Commit Graph

86 Commits

Author SHA1 Message Date
Ryan Boren
a6c8efadb9 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23416 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-14 22:51:06 +00:00
Sergey Biryukov
74f5d9dcb3 Remove unused error string. props pavelevap. fixes #22107.
git-svn-id: https://develop.svn.wordpress.org/trunk@23412 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-14 05:36:28 +00:00
Andrew Ozz
330c10d1a9 Kill use of colons in class names, props SergeyBiryukov, fixes #21152
git-svn-id: https://develop.svn.wordpress.org/trunk@22396 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-06 01:01:52 +00:00
Ryan Boren
63abb35721 s/newuserconfimation/newuserconfirmation/
Props Jayjdk, lesteph
fixes #21415


git-svn-id: https://develop.svn.wordpress.org/trunk@21362 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-30 16:13:18 +00:00
Ryan Boren
a2b93fcf55 Translate role names in the new user notification email. Props obenland. fixes #20764
git-svn-id: https://develop.svn.wordpress.org/trunk@21316 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-24 17:32:40 +00:00
Andrew Nacin
245b0655d2 Remove user/site suggestions (autocompletion) from search inputs, as the UX isn't proper.
* Removes all instances of site-search, so away it goes. Sidesteps a number of bugs with site-search.
 * Renames user-search to user-suggest, which means it better describes the current behavior (autocompletion) while allowing for future behavior (instant search).
 * Ties user suggestions to a single .wp-suggest-user class.

with help from markjaquith, helenyhou, wonderboymusic. 
fixes #20835.



git-svn-id: https://develop.svn.wordpress.org/trunk@21003 602fd350-edb4-49c9-b593-d223f7449a82
2012-06-05 18:51:33 +00:00
Andrew Nacin
82ceeca5de After adding a user, take them back to users.php with an 'Edit user' link in the message.
This removes the (possibly ineffective) search from the redirect, as well as the URL hash that will get covered up by the toolbar.

fixes #19470. props merty and SergeyBiryukov for initial patches.



git-svn-id: https://develop.svn.wordpress.org/trunk@20631 602fd350-edb4-49c9-b593-d223f7449a82
2012-04-27 23:13:39 +00:00
Andrew Nacin
48c5af2ac0 Clean up cap checks for autocompletes for sites and users in a network. see #19810.
git-svn-id: https://develop.svn.wordpress.org/trunk@20332 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-30 21:04:48 +00:00
Jon Cave
abfcb78ce7 Correct faulty logic when dealing with autocomplete_users_for_site_admins, and break logic into multiple lines. See #19810.
git-svn-id: https://develop.svn.wordpress.org/trunk@19934 602fd350-edb4-49c9-b593-d223f7449a82
2012-02-16 17:12:10 +00:00
Mark Jaquith
54ab38d9ed Autocomplete for add-user screens in multisite. props boonebgorges, Japh, DrewAPicture, PeteMall, nacin, koopersmith, markjaquith. see #19810.
git-svn-id: https://develop.svn.wordpress.org/trunk@19897 602fd350-edb4-49c9-b593-d223f7449a82
2012-02-10 08:45:17 +00:00
Ryan Boren
2b186b0c45 Lose EOF ?>. Clean up EOF newlines. fixes #12307
git-svn-id: https://develop.svn.wordpress.org/trunk@19712 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-08 17:01:11 +00:00
Jon Cave
61c6ba8b70 s/add_user()/edit_user()/, see r19686 and #18749.
git-svn-id: https://develop.svn.wordpress.org/trunk@19689 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-05 21:02:42 +00:00
Ryan Boren
257a55c9b7 Use home_url() instead of site_url(). Props johnbillion. fixes #18293
git-svn-id: https://develop.svn.wordpress.org/trunk@19676 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-04 20:02:11 +00:00
Ryan Boren
f6b0e7e580 Use home_url() instead of site_url(). Props johnbillion. fixes #18293
git-svn-id: https://develop.svn.wordpress.org/trunk@19674 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-04 19:29:03 +00:00
Ryan Boren
54067a5f20 Remove extraneous spaces. Props kenan3008, dimadin. fixes #19501 #19433
git-svn-id: https://develop.svn.wordpress.org/trunk@19596 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-14 17:36:38 +00:00
Mark Jaquith
63462aca3a Fix a spelling error in user-new.php. props SergeyBiryukov. fixes #19518
git-svn-id: https://develop.svn.wordpress.org/trunk@19595 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-14 02:56:59 +00:00
Ryan Boren
676ba7043e Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: https://develop.svn.wordpress.org/trunk@19593 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-13 23:45:31 +00:00
Ryan Boren
6610e321e7 Pinking shears
git-svn-id: https://develop.svn.wordpress.org/trunk@19528 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-01 04:51:35 +00:00
Andrew Nacin
57da602f61 Help tweaks for users, tools. props jane, see #19020.
git-svn-id: https://develop.svn.wordpress.org/trunk@19509 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-01 01:17:14 +00:00
Ryan Boren
68f667d23d Indent cleanup. see #19020
git-svn-id: https://develop.svn.wordpress.org/trunk@19438 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-23 23:08:02 +00:00
Ryan Boren
0ef41d992b Help tabs. Props Ipstenu. see #19020
git-svn-id: https://develop.svn.wordpress.org/trunk@19436 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-23 23:06:52 +00:00
Ryan Boren
581be15bb4 Used numbered format specifiers. Add translator note. Props SergeyBiryukov. fixes #19090
git-svn-id: https://develop.svn.wordpress.org/trunk@19255 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-11 18:37:04 +00:00
Andrew Nacin
33ee9a7d04 s/add_help_sidebar/set_help_sidebar/g and introduce screen->remove_help_tab($id) and screen->remove_help_tabs(). see #19020, #18785.
git-svn-id: https://develop.svn.wordpress.org/trunk@19119 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-02 20:14:10 +00:00
Ryan Boren
db63861af8 Use add_help_sidebar(). see #19020
git-svn-id: https://develop.svn.wordpress.org/trunk@19111 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-02 03:12:37 +00:00
Ryan Boren
4685bc4b99 Fix inviting existing users to a site with email confirmation. Props johnbillion. fixes #18295
git-svn-id: https://develop.svn.wordpress.org/trunk@18965 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-13 18:32:31 +00:00
Ryan Boren
3735347ba7 Grammar fix. Props SergeyBiryukov, johnbillion. fixes #18291
git-svn-id: https://develop.svn.wordpress.org/trunk@18487 602fd350-edb4-49c9-b593-d223f7449a82
2011-07-29 21:36:45 +00:00
Andrew Nacin
fb2e53b23c Don't add extra spaces. props duck_, see #16861.
git-svn-id: https://develop.svn.wordpress.org/trunk@18250 602fd350-edb4-49c9-b593-d223f7449a82
2011-06-10 22:30:54 +00:00
Andrew Nacin
5f4f14cae4 Translate a missing string. props ldebrouwer, fixes #16861.
git-svn-id: https://develop.svn.wordpress.org/trunk@18249 602fd350-edb4-49c9-b593-d223f7449a82
2011-06-10 22:28:02 +00:00
Andrew Nacin
f504e221e1 Switch from Panel/SubPanel to Screen in inline documentation and Codex links. props michaelh, fixes #17265.
git-svn-id: https://develop.svn.wordpress.org/trunk@17748 602fd350-edb4-49c9-b593-d223f7449a82
2011-04-28 15:24:49 +00:00
Ryan Boren
7c37c82691 Add additional promote_users checks. Show Add existing button only for multisite. Don't show bulk actions if user can't promote users. Show add new user menu if user has create_users but not promote_users. Props nacin. fixes #16501 for trunk
git-svn-id: https://develop.svn.wordpress.org/trunk@17431 602fd350-edb4-49c9-b593-d223f7449a82
2011-02-09 17:30:26 +00:00
Peter Westwood
eeb06f8967 Improve the button and header test to give a clearer picture between Adding New Users and Adding Exiting Users to a site. Fixes #14756
git-svn-id: https://develop.svn.wordpress.org/trunk@17069 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-19 22:27:30 +00:00
Ryan Boren
e30b3ef70c Clarify button text. fixes #14756
git-svn-id: https://develop.svn.wordpress.org/trunk@17049 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-19 00:53:45 +00:00
Ryan Boren
b04abefc26 Skip confirmation email fixes. Props ocean90, duck_. see #15725
git-svn-id: https://develop.svn.wordpress.org/trunk@16949 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-15 16:04:19 +00:00
Mark Jaquith
9a6ef5b47d Fix duplicate HTML IDs for wp-admin/user-new.php on MS installs. props duck_. fixes #15562
git-svn-id: https://develop.svn.wordpress.org/trunk@16569 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-24 16:43:24 +00:00
Ryan Boren
d089000052 Notice fixes for user-new.php. Props wpdavis. see #15456
git-svn-id: https://develop.svn.wordpress.org/trunk@16527 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-21 16:56:08 +00:00
Ryan Boren
55bd96bfeb Fixes for user-new.php. Props wpdavis. see #15456
git-svn-id: https://develop.svn.wordpress.org/trunk@16518 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-20 22:36:46 +00:00
Andrew Nacin
af5d46012c Revert extra stuff from [16455].
git-svn-id: https://develop.svn.wordpress.org/trunk@16456 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-18 05:38:53 +00:00
Andrew Nacin
90343807eb Every time you nest a ternary operator, a kitten dies.
git-svn-id: https://develop.svn.wordpress.org/trunk@16455 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-18 05:37:00 +00:00
Ryan Boren
f9729112f0 Fix logic. Props nacin. see #15357
git-svn-id: https://develop.svn.wordpress.org/trunk@16297 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-11 14:34:51 +00:00
Ryan Boren
c8d7cc8664 user-new.php revamp. Separate caps for adding users vs. creating users. Allow supes to add via email or username. Split adding existing users and creating new users into separate forms. see #15357
git-svn-id: https://develop.svn.wordpress.org/trunk@16294 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-11 14:29:15 +00:00
Peter Westwood
9afb0e7247 Much better description for the noconfirmation check box.
git-svn-id: https://develop.svn.wordpress.org/trunk@16164 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-03 15:04:34 +00:00
Andrew Nacin
76d743274a Restore submit_button() for user-new. props markmcwilliams, see #15064.
git-svn-id: https://develop.svn.wordpress.org/trunk@16067 602fd350-edb4-49c9-b593-d223f7449a82
2010-10-29 00:32:03 +00:00
Mark Jaquith
d65cdf4ba8 Expand submit_button() capabilities. Replace all (or almost all) manual HTML instances in WP. props sbressler. see #15064
git-svn-id: https://develop.svn.wordpress.org/trunk@16061 602fd350-edb4-49c9-b593-d223f7449a82
2010-10-28 21:56:43 +00:00
Andrew Nacin
8db82e5ea1 Move registration.php functions to user.php. Deprecate registration.php, everything is now included by default. fixes #13761.
git-svn-id: https://develop.svn.wordpress.org/trunk@16009 602fd350-edb4-49c9-b593-d223f7449a82
2010-10-27 10:46:24 +00:00
scribu
0911aa3e1a Use submit_button() in more places. See #15064
git-svn-id: https://develop.svn.wordpress.org/trunk@15830 602fd350-edb4-49c9-b593-d223f7449a82
2010-10-17 18:24:34 +00:00
scribu
33077f83fa move password-strength-meter.js into user-profile.js. See #5919
git-svn-id: https://develop.svn.wordpress.org/trunk@15780 602fd350-edb4-49c9-b593-d223f7449a82
2010-10-12 20:29:19 +00:00
Nikolay Bachiyski
f80fb8883a I18n fixes
Do not leave more than %s in a translatable string and add a comment for translators what each placeholder means


git-svn-id: https://develop.svn.wordpress.org/trunk@15522 602fd350-edb4-49c9-b593-d223f7449a82
2010-08-23 18:53:38 +00:00
Andrew Nacin
5c9e072270 s/site/network/ in user-new.php.
git-svn-id: https://develop.svn.wordpress.org/trunk@15310 602fd350-edb4-49c9-b593-d223f7449a82
2010-06-24 05:38:58 +00:00
Andrew Nacin
4352937ec0 Fix typo in user-new help. see #14038 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@15304 602fd350-edb4-49c9-b593-d223f7449a82
2010-06-22 23:04:49 +00:00
Andrew Nacin
2990e72571 target=blank help fixes. props zeo, fixes #13467.
git-svn-id: https://develop.svn.wordpress.org/trunk@15135 602fd350-edb4-49c9-b593-d223f7449a82
2010-06-04 03:42:43 +00:00