Commit Graph

217 Commits

Author SHA1 Message Date
Ryan Boren
a6c8efadb9 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23416 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-14 22:51:06 +00:00
Helen Hou-Sandi
d97220fa2c Minor phpdoc fixes for register_sidebar(). props SergeyBiryukov. fixes #22905.
git-svn-id: https://develop.svn.wordpress.org/trunk@23199 602fd350-edb4-49c9-b593-d223f7449a82
2012-12-23 22:11:37 +00:00
Helen Hou-Sandi
a0d5de09fd Refresh phpdoc for register_sidebar(). props jeremyfelt, SergeyBiryukov. fixes #22905.
git-svn-id: https://develop.svn.wordpress.org/trunk@23196 602fd350-edb4-49c9-b593-d223f7449a82
2012-12-23 16:18:16 +00:00
Ryan Boren
7ba5099795 Objects no longer need to be explicitly passed by ref to call_user_func*() to be callable. Props wonderboymusic. fixes #21865
git-svn-id: https://develop.svn.wordpress.org/trunk@22118 602fd350-edb4-49c9-b593-d223f7449a82
2012-10-04 20:00:16 +00:00
Ryan Boren
5e76729992 One newline is enough.
git-svn-id: https://develop.svn.wordpress.org/trunk@19684 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-05 20:10:39 +00:00
Ryan Boren
f1ec82c3a7 Update some @since. Props dgwyer. fixes #19638
git-svn-id: https://develop.svn.wordpress.org/trunk@19673 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-04 19:03:33 +00:00
Andrew Ozz
b627c99686 Check the sidebar class for orphaned sidebars, match sidebars by id while retrieving orphans and the theme has not changed, props SergeyBiryukov, fixes #19350
git-svn-id: https://develop.svn.wordpress.org/trunk@19455 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-26 06:16:43 +00:00
Andrew Ozz
7a4434b080 Prioritize the saved data over the current data when restoring widget positions, props SergeyBiryukov, see #19092
git-svn-id: https://develop.svn.wordpress.org/trunk@19340 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-18 19:50:17 +00:00
Andrew Ozz
1cc6c3cfe8 Don't try to convert empty widget settings from old format, props SergeyBiryukov, fixes #19091
git-svn-id: https://develop.svn.wordpress.org/trunk@19333 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-18 06:11:38 +00:00
Andrew Ozz
c2a18ab5fd When restoring sidebars after switching back to an old theme, make sure the saved data matches the theme's current sidebars, fixes #19092
git-svn-id: https://develop.svn.wordpress.org/trunk@19332 602fd350-edb4-49c9-b593-d223f7449a82
2011-11-18 06:00:29 +00:00
Ryan Boren
fd10e500e4 Pinking shears
git-svn-id: https://develop.svn.wordpress.org/trunk@19054 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-24 19:13:23 +00:00
Andrew Nacin
90f95e0204 new does not require by reference.
git-svn-id: https://develop.svn.wordpress.org/trunk@18995 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-18 20:20:59 +00:00
Ryan Boren
8e77c91883 * Move the old sidebars_widgets array upgrade code to wp-admin/includes/upgrade.php
* Avoid infinite loop with wp_get_sidebars_widgets()
* Remove two unneeded wp_get_sidebars_widgets() calls
* Remove unused $wp_registered_sidebars variable from wp_get_sidebars_widgets().
* Combine  a couple of !empty( $sidebars_widgets ) checks in retrieve_widgets()
Props SergeyBiryukov, lancewillett. fixes #17979 #18598


git-svn-id: https://develop.svn.wordpress.org/trunk@18821 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-29 21:41:22 +00:00
Peter Westwood
321e31c58b A little bit of whitespace keeps the code readable.
git-svn-id: https://develop.svn.wordpress.org/trunk@18678 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-15 10:09:45 +00:00
Andrew Ozz
7b2c49d219 Make check_theme_switched() run an action so this enhancement is available to plugins and themes too, see #17979
git-svn-id: https://develop.svn.wordpress.org/trunk@18655 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-08 20:07:15 +00:00
Andrew Ozz
808ea899ad Use theme mods instead of transients for storing the previous theme's widgets config, props aaroncampbell, see #17979
git-svn-id: https://develop.svn.wordpress.org/trunk@18654 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-08 19:25:20 +00:00
Jon Cave
82c0f09c09 Fix typos in documentation (wp-includes/[i-z]). See #18560.
git-svn-id: https://develop.svn.wordpress.org/trunk@18639 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-05 19:08:15 +00:00
Andrew Ozz
4782c3dc6f Avoid losing widgets when switching themes - take one, props aaroncampbell, see #17979
git-svn-id: https://develop.svn.wordpress.org/trunk@18630 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-02 22:13:55 +00:00
Nikolay Bachiyski
13181c96c8 Explicitly globalize some variables, so that unit tests can run WordPress inside a function. Fixes #17749
git-svn-id: https://develop.svn.wordpress.org/trunk@18532 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-11 04:45:14 +00:00
Andrew Nacin
959f4e03c4 s/displayied/displayed/. props kawauso, fixes #17633.
git-svn-id: https://develop.svn.wordpress.org/trunk@18096 602fd350-edb4-49c9-b593-d223f7449a82
2011-06-01 16:44:13 +00:00
Ryan Boren
e7a943c60c Remove PHP4 constructors. Props scribu. fixes #16768
git-svn-id: https://develop.svn.wordpress.org/trunk@17655 602fd350-edb4-49c9-b593-d223f7449a82
2011-04-18 21:46:57 +00:00
Andrew Nacin
fd76a68a2d Bail early in dynamic_sidebar() if there are no sidebars. fixes #14816.
git-svn-id: https://develop.svn.wordpress.org/trunk@17545 602fd350-edb4-49c9-b593-d223f7449a82
2011-03-23 18:59:52 +00:00
Andrew Nacin
9a53e46ff5 Revert [15994] for now, as the default widgets then go through an identity crisis. see #14876, #15493.
git-svn-id: https://develop.svn.wordpress.org/trunk@16521 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-21 13:48:35 +00:00
Andrew Nacin
bcbb15ca21 Return empty array in wp_get_sidebars_widgets() if no sidebars are defined. fixes #14876.
git-svn-id: https://develop.svn.wordpress.org/trunk@15994 602fd350-edb4-49c9-b593-d223f7449a82
2010-10-27 01:56:54 +00:00
Andrew Nacin
9494e4ce7e Phpdoc argument/@param cleanups. props duck_, see #14783.
git-svn-id: https://develop.svn.wordpress.org/trunk@15590 602fd350-edb4-49c9-b593-d223f7449a82
2010-09-07 11:21:11 +00:00
Ryan Boren
d783952469 Strip trailing whites.
git-svn-id: https://develop.svn.wordpress.org/trunk@14404 602fd350-edb4-49c9-b593-d223f7449a82
2010-05-03 20:26:11 +00:00
Ryan Boren
1796f678ff Hooks for the widgets api. Props ptahdunbar. fixes #12546
git-svn-id: https://develop.svn.wordpress.org/trunk@14382 602fd350-edb4-49c9-b593-d223f7449a82
2010-05-03 19:01:43 +00:00
Mark Jaquith
0a658396a5 Make sure sidebars_widgets is an array. If it is a string (no idea how, but it happens), we get a fatal error
git-svn-id: https://develop.svn.wordpress.org/trunk@14320 602fd350-edb4-49c9-b593-d223f7449a82
2010-04-30 17:37:42 +00:00
Andrew Nacin
7369d04015 Use wp_parse_args in register_sidebar. fixes #11836, props scribu.
git-svn-id: https://develop.svn.wordpress.org/trunk@14154 602fd350-edb4-49c9-b593-d223f7449a82
2010-04-18 15:32:39 +00:00
Ryan Boren
eeb49f6bef Enable nav menu admin if theme supports widgets. Show notice if theme supports widgets but not nav-menus. see #11817
git-svn-id: https://develop.svn.wordpress.org/trunk@13810 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-24 18:35:31 +00:00
Andrew Nacin
dd306def81 Remove redundant isset() and empty() checks.
git-svn-id: https://develop.svn.wordpress.org/trunk@13770 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-19 21:29:21 +00:00
Dion Hulse
f80cc183fa Restore backwards compatibility of integer sidebars("sidebar-$i"). See #12606
git-svn-id: https://develop.svn.wordpress.org/trunk@13701 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-14 12:12:23 +00:00
Dion Hulse
20a430c8fb Revert [13699], It breaks dynamic_sidebar(<int>) compatibility. Use a safer loop for clashes. See #12606
git-svn-id: https://develop.svn.wordpress.org/trunk@13700 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-14 11:58:53 +00:00
Dion Hulse
bd619cdb60 Simplify the Id uniqueness loops. Guard against more use-cases which might cause ID conflicts. See #12606
git-svn-id: https://develop.svn.wordpress.org/trunk@13699 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-14 11:34:51 +00:00
Dion Hulse
a486d9ed55 Ensure that for multiple sidebar additions, the ID is unique (even if specified). Append -2.. for > 1 sidebars. Props minusfive. Fixes #12606
git-svn-id: https://develop.svn.wordpress.org/trunk@13698 602fd350-edb4-49c9-b593-d223f7449a82
2010-03-14 10:55:17 +00:00
Andrew Nacin
03695fa9ae Move deprecated pre-2.8 widget API to deprecated.php. Deprecate register_sidebar_widget, unregister_sidebar_widget, register_widget_control, unregister_widget_control, in favor of their wp_* counterparts. See #11388
git-svn-id: https://develop.svn.wordpress.org/trunk@13098 602fd350-edb4-49c9-b593-d223f7449a82
2010-02-13 07:55:28 +00:00
Peter Westwood
2e2ad12171 Add missing version numbers to _deprecated_argument() calls.
Remove deprecated argument from xfn_check() calls.
Pass version number to deprecated_file_included, deprecated_function_run and deprecated_argument_run actions.
Fixes #11386 props nacin.

git-svn-id: https://develop.svn.wordpress.org/trunk@12680 602fd350-edb4-49c9-b593-d223f7449a82
2010-01-09 10:03:55 +00:00
Peter Westwood
a752e6b561 Updates and improvements to _depreceated_argument. See #11386 props nacin.
git-svn-id: https://develop.svn.wordpress.org/trunk@12584 602fd350-edb4-49c9-b593-d223f7449a82
2009-12-30 16:23:39 +00:00
Peter Westwood
b607185b4e Fix typo in _deprecated_argument() and start using _deprecated_argument() in wp-includes files. See #11386 props nacin.
git-svn-id: https://develop.svn.wordpress.org/trunk@12537 602fd350-edb4-49c9-b593-d223f7449a82
2009-12-24 11:12:04 +00:00
Andrew Ozz
b15bee6f1a Always register all widgets, props hakre, fixes #10954
git-svn-id: https://develop.svn.wordpress.org/trunk@12249 602fd350-edb4-49c9-b593-d223f7449a82
2009-11-21 03:40:55 +00:00
Andrew Ozz
7c3f9cf02b Add sidebar descriptions to sidebar settings and widget admin screen, props jeremyclarke scribu, fixes #11157
git-svn-id: https://develop.svn.wordpress.org/trunk@12213 602fd350-edb4-49c9-b593-d223f7449a82
2009-11-19 09:12:16 +00:00
Andrew Ozz
987dcbda89 Fix warning in wp-admin/widgets.php when using Accessibility Mode on brand new install, fixes #10610
git-svn-id: https://develop.svn.wordpress.org/trunk@11824 602fd350-edb4-49c9-b593-d223f7449a82
2009-08-16 01:56:21 +00:00
Andrew Ozz
484f514706 Convert the old style widgets order array only when loading the widgets screen, fixes #10300 for trunk
git-svn-id: https://develop.svn.wordpress.org/trunk@11691 602fd350-edb4-49c9-b593-d223f7449a82
2009-07-04 12:49:54 +00:00
Andrew Ozz
59b44738e0 is_active_sidebar() should use wp_get_sidebars_widgets(), props greenshady and Denis-de-Bernardy, fixes #10136
git-svn-id: https://develop.svn.wordpress.org/trunk@11562 602fd350-edb4-49c9-b593-d223f7449a82
2009-06-14 08:37:07 +00:00
Andrew Ozz
cc77d3b710 Improve widgets hooks, props Denis-de-Bernardy, fixes #10013
git-svn-id: https://develop.svn.wordpress.org/trunk@11510 602fd350-edb4-49c9-b593-d223f7449a82
2009-06-03 11:33:17 +00:00
Andrew Ozz
f1b8716b93 Reload the widget form with the ajax response after save, add Close link to the widgets, don't auto-close on save to show possible errors returned from validation
git-svn-id: https://develop.svn.wordpress.org/trunk@11498 602fd350-edb4-49c9-b593-d223f7449a82
2009-05-31 11:34:08 +00:00
Ryan Boren
e72a01fdc8 Fix widget unregister back-compat. fixes #9952
git-svn-id: https://develop.svn.wordpress.org/trunk@11484 602fd350-edb4-49c9-b593-d223f7449a82
2009-05-29 16:32:20 +00:00
Ryan Boren
e12c642c54 Trim tailing whitespace
git-svn-id: https://develop.svn.wordpress.org/trunk@11450 602fd350-edb4-49c9-b593-d223f7449a82
2009-05-24 23:47:49 +00:00
Andrew Ozz
29ed683636 Fix saving and deleting of widgets settings for no-js and for some non-standard widgets, run the actions from the widgets screen when saving with ajax, see #9511
git-svn-id: https://develop.svn.wordpress.org/trunk@11427 602fd350-edb4-49c9-b593-d223f7449a82
2009-05-22 12:08:51 +00:00
Mark Jaquith
f0336cfa7d deprecate wp_specialchars() in favor of esc_html(). Encode quotes for esc_html() as in esc_attr(), to improve plugin security.
git-svn-id: https://develop.svn.wordpress.org/trunk@11380 602fd350-edb4-49c9-b593-d223f7449a82
2009-05-18 15:11:07 +00:00