sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
21,524 Commits 2 Branches 473 Tags 137 MiB
Commit Graph

182 Commits

Author SHA1 Message Date
Ryan Boren a6c8efadb9 Change all core API to expect unslashed rather than slashed arguments. 
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23416 602fd350-edb4-49c9-b593-d223f7449a82
 2013-02-14 22:51:06 +00:00
Helen Hou-Sandi 1303e7377a its <=> it's in documentation, along with a rogue the, The, and looses. props trepmal. fixes #22665. 
git-svn-id: https://develop.svn.wordpress.org/trunk@23191 602fd350-edb4-49c9-b593-d223f7449a82
 2012-12-20 15:55:32 +00:00
Dion Hulse a88a487797 Correct get_home_path() for cases where WordPress is installed in a subdirectory called /wp/, previously it would match on /wp-admin instead of /wp causing an incorrect return path. Props SergeyBiryukov. Fixes #20449 
git-svn-id: https://develop.svn.wordpress.org/trunk@22800 602fd350-edb4-49c9-b593-d223f7449a82
 2012-11-21 22:39:59 +00:00
Andrew Nacin a4687dac6f Pass the post date to wp_upload_dir() during sideloads, just as we do uploads. Ensures that sideloaded images make it into the right uploads directory. 
props solarisssmoke, fixes #16777.



git-svn-id: https://develop.svn.wordpress.org/trunk@22105 602fd350-edb4-49c9-b593-d223f7449a82
 2012-10-03 18:49:37 +00:00
Ryan Boren 5d062682ab Improved phpdoc for file.php. Props tommcfarlin. fixes #21328 
git-svn-id: https://develop.svn.wordpress.org/trunk@21350 602fd350-edb4-49c9-b593-d223f7449a82
 2012-07-26 15:08:30 +00:00
Dion Hulse 21aefa4e4f Make get_home_path() work in more cases by being case insensitive and sanitzing Windows paths. In some cases (such as differing case of hostnames or paths in the site/home options, or when SCRIPT_FILENAME contains forward slashes) the function was failing to return the correct path, and would instead return /. Props to SergeyBiryukov for the initial patch. Fixes #20449 Fixes #10447 
git-svn-id: https://develop.svn.wordpress.org/trunk@21224 602fd350-edb4-49c9-b593-d223f7449a82
 2012-07-06 13:54:15 +00:00
Andrew Nacin 3b38b4a124 Rewrite theme-editor.php to use the new WP_Theme API. see #20103. 
git-svn-id: https://develop.svn.wordpress.org/trunk@20313 602fd350-edb4-49c9-b593-d223f7449a82
 2012-03-29 03:00:38 +00:00
Dion Hulse 1cbc983342 Fix a small typo. 
git-svn-id: https://develop.svn.wordpress.org/trunk@20070 602fd350-edb4-49c9-b593-d223f7449a82
 2012-03-02 11:00:51 +00:00
Jon Cave 4c99743d06 Drop image resizing code from wp_handle_upload(). Fixes #19800. 
This code stops wp_handle_upload() from reporting errors when the upload couldn't be moved to its final local and it was a non-JS fallback that is unused.


git-svn-id: https://develop.svn.wordpress.org/trunk@20019 602fd350-edb4-49c9-b593-d223f7449a82
 2012-02-28 20:02:43 +00:00
Ryan Boren 2b186b0c45 Lose EOF ?>. Clean up EOF newlines. fixes #12307 
git-svn-id: https://develop.svn.wordpress.org/trunk@19712 602fd350-edb4-49c9-b593-d223f7449a82
 2012-01-08 17:01:11 +00:00
Dion Hulse 4afc9e59e2 Fix edge case in get_home_path() where the incorrect path may be returned. Props ptahdunbar. Fixes #18768 
git-svn-id: https://develop.svn.wordpress.org/trunk@19697 602fd350-edb4-49c9-b593-d223f7449a82
 2012-01-06 13:46:22 +00:00
Ryan Boren 54067a5f20 Remove extraneous spaces. Props kenan3008, dimadin. fixes #19501 #19433 
git-svn-id: https://develop.svn.wordpress.org/trunk@19596 602fd350-edb4-49c9-b593-d223f7449a82
 2011-12-14 17:36:38 +00:00
Ryan Boren 676ba7043e Use one space, not two, after trailing punctuation. fixes #19537 
git-svn-id: https://develop.svn.wordpress.org/trunk@19593 602fd350-edb4-49c9-b593-d223f7449a82
 2011-12-13 23:45:31 +00:00
Andrew Ozz d2d9926055 Revert [19223] and only stop showing the checkbox, props nacin, see #19174 
git-svn-id: https://develop.svn.wordpress.org/trunk@19225 602fd350-edb4-49c9-b593-d223f7449a82
 2011-11-08 22:34:09 +00:00
Andrew Ozz 4c66628f35 Remove the Resize files checkbox for now (revisit in 3.4), fixes #19174 
git-svn-id: https://develop.svn.wordpress.org/trunk@19223 602fd350-edb4-49c9-b593-d223f7449a82
 2011-11-08 22:23:40 +00:00
Ryan Boren fd10e500e4 Pinking shears 
git-svn-id: https://develop.svn.wordpress.org/trunk@19054 602fd350-edb4-49c9-b593-d223f7449a82
 2011-10-24 19:13:23 +00:00
Mark Jaquith a3bdf19206 Be more consistent with ERROR: messages. fixes #15887 
git-svn-id: https://develop.svn.wordpress.org/trunk@18841 602fd350-edb4-49c9-b593-d223f7449a82
 2011-09-30 17:18:35 +00:00
Jon Cave 60d321b14b Fix typos in documentation (wp-admin/). See #18560. 
git-svn-id: https://develop.svn.wordpress.org/trunk@18632 602fd350-edb4-49c9-b593-d223f7449a82
 2011-09-03 14:18:10 +00:00
Andrew Ozz b7e35b3f6c Fix handling of resizing images after upload, props ocean90, see #18206 
git-svn-id: https://develop.svn.wordpress.org/trunk@18517 602fd350-edb4-49c9-b593-d223f7449a82
 2011-08-06 21:04:15 +00:00
Andrew Ozz 12a7d989e0 Pluploader take 1, props jacobwg, see #18206 
git-svn-id: https://develop.svn.wordpress.org/trunk@18482 602fd350-edb4-49c9-b593-d223f7449a82
 2011-07-29 08:59:35 +00:00
Ryan Boren f6153bcf5d Typo fix. Props kawauso. fixes #18177 
git-svn-id: https://develop.svn.wordpress.org/trunk@18447 602fd350-edb4-49c9-b593-d223f7449a82
 2011-07-21 17:46:01 +00:00
Mark Jaquith ac81c1fef8 Remove code formatting from uploaded file size error messages, for now. props JohnONolan. fixes #17674 
git-svn-id: https://develop.svn.wordpress.org/trunk@18193 602fd350-edb4-49c9-b593-d223f7449a82
 2011-06-08 16:27:57 +00:00
Andrew Nacin 02e8db225f Use wp_remote_retrieve_* helper functions instead of the raw HTTP response array. props aaroncampbell, fixes #17416. 
git-svn-id: https://develop.svn.wordpress.org/trunk@17928 602fd350-edb4-49c9-b593-d223f7449a82
 2011-05-14 19:45:07 +00:00
Peter Westwood 8f1955ddf5 Introduce WP_MAX_MEMORY_LIMIT constant for the high memory limit we set when image processing and unzipping. 
Ensure it is always filterable by plugins as well as configurable in wp-config
Fixes #13847 props hakre


git-svn-id: https://develop.svn.wordpress.org/trunk@17749 602fd350-edb4-49c9-b593-d223f7449a82
 2011-04-28 16:25:36 +00:00
Dion Hulse 48ac6604b0 Handle zip error's in PclZip better. PclZip::extract() returns an array on success, 0 on failure. Fixes #17224 
git-svn-id: https://develop.svn.wordpress.org/trunk@17693 602fd350-edb4-49c9-b593-d223f7449a82
 2011-04-23 14:30:44 +00:00
Dion Hulse d61b17049e Set the mb_string internal encoding to ISO-8859-1 whilst uncompressing archives using PclZip. Fixes 'PCLZIP_ERR_BAD_FORMAT (-10) : Invalid block size' errors on systems utilising mbstring.func_overload. Fixes #15789 
git-svn-id: https://develop.svn.wordpress.org/trunk@17592 602fd350-edb4-49c9-b593-d223f7449a82
 2011-04-03 12:32:06 +00:00
Dion Hulse 20603ca19c Be a party-pooper; No more Akismet Dancing upon upgrade; Respect custom WP_CONTENT_DIR for bundled plugins/theme installation; Respect custom WP_CONTENT_DIR/WP_LANG_DIR for Language files when upgrading; Standardise WP_Filesystem path method returns (They're trailing slash'd). Adds an exclusion list to copy_dir() as well as WP_Filesystem_Base::wp_lang_dir(). See #14484 See #11495 
git-svn-id: https://develop.svn.wordpress.org/trunk@17576 602fd350-edb4-49c9-b593-d223f7449a82
 2011-03-31 13:28:36 +00:00
Dion Hulse ec8280cfd8 First run of introducing Stream-To-File for the WP_HTTP API. Reduces memory consumption during file downloads. Implemented in download_url() for upgraders. Props sivel. See #16236 
git-svn-id: https://develop.svn.wordpress.org/trunk@17555 602fd350-edb4-49c9-b593-d223f7449a82
 2011-03-25 02:42:20 +00:00
Dion Hulse 1359ecd06b Optimisations to WP_Filesystem; Pass known information to called functions. Props aldenta (John Ford) for investigation and patch. See #10913 
git-svn-id: https://develop.svn.wordpress.org/trunk@17525 602fd350-edb4-49c9-b593-d223f7449a82
 2011-03-22 00:04:15 +00:00
Andrew Nacin bce405d0f2 Don't esc_html the default error string. props SergeyBiryukov, fixes #16058. 
git-svn-id: https://develop.svn.wordpress.org/trunk@17200 602fd350-edb4-49c9-b593-d223f7449a82
 2011-01-01 22:14:42 +00:00
Andrew Nacin 408eb985c8 Add missing translation for 'Page Template' in the theme editor. props SergeyBiryukov, fixes #15933. 
git-svn-id: https://develop.svn.wordpress.org/trunk@17098 602fd350-edb4-49c9-b593-d223f7449a82
 2010-12-21 14:58:54 +00:00
Peter Westwood 0485062f5d Allow for the callee of download_url() to specify a different timeout if they want to - maybe they don't want to wait that long. 
git-svn-id: https://develop.svn.wordpress.org/trunk@16763 602fd350-edb4-49c9-b593-d223f7449a82
 2010-12-07 12:45:24 +00:00
Andrew Nacin 7cf388085a Add 'Visual Editor RTL Stylesheet' to the list of theme file descriptions. see #15672. 
git-svn-id: https://develop.svn.wordpress.org/trunk@16717 602fd350-edb4-49c9-b593-d223f7449a82
 2010-12-04 04:22:48 +00:00
Mark Jaquith 012da48a0a Improve the wording of the file upload security message. props janeforshort. fixes #13550 
git-svn-id: https://develop.svn.wordpress.org/trunk@16577 602fd350-edb4-49c9-b593-d223f7449a82
 2010-11-24 20:45:21 +00:00
Ryan Boren 4b33a0e9c4 Pinking shears 
git-svn-id: https://develop.svn.wordpress.org/trunk@16438 602fd350-edb4-49c9-b593-d223f7449a82
 2010-11-17 18:47:34 +00:00
Andrew Nacin 11f1c67f78 Some escaping 
git-svn-id: https://develop.svn.wordpress.org/trunk@16366 602fd350-edb4-49c9-b593-d223f7449a82
 2010-11-14 17:33:16 +00:00
Mark Jaquith d65cdf4ba8 Expand submit_button() capabilities. Replace all (or almost all) manual HTML instances in WP. props sbressler. see #15064 
git-svn-id: https://develop.svn.wordpress.org/trunk@16061 602fd350-edb4-49c9-b593-d223f7449a82
 2010-10-28 21:56:43 +00:00
Andrew Nacin 9cb09fd090 Docs for wp-admin/includes/file.php. props sivel, see #14783. 
git-svn-id: https://develop.svn.wordpress.org/trunk@16024 602fd350-edb4-49c9-b593-d223f7449a82
 2010-10-27 22:24:06 +00:00
Andrew Nacin 39819adc3b Fix typo. props mrmist, fixes #14571. 
git-svn-id: https://develop.svn.wordpress.org/trunk@15593 602fd350-edb4-49c9-b593-d223f7449a82
 2010-09-07 15:11:43 +00:00
Dion Hulse ccbfa3b52b Do not check to see if parents of folders outside of the Destination folder exist within the Archive extractors, unzip_file() will take care of that area. Fixes #13741 
git-svn-id: https://develop.svn.wordpress.org/trunk@15156 602fd350-edb4-49c9-b593-d223f7449a82
 2010-06-07 11:19:51 +00:00
Andrew Nacin ae77738ff9 More request_filesystem_credentials() string improvements. 
git-svn-id: https://develop.svn.wordpress.org/trunk@15130 602fd350-edb4-49c9-b593-d223f7449a82
 2010-06-03 18:58:41 +00:00
Andrew Nacin fb0187a5a0 Add missing spaces. 
git-svn-id: https://develop.svn.wordpress.org/trunk@15099 602fd350-edb4-49c9-b593-d223f7449a82
 2010-06-01 21:57:26 +00:00
Andrew Nacin 3c50fb2f00 Clarify the connection information requested in request_filesystem_credentials() to reduce confusion surrounding FTP information versus your WordPress login. see #13467, props jane. 
git-svn-id: https://develop.svn.wordpress.org/trunk@15098 602fd350-edb4-49c9-b593-d223f7449a82
 2010-06-01 20:35:59 +00:00
Dion Hulse da3b4b351e Always fallback to PclZip in the event that ZipArchive does not return true. The PHP Zip extension is hit-and-miss with OSX generated zip files, sometimes 0 will be emitted and extraction will succeed, others it will fail with. Reverts r14346, r14377, partially r14800. See #12637. See #13491 
git-svn-id: https://develop.svn.wordpress.org/trunk@15052 602fd350-edb4-49c9-b593-d223f7449a82
 2010-05-29 13:16:35 +00:00
Ryan Boren aec821c651 Strip trailing whitespace 
git-svn-id: https://develop.svn.wordpress.org/trunk@14924 602fd350-edb4-49c9-b593-d223f7449a82
 2010-05-26 02:42:15 +00:00
Dion Hulse 11fac78a37 Ensure that the entire folder structure exists within the $needed_folders array before attempting to create folders. Fixes cases where the Zip file does not contain a node for a folder which contains subfolders without files in the same level. Fixes #13171 
git-svn-id: https://develop.svn.wordpress.org/trunk@14811 602fd350-edb4-49c9-b593-d223f7449a82
 2010-05-23 05:56:31 +00:00
Dion Hulse d0a1400321 Correct the ZipArchive opening test logic. See #13491 
git-svn-id: https://develop.svn.wordpress.org/trunk@14800 602fd350-edb4-49c9-b593-d223f7449a82
 2010-05-22 05:09:08 +00:00
Andrew Nacin 5aa7280d6a Introduce wp_check_filetype_and_ext() to handle mime/ext image comparisons and corrections for upload and sideload. props Viper007Bond, see #11946. 
git-svn-id: https://develop.svn.wordpress.org/trunk@14649 602fd350-edb4-49c9-b593-d223f7449a82
 2010-05-15 04:47:03 +00:00
Dion Hulse 1fc13e3b48 Silence PHP Warnings on is_writable calls. Can trigger open_basedir warnings on certain hosting environments. Props ocean90. Fixes #12866 
git-svn-id: https://develop.svn.wordpress.org/trunk@14427 602fd350-edb4-49c9-b593-d223f7449a82
 2010-05-03 23:39:57 +00:00
Andrew Nacin b2093dbdfd Provide a context to wp_handle_upload to differentiate between upload and sideload. props technosailor, fixes #12740. 
git-svn-id: https://develop.svn.wordpress.org/trunk@14418 602fd350-edb4-49c9-b593-d223f7449a82
 2010-05-03 22:16:48 +00:00