mirror_php/wordpress
1
0
Fork 0
mirror of git://develop.git.wordpress.org/ synced 2025-01-18 05:18:42 +01:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity
33,038 Commits 50 Branches 750 Tags
Commit Graph

33038 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
John Blackbourn
9292420e68 Hardening: Use a properly generated hash for the newbloguser key instead of a determinate substring. 
Merges [42258] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@42284 602fd350-edb4-49c9-b593-d223f7449a82
 2017-11-29 16:26:15 +00:00
Dion Hulse
23a4b44d35 WPDB: Check that AUTH_SALT is not empty, Fix a PHP notice when AUTH_SALT is undefined. 
Props jsonfry, mkomar, pento.
Merges [42119] and [42120] to the 4.4 branch.
Fixes #42431 and #42401 for 4.4.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@42234 602fd350-edb4-49c9-b593-d223f7449a82
 2017-11-27 01:09:38 +00:00
John Blackbourn
cd94945baf General: Remove the version number from the readme file in the 4.4 branch. 
See #42386


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@42103 602fd350-edb4-49c9-b593-d223f7449a82
 2017-10-31 18:07:23 +00:00
Gary Pendergast
ecc013ea94 Bump 4.4 branch to version 4.4.12. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.4@42073 602fd350-edb4-49c9-b593-d223f7449a82
 2017-10-31 13:25:20 +00:00
Gary Pendergast
ad4bd52b18 Database: Restore numbered placeholders in wpdb::prepare(). 
[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.

This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.

Merges [41662], [42056] to the 4.4 branch.
See #41925.



git-svn-id: https://develop.svn.wordpress.org/branches/4.4@42061 602fd350-edb4-49c9-b593-d223f7449a82
 2017-10-31 12:45:48 +00:00
Gary Pendergast
3e606ecd3f Build/Test Tools: Pass correct $message argument to WP_UnitTestCase::setExpectedException() in Tests_Ajax_CompressionTest::test_logged_out() and Tests_Ajax_TagSearch::test_no_results(). 
PHPUnit 6.4.1 and earlier versions ignored the `'0'` value, causing the issue to go unnoticed.

Merge of [41870] to the 4.4 branch.

Props SergeyBiryukov.
Fixes #42232.



git-svn-id: https://develop.svn.wordpress.org/branches/4.4@42055 602fd350-edb4-49c9-b593-d223f7449a82
 2017-10-31 09:13:09 +00:00
Dominik Schilling (ocean90)
3d7914ac8e Taxonomy/Users: Use correct escaping function for URLs. 
Merge of [41522] to the 4.4 branch.

git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41527 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 21:32:43 +00:00
Dominik Schilling (ocean90)
ecb05e589e Bump 4.4 branch to version 4.4.11. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41514 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 20:00:56 +00:00
Aaron D. Campbell
a003655113 Database: Hardening to bring wpdb::prepare() inline with documentation. 
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.

Merges [41496] to 4.4 branch.



git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41501 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 18:14:33 +00:00
Aaron D. Campbell
4ca6de4825 Database: Don’t trigger _doing_it_wrong() for null values in wpdb::prepare(). 
While `wpdb::prepare()` does not support null values (see #12819) they still appear in the wild like in the WordPress Importer and other plugins.

Merges [41483] to 4.4 branch.



git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41488 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 16:22:48 +00:00
Aaron D. Campbell
a577ca8fcd Database: Hardening for wpdb::prepare() 
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.

Merges [41470] to 4.4 branch.



git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41475 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 15:00:28 +00:00
John Blackbourn
16be4fffbf Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues. 
Merges [41457] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41462 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 14:40:54 +00:00
Aaron D. Campbell
edd2fd87fe oEmbed: Add extra hardening around allowed HTML for improved sandboxing. 
Merges [41448] to 4.4 branch.



git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41455 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 13:49:40 +00:00
Dominik Schilling (ocean90)
4bed6cc652 TinyMCE: Improve the previews for shortcodes. 
Merge of [41395] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41439 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 12:40:20 +00:00
John Blackbourn
bcd3697770 General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area. 
Merges [41415] and [41416] into the 4.4 branch.

See #13377


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41434 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 12:12:15 +00:00
Dominik Schilling (ocean90)
895a2d0762 Customize: Ensure valid themes in the preview. 
Merge of [41397] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41433 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 11:49:52 +00:00
Dominik Schilling (ocean90)
25440a3777 Taxonomy/Users: Provide a fallback for incorrect HTTP referrers. 
Merge of [41398] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41421 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 11:10:32 +00:00
Dominik Schilling (ocean90)
fe6d81c151 Editor: Prevent adding javascript: and data: URLs through the inline link dialog. 
Merge of [41393] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41404 602fd350-edb4-49c9-b593-d223f7449a82
 2017-09-19 10:15:06 +00:00
John Blackbourn
70c05ee859 Build/Test tools: Use the latest in the 4.x and 5.x branches of PHPUnit when running tests on Travis for the 4.4 branch. 
See #41472


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41299 602fd350-edb4-49c9-b593-d223f7449a82
 2017-08-22 17:23:17 +00:00
John Blackbourn
8590c4a36e General: Backport PHP 7.1 fixes to the 4.4 branch to avoid fatal errors and warnings. 
See #41135


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41129 602fd350-edb4-49c9-b593-d223f7449a82
 2017-07-24 22:26:59 +00:00
John Blackbourn
243ca779d0 Build: Switch PHP 5.2 to Travis' Ubuntu precise image for the 4.4 branch. 
See #41292


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@41078 602fd350-edb4-49c9-b593-d223f7449a82
 2017-07-18 14:22:40 +00:00
Konstantin Obenland
03191347a6 Import Twenty Sixteen, default theme for 2016. 
See #36497.

Merges [40851] and [40852] to the 4.4 branch.



git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40860 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-31 01:35:16 +00:00
John Blackbourn
4e86ea1315 Build/Test Tools: Remove mentions of HHVM from the test infrastructure on Travis for the 4.4 branch. 
See #40548


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40829 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-24 14:31:00 +00:00
Aaron D. Campbell
e1cfb927ca Bump 4.7 branch to version 4.4.10. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40751 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 21:49:14 +00:00
Pascal Birchler
2e6fed18a1 Media: Simplify upload error message construction. 
Merges [40736] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40740 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 18:01:01 +00:00
Aaron D. Campbell
139c7d37d2 Add nonce for updating file system credentials. 
Merges [40723] to 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40727 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 14:53:10 +00:00
Weston Ruter
a007b519c2 Customize: Fix phpunit tests after [40704] due to logic inversion error. 
Merge of [40716] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40720 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 14:42:55 +00:00
Dominik Schilling (ocean90)
11053225ac Customize: Ignore invalid customization sessions. 
Merge of [40704] to the 4.4 branch.

git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40708 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 12:16:02 +00:00
Pascal Birchler
de2ca4bc1c Adjust post meta checks 
Merges [40692] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40696 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 08:50:29 +00:00
Pascal Birchler
e365469e20 Whitelist post arguments in XML-RPC 
Merges [40677] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40681 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-16 08:19:59 +00:00
Aaron Jorbin
5d882ea65c Build/Test: Post Travis results to Slack from WordPress/wordpress-develop 
Backports [40604] to 4.4

Now that the WordPress/wordpress-develop GitHub repo is syncing correctly, we can use it for Travis integration.

Props jorbin for getting the ball rolling so long ago, unprops jorbin because his Travis build can finally be retired. Props Pento.

See #40712.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40619 602fd350-edb4-49c9-b593-d223f7449a82
 2017-05-11 00:34:27 +00:00
John Blackbourn
dde8391d27 Build/Test Tools: Add Composer files to the cache on Travis. 
The Travis cache is specific to the branch and language version (PHP version), so this should speed up each subsequent build once the cache is primed.

See #40539

Merges [40538] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40550 602fd350-edb4-49c9-b593-d223f7449a82
 2017-04-24 00:43:18 +00:00
Pascal Birchler
2968c6823f Bump 4.4 branch to version 4.4.9. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40490 602fd350-edb4-49c9-b593-d223f7449a82
 2017-04-20 16:23:13 +00:00
Pascal Birchler
21185a8bf9 Fix broken audio/video functions when sanitizing ID3 data 
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

See #40075, #40085.

Merges [40400] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40463 602fd350-edb4-49c9-b593-d223f7449a82
 2017-04-17 13:16:31 +00:00
John Blackbourn
77925cb999 Build/Test tools: Reverse the order in which the Travis jobs run on the 4.4 branch. 
See #39705


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40438 602fd350-edb4-49c9-b593-d223f7449a82
 2017-04-15 17:49:44 +00:00
John Blackbourn
6f9ea59d50 Build/Test tools: Trim the test matrix on Travis in order to speed up the 4.4 branch build. 
This removes all allowed failure jobs, plus PHP 5.3, 5.4, and 5.5 jobs.

See #40407


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40410 602fd350-edb4-49c9-b593-d223f7449a82
 2017-04-10 23:27:10 +00:00
Dominik Schilling (ocean90)
9a934f5df3 Build/Test Tools: Allow Travis CI to cache the node_modules directory. 
Merge of [37058] and [36490] to the 4.4 branch.

See #36291, #36490.

git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40280 602fd350-edb4-49c9-b593-d223f7449a82
 2017-03-11 17:05:40 +00:00
John Blackbourn
f7e33f8208 Build/Test tools: Update .travis.yml to include latest improvements from trunk. 
* Explicitly use PHPUnit 5.7 for the PHP 7 builds on Travis.
* On Travis CI install and use the node version which is specified in package.json.
* Add some more debugging to Travis and bring the format of the Xdebug fix inline with branches.
* Get Travis builds working on HHVM again.

Merges [40255], [40257], [40258], [40259], [40269], and [40271] to the 4.4 branch.

See #35105, #40100


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40276 602fd350-edb4-49c9-b593-d223f7449a82
 2017-03-11 02:26:19 +00:00
John Blackbourn
78223153bd Build/Test tools: In Travis, skip some tests when not on trunk. 
This skips time sensitive tests (copyright year and PHP/MySQL version requirements) when tests are run on branches on Travis.

Props netweb, jorbin

Fixes #39486

Merges [40241] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40243 602fd350-edb4-49c9-b593-d223f7449a82
 2017-03-08 00:31:45 +00:00
John Blackbourn
96d4ed69eb Build/Test Tools: Disable Xdebug when testing on Travis to increase performance. 
See #39978


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40228 602fd350-edb4-49c9-b593-d223f7449a82
 2017-03-07 01:09:00 +00:00
James Nylen
a0086e06fe Bump 4.4 branch to version 4.4.8. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40205 602fd350-edb4-49c9-b593-d223f7449a82
 2017-03-06 16:22:08 +00:00
John Blackbourn
71b3edc04d Press This: Verify intent before fetching in-page resources using Press This. 
Props vortfu

Merges [40195] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40199 602fd350-edb4-49c9-b593-d223f7449a82
 2017-03-06 14:01:39 +00:00
Aaron D. Campbell
68cd7a8d08 Strip control characters before validating redirect. 
Merges [40183] to 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40187 602fd350-edb4-49c9-b593-d223f7449a82
 2017-03-06 13:41:23 +00:00
Aaron D. Campbell
dd47c23f90 Plugins: Add file check to plugin deletions. 
Merges [40169] to 4.4 branch.



git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40173 602fd350-edb4-49c9-b593-d223f7449a82
 2017-03-06 13:00:17 +00:00
Dominik Schilling (ocean90)
b83078adfd Embeds: URL encode YouTube video IDs for broader compatibility. 
Merge of [40160] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40164 602fd350-edb4-49c9-b593-d223f7449a82
 2017-03-06 12:04:45 +00:00
Jeremy Felt
f1a6970d09 Validate video and audio metadata. 
Merge of [40148] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@40152 602fd350-edb4-49c9-b593-d223f7449a82
 2017-03-06 08:06:56 +00:00
Aaron D. Campbell
91ff389683 Bump 4.4 branch to version 4.4.7. 
git-svn-id: https://develop.svn.wordpress.org/branches/4.4@39999 602fd350-edb4-49c9-b593-d223f7449a82
 2017-01-26 18:22:04 +00:00
John Blackbourn
bbf81aa185 Posts, Post Types: When using Excerpt mode on the Posts list table, ensure the excerpt output matches what was manually entered into the Excerpt field. 
Merges [39956] to the 4.4 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.4@39980 602fd350-edb4-49c9-b593-d223f7449a82
 2017-01-26 14:12:00 +00:00
Dominik Schilling (ocean90)
df7a25c41e Press This: Do not show Categories & Tags UI for users who cannot assign terms to posts anyways. 
Merge of [39968] to the 4.4 branch.

git-svn-id: https://develop.svn.wordpress.org/branches/4.4@39973 602fd350-edb4-49c9-b593-d223f7449a82
 2017-01-26 14:10:15 +00:00
Dominik Schilling (ocean90)
fa1dd8efbe Query: Ensure that queries work correctly with post type names with special characters. 
Merge of [39952] to the 4.4 branch.

git-svn-id: https://develop.svn.wordpress.org/branches/4.4@39959 602fd350-edb4-49c9-b593-d223f7449a82
 2017-01-26 13:49:28 +00:00