Commit Graph

3847 Commits

Author SHA1 Message Date
Andrew Nacin
0d54b5febe Assume that url_shorten() receives unslashed data, as it does in core usage. see #21767.
git-svn-id: https://develop.svn.wordpress.org/trunk@23575 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 17:56:31 +00:00
Ryan Boren
436b32ef62 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
git-svn-id: https://develop.svn.wordpress.org/trunk@23567 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 17:14:09 +00:00
Ryan Boren
e737c7120e Use prepare instead of escape.
see #21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23564 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 17:01:01 +00:00
Ryan Boren
4088ca8723 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23563 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 17:00:25 +00:00
Sergey Biryukov
3624fa4fde Consistently apply 'preview_post_link' filter. fixes #19378.
git-svn-id: https://develop.svn.wordpress.org/trunk@23560 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 16:46:25 +00:00
Ryan Boren
c363aea627 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: https://develop.svn.wordpress.org/trunk@23554 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 16:28:40 +00:00
Sergey Biryukov
158a124d0b Remove redundant esc_url() call. props pauldewouters. fixes #23643.
git-svn-id: https://develop.svn.wordpress.org/trunk@23553 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 16:27:03 +00:00
Andrew Nacin
d3a4aa7e29 Ignore protected meta keys in meta_form(). see #18786.
git-svn-id: https://develop.svn.wordpress.org/trunk@23534 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-28 19:51:29 +00:00
Andrew Nacin
94a0410530 Make Twenty Thirteen the default theme.
Has the added benefit of ensuring the WordPress Beta Tester plugin allows updates of Twenty Thirteen.

props JustinSainton.
fixes #23573.



git-svn-id: https://develop.svn.wordpress.org/trunk@23529 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-28 19:01:07 +00:00
Peter Westwood
79d635459e Revisions: Fix up some half renamed variables that break the view and display a mismash of split and combined views. See #23497 props adamsilverstein.
git-svn-id: https://develop.svn.wordpress.org/trunk@23509 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-28 16:48:33 +00:00
Peter Westwood
b1db3a3aa0 Revisions: Fix up some bugs I introduced while reviewing the mega revisions patch - when comparing two historical revisions only one half of the diff would load
See #23497 props adamsilverstein.


git-svn-id: https://develop.svn.wordpress.org/trunk@23508 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-28 16:10:45 +00:00
Peter Westwood
554627a0d5 Revisions: First pass an implementing a new UI/UX for reviewing the revisions of posts. See #23497 props adamsilverstein for the initial patch.
This implements a new revisions ui using Backbone and preserves all the old methods of "integration" so the change should be transparent to plugins using revisi
ons with CPTs.

This is the first pass and so there are a number of things still to be resolved, more details in the ticket. Feedback welcomed.


git-svn-id: https://develop.svn.wordpress.org/trunk@23506 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-28 15:14:34 +00:00
Sergey Biryukov
c79cef4654 Don't override filtered screen options on Widgets screen. props bradyvercher. fixes #23239.
git-svn-id: https://develop.svn.wordpress.org/trunk@23503 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-28 07:40:11 +00:00
Andrew Ozz
756c28bf5c Post locks: use heartbeat to dynamically update locked posts on the Posts screen, first run, see #23312
git-svn-id: https://develop.svn.wordpress.org/trunk@23487 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-25 23:17:10 +00:00
Sergey Biryukov
6a59a28f12 Rename 'no_tagcloud' taxonomy label to 'not_found', for consistency with the post type label of the same key. fixes #23597.
git-svn-id: https://develop.svn.wordpress.org/trunk@23484 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-25 19:39:38 +00:00
Sergey Biryukov
41919e97fb Move 'no_tagcloud' argument to the taxonomy labels object. props DrewAPicture for initial patch. fixes #23597.
git-svn-id: https://develop.svn.wordpress.org/trunk@23483 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-25 18:35:05 +00:00
Andrew Ozz
9b691a21b0 Heartbeat API: add nopriv actions, add JS 'heartbeat-send' event, see #23216
git-svn-id: https://develop.svn.wordpress.org/trunk@23481 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-25 02:32:22 +00:00
Sergey Biryukov
5d957955fa Fix typo in phpdoc. see #17515.
git-svn-id: https://develop.svn.wordpress.org/trunk@23457 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-19 23:40:03 +00:00
Helen Hou-Sandi
5b3c058bd5 Edit screen UI for post formats: a first run for functionality.
* Adds a very basic tabbed interface for selecting a post format (requires JS).
* Extra fields, which are post meta, are shown/hidden based on the selected format.
* Introduce a helper function for retrieving formats-specific metadata: `get_post_format_meta()`.
* Image selection uses the media modal, although without filtering or from URL support at the moment.

props rachelbaker, wonderboymusic, aaroncampbell, helen. see #19570.


git-svn-id: https://develop.svn.wordpress.org/trunk@23449 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-18 19:11:24 +00:00
Andrew Nacin
780c74d246 Remove unused variables reset by wp_reset_vars(). Many of these haven't been used since b2. see #21767.
git-svn-id: https://develop.svn.wordpress.org/trunk@23445 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-16 18:28:41 +00:00
Mark Jaquith
c2945a394f Improve the UX of the Nav Menus screen. Kill the tabs, and change to a
dropdown, unless you have zero or one menus (which is the most common),
in which case you jump right into editing your sole menu.

Do assignment to location using checkboxes in the main menu editing
section instead of the backwards menu => location assignment in a
random meta box.

More to come, but this gets us started.

props lessbloat, DrewAPicture, jkudish. see #23119

git-svn-id: https://develop.svn.wordpress.org/trunk@23441 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-16 04:53:59 +00:00
Sergey Biryukov
eeda24f865 Deprecate wp_convert_bytes_to_hr() in favor of size_format(). props F J Kaiser. fixes #19067.
git-svn-id: https://develop.svn.wordpress.org/trunk@23439 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-16 03:07:56 +00:00
Sergey Biryukov
07d596afb7 Add missing inline descriptions. see #19067.
git-svn-id: https://develop.svn.wordpress.org/trunk@23437 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-16 02:52:57 +00:00
Sergey Biryukov
ee16ed9e0b Correct return value for comment_exists(). fixes #20494.
git-svn-id: https://develop.svn.wordpress.org/trunk@23433 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-15 18:49:07 +00:00
Sergey Biryukov
e353d6c033 Allow filtering attachments by Author name in Media Library. props greuben. fixes #16044.
git-svn-id: https://develop.svn.wordpress.org/trunk@23430 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-15 17:33:28 +00:00
Mark Jaquith
ead92fb39d "LGPL License" is redundant.
props wonderboymusic, jakub.tyrcha. fixes #15585

git-svn-id: https://develop.svn.wordpress.org/trunk@23425 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-15 16:26:46 +00:00
Ryan Boren
a6c8efadb9 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23416 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-14 22:51:06 +00:00
Mark Jaquith
1723190616 Document the mysterious seventh parameter of add_meta_box().
props wonderboymusic, markjaquith. fixes #17515

git-svn-id: https://develop.svn.wordpress.org/trunk@23397 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-08 18:37:34 +00:00
Mark Jaquith
a601e170aa Link post formats in posts list table. Use a dash for standard, like we do for absence of tags. see #16047 Next: use icons, not text descriptions.
git-svn-id: https://develop.svn.wordpress.org/trunk@23396 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-08 18:34:51 +00:00
Mark Jaquith
e419f6258c Fix some tabbing issues on the post editing screen. Add Media no longer skipped when going backwards from content. Save Draft no longer skipped when going forwards from content.
props adamsilverstein. fixes #23195 and #22933

git-svn-id: https://develop.svn.wordpress.org/trunk@23395 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-08 18:30:09 +00:00
Helen Hou-Sandi
efda431bc2 Open external links to plugin homepages, plugin author homepages, and theme author homepages in a new window/tab. props SergeyBiryukov. fixes #20839.
git-svn-id: https://develop.svn.wordpress.org/trunk@23394 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-08 16:20:01 +00:00
Mark Jaquith
2f6d3fed8c Display post formats in the posts list table.
props nacin, garyc40, DrewAPicture, wonderboymusic, aaroncampbell.

fixes #16047

git-svn-id: https://develop.svn.wordpress.org/trunk@23392 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-08 16:10:05 +00:00
Andrew Ozz
682b66b560 Heartbeat API: throttle down when the window looses focus or when the user is inactive, always send 'screen_id', change the interval settings to 'fast' (5sec), 'standard' (15sec) and 'slow' (60sec), the interval can be changed from PHP, see #23216
git-svn-id: https://develop.svn.wordpress.org/trunk@23382 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-03 07:03:27 +00:00
Andrew Nacin
bb904fcf2b Confirm a user exists before deleting them in wp_delete_user() and wpmu_delete_user(). props scribu, fixes #23067.
git-svn-id: https://develop.svn.wordpress.org/trunk@23380 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-02 04:41:02 +00:00
Sergey Biryukov
30650e32be Return WP_Error from wp_crop_image() if saving has failed. props macbrink. fixes #23325.
git-svn-id: https://develop.svn.wordpress.org/trunk@23374 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-02 02:01:59 +00:00
Andrew Nacin
6caa05bc81 Clean up rendering of the title column in the posts list table. Simplify branching. Use get_userdata() rather than get_user_by( 'id' ). Change string to '%s is currently editing'. see #23312.
git-svn-id: https://develop.svn.wordpress.org/trunk@23372 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-02 01:54:06 +00:00
Andrew Ozz
712fcec00b Posts screen: show when a post is "locked", hide the checkbox, Quick Edit and Trash links, props dh-shredder, see #23312
git-svn-id: https://develop.svn.wordpress.org/trunk@23371 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-02 01:31:06 +00:00
Andrew Ozz
5edc6b2711 Heartbeat API: first run, see #23216
git-svn-id: https://develop.svn.wordpress.org/trunk@23355 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-29 06:15:25 +00:00
Helen Hou-Sandi
a38f0e16c5 Remove the long-broken and questionably useful [more]/[less] toggle for hierarchical taxonomies in Quick/Bulk Edit. Nobody seems to have noticed in the nearly 3 years it's been broken. fixes #23006
git-svn-id: https://develop.svn.wordpress.org/trunk@23354 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-28 22:36:15 +00:00
Sergey Biryukov
44c8e7aea8 Consistently use a helper function instead of directly printing the disabled attribute.
Remove an erroneous esc_attr() call.

fixes #23194.

git-svn-id: https://develop.svn.wordpress.org/trunk@23352 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-28 03:23:01 +00:00
Sergey Biryukov
81e88f1ec3 Make sure the post exists before checking its ID. fixes #23026.
git-svn-id: https://develop.svn.wordpress.org/trunk@23351 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-28 02:55:06 +00:00
Sergey Biryukov
b96d467630 Add missing inline descriptions.
props momo360modena, aaronholbrook.
see #20494, fixes #23304.

git-svn-id: https://develop.svn.wordpress.org/trunk@23350 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-28 02:20:47 +00:00
Sergey Biryukov
7b811871b6 Correct return value for WP_Filesystem_Base::gethchmod(). props bananastalktome. fixes #23121.
git-svn-id: https://develop.svn.wordpress.org/trunk@23349 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-28 01:55:39 +00:00
Dion Hulse
f4beefbb88 Core Update: Fix a issue which caused automatic upgrades from 2.7 to 3.5+ to fail. Pre-2.7 WP_Filesystem::wp_content_dir() returned unslashed paths. Introduced in [22227]. See #23177
git-svn-id: https://develop.svn.wordpress.org/trunk@23297 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-11 10:16:45 +00:00
Andrew Nacin
8175cde11a Ensure we wp_die() at the end of an ajax action. see #23055.
git-svn-id: https://develop.svn.wordpress.org/trunk@23293 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-07 03:59:44 +00:00
Andrew Nacin
fcbb71ad77 Whenever we have compat fields to render, send a dummy menu_order field (which was always sent in 3.4) to ensure an unchecked checkbox can still be processed by attachment_fields_to_save. fixes #22868.
git-svn-id: https://develop.svn.wordpress.org/trunk@23290 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-05 03:50:28 +00:00
Peter Westwood
d927271553 Tighten our braces. Fixes #23118 props evansolomon.
git-svn-id: https://develop.svn.wordpress.org/trunk@23265 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-04 10:13:51 +00:00
Dion Hulse
17b6ada24a Upgrade: When upgrading from WordPress 3.5, if an empty twentytwelve theme directory exists, remove it to allow the installation of Twenty Twelve. See #22856. For trunk
git-svn-id: https://develop.svn.wordpress.org/trunk@23253 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-03 07:42:16 +00:00
Andrew Nacin
6e9830f34d Don't stomp existing sizes inside wp_save_image().
props markoheijnen.
see #22985.
for trunk.



git-svn-id: https://develop.svn.wordpress.org/trunk@23246 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-03 05:23:36 +00:00
Andrew Nacin
416f98b7c8 Remove deleted files on upgrade, including wp-app.php and class-wp-atom-server.php.
props duck_
see #22855
for trunk



git-svn-id: https://develop.svn.wordpress.org/trunk@23203 602fd350-edb4-49c9-b593-d223f7449a82
2012-12-26 20:34:30 +00:00