Commit Graph

177 Commits

Author SHA1 Message Date
Ryan Boren
a6c8efadb9 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23416 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-14 22:51:06 +00:00
Ryan Boren
c53137f535 Scope button classes so they can be used on the frontend without interfering with theme styles.
Props helenyhou, koopersmith
fixes #22644


git-svn-id: https://develop.svn.wordpress.org/trunk@22948 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-30 13:40:59 +00:00
Andrew Nacin
5aac5cb3de Use the create_posts post type cap in more places. Remove the janky create_posts meta cap. see #16714.
git-svn-id: https://develop.svn.wordpress.org/trunk@22908 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-28 22:28:20 +00:00
Andrew Nacin
d1045ffced Extend Press This by a few pixels to allow longer strings. props SergeyBiryukov. fixes #20975.
git-svn-id: https://develop.svn.wordpress.org/trunk@22427 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-07 19:27:19 +00:00
Andrew Ozz
330c10d1a9 Kill use of colons in class names, props SergeyBiryukov, fixes #21152
git-svn-id: https://develop.svn.wordpress.org/trunk@22396 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-06 01:01:52 +00:00
Ryan Boren
308c702183 Use the create_posts capability in more places.
In get_post_type_capabilities(), make sure create_posts reflects customizations to the edit_posts capability when create_posts is not specifically set.


git-svn-id: https://develop.svn.wordpress.org/trunk@22291 602fd350-edb4-49c9-b593-d223f7449a82
2012-10-24 22:15:43 +00:00
Andrew Nacin
e82d5080b8 New HiDPI spinner. Uses clean <span class="spinner"></span> markup.
Be on the lookout for weirdness.
props lessbloat. see #21456.



git-svn-id: https://develop.svn.wordpress.org/trunk@22019 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-26 19:57:44 +00:00
Andrew Ozz
5ad7fe8cd6 Main editor: maintain the height when switching Visual to Text and back, save the height when resizing as user state, output the height in the textarea tag when loading, (thanks @nacin for the help), fixes #21718
git-svn-id: https://develop.svn.wordpress.org/trunk@22007 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-26 03:30:21 +00:00
Andrew Ozz
6e6b727315 Remove nearly all tabindex attributes from the admin, leaving them only where absolutely necessary (for now that's only the toolbar).
Add tabindex="-1" for the menu images links to avoid double tab stops there when the menu is expanded.

Fix/add auto-focus on the first input fields on the Add/Edit Post, all taxonomy, all edit taxonomy, Log In and Edit Comment screens.

See #21340.

git-svn-id: https://develop.svn.wordpress.org/trunk@21311 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-24 00:15:15 +00:00
Mark Jaquith
5ab7fcea5e Better image extension regexes, so we don't just grab the "jpe" from "jpeg" files in media_sideload_image(). props sivel. fixes #16693
git-svn-id: https://develop.svn.wordpress.org/trunk@21219 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-05 20:51:55 +00:00
Andrew Nacin
6ef3ff3062 Remove charset attribute from script elements. props neoxx, fixes #21146.
git-svn-id: https://develop.svn.wordpress.org/trunk@21204 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-03 13:27:14 +00:00
Ryan Boren
30cf820918 Add RTL and locale classes to the press this body. Props SergeyBiryukov. fixes #19603
git-svn-id: https://develop.svn.wordpress.org/trunk@21052 602fd350-edb4-49c9-b593-d223f7449a82
2012-06-11 20:34:42 +00:00
Andrew Nacin
86f9620fd3 s/sumbit/submit/. props tollmanz, fixes #20744.
git-svn-id: https://develop.svn.wordpress.org/trunk@20896 602fd350-edb4-49c9-b593-d223f7449a82
2012-05-25 13:45:16 +00:00
Andrew Nacin
0c751dd7a3 Use relative paths for admin-ajax.php to avoid cross-domain issues with IDN domains in IE and Opera. props SergeyBiryukov, fixes #18952.
git-svn-id: https://develop.svn.wordpress.org/trunk@19871 602fd350-edb4-49c9-b593-d223f7449a82
2012-02-08 16:12:11 +00:00
Jon Cave
156048ca52 split was deprecated in PHP 5.3.0, so use explode instead. Props garyc40. Fixes #16325.
git-svn-id: https://develop.svn.wordpress.org/trunk@19726 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-09 21:20:51 +00:00
Andrew Nacin
48b1948bfe Merge Press This inline styles into wp-admin.css. fixes #19735.
git-svn-id: https://develop.svn.wordpress.org/trunk@19671 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-04 17:44:15 +00:00
Andrew Nacin
e38e4e1046 Revert a piece of [19424], go back to cloning a div for adding images in Press This. props azaozz, see #19498 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@19664 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-03 19:05:05 +00:00
Andrew Nacin
83b69a44d8 Fix header/message alignment in Press This. for trunk. see #19725.
git-svn-id: https://develop.svn.wordpress.org/trunk@19662 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-03 18:57:31 +00:00
Ryan Boren
54067a5f20 Remove extraneous spaces. Props kenan3008, dimadin. fixes #19501 #19433
git-svn-id: https://develop.svn.wordpress.org/trunk@19596 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-14 17:36:38 +00:00
Andrew Ozz
a742f2ac47 Fix inserting images from url in Press This, fixes #19341
git-svn-id: https://develop.svn.wordpress.org/trunk@19424 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-23 20:32:21 +00:00
Andrew Ozz
ef4b128502 Press This: fix duplicate HTML IDs, add the 'default_post_to_edit' ID, fix minor RTL css, fixes #18989
git-svn-id: https://develop.svn.wordpress.org/trunk@19381 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-21 18:32:39 +00:00
Jon Cave
7d96b78140 Stop multiple loading spinners showing when repeatedly accessing Press This Add Photos box. Fixes #18992.
git-svn-id: https://develop.svn.wordpress.org/trunk@19229 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-09 16:46:05 +00:00
Ryan Boren
fd10e500e4 Pinking shears
git-svn-id: https://develop.svn.wordpress.org/trunk@19054 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-24 19:13:23 +00:00
Andrew Nacin
1287ec492a Translated strings in attributes require esc_attr(). s/_e/esc_attr_e/g
git-svn-id: https://develop.svn.wordpress.org/trunk@19028 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-20 15:04:46 +00:00
Andrew Ozz
cfbb3d30f5 Press This CSS cleanup, props andrewryno, see #18314
git-svn-id: https://develop.svn.wordpress.org/trunk@19001 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-19 06:16:15 +00:00
Andrew Ozz
d1b8509e83 Use IE conditionals when adding the ie8 class, introduce _wp_admin_html_begin(), props scribu, fixes #18966
git-svn-id: https://develop.svn.wordpress.org/trunk@18982 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-17 20:57:32 +00:00
Andrew Ozz
573a1813dc RTL, IE7 and IE7 RTL fixes, add class="ie8" to the html tag, see #18314
git-svn-id: https://develop.svn.wordpress.org/trunk@18975 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-15 07:33:01 +00:00
Andrew Ozz
2b2bff2fca Fix insetring images in Quick Press and Press This, see #17144
git-svn-id: https://develop.svn.wordpress.org/trunk@18920 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-07 20:14:21 +00:00
Andrew Ozz
68214afb44 Fix typo when setting post_format in Press This.
git-svn-id: https://develop.svn.wordpress.org/trunk@18870 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-03 16:22:38 +00:00
Jon Cave
6db13f488f Make use of specific post format support in current_theme_supports(). See #18691.
git-svn-id: https://develop.svn.wordpress.org/trunk@18721 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-19 16:31:33 +00:00
Andrew Nacin
fb58d06f1c Rename 'Post Tags' to 'Tags'. props scribu, fixes #17683.
git-svn-id: https://develop.svn.wordpress.org/trunk@18661 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-11 17:52:46 +00:00
Andrew Ozz
ea03cd66fd Fix styling and quicktags error in press this, see #16695
git-svn-id: https://develop.svn.wordpress.org/trunk@18619 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-28 20:48:05 +00:00
Andrew Ozz
dde77fd41b Merge most admin css files, first run, see #18314
git-svn-id: https://develop.svn.wordpress.org/trunk@18577 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-21 03:46:43 +00:00
Andrew Ozz
750d395b81 Another fix for Press This, see #17144
git-svn-id: https://develop.svn.wordpress.org/trunk@18574 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-19 17:04:16 +00:00
Andrew Ozz
9734668734 Fix Press This editors, see #17144
git-svn-id: https://develop.svn.wordpress.org/trunk@18570 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-19 01:14:56 +00:00
Nikolay Bachiyski
f228bf94cf Add a gettext context to the Standard post format string in Press This to match other usages of Standard in a post format context
git-svn-id: https://develop.svn.wordpress.org/trunk@18530 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-11 04:36:18 +00:00
Andrew Ozz
9bcfc3da39 <!DOCTYPE html> for all, fixes #18202
git-svn-id: https://develop.svn.wordpress.org/trunk@18460 602fd350-edb4-49c9-b593-d223f7449a82
2011-07-22 00:25:41 +00:00
Andrew Ozz
bcf0131e7a More Press This cleanup and fixes, see #17757
git-svn-id: https://develop.svn.wordpress.org/trunk@18283 602fd350-edb4-49c9-b593-d223f7449a82
2011-06-11 23:12:21 +00:00
Andrew Nacin
1914c5464e UI refresh for Press This. props koopersmith, see #17757.
git-svn-id: https://develop.svn.wordpress.org/trunk@18279 602fd350-edb4-49c9-b593-d223f7449a82
2011-06-11 19:37:23 +00:00
Ryan Boren
46d96c7704 Bring out the pinking shears.
git-svn-id: https://develop.svn.wordpress.org/trunk@18254 602fd350-edb4-49c9-b593-d223f7449a82
2011-06-10 23:01:45 +00:00
Andrew Ozz
a6d817da56 Fix JS error in Press This, props greuben, fixes #17501
git-svn-id: https://develop.svn.wordpress.org/trunk@18155 602fd350-edb4-49c9-b593-d223f7449a82
2011-06-05 23:12:51 +00:00
Peter Westwood
0d62cb9bfd Output TinyMCE HTML inside the body for Press This. Fixes #17500 props greuben
git-svn-id: https://develop.svn.wordpress.org/trunk@18148 602fd350-edb4-49c9-b593-d223f7449a82
2011-06-05 12:36:12 +00:00
Peter Westwood
d989547a7d Whitespace fixes
git-svn-id: https://develop.svn.wordpress.org/trunk@18144 602fd350-edb4-49c9-b593-d223f7449a82
2011-06-05 09:04:29 +00:00
Peter Westwood
6a7b805b85 Mark two missed strings in Press This for translation. Fixes #16334 props SergeyBiryukov and ocean90.
git-svn-id: https://develop.svn.wordpress.org/trunk@18143 602fd350-edb4-49c9-b593-d223f7449a82
2011-06-05 09:02:08 +00:00
Ryan Boren
2c719f4420 Use esc_url() once again.
git-svn-id: https://develop.svn.wordpress.org/trunk@17993 602fd350-edb4-49c9-b593-d223f7449a82
2011-05-22 23:19:12 +00:00
Ryan Boren
cc9f3c8209 Validate post status against capabilities in press this. Props nacin. for trunk
git-svn-id: https://develop.svn.wordpress.org/trunk@17709 602fd350-edb4-49c9-b593-d223f7449a82
2011-04-26 17:15:44 +00:00
Andrew Ozz
e74ff4d710 Fix padding in DFW mode, add the new wpfullscreen plugin in wp-tinymce.js.gz, fix notices in press-this see #17136
git-svn-id: https://develop.svn.wordpress.org/trunk@17697 602fd350-edb4-49c9-b593-d223f7449a82
2011-04-25 14:27:11 +00:00
Andrew Ozz
07a62334de Distraction Free Writing mode, see #17136
git-svn-id: https://develop.svn.wordpress.org/trunk@17695 602fd350-edb4-49c9-b593-d223f7449a82
2011-04-25 01:01:34 +00:00
Andrew Nacin
5ce8a20462 Set the post format before publishing the post in Press This. props Otto42, fixes #16192.
git-svn-id: https://develop.svn.wordpress.org/trunk@17254 602fd350-edb4-49c9-b593-d223f7449a82
2011-01-11 19:58:58 +00:00
Andrew Nacin
74211907ea Delay wp_tiny_mce_preload_dialogs to the footer, as occurs in admin-header. props ocean90, fixes #15561.
git-svn-id: https://develop.svn.wordpress.org/trunk@17140 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-25 15:03:35 +00:00