sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
22,217 Commits 2 Branches 473 Tags 137 MiB
Commit Graph

90 Commits

Author SHA1 Message Date
Ryan Boren 436b32ef62 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 
git-svn-id: https://develop.svn.wordpress.org/trunk@23567 602fd350-edb4-49c9-b593-d223f7449a82
 2013-03-01 17:14:09 +00:00
Sergey Biryukov 316689c934 Add missing comma. props bradparbs. fixes #22507. 
git-svn-id: https://develop.svn.wordpress.org/trunk@23566 602fd350-edb4-49c9-b593-d223f7449a82
 2013-03-01 17:12:02 +00:00
Ryan Boren c363aea627 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 
git-svn-id: https://develop.svn.wordpress.org/trunk@23554 602fd350-edb4-49c9-b593-d223f7449a82
 2013-03-01 16:28:40 +00:00
Sergey Biryukov 0e5ac6c8c6 Revert to esc_attr_e() in setup-config.php to prevent a fatal error. 
kses.php is not loaded at this point, so esc_url() cannot be used.

props csixty4, JustinSainton.
fixes #23516. see #23334.

git-svn-id: https://develop.svn.wordpress.org/trunk@23455 602fd350-edb4-49c9-b593-d223f7449a82
 2013-02-19 05:36:16 +00:00
Ryan Boren a6c8efadb9 Change all core API to expect unslashed rather than slashed arguments. 
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23416 602fd350-edb4-49c9-b593-d223f7449a82
 2013-02-14 22:51:06 +00:00
Sergey Biryukov 16e16c7ee4 Use correct escaping function. fixes #23334. 
git-svn-id: https://develop.svn.wordpress.org/trunk@23413 602fd350-edb4-49c9-b593-d223f7449a82
 2013-02-14 05:52:23 +00:00
Ryan Boren c53137f535 Scope button classes so they can be used on the frontend without interfering with theme styles. 
Props helenyhou, koopersmith
fixes #22644


git-svn-id: https://develop.svn.wordpress.org/trunk@22948 602fd350-edb4-49c9-b593-d223f7449a82
 2012-11-30 13:40:59 +00:00
Ryan Boren 46d017a331 Use retina logo in install, upgrade, setup-config, repair, and confirmation screens. 
Props kopepasah, SergeyBiryukov
fixes #22375


git-svn-id: https://develop.svn.wordpress.org/trunk@22419 602fd350-edb4-49c9-b593-d223f7449a82
 2012-11-07 17:34:22 +00:00
Andrew Ozz c71700c7b4 Buttons: 
- Update the install/initial configuration/repair screens buttons, props DrewAPicture
- Fix the welcome screen buttons and fine-tune the buttons css, props lessbloat

fixes #21598


git-svn-id: https://develop.svn.wordpress.org/trunk@22314 602fd350-edb4-49c9-b593-d223f7449a82
 2012-10-26 19:40:39 +00:00
Ryan Boren 8d5ca186c2 Consolidate some strings. Props pavelevap, SergeyBiryukov. see #21728 
git-svn-id: https://develop.svn.wordpress.org/trunk@22124 602fd350-edb4-49c9-b593-d223f7449a82
 2012-10-05 19:04:34 +00:00
Andrew Nacin ac33e3e810 On setup-config step 2, default to focusing on the textarea and selecting its contents. fixes #21656. 
git-svn-id: https://develop.svn.wordpress.org/trunk@21873 602fd350-edb4-49c9-b593-d223f7449a82
 2012-09-16 19:41:41 +00:00
Andrew Nacin 7f65ab3f57 Curly quotes for setup-config strings. 
git-svn-id: https://develop.svn.wordpress.org/trunk@21870 602fd350-edb4-49c9-b593-d223f7449a82
 2012-09-16 18:26:14 +00:00
Andrew Nacin 29d8f1bad7 If wp-config.php is not writable from setup-config, make the resulting textarea readonly. props jblz, fixes #21657. 
git-svn-id: https://develop.svn.wordpress.org/trunk@21869 602fd350-edb4-49c9-b593-d223f7449a82
 2012-09-16 18:01:04 +00:00
Andrew Nacin eea7a4b8d3 Rename duplicately defined internal functions (add_js, display_header) for documentation purposes. props bpetty, fixes #21564. 
git-svn-id: https://develop.svn.wordpress.org/trunk@21856 602fd350-edb4-49c9-b593-d223f7449a82
 2012-09-15 19:49:21 +00:00
Andrew Nacin 2a8af13e3e setup-config.php must be parseable by PHP4 so we can show a sane error message. wp-admin/index.php should ideally be as well. props SergeyBiryukov, see #21316. 
git-svn-id: https://develop.svn.wordpress.org/trunk@21716 602fd350-edb4-49c9-b593-d223f7449a82
 2012-09-04 02:46:01 +00:00
Andrew Nacin 040d03235d Don't include functions.php in wp_load_translations_early() 
to avoid a parse error in a PHP4 environment (caused by use of
the clone keyword in option.php).

Manually include functions.php in the rare situations where it
is not already included by the time we need to load translations
early.

Remove the functions.php dependency by switching the wp_die() calls
to die(), in wp_check_php_mysql_versions().

props SergeyBiryukov, see #21316, for trunk.




git-svn-id: https://develop.svn.wordpress.org/trunk@21715 602fd350-edb4-49c9-b593-d223f7449a82
 2012-09-04 02:38:37 +00:00
Ryan Boren 60c6011c61 setup-config.php cleanups 
* Don't allow an empty prefix
* Make slashing consistent and sane

Props SergeyBiryukov
Fixes #13839


git-svn-id: https://develop.svn.wordpress.org/trunk@20661 602fd350-edb4-49c9-b593-d223f7449a82
 2012-04-30 21:56:32 +00:00
Andrew Ozz 036ddb0b5b Move closing HTML tag outside _e(), props jiehanzheng, fixes #20510 
git-svn-id: https://develop.svn.wordpress.org/trunk@20564 602fd350-edb4-49c9-b593-d223f7449a82
 2012-04-22 23:29:52 +00:00
Andrew Nacin 65de4fbbb0 Do sanity checks for register_globals and magic quotes in setup-config.php. see #13839. 
git-svn-id: https://develop.svn.wordpress.org/trunk@20482 602fd350-edb4-49c9-b593-d223f7449a82
 2012-04-16 21:52:02 +00:00
Andrew Nacin 09b4c5d21f Update login-logo.png to use proper color. Copy it over wordpress-logo.png. Make that one canonical, and stop using login-logo.png. Leave it for plugins. props iammattthomas. see #19955. 
git-svn-id: https://develop.svn.wordpress.org/trunk@19937 602fd350-edb4-49c9-b593-d223f7449a82
 2012-02-17 04:57:56 +00:00
Andrew Nacin 958b85d7a4 Add some RTL misses for setup-config. props SergeyBiryukov, fixes #18180. 
git-svn-id: https://develop.svn.wordpress.org/trunk@19860 602fd350-edb4-49c9-b593-d223f7449a82
 2012-02-08 05:55:54 +00:00
Andrew Nacin fed670768a Poka-yoke. 
git-svn-id: https://develop.svn.wordpress.org/trunk@19791 602fd350-edb4-49c9-b593-d223f7449a82
 2012-01-30 17:49:50 +00:00
Andrew Nacin ffff76d391 Give install.css on setup-config.php some cache busting. see #19592. 
git-svn-id: https://develop.svn.wordpress.org/trunk@19790 602fd350-edb4-49c9-b593-d223f7449a82
 2012-01-30 17:37:13 +00:00
Andrew Nacin 2fd55c3df1 Introduce wp_load_translations_early(), which can be used before the locale is properly loaded in order to translate early error strings. Internationalize setup-config.php -- translators no longer have a reason to modify this file. fixes #18180. 
git-svn-id: https://develop.svn.wordpress.org/trunk@19760 602fd350-edb4-49c9-b593-d223f7449a82
 2012-01-26 20:34:27 +00:00
Andrew Nacin c05a1f60a5 Use regex to fill in config-sample. Prevents translators from needing to manually translate 'database_name_here' (and friends). see #18180. 
git-svn-id: https://develop.svn.wordpress.org/trunk@19701 602fd350-edb4-49c9-b593-d223f7449a82
 2012-01-06 18:23:51 +00:00
Andrew Ozz 0b8d97f135 Fix styling for the installation screens, props chexee, fixes #18576 
git-svn-id: https://develop.svn.wordpress.org/trunk@19297 602fd350-edb4-49c9-b593-d223f7449a82
 2011-11-15 15:47:07 +00:00
Andrew Nacin 14b7842a79 Remove duplicated id attribute. props pagesimplify. (wp-testers) 
git-svn-id: https://develop.svn.wordpress.org/trunk@18493 602fd350-edb4-49c9-b593-d223f7449a82
 2011-07-31 22:20:06 +00:00
Andrew Ozz 9bcfc3da39 <!DOCTYPE html> for all, fixes #18202 
git-svn-id: https://develop.svn.wordpress.org/trunk@18460 602fd350-edb4-49c9-b593-d223f7449a82
 2011-07-22 00:25:41 +00:00
Andrew Nacin b40bdc3928 Mark a few files as needing to be parsable by PHP4 in order to show the proper error messages. Non-exhaustive. see #17934. 
git-svn-id: https://develop.svn.wordpress.org/trunk@18375 602fd350-edb4-49c9-b593-d223f7449a82
 2011-06-29 16:50:07 +00:00
Andrew Nacin 85d77664fb wp_check_php_mysql_versions() during setup and install. see #17934. 
git-svn-id: https://develop.svn.wordpress.org/trunk@18374 602fd350-edb4-49c9-b593-d223f7449a82
 2011-06-29 16:46:46 +00:00
Mark Jaquith 587abe5d6b Restore compat.php includes. see #16918 
git-svn-id: https://develop.svn.wordpress.org/trunk@17622 602fd350-edb4-49c9-b593-d223f7449a82
 2011-04-07 15:47:04 +00:00
Ryan Boren 9691cb5eb2 Take out unnecessary compat functions from compat.php. Props hakre, ptahdunbar. see #16918 
git-svn-id: https://develop.svn.wordpress.org/trunk@17603 602fd350-edb4-49c9-b593-d223f7449a82
 2011-04-05 17:13:04 +00:00
Andrew Nacin 24b60aee0d Don't improperly whitescreen on incorrect DB credentials during setup-config. Show error message with an opportunity to try again. fixes #15682. 
git-svn-id: https://develop.svn.wordpress.org/trunk@16788 602fd350-edb4-49c9-b593-d223f7449a82
 2010-12-08 07:12:44 +00:00
Andrew Nacin edc329c691 Begin the dissolution of classes.php. see #10287. 
git-svn-id: https://develop.svn.wordpress.org/trunk@16099 602fd350-edb4-49c9-b593-d223f7449a82
 2010-10-30 07:02:06 +00:00
Andrew Nacin e2dfe4f5c2 Revert submit_button() for wp-includes, setup-config, install, login, signup. see [16061], see #15064, fixes #15247. 
git-svn-id: https://develop.svn.wordpress.org/trunk@16066 602fd350-edb4-49c9-b593-d223f7449a82
 2010-10-29 00:31:27 +00:00
Mark Jaquith d65cdf4ba8 Expand submit_button() capabilities. Replace all (or almost all) manual HTML instances in WP. props sbressler. see #15064 
git-svn-id: https://develop.svn.wordpress.org/trunk@16061 602fd350-edb4-49c9-b593-d223f7449a82
 2010-10-28 21:56:43 +00:00
Ryan Boren d783952469 Strip trailing whites. 
git-svn-id: https://develop.svn.wordpress.org/trunk@14404 602fd350-edb4-49c9-b593-d223f7449a82
 2010-05-03 20:26:11 +00:00
Andrew Nacin 96fd06e10d Remove debug. 
git-svn-id: https://develop.svn.wordpress.org/trunk@14363 602fd350-edb4-49c9-b593-d223f7449a82
 2010-05-03 07:12:26 +00:00
Andrew Nacin 7ce20b12cf Prevent fatal error when falling back to fsockopen in the setup-config.php key/salt HTTP request. fixes #13030. 
git-svn-id: https://develop.svn.wordpress.org/trunk@14361 602fd350-edb4-49c9-b593-d223f7449a82
 2010-05-03 06:28:05 +00:00
Andrew Nacin 92884c5aae Unbreak setup-config.php. see #12990 
git-svn-id: https://develop.svn.wordpress.org/trunk@14081 602fd350-edb4-49c9-b593-d223f7449a82
 2010-04-13 22:35:39 +00:00
Dion Hulse e02622be5b Pretty up the code text boxes on Install. Affects the non-writable wp-config.php mainly. Code styling taken from Network panel. Props ocean90 
git-svn-id: https://develop.svn.wordpress.org/trunk@13870 602fd350-edb4-49c9-b593-d223f7449a82
 2010-03-28 11:26:06 +00:00
Dion Hulse 65b33d2608 Validate Table Prefix in wp-config.php generator. Props johnl1479. Fixes #12622 
git-svn-id: https://develop.svn.wordpress.org/trunk@13853 602fd350-edb4-49c9-b593-d223f7449a82
 2010-03-28 01:57:45 +00:00
Andrew Nacin 8091c83b26 Standardize db config-sample values. fixes #11523 
git-svn-id: https://develop.svn.wordpress.org/trunk@13837 602fd350-edb4-49c9-b593-d223f7449a82
 2010-03-27 05:42:08 +00:00
Dion Hulse e9374ebc17 Load WP_HTTP dependencies (translation support) for setup-config.php. Prevents a WSOD on attempted installs where external HTTP requests are blocked and/or timeout. Fixes #12514 
git-svn-id: https://develop.svn.wordpress.org/trunk@13628 602fd350-edb4-49c9-b593-d223f7449a82
 2010-03-09 12:03:13 +00:00
Andrew Nacin 735080c7fc Add nag for missing authentication keys in network.php. See #11816 
git-svn-id: https://develop.svn.wordpress.org/trunk@13614 602fd350-edb4-49c9-b593-d223f7449a82
 2010-03-06 21:01:58 +00:00
Andrew Nacin c978910a1d Allow bypass of http call to wp.org (for keys/salts), via URL query var. See #12159 
git-svn-id: https://develop.svn.wordpress.org/trunk@13232 602fd350-edb4-49c9-b593-d223f7449a82
 2010-02-19 20:56:16 +00:00
Mark Jaquith 32766c9ff9 More and more, hosts are not using localhost for the MySQL connection. Reword the config setup text. props mrmist. fixes #11659 
git-svn-id: https://develop.svn.wordpress.org/trunk@13163 602fd350-edb4-49c9-b593-d223f7449a82
 2010-02-15 15:21:34 +00:00
Andrew Nacin d1e195db99 Use an expanded special character set when generating auth keys and salts via wp_generate_password(). Props sivel, see #12159 
git-svn-id: https://develop.svn.wordpress.org/trunk@13137 602fd350-edb4-49c9-b593-d223f7449a82
 2010-02-14 04:06:30 +00:00
Andrew Nacin 43d5926b6b Fall back to wp_generate_password() in setup-config.php if HTTPS request for secret keys fails. Also use pretty link to secret-key API, see #12159 
git-svn-id: https://develop.svn.wordpress.org/trunk@13133 602fd350-edb4-49c9-b593-d223f7449a82
 2010-02-14 02:47:45 +00:00
Dion Hulse 718fa1b6e8 Fix off-by-one substr() error. Props blepoxp. See #12159 
git-svn-id: https://develop.svn.wordpress.org/trunk@13042 602fd350-edb4-49c9-b593-d223f7449a82
 2010-02-10 10:59:45 +00:00