Commit Graph

294 Commits

Author SHA1 Message Date
Ryan Boren
b78520da15 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #WP21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23591 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-03 16:30:38 +00:00
Ryan Boren
c363aea627 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: https://develop.svn.wordpress.org/trunk@23554 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 16:28:40 +00:00
Ryan Boren
a6c8efadb9 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23416 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-14 22:51:06 +00:00
Sergey Biryukov
a873f4acdb Select "Attribute all posts to..." radio button automatically when selecting a username from the dropdown. fixes #23224.
git-svn-id: https://develop.svn.wordpress.org/trunk@23366 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-01 18:43:23 +00:00
Peter Westwood
d79af224f7 i18n: Fix the usage of sprintf replacements in the user management admin page. See #22260.
git-svn-id: https://develop.svn.wordpress.org/trunk@22273 602fd350-edb4-49c9-b593-d223f7449a82
2012-10-23 11:32:41 +00:00
Andrew Nacin
b4f8bc836e Force the user to explicitly choose between content deletion and reassignment when deleting users. props Dan Rivera, Ben Brooks, GhostToast. fixes #20045.
git-svn-id: https://develop.svn.wordpress.org/trunk@22166 602fd350-edb4-49c9-b593-d223f7449a82
2012-10-10 14:07:59 +00:00
Andrew Nacin
9931c1a45d Hide the link manager from the UI on upgrade, if the site has no links. New DB option, link_manager_enabled.
Enforce this by denying the 'manage_links' capability, which hides the All Links, Add New Link, and Link Categories screens. Hide WP_Widget_Links and the UI for the default_link_category as well.

Convert all references to 'posts and links' when handling reassignment on user deletion to just 'posts'.

see #21307.



git-svn-id: https://develop.svn.wordpress.org/trunk@21501 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-13 16:18:42 +00:00
Andrew Nacin
a5c7405975 Move most instances of new WP_User to get_userdata(). see #21120.
git-svn-id: https://develop.svn.wordpress.org/trunk@21413 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-03 01:06:05 +00:00
Andrew Nacin
245b0655d2 Remove user/site suggestions (autocompletion) from search inputs, as the UX isn't proper.
* Removes all instances of site-search, so away it goes. Sidesteps a number of bugs with site-search.
 * Renames user-search to user-suggest, which means it better describes the current behavior (autocompletion) while allowing for future behavior (instant search).
 * Ties user suggestions to a single .wp-suggest-user class.

with help from markjaquith, helenyhou, wonderboymusic. 
fixes #20835.



git-svn-id: https://develop.svn.wordpress.org/trunk@21003 602fd350-edb4-49c9-b593-d223f7449a82
2012-06-05 18:51:33 +00:00
Andrew Nacin
82ceeca5de After adding a user, take them back to users.php with an 'Edit user' link in the message.
This removes the (possibly ineffective) search from the redirect, as well as the URL hash that will get covered up by the toolbar.

fixes #19470. props merty and SergeyBiryukov for initial patches.



git-svn-id: https://develop.svn.wordpress.org/trunk@20631 602fd350-edb4-49c9-b593-d223f7449a82
2012-04-27 23:13:39 +00:00
Andrew Nacin
48c5af2ac0 Clean up cap checks for autocompletes for sites and users in a network. see #19810.
git-svn-id: https://develop.svn.wordpress.org/trunk@20332 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-30 21:04:48 +00:00
Mark Jaquith
461e24643c Autocomplete site names in Network Admin. More user completion areas. props Japh, DrewAPicture. see #19810.
git-svn-id: https://develop.svn.wordpress.org/trunk@20279 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-24 04:54:58 +00:00
Andrew Nacin
2758e7fb6a Only allow _multisite_ super admins to demote themselves on a site. props linuxologos, see #19684 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@19640 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-30 23:13:48 +00:00
Ryan Boren
676ba7043e Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: https://develop.svn.wordpress.org/trunk@19593 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-13 23:45:31 +00:00
Ryan Boren
6610e321e7 Pinking shears
git-svn-id: https://develop.svn.wordpress.org/trunk@19528 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-01 04:51:35 +00:00
Andrew Nacin
57da602f61 Help tweaks for users, tools. props jane, see #19020.
git-svn-id: https://develop.svn.wordpress.org/trunk@19509 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-01 01:17:14 +00:00
Ryan Boren
68f667d23d Indent cleanup. see #19020
git-svn-id: https://develop.svn.wordpress.org/trunk@19438 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-23 23:08:02 +00:00
Ryan Boren
0ef41d992b Help tabs. Props Ipstenu. see #19020
git-svn-id: https://develop.svn.wordpress.org/trunk@19436 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-23 23:06:52 +00:00
Andrew Nacin
33ee9a7d04 s/add_help_sidebar/set_help_sidebar/g and introduce screen->remove_help_tab($id) and screen->remove_help_tabs(). see #19020, #18785.
git-svn-id: https://develop.svn.wordpress.org/trunk@19119 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-02 20:14:10 +00:00
Ryan Boren
db63861af8 Use add_help_sidebar(). see #19020
git-svn-id: https://develop.svn.wordpress.org/trunk@19111 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-02 03:12:37 +00:00
Andrew Nacin
fe4f927a80 Allow a super admin to demote themselves on a site to a role that does not contain the promote_users cap. props fonglh, fixes #18164.
git-svn-id: https://develop.svn.wordpress.org/trunk@19024 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-20 14:12:25 +00:00
Andrew Nacin
2efff75050 Revert [18861], [18862], [18864], [18874], [18879], and [18880]. see #18785.
git-svn-id: https://develop.svn.wordpress.org/trunk@18911 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-07 04:57:12 +00:00
Andrew Ozz
98554b4bb6 Use add_option() method, introduce add_option_context() method for adding specific text above the screen options, see #18690
git-svn-id: https://develop.svn.wordpress.org/trunk@18867 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-03 04:00:57 +00:00
Andrew Ozz
d0d3855285 Add screen_options with contextual content, see #18690
git-svn-id: https://develop.svn.wordpress.org/trunk@18864 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-02 06:59:36 +00:00
Ryan Boren
8eea785bcb Add magic get/set/isset methods to WP_User to avoid data duplication. Standardize on WP_User::ID. Props scribu. see #15458
git-svn-id: https://develop.svn.wordpress.org/trunk@18504 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-04 03:09:27 +00:00
Andrew Nacin
2b6feaa8ae Remove non-functional vestigal code.
git-svn-id: https://develop.svn.wordpress.org/trunk@17977 602fd350-edb4-49c9-b593-d223f7449a82
2011-05-20 06:02:03 +00:00
Daryl Koopersmith
2c5592178f Admin Header 2: The Return of 32px Icons. Props, iammattthomas. see #17324.
git-svn-id: https://develop.svn.wordpress.org/trunk@17872 602fd350-edb4-49c9-b593-d223f7449a82
2011-05-12 00:22:22 +00:00
Ryan Boren
57d714aedc Remove favorite_actions() from h2s. Restore Add New buttons. see #17324
git-svn-id: https://develop.svn.wordpress.org/trunk@17849 602fd350-edb4-49c9-b593-d223f7449a82
2011-05-10 19:18:16 +00:00
Mark Jaquith
e897910b75 Big UI style update. props koopersmith. see #17324
git-svn-id: https://develop.svn.wordpress.org/trunk@17800 602fd350-edb4-49c9-b593-d223f7449a82
2011-05-04 20:15:05 +00:00
Andrew Nacin
f504e221e1 Switch from Panel/SubPanel to Screen in inline documentation and Codex links. props michaelh, fixes #17265.
git-svn-id: https://develop.svn.wordpress.org/trunk@17748 602fd350-edb4-49c9-b593-d223f7449a82
2011-04-28 15:24:49 +00:00
Ryan Boren
fd6f56e0b1 Singular and plural strings for bulk user delete. Props nacin. fixes #16360
git-svn-id: https://develop.svn.wordpress.org/trunk@17673 602fd350-edb4-49c9-b593-d223f7449a82
2011-04-21 16:48:12 +00:00
Ryan Boren
e431f630a2 Disallow and hide user removal (as opposed to deletion) for single site installs. Removal is a multisite concept. Props nacin. fixes #16501 for trunk
git-svn-id: https://develop.svn.wordpress.org/trunk@17439 602fd350-edb4-49c9-b593-d223f7449a82
2011-02-10 20:37:26 +00:00
Ryan Boren
7c37c82691 Add additional promote_users checks. Show Add existing button only for multisite. Don't show bulk actions if user can't promote users. Show add new user menu if user has create_users but not promote_users. Props nacin. fixes #16501 for trunk
git-svn-id: https://develop.svn.wordpress.org/trunk@17431 602fd350-edb4-49c9-b593-d223f7449a82
2011-02-09 17:30:26 +00:00
Peter Westwood
c4d608db4f Don't redirect continually on empty search results pages. Fixes #16357 props garyc40
git-svn-id: https://develop.svn.wordpress.org/trunk@17366 602fd350-edb4-49c9-b593-d223f7449a82
2011-01-26 09:56:17 +00:00
Ryan Boren
363faf4eba Add name to reassign user dropdown. Props nacin. fixes #16361
git-svn-id: https://develop.svn.wordpress.org/trunk@17363 602fd350-edb4-49c9-b593-d223f7449a82
2011-01-25 19:36:50 +00:00
Ryan Boren
e131cde02f Pagination fixes. Props garyc40. fixes #16357
git-svn-id: https://develop.svn.wordpress.org/trunk@17361 602fd350-edb4-49c9-b593-d223f7449a82
2011-01-25 19:20:20 +00:00
Ryan Boren
2d0150b6de From post back to get. Props SergeyBiryukov. fixes #16335
git-svn-id: https://develop.svn.wordpress.org/trunk@17345 602fd350-edb4-49c9-b593-d223f7449a82
2011-01-22 01:31:21 +00:00
Andrew Nacin
2b4674a3b4 Remove AJAX from list tables. first pass. see #16262.
git-svn-id: https://develop.svn.wordpress.org/trunk@17322 602fd350-edb4-49c9-b593-d223f7449a82
2011-01-16 21:47:24 +00:00
Andrew Nacin
03582ad585 Revert [17275] and [17276]. The rabbit hole is too deep. see #16166.
git-svn-id: https://develop.svn.wordpress.org/trunk@17277 602fd350-edb4-49c9-b593-d223f7449a82
2011-01-13 00:50:35 +00:00
Andrew Nacin
166014d76e Move wp_redirect calls to the end of the switch in users.php. Fix unrelated bug where the user's cap should be check, rather than their role's cap. see #16166.
git-svn-id: https://develop.svn.wordpress.org/trunk@17275 602fd350-edb4-49c9-b593-d223f7449a82
2011-01-13 00:22:53 +00:00
Peter Westwood
eeb06f8967 Improve the button and header test to give a clearer picture between Adding New Users and Adding Exiting Users to a site. Fixes #14756
git-svn-id: https://develop.svn.wordpress.org/trunk@17069 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-19 22:27:30 +00:00
scribu
247668b5ad Use wp_dropdown_users() in the delete confirmation screen. Props duck_. See #15854
git-svn-id: https://develop.svn.wordpress.org/trunk@17010 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-16 23:40:46 +00:00
scribu
0f40bb19cd Introduce WP_List_Table::search_box(). See #15353
git-svn-id: https://develop.svn.wordpress.org/trunk@17006 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-16 20:45:10 +00:00
Andrew Nacin
afecafe7ab Remove check_permissions() calls outside of AJAX context. Also only check for switch_themes in check_permissions() for the themes table. see #15326.
git-svn-id: https://develop.svn.wordpress.org/trunk@16990 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-16 08:43:22 +00:00
Andrew Nacin
7feeb0a320 Help text edits. props dougwrites, fixes #15346.
git-svn-id: https://develop.svn.wordpress.org/trunk@16980 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-16 06:37:03 +00:00
scribu
3f5f212ffb Don't show search box if there are no items available. See #15353
git-svn-id: https://develop.svn.wordpress.org/trunk@16868 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-10 20:22:34 +00:00
Ryan Boren
a7bcbc027f Fix user search input name. Props nickmomrik.
git-svn-id: https://develop.svn.wordpress.org/trunk@16496 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-19 23:43:00 +00:00
Andrew Nacin
40d1e43970 Add missing div. props PeteMall, fixes #15501.
git-svn-id: https://develop.svn.wordpress.org/trunk@16494 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-19 19:05:04 +00:00
Ryan Boren
d653f78616 Show Add New if user can promote.
git-svn-id: https://develop.svn.wordpress.org/trunk@16330 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-12 16:57:47 +00:00
Peter Westwood
817aa1975c Revert [16171] and [16172] - The class names were fine as they were and the MultiSite classes stand out more with the original naming.
git-svn-id: https://develop.svn.wordpress.org/trunk@16175 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-04 08:07:03 +00:00