Commit Graph

793 Commits

Author SHA1 Message Date
Ryan Boren
436b32ef62 Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
git-svn-id: https://develop.svn.wordpress.org/trunk@23567 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 17:14:09 +00:00
Ryan Boren
c363aea627 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: https://develop.svn.wordpress.org/trunk@23554 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-01 16:28:40 +00:00
Andrew Nacin
d3a4aa7e29 Ignore protected meta keys in meta_form(). see #18786.
git-svn-id: https://develop.svn.wordpress.org/trunk@23534 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-28 19:51:29 +00:00
Sergey Biryukov
5d957955fa Fix typo in phpdoc. see #17515.
git-svn-id: https://develop.svn.wordpress.org/trunk@23457 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-19 23:40:03 +00:00
Sergey Biryukov
eeda24f865 Deprecate wp_convert_bytes_to_hr() in favor of size_format(). props F J Kaiser. fixes #19067.
git-svn-id: https://develop.svn.wordpress.org/trunk@23439 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-16 03:07:56 +00:00
Ryan Boren
a6c8efadb9 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: https://develop.svn.wordpress.org/trunk@23416 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-14 22:51:06 +00:00
Mark Jaquith
1723190616 Document the mysterious seventh parameter of add_meta_box().
props wonderboymusic, markjaquith. fixes #17515

git-svn-id: https://develop.svn.wordpress.org/trunk@23397 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-08 18:37:34 +00:00
Mark Jaquith
2f6d3fed8c Display post formats in the posts list table.
props nacin, garyc40, DrewAPicture, wonderboymusic, aaroncampbell.

fixes #16047

git-svn-id: https://develop.svn.wordpress.org/trunk@23392 602fd350-edb4-49c9-b593-d223f7449a82
2013-02-08 16:10:05 +00:00
Sergey Biryukov
44c8e7aea8 Consistently use a helper function instead of directly printing the disabled attribute.
Remove an erroneous esc_attr() call.

fixes #23194.

git-svn-id: https://develop.svn.wordpress.org/trunk@23352 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-28 03:23:01 +00:00
Sergey Biryukov
81e88f1ec3 Make sure the post exists before checking its ID. fixes #23026.
git-svn-id: https://develop.svn.wordpress.org/trunk@23351 602fd350-edb4-49c9-b593-d223f7449a82
2013-01-28 02:55:06 +00:00
Ryan Boren
c53137f535 Scope button classes so they can be used on the frontend without interfering with theme styles.
Props helenyhou, koopersmith
fixes #22644


git-svn-id: https://develop.svn.wordpress.org/trunk@22948 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-30 13:40:59 +00:00
Andrew Nacin
ae3472b2a2 Feature pointers:
* Finalize the text for the media pointer. Offer it for translation.
 * Remove the favorites pointer.
fixes #22454.



git-svn-id: https://develop.svn.wordpress.org/trunk@22874 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-27 18:58:07 +00:00
Andrew Nacin
5e90f834be Two initial feature pointers for WordPress 3.5: plugin favorites and the media dialog. One offered for translation. props nacin, lessbloat, DrewAPicture. see #22454.
git-svn-id: https://develop.svn.wordpress.org/trunk@22815 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-22 09:24:11 +00:00
Andrew Nacin
0a830bf46b Fix up the 'Attach' dialog on upload.php.
We are de-emphasising attaching (see [22630]) but this is existing
core functionality and will remain for now. This commit just cleans
it up a bit so as to be less embarrassing.

props lessbloat, helenyhou.
fixes #20164.



git-svn-id: https://develop.svn.wordpress.org/trunk@22723 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-20 18:50:15 +00:00
Andrew Nacin
85efa182f7 Forms with the class .wp-upload-form will now have their submit button disabled until a file is selected. props kovshenin, helenyhou, lessbloat, SergeyBiryukov, tommcfarlin. fixes #20855.
git-svn-id: https://develop.svn.wordpress.org/trunk@22459 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-07 23:54:03 +00:00
Andrew Ozz
330c10d1a9 Kill use of colons in class names, props SergeyBiryukov, fixes #21152
git-svn-id: https://develop.svn.wordpress.org/trunk@22396 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-06 01:01:52 +00:00
Ryan Boren
b9890981c5 Use esc_attr() for attributes. Props johnjamesjacoby. fixes #22327
git-svn-id: https://develop.svn.wordpress.org/trunk@22373 602fd350-edb4-49c9-b593-d223f7449a82
2012-11-05 18:04:50 +00:00
Daryl Koopersmith
163f99b942 Refine button styles, notably the gray buttons.
* Crisper edges, fewer outer shadows.
* Higher contrast borders on the gray buttons.
* Separates `button-large` from `button-primary`, and removes the `regular` override class.

props hugobaeta, helenyhou, lessbloat. see #21598.


git-svn-id: https://develop.svn.wordpress.org/trunk@22099 602fd350-edb4-49c9-b593-d223f7449a82
2012-10-02 23:38:21 +00:00
Ryan Boren
0d5f429651 Initialize to avoid notice. Props bradyvercher. fixes #22050
git-svn-id: https://develop.svn.wordpress.org/trunk@22091 602fd350-edb4-49c9-b593-d223f7449a82
2012-10-01 16:09:16 +00:00
Daryl Koopersmith
d6d359a1bc Move wp_max_upload_size and dependencies to wp-includes. props johnjamesjacoby. see #21390, fixes #21867.
git-svn-id: https://develop.svn.wordpress.org/trunk@22073 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-27 20:59:57 +00:00
Andrew Nacin
e82d5080b8 New HiDPI spinner. Uses clean <span class="spinner"></span> markup.
Be on the lookout for weirdness.
props lessbloat. see #21456.



git-svn-id: https://develop.svn.wordpress.org/trunk@22019 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-26 19:57:44 +00:00
Andrew Nacin
b401b8d14d Better alignment in the ustom fields metabox. props SergeyBiryukov, ocean90, fixes #21847.
git-svn-id: https://develop.svn.wordpress.org/trunk@21955 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-23 17:42:46 +00:00
Andrew Nacin
1c58ef9f33 Updates and fixes to the new button styles. By default, buttons are now the same size as they were in 3.4. Then there is a smaller button (designed for minor elements) and a larger button (designed for things like Publish and Save Changes). Better focus styles. props lessbloat. see #21598.
git-svn-id: https://develop.svn.wordpress.org/trunk@21944 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-21 19:34:23 +00:00
Andrew Nacin
64dec4d525 Move the Cancel button for replying and quick-editing a comment to after the primary update/reply button so tabbing from the comment field takes you to the primary action. see #21340.
git-svn-id: https://develop.svn.wordpress.org/trunk@21883 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-17 22:13:53 +00:00
Andrew Nacin
f62839c45b Fold Privacy Settings into Reading Settings, moving blog_public (search engine/robots) to options-reading and removing options-privacy.
When blog_public only has two values (as judged by whether the blog_privacy_selector action is used), convert from radio buttons to a checkbox, and rename from 'Site Visibility' to a more specific 'Search Engine Visibility'.

The text and implementation may change a bit. see #16416.



git-svn-id: https://develop.svn.wordpress.org/trunk@21838 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-13 17:28:57 +00:00
Ryan Boren
9360033fbe Check for an empty post in wp_popular_terms_checklist(). _wp_ajax_add_hierarchical_term() doesn't set up global post info. Props SergeyBiryukov. see #21309
git-svn-id: https://develop.svn.wordpress.org/trunk@21791 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-10 16:45:49 +00:00
Daryl Koopersmith
7d6e53317c New button styles.
Using the new buttons:

* Button classes are now stackable.
* All buttons should use a base class of "button".
* Buttons default to the gray style (formerly "button-secondary"). Buttons can add a style by adding additional classes. To make a primary button, add the "button-primary" class.
* Buttons can be rendered in various sizes. In addition to the default size, you can add "button-large", "button-small", or "button-tiny".

For backwards compatibility reasons, "button-primary" and "button-secondary" both work as standalone classes.

get_submit_button() has been adjusted to handle shorthand button classes (i.e. button classes can be passed without the "button-" prefix).

props lessbloat, helenyhou, trepmal, nacin. see #21598.



git-svn-id: https://develop.svn.wordpress.org/trunk@21789 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-08 04:58:34 +00:00
Andrew Nacin
626a4b2a56 Fix adding and updating from the Custom Fields meta box. Broken in [21205]. props SergeyBiryukov. see #21829 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@21781 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-07 15:49:20 +00:00
Ryan Boren
d31b2ea583 Make the callback optional for add_settings_section(). Props lightningspirit. fixes #21630
git-svn-id: https://develop.svn.wordpress.org/trunk@21742 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-04 20:55:20 +00:00
Ryan Boren
31ec698423 Use get_post() instead of global $post.
Make the $post argument to get_post() optional, defaulting to the current post in The Loop.

Props nacin
see #21309


git-svn-id: https://develop.svn.wordpress.org/trunk@21735 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-04 16:29:28 +00:00
Andrew Nacin
0dbb4dfb27 Update some code comments from .dev.js to .js. props georgestephanis. see #21633.
git-svn-id: https://develop.svn.wordpress.org/trunk@21659 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-30 02:15:57 +00:00
Ryan Boren
de06b81360 Remove return ref from all calls to get_post()
Return WP_Post from get_default_post_to_edit()
Replace all calls to get_page() with get_post()
see #21309


git-svn-id: https://develop.svn.wordpress.org/trunk@21597 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-23 20:01:10 +00:00
Ryan Boren
98864bbb7e Send Content-Type with charset for iframe_header(). Props SergeyBiryukov, sergey.s.betke@novgaro.ru. fixes #19454
git-svn-id: https://develop.svn.wordpress.org/trunk@21538 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-17 14:19:03 +00:00
Ryan Boren
c2651f05f8 Remove debug cruft. Props ocean90. fixes #21315
git-svn-id: https://develop.svn.wordpress.org/trunk@21349 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-26 15:01:44 +00:00
Ryan Boren
2c0f98fe49 For get_settings_errors(), make sure errors from transient get added to the global variable and not unset when checking for an error of a specific setting. Also always return an array, as noted in the documentation. Props obenland. fixes #20833
git-svn-id: https://develop.svn.wordpress.org/trunk@21315 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-24 15:13:46 +00:00
Andrew Ozz
6e6b727315 Remove nearly all tabindex attributes from the admin, leaving them only where absolutely necessary (for now that's only the toolbar).
Add tabindex="-1" for the menu images links to avoid double tab stops there when the menu is expanded.

Fix/add auto-focus on the first input fields on the Add/Edit Post, all taxonomy, all edit taxonomy, Log In and Edit Comment screens.

See #21340.

git-svn-id: https://develop.svn.wordpress.org/trunk@21311 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-24 00:15:15 +00:00
Jon Cave
547117de7d Hide pointers introduced in 3.4 from new users. Fixes #20941.
git-svn-id: https://develop.svn.wordpress.org/trunk@21075 602fd350-edb4-49c9-b593-d223f7449a82
2012-06-13 17:38:42 +00:00
Andrew Nacin
57f267af2a Prevent a scrollbar in the admin caused by padding given to the toolbar. props SergeyBiryukov, ocean90. fixes #19196.
git-svn-id: https://develop.svn.wordpress.org/trunk@21025 602fd350-edb4-49c9-b593-d223f7449a82
2012-06-07 22:05:01 +00:00
Andrew Ozz
82f26f5892 Pointers: fix check for defer_loading, fixes #20554
git-svn-id: https://develop.svn.wordpress.org/trunk@20891 602fd350-edb4-49c9-b593-d223f7449a82
2012-05-24 22:50:30 +00:00
Andrew Ozz
ff16e0f409 Pointers: center pointer on Themes screen, fixes #20554
git-svn-id: https://develop.svn.wordpress.org/trunk@20880 602fd350-edb4-49c9-b593-d223f7449a82
2012-05-24 16:34:51 +00:00
Andrew Ozz
f0bbe7fe57 s/deffer/defer, see #20554
git-svn-id: https://develop.svn.wordpress.org/trunk@20869 602fd350-edb4-49c9-b593-d223f7449a82
2012-05-24 07:02:25 +00:00
Andrew Ozz
17fa8d52ec Pointers: add arg to pointer options to load at window.loaded (after all images have been loaded and the layout is finalized) and use it on the custom header screen, see #20554
git-svn-id: https://develop.svn.wordpress.org/trunk@20867 602fd350-edb4-49c9-b593-d223f7449a82
2012-05-24 06:45:49 +00:00
Ryan Boren
6149a105fc Updated text for Customize pointer. Props jane. see #20554
git-svn-id: https://develop.svn.wordpress.org/trunk@20854 602fd350-edb4-49c9-b593-d223f7449a82
2012-05-23 19:49:14 +00:00
Ryan Boren
8e75e8ce49 Feature pointers for choosing an image from the library on the custom header and background pages. see #20554
git-svn-id: https://develop.svn.wordpress.org/trunk@20839 602fd350-edb4-49c9-b593-d223f7449a82
2012-05-21 20:34:20 +00:00
Ryan Boren
0f9af78c3f First pass at 3.4 pointers. Add pointer to the customize link for the current theme on themes.php. Support multiple pointers per page. Props scribu. see #20554
git-svn-id: https://develop.svn.wordpress.org/trunk@20774 602fd350-edb4-49c9-b593-d223f7449a82
2012-05-11 20:29:08 +00:00
Andrew Nacin
75f4959b2a Add a filter to wp_terms_checklist() that wraps the function's arguments.
Mainly designed to allow checked_ontop to be turned off.

props husobj.
fixes #20054.



git-svn-id: https://develop.svn.wordpress.org/trunk@20710 602fd350-edb4-49c9-b593-d223f7449a82
2012-05-03 01:15:18 +00:00
Jon Cave
ecd1caa054 Add some missing documentation and fix a couple of typos. Props roscius. Fixes #19756.
git-svn-id: https://develop.svn.wordpress.org/trunk@20349 602fd350-edb4-49c9-b593-d223f7449a82
2012-04-04 17:32:03 +00:00
Andrew Ozz
197ec5d82e Revert type="number" for the date/time fields as it introduces UI/styling issues, fixes #20217, see #17863
git-svn-id: https://develop.svn.wordpress.org/trunk@20217 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-19 19:30:07 +00:00
Andrew Nacin
ce48b0d471 Revert type="email" (HTML5) as some browsers that do validation on these fields do not work for IDN domains yet. Core does not support these well either, but server-side validation can at least be dealt with by a plugin. see #17863.
git-svn-id: https://develop.svn.wordpress.org/trunk@20196 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-15 18:09:14 +00:00
Andrew Ozz
fcbd8f7f57 Set proper HTML5 input types in the admin, props georgestephanis, fixes #17863
git-svn-id: https://develop.svn.wordpress.org/trunk@20168 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-10 01:23:48 +00:00