-customize-nav-menus.php Customizer: Use existing decoupled strings in Menu Locations section. See [31941] and [31951]. 2015-08-25 21:53:20 +00:00
class-wp-customize-panel.php Customizer: Switch buttons to match the focus order with the visual order. 2015-07-29 22:10:24 +00:00
class-wp-customize-section.php Round 2 of: We should use ellipses … / … instead of three dots/periods ... e.g Loading… not Loading... 2015-09-09 04:39:25 +00:00
class-wp-customize-setting.php Add Customizer docs. 2015-09-05 19:53:24 +00:00
class-wp-customize-widgets.php Customizer: Use hash_equals() for widgets. 2015-08-04 04:51:50 +00:00
class-wp-editor.php After [33970], swap UTF-8 characters for their \u2026 escape sequence. 2015-09-10 20:30:24 +00:00
class-wp-embed.php foreach is a statement, not a function. 2015-08-25 20:28:22 +00:00
class-wp-error.php
class-wp-http-cookie.php Docs: Add a missing file header to wp-includes/class-wp-http-cookie.php, introduced in [33748]. 2015-09-03 03:19:21 +00:00
class-wp-http-curl.php After [33843], update the location of some files in This filter is documented in docs 2015-09-08 22:17:26 +00:00
class-wp-http-encoding.php Docs: Add a missing file header for wp-includes/class-wp-http-encoding.php, introduced in [33748]. 2015-09-03 03:28:21 +00:00
class-wp-http-ixr-client.php
class-wp-http-proxy.php Docs: Add a missing file header to wp-includes/class-wp-http-proxy.php, introduced in [33748]. 2015-09-03 03:30:21 +00:00
class-wp-http-streams.php Docs: Add a missing file header to wp-includes/class-wp-http-streams.php, introduced in [33748]. 2015-09-03 03:33:21 +00:00
class-wp-image-editor-gd.php
class-wp-image-editor-imagick.php
class-wp-image-editor.php foreach is a statement, not a function. 2015-08-25 20:28:22 +00:00
class-wp-meta-query.php Meta: move WP_Meta_Query into its own file. meta.php loads the new files, so this is 100% BC if someone is loading meta.php directly. New files created using svn cp. 2015-08-26 13:02:21 +00:00
class-wp-post.php Posts: move WP_Post into its own file. post.php loads the new files, so this is 100% BC if someone is loading post.php directly. New files created using svn cp. 2015-08-26 12:40:21 +00:00
class-wp-rewrite.php Rewrite: move WP_Rewrite into its own file. rewrite.php loads the new files, so this is 100% BC if someone is loading rewrite.php directly. New files created using svn cp. 2015-08-26 04:42:20 +00:00
class-wp-role.php Roles: move classes into their own file. capbilities.php loads the new files, so this is 100% BC if someone is loading capbilities.php directly. New files created using svn cp. 2015-08-26 04:58:21 +00:00
class-wp-roles.php Ensure that role is not empty before adding it in add_role() function and methods. 2015-09-09 03:42:25 +00:00
class-wp-tax-query.php Taxonomy: move WP_Tax_Query into its own file. taxonomy.php loads the new files, so this is 100% BC if someone is loading taxonomy.php directly. New files created using svn cp. 2015-08-26 12:49:21 +00:00
class-wp-theme.php WP_Theme has an ad hoc property in WP_MS_Themes_List_Table, $update. This can be set to a default value on the class, as it's not obtained via __get(). 2015-09-09 01:02:24 +00:00
class-wp-user-query.php Docs: Add a missing file header for wp-includes/class-wp-user-query.php, introduced in [33749]. 2015-09-04 01:26:25 +00:00
class-wp-user.php Ensure that role is not empty before adding it in add_role() function and methods. 2015-09-09 03:42:25 +00:00
class-wp-walker.php Docs: Add a missing summary to the DocBlock for Walker::get_number_of_root_elements(). 2015-09-02 19:51:21 +00:00
class-wp-widget-factory.php Docs: Clarify the file header summary for class-wp-widget-factory.php, introduced in [33746]. 2015-09-03 02:54:22 +00:00
class-wp-widget.php Docs: Improve the file header for class-wp-widget.php to describe what the file contains. 2015-09-03 02:50:21 +00:00
class-wp-xmlrpc-server.php Introduce WP_Comment class to model/strongly-type rows from the comments database table. Inclusion of this class is a pre-req for some more general comment cleanup and sanity. 2015-09-03 18:17:24 +00:00
class-wp.php foreach is a statement, not a function. 2015-08-25 20:28:22 +00:00
class.wp-dependencies.php foreach is a statement, not a function. 2015-08-25 20:28:22 +00:00
class.wp-scripts.php
class.wp-styles.php
comment-functions.php In WP_Comments_List_Table, favor passing WP_Comment instances instead of $comment_ID to template functions. This allows us to bypass unnecessary cache lookups and simply pass the object through when it is set. 2015-09-09 03:00:24 +00:00
comment-template.php After [33961], ensure that comment filters that expect a comment ID are receiving one. 2015-09-10 18:10:25 +00:00
comment.php Walker_Comment should be in its own file. Loaded now via wp-includes/comment.php, which makes it 100% BC. 2015-09-09 02:41:24 +00:00
compat.php
cron.php After [33843], update the location of some files in This filter is documented in docs 2015-09-08 22:17:26 +00:00
date.php Simplify the weeks-per-year calculation WP_Date_Query::validate_date_values(). 2015-08-29 01:47:21 +00:00
default-constants.php After [33698], wrap the time constants in a DocBlock template. 2015-08-25 21:21:21 +00:00
default-filters.php Term splitting routine should be run in a separate process, triggered via wp-cron. 2015-08-14 03:59:26 +00:00
default-widgets.php Move widget classes to their own files in wp-includes/widgets: 2015-09-01 13:49:21 +00:00
deprecated.php Deprecate wp_get_http() - function isn't used anywhere (apart from itself). 2015-09-09 04:26:25 +00:00
feed-atom-comments.php
feed-atom.php
feed-rdf.php
feed-rss.php
feed-rss2-comments.php
feed-rss2.php
feed.php Correct the param docs for comment_guid() and get_comment_guid(). 2015-09-05 20:00:25 +00:00
formatting.php Formatting: maintain the content of HTML comments when they contain <object> tags. Add more tests for wpaitop(). 2015-09-08 22:55:24 +00:00
functions.php Deprecate wp_get_http() - function isn't used anywhere (apart from itself). 2015-09-09 04:26:25 +00:00
functions.wp-scripts.php
functions.wp-styles.php
general-template.php Remove the 'Site Admin' link from the Meta widget if the user doesn't have access to the admin area. 2015-09-05 23:25:24 +00:00
http-functions.php Docs: Clarify the file header summary for wp-includes/http-functions.php, introduced in [33748]. 2015-09-03 03:37:20 +00:00
http.php Docs: Add inline DocBlocks for the require_once() calls that now bring in top-level HTTP API functionality and HTTP API classes. 2015-09-03 04:36:30 +00:00
kses.php Allow these CSS properties in KSES: min-height', 'max-height', 'min-width', 'max-width' 2015-08-25 21:46:20 +00:00
l10n.php foreach is a statement, not a function. 2015-08-25 20:28:22 +00:00
link-template.php Add a parameter, $post, to get_{$adjacent}_post_join, get_{$adjacent}_post_where, and get_{$adjacent}_post_sort 2015-09-09 03:49:24 +00:00
load.php Favicon: Do not specify a Content-Length: 0 header for our "empty" response to fail more gracefully on environments with extra whitespace on output. 2015-09-07 02:18:26 +00:00
locale.php
media-template.php Merge two similar strings. 2015-09-10 10:59:27 +00:00
media.php After [33843], update the location of some files in This filter is documented in docs 2015-09-08 22:17:26 +00:00
meta-functions.php After [33843], update the location of some files in This filter is documented in docs 2015-09-08 22:17:26 +00:00
meta.php Meta: move WP_Meta_Query into its own file. meta.php loads the new files, so this is 100% BC if someone is loading meta.php directly. New files created using svn cp. 2015-08-26 13:02:21 +00:00
ms-blogs.php
ms-default-constants.php
ms-default-filters.php
ms-deprecated.php Docs: Standardize @deprecated tag formatting and add missing summaries to deprecated functions in wp-includes/ms-deprecated.php. 2015-08-20 22:36:25 +00:00
ms-files.php
ms-functions.php Multisite: Don't allow sites to be created with the following reserved slugs: wp-admin, wp-content, wp-includes 2015-09-08 19:32:24 +00:00
ms-load.php Multisite: Correct ms_not_installed() @since version for new parameters 2015-09-10 16:21:26 +00:00
ms-settings.php Multisite: Add action to handle network not found 2015-09-10 05:06:24 +00:00
nav-menu-template.php Avoid PHP notices in redirect_canonical() and _wp_menu_item_classes_by_context() if $_SERVER['HTTP_HOST'] is not set. 2015-08-28 03:31:20 +00:00
nav-menu.php foreach is a statement, not a function. 2015-08-25 20:28:22 +00:00
option.php User Settings: allow dashes in get|set_user_setting() in PHP and get|setUserSetting() in JS. 2015-09-01 03:57:21 +00:00
pluggable-deprecated.php Docs: Standardize @deprecated tag formatting for deprecated functions in wp-includes/pluggable-deprecated.php. 2015-08-20 22:15:25 +00:00
pluggable.php Introduce WP_Comment class to model/strongly-type rows from the comments database table. Inclusion of this class is a pre-req for some more general comment cleanup and sanity. 2015-09-03 18:17:24 +00:00
plugin.php foreach is a statement, not a function. 2015-08-25 20:28:22 +00:00
post-formats.php foreach is a statement, not a function. 2015-08-25 20:28:22 +00:00
post-functions.php In get_page_uri(), do not add parent slugs to orphaned pages. 2015-09-10 16:54:24 +00:00
post-template.php In wp_get_attachment_link(), accept an id or WP_Post as the first parameter. 2015-08-20 20:32:26 +00:00
post-thumbnail-template.php
post.php Posts: move WP_Post into its own file. post.php loads the new files, so this is 100% BC if someone is loading post.php directly. New files created using svn cp. 2015-08-26 12:40:21 +00:00
query.php After [33891], get_comment() returns global $comment if no args are passed and the global is set (after setting the default to null here). This allows us to ditch global comment imports. 2015-09-09 02:51:24 +00:00
registration-functions.php
registration.php
revision.php foreach is a statement, not a function. 2015-08-25 20:28:22 +00:00
rewrite-constants.php Docs: Clarify the file header summary for wp-includes/rewrite-constants.php, introduced in [33751]. 2015-09-04 01:52:24 +00:00
rewrite-functions.php Rewrite: move WP_Rewrite into its own file. rewrite.php loads the new files, so this is 100% BC if someone is loading rewrite.php directly. New files created using svn cp. 2015-08-26 04:42:20 +00:00
rewrite.php Rewrite: move WP_Rewrite into its own file. rewrite.php loads the new files, so this is 100% BC if someone is loading rewrite.php directly. New files created using svn cp. 2015-08-26 04:42:20 +00:00
rss-functions.php
rss.php foreach is a statement, not a function. 2015-08-25 20:28:22 +00:00
script-loader.php After [33970], swap UTF-8 characters for their \u2026 escape sequence. 2015-09-10 20:30:24 +00:00
session.php
shortcodes.php foreach is a statement, not a function. 2015-08-25 20:28:22 +00:00
taxonomy-functions.php After [33843], update the location of some files in This filter is documented in docs 2015-09-08 22:17:26 +00:00
taxonomy.php Taxonomy: move WP_Tax_Query into its own file. taxonomy.php loads the new files, so this is 100% BC if someone is loading taxonomy.php directly. New files created using svn cp. 2015-08-26 12:49:21 +00:00
template-loader.php
template.php
theme.php Flush rewrite rules upon theme switch 2015-09-10 23:50:24 +00:00
update.php
user-functions.php After [33843], update the location of some files in This filter is documented in docs 2015-09-08 22:17:26 +00:00
user.php Docs: Clarify the file header summary for wp-includes/user.php, the top-level file for the core Users API. 2015-09-04 01:33:24 +00:00
vars.php Introduce a new $is_edge global for the Microsoft Edge browser. 2015-09-05 22:33:23 +00:00
version.php Require numeric IDs in user deletion functions. 2015-09-11 02:25:23 +00:00
widget-functions.php After [33843], update the location of some files in This filter is documented in docs 2015-09-08 22:17:26 +00:00
widgets.php Docs: Clarify the file header summary for wp-includes/widgets.php, the top-level file for the core Widgets API. 2015-09-03 03:14:20 +00:00
wlwmanifest.xml
wp-db.php In wpdb::get_col_length(), the final return false is unreachable since the default switch case returns. 2015-09-09 00:48:26 +00:00
wp-diff.php