Commit Graph

133 Commits

Author SHA1 Message Date
Helen Hou-Sandi
571d74d1de Add .edit-form-section class to the comment edit form for correct spacing. fixes #23240.
git-svn-id: https://develop.svn.wordpress.org/trunk@23955 602fd350-edb4-49c9-b593-d223f7449a82
2013-04-10 19:20:13 +00:00
Andrew Nacin
12882f9848 Ensure the referer functions operate completely on unslashed data: wp_referer_field(), wp_original_referer_field(), wp_get_referer(), wp_get_original_referer().
Use wp_slash() instead of addslashes().

see #21767.



git-svn-id: https://develop.svn.wordpress.org/trunk@23578 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 17:58:43 +00:00
Ryan Boren
4088ca8723 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23563 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 17:00:25 +00:00
Ryan Boren
c363aea627 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: https://develop.svn.wordpress.org/trunk@23554 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 16:28:40 +00:00
Ryan Boren
a6c8efadb9 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23416 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-14 22:51:06 +00:00
Andrew Ozz
6e6b727315 Remove nearly all tabindex attributes from the admin, leaving them only where absolutely necessary (for now that's only the toolbar).
Add tabindex="-1" for the menu images links to avoid double tab stops there when the menu is expanded.

Fix/add auto-focus on the first input fields on the Add/Edit Post, all taxonomy, all edit taxonomy, Log In and Edit Comment screens.

See #21340.

git-svn-id: https://develop.svn.wordpress.org/trunk@21311 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-24 00:15:15 +00:00
Andrew Ozz
74cfcd36e3 Responsive columns on the dashboard and write screens, first run, see #20015
git-svn-id: https://develop.svn.wordpress.org/trunk@20272 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-23 21:41:00 +00:00
Andrew Nacin
ce48b0d471 Revert type="email" (HTML5) as some browsers that do validation on these fields do not work for IDN domains yet. Core does not support these well either, but server-side validation can at least be dealt with by a plugin. see #17863.
git-svn-id: https://develop.svn.wordpress.org/trunk@20196 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-15 18:09:14 +00:00
Andrew Ozz
fcbd8f7f57 Set proper HTML5 input types in the admin, props georgestephanis, fixes #17863
git-svn-id: https://develop.svn.wordpress.org/trunk@20168 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-10 01:23:48 +00:00
Andrew Nacin
1bc62a722a In miscellaneous publishing actions, use :last-child instead of a separate misc-pub-section-last class to control borders. Allows for sane use of the post_submitbox_misc_actions hook. (Actually uses :first-child for browser compat reasons.) fixes #19604.
git-svn-id: https://develop.svn.wordpress.org/trunk@20077 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-02 19:52:23 +00:00
Peter Westwood
72ade0057d Make sure to echo out the comment_post_ID when building the edit comment form otherwise the post comment counts will get out of sync. Fixes #20108 props dllh.
git-svn-id: https://develop.svn.wordpress.org/trunk@19981 602fd350-edb4-49c9-b593-d223f7449a82
2012-02-23 18:16:46 +00:00
Jon Cave
62a82bbe22 Remove extraneous single quote. Props garyc40. Fixes #19801.
git-svn-id: https://develop.svn.wordpress.org/trunk@19731 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-11 23:35:35 +00:00
Andrew Nacin
03ca3fcc4c Remove dead variables and strings from edit-form-comment. props ocean90, fixes #19481.
git-svn-id: https://develop.svn.wordpress.org/trunk@19612 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-20 21:39:46 +00:00
Andrew Ozz
fafb2aa988 Update Comment -> Update, props ocean90, fixes #19166
git-svn-id: https://develop.svn.wordpress.org/trunk@19176 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-05 18:03:33 +00:00
Ryan Boren
5914353c06 Update meta box functions to handle WP_Screen objects and pass objects instead of IDs to them in core files. Allow passing emptiness to get the current screen. see #18958
git-svn-id: https://develop.svn.wordpress.org/trunk@19013 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-19 21:43:02 +00:00
Jon Cave
60d321b14b Fix typos in documentation (wp-admin/). See #18560.
git-svn-id: https://develop.svn.wordpress.org/trunk@18632 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-03 14:18:10 +00:00
Andrew Ozz
dde77fd41b Merge most admin css files, first run, see #18314
git-svn-id: https://develop.svn.wordpress.org/trunk@18577 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-21 03:46:43 +00:00
Andrew Ozz
461ceba60d Editor API enhancement, first run (still needs some work), see #17144
git-svn-id: https://develop.svn.wordpress.org/trunk@18498 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-03 10:19:00 +00:00
Andrew Ozz
0d5e03dd9f Don't show the Fullscreen button on the comment edit page, see #17136
git-svn-id: https://develop.svn.wordpress.org/trunk@17966 602fd350-edb4-49c9-b593-d223f7449a82
2011-05-19 07:34:54 +00:00
scribu
39eca2466e submit_button() fixes. Props sbressler. See #15064
git-svn-id: https://develop.svn.wordpress.org/trunk@16362 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-13 23:49:53 +00:00
Mark Jaquith
d65cdf4ba8 Expand submit_button() capabilities. Replace all (or almost all) manual HTML instances in WP. props sbressler. see #15064
git-svn-id: https://develop.svn.wordpress.org/trunk@16061 602fd350-edb4-49c9-b593-d223f7449a82
2010-10-28 21:56:43 +00:00
Andrew Nacin
47136b319f Introduce _ex(), a hybrid between _e() and _x() -- translate with context, then echo. props westi, see #13395.
git-svn-id: https://develop.svn.wordpress.org/trunk@14647 602fd350-edb4-49c9-b593-d223f7449a82
2010-05-14 21:46:25 +00:00
Ryan Boren
ad1b9608e6 add_meta_boxes actions for comment and link forms.
git-svn-id: https://develop.svn.wordpress.org/trunk@14044 602fd350-edb4-49c9-b593-d223f7449a82
2010-04-09 15:17:57 +00:00
Andrew Ozz
0093a3a989 Remove all instances of "Trash" from the UI when Trash is disabled, replace trash actions with "Delete permanently", props caesarsgrunt, see #4529
git-svn-id: https://develop.svn.wordpress.org/trunk@12162 602fd350-edb4-49c9-b593-d223f7449a82
2009-11-10 10:38:19 +00:00
Andrew Ozz
69b036bf7f Fix trashing/untrashing comments when no JS, props caesarsgrunt, see #4529
git-svn-id: https://develop.svn.wordpress.org/trunk@12113 602fd350-edb4-49c9-b593-d223f7449a82
2009-10-27 03:46:31 +00:00
Andrew Ozz
782977afbf "Trash" updates, props caesarsgrunt, see #4529
git-svn-id: https://develop.svn.wordpress.org/trunk@11841 602fd350-edb4-49c9-b593-d223f7449a82
2009-08-19 08:35:24 +00:00
Andrew Ozz
26383ac68e Stop direct loading of files in wp-admin that should only be included, for trunk
git-svn-id: https://develop.svn.wordpress.org/trunk@11768 602fd350-edb4-49c9-b593-d223f7449a82
2009-08-03 00:04:45 +00:00
Andrew Ozz
d9f8c67f2f Trash status updates for posts, pages, comments and attachments, props caesarsgrunt, see #4529
git-svn-id: https://develop.svn.wordpress.org/trunk@11749 602fd350-edb4-49c9-b593-d223f7449a82
2009-07-30 13:39:34 +00:00
Andrew Ozz
72f5a9910c Fix comment author url when editing, fixes #10466 for trunk
git-svn-id: https://develop.svn.wordpress.org/trunk@11739 602fd350-edb4-49c9-b593-d223f7449a82
2009-07-22 22:32:27 +00:00
Ryan Boren
fc37d64a90 esc_attr() for comment author email
git-svn-id: https://develop.svn.wordpress.org/trunk@11727 602fd350-edb4-49c9-b593-d223f7449a82
2009-07-20 02:51:14 +00:00
Andrew Ozz
c7a3747476 Properly escape comment_author_url when displaying, for trunk
git-svn-id: https://develop.svn.wordpress.org/trunk@11721 602fd350-edb4-49c9-b593-d223f7449a82
2009-07-18 23:21:50 +00:00
Mark Jaquith
ba1c3bdd5b Deprecate sanitize_url() and clean_url() in favor of esc_url_raw() and esc_url()
git-svn-id: https://develop.svn.wordpress.org/trunk@11383 602fd350-edb4-49c9-b593-d223f7449a82
2009-05-18 16:00:33 +00:00
Mark Jaquith
8d6cb67233 esc_js(). Shorter, follows new escaping naming convention.
git-svn-id: https://develop.svn.wordpress.org/trunk@11245 602fd350-edb4-49c9-b593-d223f7449a82
2009-05-09 07:27:22 +00:00
Mark Jaquith
c638e8d8de _a(), _ea(), _xa(), attr() are now esc_attr__(), esc_attr_e(), esc_attr_x(), esc_attr() -- still short, but less cryptic. see #9650
git-svn-id: https://develop.svn.wordpress.org/trunk@11204 602fd350-edb4-49c9-b593-d223f7449a82
2009-05-05 19:43:53 +00:00
Ryan Boren
bd58cf3efc No need to attribute_escape a cleaned url. fixes #8587
git-svn-id: https://develop.svn.wordpress.org/trunk@11127 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-29 20:14:39 +00:00
Ryan Boren
7d9f7833ff urlencode referrer. Props hakre. fixes #8587
git-svn-id: https://develop.svn.wordpress.org/trunk@11120 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-29 16:20:14 +00:00
Ryan Boren
fe7c34b6fd s/attribute_escape/attr/. see #9650
git-svn-id: https://develop.svn.wordpress.org/trunk@11109 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-28 05:58:45 +00:00
Ryan Boren
a114582715 Some attr escaping. see #9650
git-svn-id: https://develop.svn.wordpress.org/trunk@11104 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-27 23:09:08 +00:00
Andrew Ozz
f9007b9ac8 Add "code" class to more URL input fields, props johnbillion, fixes #8383
git-svn-id: https://develop.svn.wordpress.org/trunk@10995 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-18 06:47:56 +00:00
Andrew Ozz
ca129da990 Fix flash upload button, right sidebar on write pages in IE6
git-svn-id: https://develop.svn.wordpress.org/trunk@10865 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-04 10:21:43 +00:00
Andrew Ozz
b38931ee3d Fix right sidebar on edit comment screen
git-svn-id: https://develop.svn.wordpress.org/trunk@10843 602fd350-edb4-49c9-b593-d223f7449a82
2009-03-26 22:22:52 +00:00
Andrew Ozz
759fde9021 jQuery 1.3.2 and UI 1.7.1, may still have some regressions, add screen columns setting to the write/edit post/page screen options, fixes #8867
git-svn-id: https://develop.svn.wordpress.org/trunk@10834 602fd350-edb4-49c9-b593-d223f7449a82
2009-03-25 14:29:22 +00:00
Ryan Boren
3fe87a2049 Use _x() and extracted comments. Props nbachiyski. see #9112
git-svn-id: https://develop.svn.wordpress.org/trunk@10680 602fd350-edb4-49c9-b593-d223f7449a82
2009-03-02 19:20:19 +00:00
Ryan Boren
baaaa352ba Strip trailing whitespace
git-svn-id: https://develop.svn.wordpress.org/trunk@10150 602fd350-edb4-49c9-b593-d223f7449a82
2008-12-09 18:03:31 +00:00
Ryan Boren
ace2567641 Fix id typo. Props sivel. fixes #8401
git-svn-id: https://develop.svn.wordpress.org/trunk@9928 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-27 20:44:43 +00:00
Andrew Ozz
0b85e05cda More screen icons and fixes, includes patch by johnconners, fixes #8380
git-svn-id: https://develop.svn.wordpress.org/trunk@9912 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-26 23:35:23 +00:00
Peter Westwood
8969d49dbe Give context to more translations to allow for differentiation between plural noun, verb and adjective translations. Fixes #8154 props nbachiyski.
git-svn-id: https://develop.svn.wordpress.org/trunk@9835 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-21 18:16:44 +00:00
Mark Jaquith
83a88c1247 change "Awaiting Moderation" to "Pending" fixes #8184
git-svn-id: https://develop.svn.wordpress.org/trunk@9656 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-13 05:57:07 +00:00
Ryan Boren
b9a4fd0d29 Differentiate between plural noun, verb and adjective Spam translations. Props nbachiyski. fixes #8154
git-svn-id: https://develop.svn.wordpress.org/trunk@9615 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-11 19:54:54 +00:00
Ryan Boren
eea86a8557 Validation fixes from Simek. fixes #8139
git-svn-id: https://develop.svn.wordpress.org/trunk@9592 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-10 17:49:00 +00:00