Ticket #54182: 54182.2.diff
| File 54182.2.diff, 23.8 KB (added by , 4 years ago) |
|---|
-
src/wp-admin/admin-ajax.php
diff --git a/src/wp-admin/admin-ajax.php b/src/wp-admin/admin-ajax.php index 087a11993d..6901226ffb 100644
a b add_action( 'wp_ajax_nopriv_generate-password', 'wp_ajax_nopriv_generate_passwor 168 168 169 169 add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 ); 170 170 171 $action = ( isset( $_REQUEST['action'] ) ) ? $_REQUEST['action']: '';171 $action = ( isset( $_REQUEST['action'] ) ) ? wp_unslash( $_REQUEST['action'] ) : ''; 172 172 173 173 if ( is_user_logged_in() ) { 174 174 // If no action is registered, return a Bad Request response. -
src/wp-admin/admin-post.php
diff --git a/src/wp-admin/admin-post.php b/src/wp-admin/admin-post.php index 803a00652c..13b32ddf26 100644
a b nocache_headers(); 29 29 /** This action is documented in wp-admin/admin.php */ 30 30 do_action( 'admin_init' ); 31 31 32 $action = empty( $_REQUEST['action'] ) ? '' : $_REQUEST['action'];32 $action = empty( $_REQUEST['action'] ) ? '' : wp_unslash( $_REQUEST['action'] ); 33 33 34 34 if ( ! is_user_logged_in() ) { 35 35 if ( empty( $action ) ) { -
src/wp-admin/admin.php
diff --git a/src/wp-admin/admin.php b/src/wp-admin/admin.php index d06890259e..8a6e700ec8 100644
a b if ( isset( $plugin_page ) ) { 406 406 } 407 407 408 408 if ( ! empty( $_REQUEST['action'] ) ) { 409 $action = $_REQUEST['action'];409 $action = wp_unslash( $_REQUEST['action'] ); 410 410 411 411 /** 412 412 * Fires when an 'action' request variable is sent. -
src/wp-admin/async-upload.php
diff --git a/src/wp-admin/async-upload.php b/src/wp-admin/async-upload.php index d152673f69..b799a28209 100644
a b 6 6 * @subpackage Administration 7 7 */ 8 8 9 if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action']) {9 if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === wp_unslash( $_REQUEST['action'] ) ) { 10 10 define( 'DOING_AJAX', true ); 11 11 } 12 12 … … require_once ABSPATH . 'wp-admin/admin.php'; 24 24 25 25 header( 'Content-Type: text/plain; charset=' . get_option( 'blog_charset' ) ); 26 26 27 if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === $_REQUEST['action']) {27 if ( isset( $_REQUEST['action'] ) && 'upload-attachment' === wp_unslash( $_REQUEST['action'] ) ) { 28 28 require ABSPATH . 'wp-admin/includes/ajax-actions.php'; 29 29 30 30 send_nosniff_header(); -
src/wp-admin/authorize-application.php
diff --git a/src/wp-admin/authorize-application.php b/src/wp-admin/authorize-application.php index d4104297ef..1d56b47e7d 100644
a b require_once ABSPATH . 'wp-admin/admin-header.php'; 225 225 226 226 <div class="form-field"> 227 227 <label for="app_name"><?php _e( 'New Application Password Name' ); ?></label> 228 <input type="text" id="app_name" name="app_name" value="<?php echo esc_attr( $app_name ); ?>" required />228 <input type="text" id="app_name" name="app_name" value="<?php echo esc_attr( $app_name ); ?>" placeholder="<?php esc_attr_e( 'WordPress App on My Phone' ); ?>" required /> 229 229 </div> 230 230 231 231 <?php -
src/wp-admin/edit-comments.php
diff --git a/src/wp-admin/edit-comments.php b/src/wp-admin/edit-comments.php index f54d0abd8f..0622fcf76d 100644
a b if ( $doaction ) { 30 30 $comment_ids = $wpdb->get_col( $wpdb->prepare( "SELECT comment_ID FROM $wpdb->comments WHERE comment_approved = %s AND %s > comment_date_gmt", $comment_status, $delete_time ) ); 31 31 $doaction = 'delete'; 32 32 } elseif ( isset( $_REQUEST['delete_comments'] ) ) { 33 $comment_ids = $_REQUEST['delete_comments'];34 $doaction = $_REQUEST['action'];33 $comment_ids = wp_unslash( $_REQUEST['delete_comments'] ); 34 $doaction = wp_unslash( $_REQUEST['action'] ); 35 35 } elseif ( isset( $_REQUEST['ids'] ) ) { 36 36 $comment_ids = array_map( 'absint', explode( ',', $_REQUEST['ids'] ) ); 37 37 } elseif ( wp_get_referer() ) { -
src/wp-admin/includes/class-wp-list-table.php
diff --git a/src/wp-admin/includes/class-wp-list-table.php b/src/wp-admin/includes/class-wp-list-table.php index 2cae7f695a..e65ca0cf16 100644
a b class WP_List_Table { 527 527 } 528 528 529 529 if ( isset( $_REQUEST['action'] ) && -1 != $_REQUEST['action'] ) { 530 return $_REQUEST['action'];530 return wp_unslash( $_REQUEST['action'] ); 531 531 } 532 532 533 533 return false; -
src/wp-admin/includes/class-wp-terms-list-table.php
diff --git a/src/wp-admin/includes/class-wp-terms-list-table.php b/src/wp-admin/includes/class-wp-terms-list-table.php index e905749088..ea39722319 100644
a b class WP_Terms_List_Table extends WP_List_Table { 171 171 * @return string 172 172 */ 173 173 public function current_action() { 174 if ( isset( $_REQUEST['action'] ) && isset( $_REQUEST['delete_tags'] ) && 'delete' === $_REQUEST['action']) {174 if ( isset( $_REQUEST['action'] ) && isset( $_REQUEST['delete_tags'] ) && 'delete' === wp_unslash( $_REQUEST['action'] ) ) { 175 175 return 'bulk-delete'; 176 176 } 177 177 -
src/wp-admin/nav-menus.php
diff --git a/src/wp-admin/nav-menus.php b/src/wp-admin/nav-menus.php index d340fb6b67..3ea73c7019 100644
a b $menu_locations = get_nav_menu_locations(); 49 49 $num_locations = count( array_keys( $locations ) ); 50 50 51 51 // Allowed actions: add, update, delete. 52 $action = isset( $_REQUEST['action'] ) ? $_REQUEST['action']: 'edit';52 $action = isset( $_REQUEST['action'] ) ? wp_unslash( $_REQUEST['action'] ) : 'edit'; 53 53 54 54 /* 55 55 * If a JSON blob of navigation menu data is found, expand it and inject it -
src/wp-admin/network/site-info.php
diff --git a/src/wp-admin/network/site-info.php b/src/wp-admin/network/site-info.php index b99f35ab20..3da72f5eb7 100644
a b if ( ! can_edit_network( $details->site_id ) ) { 35 35 $parsed_scheme = parse_url( $details->siteurl, PHP_URL_SCHEME ); 36 36 $is_main_site = is_main_site( $id ); 37 37 38 if ( isset( $_REQUEST['action'] ) && 'update-site' === $_REQUEST['action']) {38 if ( isset( $_REQUEST['action'] ) && 'update-site' === wp_unslash( $_REQUEST['action'] ) ) { 39 39 check_admin_referer( 'edit-site' ); 40 40 41 41 switch_to_blog( $id ); -
src/wp-admin/network/site-new.php
diff --git a/src/wp-admin/network/site-new.php b/src/wp-admin/network/site-new.php index ac466db9a9..bf4326512a 100644
a b get_current_screen()->set_help_sidebar( 33 33 '<p>' . __( '<a href="https://wordpress.org/support/forum/multisite/">Support Forums</a>' ) . '</p>' 34 34 ); 35 35 36 if ( isset( $_REQUEST['action'] ) && 'add-site' === $_REQUEST['action']) {36 if ( isset( $_REQUEST['action'] ) && 'add-site' === wp_unslash( $_REQUEST['action'] ) ) { 37 37 check_admin_referer( 'add-blog', '_wpnonce_add-blog' ); 38 38 39 39 if ( ! is_array( $_POST['blog'] ) ) { -
src/wp-admin/network/site-settings.php
diff --git a/src/wp-admin/network/site-settings.php b/src/wp-admin/network/site-settings.php index b669a5103f..9f4f8e4cd7 100644
a b if ( ! can_edit_network( $details->site_id ) ) { 34 34 35 35 $is_main_site = is_main_site( $id ); 36 36 37 if ( isset( $_REQUEST['action'] ) && 'update-site' === $_REQUEST['action']&& is_array( $_POST['option'] ) ) {37 if ( isset( $_REQUEST['action'] ) && 'update-site' === wp_unslash( $_REQUEST['action'] ) && is_array( $_POST['option'] ) ) { 38 38 check_admin_referer( 'edit-site' ); 39 39 40 40 switch_to_blog( $id ); -
src/wp-admin/network/user-new.php
diff --git a/src/wp-admin/network/user-new.php b/src/wp-admin/network/user-new.php index c881dff2ac..17e0a44531 100644
a b get_current_screen()->set_help_sidebar( 30 30 '<p>' . __( '<a href="https://wordpress.org/support/forum/multisite/">Support Forums</a>' ) . '</p>' 31 31 ); 32 32 33 if ( isset( $_REQUEST['action'] ) && 'add-user' === $_REQUEST['action']) {33 if ( isset( $_REQUEST['action'] ) && 'add-user' === wp_unslash( $_REQUEST['action'] ) ) { 34 34 check_admin_referer( 'add-user', '_wpnonce_add-user' ); 35 35 36 36 if ( ! current_user_can( 'manage_network_users' ) ) { -
src/wp-admin/update.php
diff --git a/src/wp-admin/update.php b/src/wp-admin/update.php index a4a2abf8db..165476bad7 100644
a b wp_enqueue_script( 'wp-a11y' ); 22 22 if ( isset( $_GET['action'] ) ) { 23 23 $plugin = isset( $_REQUEST['plugin'] ) ? trim( $_REQUEST['plugin'] ) : ''; 24 24 $theme = isset( $_REQUEST['theme'] ) ? urldecode( $_REQUEST['theme'] ) : ''; 25 $action = isset( $_REQUEST['action'] ) ? $_REQUEST['action']: '';25 $action = isset( $_REQUEST['action'] ) ? wp_unslash( $_REQUEST['action'] ) : ''; 26 26 27 27 if ( 'update-selected' === $action ) { 28 28 if ( ! current_user_can( 'update_plugins' ) ) { -
src/wp-admin/user-edit.php
diff --git a/src/wp-admin/user-edit.php b/src/wp-admin/user-edit.php index 30bc5c8e46..9485aab20f 100644
a b endif; 767 767 <div class="create-application-password form-wrap"> 768 768 <div class="form-field"> 769 769 <label for="new_application_password_name"><?php _e( 'New Application Password Name' ); ?></label> 770 <input type="text" size="30" id="new_application_password_name" name="new_application_password_name" class="input" aria-required="true" aria-describedby="new_application_password_name_desc" />770 <input type="text" size="30" id="new_application_password_name" name="new_application_password_name" placeholder="<?php esc_attr_e( 'WordPress App on My Phone' ); ?>" class="input" aria-required="true" aria-describedby="new_application_password_name_desc" /> 771 771 <p class="description" id="new_application_password_name_desc"><?php _e( 'Required to create an Application Password, but not to update the user.' ); ?></p> 772 772 </div> 773 773 -
src/wp-admin/user-new.php
diff --git a/src/wp-admin/user-new.php b/src/wp-admin/user-new.php index 26da6a0ec4..10ab185e44 100644
a b if ( is_multisite() ) { 29 29 add_filter( 'wpmu_signup_user_notification_email', 'admin_created_user_email' ); 30 30 } 31 31 32 if ( isset( $_REQUEST['action'] ) && 'adduser' === $_REQUEST['action']) {32 if ( isset( $_REQUEST['action'] ) && 'adduser' === wp_unslash( $_REQUEST['action'] ) ) { 33 33 check_admin_referer( 'add-user', '_wpnonce_add-user' ); 34 34 35 35 $user_details = null; … … Please click the following link to confirm the invite: 174 174 } 175 175 wp_redirect( $redirect ); 176 176 die(); 177 } elseif ( isset( $_REQUEST['action'] ) && 'createuser' === $_REQUEST['action']) {177 } elseif ( isset( $_REQUEST['action'] ) && 'createuser' === wp_unslash( $_REQUEST['action'] ) ) { 178 178 check_admin_referer( 'create-user', '_wpnonce_create-user' ); 179 179 180 180 if ( ! current_user_can( 'create_users' ) ) { -
src/wp-content/themes/twentytwenty/classes/class-twentytwenty-non-latin-languages.php
diff --git a/src/wp-content/themes/twentytwenty/classes/class-twentytwenty-non-latin-languages.php b/src/wp-content/themes/twentytwenty/classes/class-twentytwenty-non-latin-languages.php index 0c4951ef48..a0845a4a70 100644
a b if ( ! class_exists( 'TwentyTwenty_Non_Latin_Languages' ) ) { 118 118 $elements = apply_filters( 119 119 'twentytwenty_get_localized_font_family_elements', 120 120 array( 121 'front-end' => array( 'body', 'input', 'textarea', 'button', '.button', '.faux-button', '.wp-block-button__link', '.wp-block-file__button', '.has-drop-cap:not(:focus)::first-letter', '. entry-content .wp-block-archives', '.entry-content .wp-block-categories', '.entry-content .wp-block-cover-image', '.entry-content .wp-block-latest-comments', '.entry-content .wp-block-latest-posts', '.entry-content .wp-block-pullquote', '.entry-content .wp-block-quote.is-large', '.entry-content .wp-block-quote.is-style-large', '.entry-content .wp-block-archives *', '.entry-content .wp-block-categories *', '.entry-content .wp-block-latest-posts *', '.entry-content .wp-block-latest-comments *', '.entry-content p', '.entry-content ol', '.entry-content ul', '.entry-content dl', '.entry-content dt', '.entry-content cite', '.entry-content figcaption', '.entry-content .wp-caption-text', '.comment-content p', '.comment-content ol', '.comment-content ul', '.comment-content dl', '.comment-content dt', '.comment-content cite', '.comment-content figcaption', '.comment-content .wp-caption-text', '.widget_text p', '.widget_text ol', '.widget_text ul', '.widget_text dl', '.widget_text dt', '.widget-content .rssSummary', '.widget-content cite', '.widget-content figcaption', '.widget-content .wp-caption-text' ),121 'front-end' => array( 'body', 'input', 'textarea', 'button', '.button', '.faux-button', '.wp-block-button__link', '.wp-block-file__button', '.has-drop-cap:not(:focus)::first-letter', '.has-drop-cap:not(:focus)::first-letter', '.entry-content .wp-block-archives', '.entry-content .wp-block-categories', '.entry-content .wp-block-cover-image', '.entry-content .wp-block-latest-comments', '.entry-content .wp-block-latest-posts', '.entry-content .wp-block-pullquote', '.entry-content .wp-block-quote.is-large', '.entry-content .wp-block-quote.is-style-large', '.entry-content .wp-block-archives *', '.entry-content .wp-block-categories *', '.entry-content .wp-block-latest-posts *', '.entry-content .wp-block-latest-comments *', '.entry-content p', '.entry-content ol', '.entry-content ul', '.entry-content dl', '.entry-content dt', '.entry-content cite', '.entry-content figcaption', '.entry-content .wp-caption-text', '.comment-content p', '.comment-content ol', '.comment-content ul', '.comment-content dl', '.comment-content dt', '.comment-content cite', '.comment-content figcaption', '.comment-content .wp-caption-text', '.widget_text p', '.widget_text ol', '.widget_text ul', '.widget_text dl', '.widget_text dt', '.widget-content .rssSummary', '.widget-content cite', '.widget-content figcaption', '.widget-content .wp-caption-text' ), 122 122 'block-editor' => array( '.editor-styles-wrapper > *', '.editor-styles-wrapper p', '.editor-styles-wrapper ol', '.editor-styles-wrapper ul', '.editor-styles-wrapper dl', '.editor-styles-wrapper dt', '.editor-post-title__block .editor-post-title__input', '.editor-styles-wrapper .wp-block h1', '.editor-styles-wrapper .wp-block h2', '.editor-styles-wrapper .wp-block h3', '.editor-styles-wrapper .wp-block h4', '.editor-styles-wrapper .wp-block h5', '.editor-styles-wrapper .wp-block h6', '.editor-styles-wrapper .has-drop-cap:not(:focus)::first-letter', '.editor-styles-wrapper cite', '.editor-styles-wrapper figcaption', '.editor-styles-wrapper .wp-caption-text' ), 123 123 'classic-editor' => array( 'body#tinymce.wp-editor', 'body#tinymce.wp-editor p', 'body#tinymce.wp-editor ol', 'body#tinymce.wp-editor ul', 'body#tinymce.wp-editor dl', 'body#tinymce.wp-editor dt', 'body#tinymce.wp-editor figcaption', 'body#tinymce.wp-editor .wp-caption-text', 'body#tinymce.wp-editor .wp-caption-dd', 'body#tinymce.wp-editor cite', 'body#tinymce.wp-editor table' ), 124 124 ) -
src/wp-content/themes/twentytwentyone/inc/template-functions.php
diff --git a/src/wp-content/themes/twentytwentyone/inc/template-functions.php b/src/wp-content/themes/twentytwentyone/inc/template-functions.php index 2bee7d6f95..839a77a368 100644
a b function twenty_twenty_one_get_non_latin_css( $type = 'front-end' ) { 315 315 $elements = apply_filters( 316 316 'twenty_twenty_one_get_localized_font_family_elements', 317 317 array( 318 'front-end' => array( 'body', 'input', 'textarea', 'button', '.button', '.faux-button', '.wp-block-button__link', '.wp-block-file__button', '.has-drop-cap:not(:focus)::first-letter', '. entry-content .wp-block-archives', '.entry-content .wp-block-categories', '.entry-content .wp-block-cover-image', '.entry-content .wp-block-latest-comments', '.entry-content .wp-block-latest-posts', '.entry-content .wp-block-pullquote', '.entry-content .wp-block-quote.is-large', '.entry-content .wp-block-quote.is-style-large', '.entry-content .wp-block-archives *', '.entry-content .wp-block-categories *', '.entry-content .wp-block-latest-posts *', '.entry-content .wp-block-latest-comments *', '.entry-content p', '.entry-content ol', '.entry-content ul', '.entry-content dl', '.entry-content dt', '.entry-content cite', '.entry-content figcaption', '.entry-content .wp-caption-text', '.comment-content p', '.comment-content ol', '.comment-content ul', '.comment-content dl', '.comment-content dt', '.comment-content cite', '.comment-content figcaption', '.comment-content .wp-caption-text', '.widget_text p', '.widget_text ol', '.widget_text ul', '.widget_text dl', '.widget_text dt', '.widget-content .rssSummary', '.widget-content cite', '.widget-content figcaption', '.widget-content .wp-caption-text' ),318 'front-end' => array( 'body', 'input', 'textarea', 'button', '.button', '.faux-button', '.wp-block-button__link', '.wp-block-file__button', '.has-drop-cap:not(:focus)::first-letter', '.has-drop-cap:not(:focus)::first-letter', '.entry-content .wp-block-archives', '.entry-content .wp-block-categories', '.entry-content .wp-block-cover-image', '.entry-content .wp-block-latest-comments', '.entry-content .wp-block-latest-posts', '.entry-content .wp-block-pullquote', '.entry-content .wp-block-quote.is-large', '.entry-content .wp-block-quote.is-style-large', '.entry-content .wp-block-archives *', '.entry-content .wp-block-categories *', '.entry-content .wp-block-latest-posts *', '.entry-content .wp-block-latest-comments *', '.entry-content p', '.entry-content ol', '.entry-content ul', '.entry-content dl', '.entry-content dt', '.entry-content cite', '.entry-content figcaption', '.entry-content .wp-caption-text', '.comment-content p', '.comment-content ol', '.comment-content ul', '.comment-content dl', '.comment-content dt', '.comment-content cite', '.comment-content figcaption', '.comment-content .wp-caption-text', '.widget_text p', '.widget_text ol', '.widget_text ul', '.widget_text dl', '.widget_text dt', '.widget-content .rssSummary', '.widget-content cite', '.widget-content figcaption', '.widget-content .wp-caption-text' ), 319 319 'block-editor' => array( '.editor-styles-wrapper > *', '.editor-styles-wrapper p', '.editor-styles-wrapper ol', '.editor-styles-wrapper ul', '.editor-styles-wrapper dl', '.editor-styles-wrapper dt', '.editor-post-title__block .editor-post-title__input', '.editor-styles-wrapper .wp-block h1', '.editor-styles-wrapper .wp-block h2', '.editor-styles-wrapper .wp-block h3', '.editor-styles-wrapper .wp-block h4', '.editor-styles-wrapper .wp-block h5', '.editor-styles-wrapper .wp-block h6', '.editor-styles-wrapper .has-drop-cap:not(:focus)::first-letter', '.editor-styles-wrapper cite', '.editor-styles-wrapper figcaption', '.editor-styles-wrapper .wp-caption-text' ), 320 320 'classic-editor' => array( 'body#tinymce.wp-editor', 'body#tinymce.wp-editor p', 'body#tinymce.wp-editor ol', 'body#tinymce.wp-editor ul', 'body#tinymce.wp-editor dl', 'body#tinymce.wp-editor dt', 'body#tinymce.wp-editor figcaption', 'body#tinymce.wp-editor .wp-caption-text', 'body#tinymce.wp-editor .wp-caption-dd', 'body#tinymce.wp-editor cite', 'body#tinymce.wp-editor table' ), 321 321 ) -
src/wp-includes/class-http.php
diff --git a/src/wp-includes/class-http.php b/src/wp-includes/class-http.php index d998d30e0d..861d1d0e4b 100644
a b class WP_Http { 881 881 $home = parse_url( get_option( 'siteurl' ) ); 882 882 883 883 // Don't block requests back to ourselves by default. 884 if ( 'localhost' === $check['host'] || ( isset( $home['host'] ) && $home['host'] == =$check['host'] ) ) {884 if ( 'localhost' === $check['host'] || ( isset( $home['host'] ) && $home['host'] == $check['host'] ) ) { 885 885 /** 886 886 * Filters whether to block local HTTP API requests. 887 887 * -
src/wp-includes/class-wp-admin-bar.php
diff --git a/src/wp-includes/class-wp-admin-bar.php b/src/wp-includes/class-wp-admin-bar.php index 2d8814e590..7d3470f538 100644
a b class WP_Admin_Bar { 18 18 public $user; 19 19 20 20 /** 21 * @since 3.3.022 *23 21 * @param string $name 24 22 * @return string|array|void 25 23 */ … … class WP_Admin_Bar { 35 33 } 36 34 37 35 /** 38 * Initializes the admin bar.39 *40 * @since 3.1.041 36 */ 42 37 public function initialize() { 43 38 $this->user = new stdClass; … … class WP_Admin_Bar { 87 82 } 88 83 89 84 /** 90 * Add s a node (menu item) to the admin bar menu.85 * Add a node (menu item) to the Admin Bar menu. 91 86 * 92 87 * @since 3.3.0 93 88 * … … class WP_Admin_Bar { 98 93 } 99 94 100 95 /** 101 * Remove sa node from the admin bar.96 * Remove a node from the admin bar. 102 97 * 103 98 * @since 3.1.0 104 99 * … … class WP_Admin_Bar { 184 179 } 185 180 186 181 /** 187 * @since 3.3.0188 *189 182 * @param array $args 190 183 */ 191 184 final protected function _set_node( $args ) { … … class WP_Admin_Bar { 195 188 /** 196 189 * Gets a node. 197 190 * 198 * @since 3.3.0199 *200 191 * @param string $id 201 192 * @return object|void Node. 202 193 */ … … class WP_Admin_Bar { 208 199 } 209 200 210 201 /** 211 * @since 3.3.0212 *213 202 * @param string $id 214 203 * @return object|void 215 204 */ … … class WP_Admin_Bar { 228 217 } 229 218 230 219 /** 231 * @since 3.3.0232 *233 220 * @return array|void 234 221 */ 235 222 final public function get_nodes() { … … class WP_Admin_Bar { 245 232 } 246 233 247 234 /** 248 * @since 3.3.0249 *250 235 * @return array|void 251 236 */ 252 237 final protected function _get_nodes() { … … class WP_Admin_Bar { 258 243 } 259 244 260 245 /** 261 * Add sa group to a toolbar menu node.246 * Add a group to a toolbar menu node. 262 247 * 263 248 * Groups can be used to organize toolbar items into distinct sections of a toolbar menu. 264 249 * … … class WP_Admin_Bar { 282 267 /** 283 268 * Remove a node. 284 269 * 285 * @since 3.1.0286 *287 270 * @param string $id The ID of the item. 288 271 */ 289 272 public function remove_node( $id ) { … … class WP_Admin_Bar { 291 274 } 292 275 293 276 /** 294 * @since 3.3.0295 *296 277 * @param string $id 297 278 */ 298 279 final protected function _unset_node( $id ) { … … class WP_Admin_Bar { 300 281 } 301 282 302 283 /** 303 * @since 3.1.0304 284 */ 305 285 public function render() { 306 286 $root = $this->_bind(); … … class WP_Admin_Bar { 310 290 } 311 291 312 292 /** 313 * @since 3.3.0314 *315 293 * @return object|void 316 294 */ 317 295 final protected function _bind() { … … class WP_Admin_Bar { 448 426 } 449 427 450 428 /** 451 * @since 3.3.0452 *453 429 * @param object $root 454 430 */ 455 431 final protected function _render( $root ) { … … class WP_Admin_Bar { 481 457 } 482 458 483 459 /** 484 * @since 3.3.0485 *486 460 * @param object $node 487 461 */ 488 462 final protected function _render_container( $node ) { … … class WP_Admin_Bar { 498 472 } 499 473 500 474 /** 501 * @since 3.3.0502 *503 475 * @param object $node 504 476 */ 505 477 final protected function _render_group( $node ) { … … class WP_Admin_Bar { 525 497 } 526 498 527 499 /** 528 * @since 3.3.0529 *530 500 * @param object $node 531 501 */ 532 502 final protected function _render_item( $node ) { … … class WP_Admin_Bar { 626 596 } 627 597 628 598 /** 629 * Adds menus to the admin bar.630 *631 * @since 3.1.0632 599 */ 633 600 public function add_menus() { 634 601 // User-related, aligned right. -
src/wp-includes/class-wp-http-ixr-client.php
diff --git a/src/wp-includes/class-wp-http-ixr-client.php b/src/wp-includes/class-wp-http-ixr-client.php index fef16e831d..5de31618fa 100644
a b class WP_HTTP_IXR_Client extends IXR_Client { 97 97 return false; 98 98 } 99 99 100 if ( 200 != =wp_remote_retrieve_response_code( $response ) ) {100 if ( 200 != wp_remote_retrieve_response_code( $response ) ) { 101 101 $this->error = new IXR_Error( -32301, 'transport error - HTTP status code was not 200 (' . wp_remote_retrieve_response_code( $response ) . ')' ); 102 102 return false; 103 103 } -
src/wp-login.php
diff --git a/src/wp-login.php b/src/wp-login.php index 0d030863ed..5c8642d74c 100644
a b function wp_login_viewport_meta() { 364 364 // Main. 365 365 // 366 366 367 $action = isset( $_REQUEST['action'] ) ? $_REQUEST['action']: 'login';367 $action = isset( $_REQUEST['action'] ) ? wp_unslash( $_REQUEST['action'] ) : 'login'; 368 368 $errors = new WP_Error(); 369 369 370 370 if ( isset( $_GET['key'] ) ) {