Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-10-03 10:07:53 +02:00
Code Issues Projects Releases Wiki Activity
c9a29b0123
WordPress/wp-includes
History
Konstantin Obenland c9a29b0123 Check for all required caps before (un)sticking a post. 
In cases where a user has the `edit_others_posts` capability but not
`publish_posts`, it was possible for that user to unstick a post after editing,
since the input field was never made available in that context.

Props ericmann, chriscct7.
Fixes #24153.


Built from https://develop.svn.wordpress.org/trunk@33096


git-svn-id: http://core.svn.wordpress.org/trunk@33067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-06 22:41:25 +00:00
..
certificates
css Toolbar: Allow submenus to be closed with a second tap on touch devices. 2015-07-03 03:29:25 +00:00
fonts
ID3 Update getID3 to 1.9.9 2015-06-28 00:17:25 +00:00
images
js In wp.media.model.Attachments.filters.type(), return true earlier if type isn't set. 2015-07-06 15:34:26 +00:00
pomo Deprecate php4 style constructors 2015-06-28 15:27:24 +00:00
SimplePie
Text Deprecate php4 style constructors 2015-06-28 15:27:24 +00:00
theme-compat Don't capitalize words in a sentence after comma. 2015-07-04 00:50:25 +00:00
admin-bar.php Correct the title used on the user dashboard. 2015-06-24 00:37:28 +00:00
atomlib.php Deprecate php4 style constructors 2015-06-28 15:27:24 +00:00
author-template.php
bookmark-template.php Sanitize the class passed to wp_list_bookmarks() and allow passing an array. 2015-06-22 20:55:28 +00:00
bookmark.php
cache.php
canonical.php
capabilities.php Ensure the create_users capability check checks the super admin status of the user in question, rather than the current user. 2015-06-17 00:03:27 +00:00
category-template.php Introduce 'wp_generate_tag_cloud_data' filter. 2015-06-29 14:16:26 +00:00
category.php
class-feed.php
class-http.php For doc block types, favor bool over the few remaining booleans 2015-06-27 01:03:25 +00:00
class-IXR.php Deprecate php4 style constructors 2015-06-28 15:27:24 +00:00
class-json.php Deprecate php4 style constructors 2015-06-28 15:27:24 +00:00
class-oembed.php YouTube oEmbed parsing: support the m subdomain. 2015-06-24 21:06:26 +00:00
class-phpass.php Deprecate php4 style constructors 2015-06-28 15:27:24 +00:00
class-phpmailer.php
class-pop3.php Deprecate php4 style constructors 2015-06-28 15:27:24 +00:00
class-simplepie.php
class-smtp.php
class-snoopy.php
class-wp-admin-bar.php
class-wp-ajax-response.php
class-wp-customize-control.php Merge two class attributes in WP_Customize_Media_Control::content_template() and wp_print_media_templates(). 2015-07-06 14:19:26 +00:00
class-wp-customize-manager.php For doc block types, favor bool over the few remaining booleans 2015-06-27 01:03:25 +00:00
class-wp-customize-nav-menus.php Customizer: Register controls and settings for nav_menu_locations even when there are no menus yet. 2015-07-06 19:13:25 +00:00
class-wp-customize-panel.php ob_get_contents() followed by ob_end_clean() can be replaced by ob_get_clean(). 2015-06-27 01:12:24 +00:00
class-wp-customize-section.php Customizer: Remove HTML tags from two translatable strings. 2015-07-03 22:29:25 +00:00
class-wp-customize-setting.php Customizer: Fix saving menus with empty names or names that are already used. 2015-07-03 20:47:25 +00:00
class-wp-customize-widgets.php For doc block types, favor bool over the few remaining booleans 2015-06-27 01:03:25 +00:00
class-wp-editor.php Make "Preformatted" string in TinyMCE translatable. 2015-07-02 12:01:24 +00:00
class-wp-embed.php
class-wp-error.php
class-wp-http-ixr-client.php
class-wp-image-editor-gd.php Replace @returns with @return in PHP docblocks. 2015-07-02 21:05:24 +00:00
class-wp-image-editor-imagick.php Replace @returns with @return in PHP docblocks. 2015-07-02 21:05:24 +00:00
class-wp-image-editor.php For doc block types, favor bool over the few remaining booleans 2015-06-27 01:03:25 +00:00
class-wp-theme.php Add @static* annotations where they are missing. 2015-05-29 15:43:29 +00:00
class-wp-walker.php
class-wp-xmlrpc-server.php Use get_default_comment_status() globally. 2015-07-02 22:32:25 +00:00
class-wp.php
class.wp-dependencies.php For doc block types, favor bool over the few remaining booleans 2015-06-27 01:03:25 +00:00
class.wp-scripts.php
class.wp-styles.php Pass stylesheet URL as an argument to 'style_loader_tag' filter. 2015-06-21 19:35:26 +00:00
comment-template.php Restore rel='nofollow' for comment reply links to reduce extra crawling by search engines. 2015-07-02 11:09:25 +00:00
comment.php Allow 'comment_agent' and 'comment_author_IP' to be set via wp_new_comment(). 2015-07-01 12:08:25 +00:00
compat.php
cron.php
date.php
default-constants.php New password change/set UI. 2015-07-01 14:48:24 +00:00
default-filters.php Revert [33038] because of objections raised on #22889 and #31590 2015-07-02 00:47:24 +00:00
default-widgets.php Add a label to the content field in the Text Widget for screen readers. 2015-06-22 21:22:26 +00:00
deprecated.php For doc block types, favor bool over the few remaining booleans 2015-06-27 01:03:25 +00:00
feed-atom-comments.php if is a statment, not a function. 2015-06-16 20:01:25 +00:00
feed-atom.php
feed-rdf.php
feed-rss2-comments.php Improve lastBuildDate timestamp in rss feeds 2015-06-14 18:37:24 +00:00
feed-rss2.php Improve lastBuildDate timestamp in rss feeds 2015-06-14 18:37:24 +00:00
feed-rss.php
feed.php Introducing Site Icon, favicon management for WordPress. 2015-06-29 12:58:25 +00:00
formatting.php Don't strip newline in esc_url() when protocol is mailto: 2015-07-03 14:28:23 +00:00
functions.php Add Deprecated Constructor Function 2015-06-28 14:56:24 +00:00
functions.wp-scripts.php
functions.wp-styles.php
general-template.php Introducing Site Icon, favicon management for WordPress. 2015-06-29 12:58:25 +00:00
http.php
kses.php Don't strip \0 (backslash+zero) from post content for users without "unfiltered_html" 2015-06-19 18:47:27 +00:00
l10n.php l10n: Update wp_get_installed_translations() to support variants of a language. 2015-07-01 15:43:24 +00:00
link-template.php For doc block types, favor bool over the few remaining booleans 2015-06-27 01:03:25 +00:00
load.php
locale.php Make WP_Locale::rtl_src_admin_notice() translatable. 2015-06-30 20:21:24 +00:00
media-template.php Merge two class attributes in WP_Customize_Media_Control::content_template() and wp_print_media_templates(). 2015-07-06 14:19:26 +00:00
media.php wp_audio|video_shortcode() doesn't allow you to pass id, the docs shall reflect that. 2015-07-01 15:01:26 +00:00
meta.php
ms-blogs.php
ms-default-constants.php
ms-default-filters.php
ms-deprecated.php
ms-files.php if is a statment, not a function. 2015-06-16 20:01:25 +00:00
ms-functions.php Usernames in multisite should be restricted to 60 characters or fewer. 2015-07-04 05:53:24 +00:00
ms-load.php
ms-settings.php
nav-menu-template.php Customizer: Avoid PHP notices after [32806]. 2015-07-01 19:08:24 +00:00
nav-menu.php Customizer: Improve handling of posts with no title. 2015-06-20 19:50:26 +00:00
option.php In get_site_option() and get_option(), ensure that $notoptions is an array before writing to it. Prevents a flood of Cannot use a scalar value as an array, because $notoptions is otherwise set to the result of wp_cache_get(), which returns mixed. 2015-06-25 19:01:26 +00:00
pluggable-deprecated.php
pluggable.php New password change/set UI. 2015-07-01 14:48:24 +00:00
plugin.php For doc block types, favor bool over the few remaining booleans 2015-06-27 01:03:25 +00:00
post-formats.php
post-template.php Customizer: Improve handling of posts with no title. 2015-06-20 19:50:26 +00:00
post-thumbnail-template.php
post.php Use get_default_comment_status() globally. 2015-07-02 22:32:25 +00:00
query.php In WP_Query::parse_tax_query(), allow taxonomy querystring to be formatted as an array. 2015-07-06 20:37:24 +00:00
registration-functions.php
registration.php Lose EOF ?>. Clean up EOF newlines. fixes #12307 2012-01-08 17:01:11 +00:00
revision.php if is a statment, not a function. 2015-06-16 20:01:25 +00:00
rewrite.php WP_Rewrite::add_rule() should strictly check against false when using strpos(). 2015-06-25 16:56:25 +00:00
rss-functions.php
rss.php Deprecate php4 style constructors 2015-06-28 15:27:24 +00:00
script-loader.php New password change/set UI. 2015-07-01 14:48:24 +00:00
session.php
shortcodes.php Check is_callable() in do_shortcode_tag(), not add_shortcode(). 2015-06-19 21:33:25 +00:00
taxonomy.php Don't allow $field param to be passed to get_term_link(). 2015-07-01 12:54:25 +00:00
template-loader.php Add singular.php to template hierarchy 2015-06-18 19:01:26 +00:00
template.php Add singular.php to template hierarchy 2015-06-18 19:01:26 +00:00
theme.php Provide alt text for uploaded header images. 2015-06-29 21:32:26 +00:00
update.php
user.php New password change/set UI. 2015-07-01 14:48:24 +00:00
vars.php Some doc blocks should use bool instead of true|false 2015-06-27 00:45:24 +00:00
version.php Check for all required caps before (un)sticking a post. 2015-07-06 22:41:25 +00:00
widgets.php Deprecate php4 style constructors 2015-06-28 15:27:24 +00:00
wlwmanifest.xml
wp-db.php Enable utf8mb4 for MySQL extension users. Previously utf8mb4 was limited to MySQLi users only unintentionally. 2015-07-03 03:26:24 +00:00
wp-diff.php