Andrew Nacin
12882f9848
Ensure the referer functions operate completely on unslashed data: wp_referer_field(), wp_original_referer_field(), wp_get_referer(), wp_get_original_referer().
...
Use wp_slash() instead of addslashes().
see #21767 .
git-svn-id: https://develop.svn.wordpress.org/trunk@23578 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 17:58:43 +00:00
Ryan Boren
4088ca8723
Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
...
see #21767
git-svn-id: https://develop.svn.wordpress.org/trunk@23563 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 17:00:25 +00:00
Ryan Boren
c363aea627
Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
...
git-svn-id: https://develop.svn.wordpress.org/trunk@23554 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 16:28:40 +00:00
Ryan Boren
a6c8efadb9
Change all core API to expect unslashed rather than slashed arguments.
...
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.
Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.
Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.
Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.
Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.
Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.
Plugins should use wp_unslash() on data being passed to core API.
Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.
Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.
Remove many no longer necessary calls to $wpdb->escape() and esc_sql().
In wp_get_referer() and wp_get_original_referer(), return unslashed data.
Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.
Switch several queries over to prepare().
Expect something to break.
Props alexkingorg
see #21767
git-svn-id: https://develop.svn.wordpress.org/trunk@23416 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-14 22:51:06 +00:00
Andrew Ozz
6e6b727315
Remove nearly all tabindex attributes from the admin, leaving them only where absolutely necessary (for now that's only the toolbar).
...
Add tabindex="-1" for the menu images links to avoid double tab stops there when the menu is expanded.
Fix/add auto-focus on the first input fields on the Add/Edit Post, all taxonomy, all edit taxonomy, Log In and Edit Comment screens.
See #21340 .
git-svn-id: https://develop.svn.wordpress.org/trunk@21311 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-24 00:15:15 +00:00
Andrew Ozz
74cfcd36e3
Responsive columns on the dashboard and write screens, first run, see #20015
...
git-svn-id: https://develop.svn.wordpress.org/trunk@20272 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-23 21:41:00 +00:00
Andrew Nacin
ce48b0d471
Revert type="email" (HTML5) as some browsers that do validation on these fields do not work for IDN domains yet. Core does not support these well either, but server-side validation can at least be dealt with by a plugin. see #17863 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@20196 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-15 18:09:14 +00:00
Andrew Ozz
fcbd8f7f57
Set proper HTML5 input types in the admin, props georgestephanis, fixes #17863
...
git-svn-id: https://develop.svn.wordpress.org/trunk@20168 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-10 01:23:48 +00:00
Andrew Nacin
1bc62a722a
In miscellaneous publishing actions, use :last-child instead of a separate misc-pub-section-last class to control borders. Allows for sane use of the post_submitbox_misc_actions hook. (Actually uses :first-child for browser compat reasons.) fixes #19604 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@20077 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-02 19:52:23 +00:00
Peter Westwood
72ade0057d
Make sure to echo out the comment_post_ID when building the edit comment form otherwise the post comment counts will get out of sync. Fixes #20108 props dllh.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@19981 602fd350-edb4-49c9-b593-d223f7449a82
2012-02-23 18:16:46 +00:00
Jon Cave
62a82bbe22
Remove extraneous single quote. Props garyc40. Fixes #19801 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@19731 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-11 23:35:35 +00:00
Andrew Nacin
03ca3fcc4c
Remove dead variables and strings from edit-form-comment. props ocean90, fixes #19481 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@19612 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-20 21:39:46 +00:00
Andrew Ozz
fafb2aa988
Update Comment -> Update, props ocean90, fixes #19166
...
git-svn-id: https://develop.svn.wordpress.org/trunk@19176 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-05 18:03:33 +00:00
Ryan Boren
5914353c06
Update meta box functions to handle WP_Screen objects and pass objects instead of IDs to them in core files. Allow passing emptiness to get the current screen. see #18958
...
git-svn-id: https://develop.svn.wordpress.org/trunk@19013 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-19 21:43:02 +00:00
Jon Cave
60d321b14b
Fix typos in documentation (wp-admin/). See #18560 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@18632 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-03 14:18:10 +00:00
Andrew Ozz
dde77fd41b
Merge most admin css files, first run, see #18314
...
git-svn-id: https://develop.svn.wordpress.org/trunk@18577 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-21 03:46:43 +00:00
Andrew Ozz
461ceba60d
Editor API enhancement, first run (still needs some work), see #17144
...
git-svn-id: https://develop.svn.wordpress.org/trunk@18498 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-03 10:19:00 +00:00
Andrew Ozz
0d5e03dd9f
Don't show the Fullscreen button on the comment edit page, see #17136
...
git-svn-id: https://develop.svn.wordpress.org/trunk@17966 602fd350-edb4-49c9-b593-d223f7449a82
2011-05-19 07:34:54 +00:00
scribu
39eca2466e
submit_button() fixes. Props sbressler. See #15064
...
git-svn-id: https://develop.svn.wordpress.org/trunk@16362 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-13 23:49:53 +00:00
Mark Jaquith
d65cdf4ba8
Expand submit_button() capabilities. Replace all (or almost all) manual HTML instances in WP. props sbressler. see #15064
...
git-svn-id: https://develop.svn.wordpress.org/trunk@16061 602fd350-edb4-49c9-b593-d223f7449a82
2010-10-28 21:56:43 +00:00
Andrew Nacin
47136b319f
Introduce _ex(), a hybrid between _e() and _x() -- translate with context, then echo. props westi, see #13395 .
...
git-svn-id: https://develop.svn.wordpress.org/trunk@14647 602fd350-edb4-49c9-b593-d223f7449a82
2010-05-14 21:46:25 +00:00
Ryan Boren
ad1b9608e6
add_meta_boxes actions for comment and link forms.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@14044 602fd350-edb4-49c9-b593-d223f7449a82
2010-04-09 15:17:57 +00:00
Andrew Ozz
0093a3a989
Remove all instances of "Trash" from the UI when Trash is disabled, replace trash actions with "Delete permanently", props caesarsgrunt, see #4529
...
git-svn-id: https://develop.svn.wordpress.org/trunk@12162 602fd350-edb4-49c9-b593-d223f7449a82
2009-11-10 10:38:19 +00:00
Andrew Ozz
69b036bf7f
Fix trashing/untrashing comments when no JS, props caesarsgrunt, see #4529
...
git-svn-id: https://develop.svn.wordpress.org/trunk@12113 602fd350-edb4-49c9-b593-d223f7449a82
2009-10-27 03:46:31 +00:00
Andrew Ozz
782977afbf
"Trash" updates, props caesarsgrunt, see #4529
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11841 602fd350-edb4-49c9-b593-d223f7449a82
2009-08-19 08:35:24 +00:00
Andrew Ozz
26383ac68e
Stop direct loading of files in wp-admin that should only be included, for trunk
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11768 602fd350-edb4-49c9-b593-d223f7449a82
2009-08-03 00:04:45 +00:00
Andrew Ozz
d9f8c67f2f
Trash status updates for posts, pages, comments and attachments, props caesarsgrunt, see #4529
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11749 602fd350-edb4-49c9-b593-d223f7449a82
2009-07-30 13:39:34 +00:00
Andrew Ozz
72f5a9910c
Fix comment author url when editing, fixes #10466 for trunk
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11739 602fd350-edb4-49c9-b593-d223f7449a82
2009-07-22 22:32:27 +00:00
Ryan Boren
fc37d64a90
esc_attr() for comment author email
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11727 602fd350-edb4-49c9-b593-d223f7449a82
2009-07-20 02:51:14 +00:00
Andrew Ozz
c7a3747476
Properly escape comment_author_url when displaying, for trunk
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11721 602fd350-edb4-49c9-b593-d223f7449a82
2009-07-18 23:21:50 +00:00
Mark Jaquith
ba1c3bdd5b
Deprecate sanitize_url() and clean_url() in favor of esc_url_raw() and esc_url()
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11383 602fd350-edb4-49c9-b593-d223f7449a82
2009-05-18 16:00:33 +00:00
Mark Jaquith
8d6cb67233
esc_js(). Shorter, follows new escaping naming convention.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11245 602fd350-edb4-49c9-b593-d223f7449a82
2009-05-09 07:27:22 +00:00
Mark Jaquith
c638e8d8de
_a(), _ea(), _xa(), attr() are now esc_attr__(), esc_attr_e(), esc_attr_x(), esc_attr() -- still short, but less cryptic. see #9650
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11204 602fd350-edb4-49c9-b593-d223f7449a82
2009-05-05 19:43:53 +00:00
Ryan Boren
bd58cf3efc
No need to attribute_escape a cleaned url. fixes #8587
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11127 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-29 20:14:39 +00:00
Ryan Boren
7d9f7833ff
urlencode referrer. Props hakre. fixes #8587
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11120 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-29 16:20:14 +00:00
Ryan Boren
fe7c34b6fd
s/attribute_escape/attr/. see #9650
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11109 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-28 05:58:45 +00:00
Ryan Boren
a114582715
Some attr escaping. see #9650
...
git-svn-id: https://develop.svn.wordpress.org/trunk@11104 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-27 23:09:08 +00:00
Andrew Ozz
f9007b9ac8
Add "code" class to more URL input fields, props johnbillion, fixes #8383
...
git-svn-id: https://develop.svn.wordpress.org/trunk@10995 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-18 06:47:56 +00:00
Andrew Ozz
ca129da990
Fix flash upload button, right sidebar on write pages in IE6
...
git-svn-id: https://develop.svn.wordpress.org/trunk@10865 602fd350-edb4-49c9-b593-d223f7449a82
2009-04-04 10:21:43 +00:00
Andrew Ozz
b38931ee3d
Fix right sidebar on edit comment screen
...
git-svn-id: https://develop.svn.wordpress.org/trunk@10843 602fd350-edb4-49c9-b593-d223f7449a82
2009-03-26 22:22:52 +00:00
Andrew Ozz
759fde9021
jQuery 1.3.2 and UI 1.7.1, may still have some regressions, add screen columns setting to the write/edit post/page screen options, fixes #8867
...
git-svn-id: https://develop.svn.wordpress.org/trunk@10834 602fd350-edb4-49c9-b593-d223f7449a82
2009-03-25 14:29:22 +00:00
Ryan Boren
3fe87a2049
Use _x() and extracted comments. Props nbachiyski. see #9112
...
git-svn-id: https://develop.svn.wordpress.org/trunk@10680 602fd350-edb4-49c9-b593-d223f7449a82
2009-03-02 19:20:19 +00:00
Ryan Boren
baaaa352ba
Strip trailing whitespace
...
git-svn-id: https://develop.svn.wordpress.org/trunk@10150 602fd350-edb4-49c9-b593-d223f7449a82
2008-12-09 18:03:31 +00:00
Ryan Boren
ace2567641
Fix id typo. Props sivel. fixes #8401
...
git-svn-id: https://develop.svn.wordpress.org/trunk@9928 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-27 20:44:43 +00:00
Andrew Ozz
0b85e05cda
More screen icons and fixes, includes patch by johnconners, fixes #8380
...
git-svn-id: https://develop.svn.wordpress.org/trunk@9912 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-26 23:35:23 +00:00
Peter Westwood
8969d49dbe
Give context to more translations to allow for differentiation between plural noun, verb and adjective translations. Fixes #8154 props nbachiyski.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@9835 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-21 18:16:44 +00:00
Mark Jaquith
83a88c1247
change "Awaiting Moderation" to "Pending" fixes #8184
...
git-svn-id: https://develop.svn.wordpress.org/trunk@9656 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-13 05:57:07 +00:00
Ryan Boren
b9a4fd0d29
Differentiate between plural noun, verb and adjective Spam translations. Props nbachiyski. fixes #8154
...
git-svn-id: https://develop.svn.wordpress.org/trunk@9615 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-11 19:54:54 +00:00
Ryan Boren
eea86a8557
Validation fixes from Simek. fixes #8139
...
git-svn-id: https://develop.svn.wordpress.org/trunk@9592 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-10 17:49:00 +00:00
Mark Jaquith
6f5222b2a5
Fix small typo in last commit.
...
git-svn-id: https://develop.svn.wordpress.org/trunk@9492 602fd350-edb4-49c9-b593-d223f7449a82
2008-11-03 07:07:39 +00:00