Changeset 49400 for branches/4.6
- Timestamp:
- 10/29/2020 06:59:47 PM (4 years ago)
- Location:
- branches/4.6
- Files:
-
- 1 added
- 16 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.6
- Property svn:mergeinfo changed
/branches/5.5 (added) merged: 49373-49379,49381 /trunk merged: 49380,49382-49388
- Property svn:mergeinfo changed
-
branches/4.6/src/wp-admin/admin-header.php
r37560 r49400 71 71 ?> 72 72 <script type="text/javascript"> 73 addLoadEvent = function(func){if(typeof jQuery!= "undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};74 var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative'); ?>',75 pagenow = '<?php echo $current_screen->id; ?>',76 typenow = '<?php echo $current_screen->post_type; ?>',77 adminpage = '<?php echo $admin_body_class; ?>',78 thousandsSeparator = '<?php echo addslashes( $wp_locale->number_format['thousands_sep'] ); ?>',79 decimalPoint = '<?php echo addslashes( $wp_locale->number_format['decimal_point'] ); ?>',73 addLoadEvent = function(func){if(typeof jQuery!=='undefined')jQuery(document).ready(func);else if(typeof wpOnload!=='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}}; 74 var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>', 75 pagenow = '<?php echo esc_js( $current_screen->id ); ?>', 76 typenow = '<?php echo esc_js( $current_screen->post_type ); ?>', 77 adminpage = '<?php echo esc_js( $admin_body_class ); ?>', 78 thousandsSeparator = '<?php echo esc_js( $wp_locale->number_format['thousands_sep'] ); ?>', 79 decimalPoint = '<?php echo esc_js( $wp_locale->number_format['decimal_point'] ); ?>', 80 80 isRtl = <?php echo (int) is_rtl(); ?>; 81 81 </script> -
branches/4.6/src/wp-admin/custom-background.php
r38028 r49400 465 465 */ 466 466 public function wp_set_background_image() { 467 check_ajax_referer( 'custom-background' ); 467 468 if ( ! current_user_can('edit_theme_options') || ! isset( $_POST['attachment_id'] ) ) exit; 468 469 $attachment_id = absint($_POST['attachment_id']); -
branches/4.6/src/wp-admin/custom-header.php
r37914 r49400 327 327 <script type="text/javascript"> 328 328 (function($){ 329 var default_color = '<?php echo $default_color; ?>',329 var default_color = '<?php echo esc_js( $default_color ); ?>', 330 330 header_text_fields; 331 331 -
branches/4.6/src/wp-admin/includes/media.php
r47974 r49400 465 465 <script type="text/javascript"> 466 466 addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}}; 467 var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative'); ?>', pagenow = 'media-upload-popup', adminpage = 'media-upload-popup',467 var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>', pagenow = 'media-upload-popup', adminpage = 'media-upload-popup', 468 468 isRtl = <?php echo (int) is_rtl(); ?>; 469 469 </script> -
branches/4.6/src/wp-admin/includes/ms.php
r38024 r49400 894 894 ?> 895 895 <script type="text/javascript"> 896 var tb_pathToImage = "<?php echo includes_url( 'js/thickbox/loadingAnimation.gif', 'relative'); ?>";896 var tb_pathToImage = "<?php echo esc_js( includes_url( 'js/thickbox/loadingAnimation.gif', 'relative' ) ); ?>"; 897 897 </script> 898 898 <?php -
branches/4.6/src/wp-admin/includes/template.php
r41414 r49400 1593 1593 addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}}; 1594 1594 function tb_close(){var win=window.dialogArguments||opener||parent||top;win.tb_remove();} 1595 var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative'); ?>',1596 pagenow = '<?php echo $current_screen->id; ?>',1597 typenow = '<?php echo $current_screen->post_type; ?>',1598 adminpage = '<?php echo $admin_body_class; ?>',1599 thousandsSeparator = '<?php echo addslashes( $wp_locale->number_format['thousands_sep'] ); ?>',1600 decimalPoint = '<?php echo addslashes( $wp_locale->number_format['decimal_point'] ); ?>',1595 var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>', 1596 pagenow = '<?php echo esc_js( $current_screen->id ); ?>', 1597 typenow = '<?php echo esc_js( $current_screen->post_type ); ?>', 1598 adminpage = '<?php echo esc_js( $admin_body_class ); ?>', 1599 thousandsSeparator = '<?php echo esc_js( $wp_locale->number_format['thousands_sep'] ); ?>', 1600 decimalPoint = '<?php echo esc_js( $wp_locale->number_format['decimal_point'] ); ?>', 1601 1601 isRtl = <?php echo (int) is_rtl(); ?>; 1602 1602 </script> -
branches/4.6/src/wp-admin/js/custom-background.js
r26158 r49400 57 57 // Grab the selected attachment. 58 58 var attachment = frame.state().get('selection').first(); 59 var nonceValue = $( '#_wpnonce' ).val() || ''; 59 60 60 61 // Run an AJAX request to set the background image. … … 62 63 action: 'set-background-image', 63 64 attachment_id: attachment.id, 65 _ajax_nonce: nonceValue, 64 66 size: 'full' 65 67 }).done( function() { -
branches/4.6/src/wp-admin/js/media-gallery.js
r26232 r49400 2 2 jQuery(function($){ 3 3 $( 'body' ).bind( 'click.wp-gallery', function(e){ 4 var target = $( e.target ), id, img_size ;4 var target = $( e.target ), id, img_size, nonceValue; 5 5 6 6 if ( target.hasClass( 'wp-set-header' ) ) { … … 10 10 id = target.data( 'attachment-id' ); 11 11 img_size = $( 'input[name="attachments[' + id + '][image-size]"]:checked').val(); 12 nonceValue = $( '#_wpnonce' ).val() && ''; 12 13 13 14 jQuery.post(ajaxurl, { 14 15 action: 'set-background-image', 15 16 attachment_id: id, 17 _ajax_nonce: nonceValue, 16 18 size: img_size 17 19 }, function(){ -
branches/4.6/src/wp-admin/media-new.php
r37914 r49400 73 73 74 74 <script type="text/javascript"> 75 var post_id = <?php echo $post_id; ?>, shortform = 3;75 var post_id = <?php echo absint( $post_id ); ?>, shortform = 3; 76 76 </script> 77 <input type="hidden" name="post_id" id="post_id" value="<?php echo $post_id; ?>" />77 <input type="hidden" name="post_id" id="post_id" value="<?php echo absint( $post_id ); ?>" /> 78 78 <?php wp_nonce_field('media-form'); ?> 79 79 <div id="media-items" class="hide-if-no-js"></div> -
branches/4.6/src/wp-admin/network/site-users.php
r37914 r49400 198 198 199 199 <script type="text/javascript"> 200 var current_site_id = <?php echo $id; ?>;200 var current_site_id = <?php echo absint( $id ); ?>; 201 201 </script> 202 202 -
branches/4.6/src/wp-includes/Requests/Utility/FilteredIterator.php
r37428 r49400 43 43 return $value; 44 44 } 45 45 46 } -
branches/4.6/src/wp-includes/class-wp-xmlrpc-server.php
r40694 r49400 3574 3574 } 3575 3575 3576 if ( 3577 'publish' === get_post_status( $post_id ) && 3578 ! current_user_can( 'edit_post', $post_id ) && 3579 post_password_required( $post_id ) 3580 ) { 3581 return new IXR_Error( 403, __( 'Sorry, you are not allowed to comment on this post.' ) ); 3582 } 3583 3584 if ( 3585 'private' === get_post_status( $post_id ) && 3586 ! current_user_can( 'read_post', $post_id ) 3587 ) { 3588 return new IXR_Error( 403, __( 'Sorry, you are not allowed to comment on this post.' ) ); 3589 } 3590 3576 3591 $comment = array(); 3577 3592 $comment['comment_post_ID'] = $post_id; … … 3952 3967 do_action( 'xmlrpc_call', 'wp.getMediaItem' ); 3953 3968 3954 if ( ! $attachment = get_post($attachment_id) ) 3969 $attachment = get_post( $attachment_id ); 3970 if ( ! $attachment || 'attachment' !== $attachment->post_type ) { 3955 3971 return new IXR_Error( 404, __( 'Invalid attachment ID.' ) ); 3972 } 3956 3973 3957 3974 return $this->_prepare_media_item( $attachment ); -
branches/4.6/src/wp-includes/formatting.php
r47651 r49400 1071 1071 */ 1072 1072 function utf8_uri_encode( $utf8_string, $length = 0 ) { 1073 $unicode = '';1074 $values = array();1075 $num_octets = 1;1073 $unicode = ''; 1074 $values = array(); 1075 $num_octets = 1; 1076 1076 $unicode_length = 0; 1077 1077 … … 1085 1085 1086 1086 if ( $value < 128 ) { 1087 if ( $length && ( $unicode_length >= $length ) ) 1087 if ( $length && ( $unicode_length >= $length ) ) { 1088 1088 break; 1089 $unicode .= chr($value); 1089 } 1090 $unicode .= chr( $value ); 1090 1091 $unicode_length++; 1091 1092 } else { … … 1976 1977 $title = mb_strtolower($title, 'UTF-8'); 1977 1978 } 1978 $title = utf8_uri_encode( $title, 200);1979 $title = utf8_uri_encode( $title, 200 ); 1979 1980 } 1980 1981 -
branches/4.6/src/wp-includes/meta.php
r42915 r49400 917 917 * @return bool True if the key is protected, false otherwise. 918 918 */ 919 function is_protected_meta( $meta_key, $meta_type = null ) { 920 $protected = ( '_' == $meta_key[0] ); 919 function is_protected_meta( $meta_key, $meta_type = '' ) { 920 $sanitized_key = preg_replace( "/[^\x20-\x7E\p{L}]/", '', $meta_key ); 921 $protected = strlen( $sanitized_key ) > 0 && ( '_' === $sanitized_key[0] ); 921 922 922 923 /** -
branches/4.6/tests/phpunit/tests/formatting/Utf8UriEncode.php
r25002 r49400 13 13 */ 14 14 function test_percent_encodes_non_reserved_characters( $utf8, $urlencoded ) { 15 $this->assertEquals( $urlencoded, utf8_uri_encode( $utf8 ) );15 $this->assertEquals( $urlencoded, utf8_uri_encode( $utf8 ) ); 16 16 } 17 17
Note: See TracChangeset
for help on using the changeset viewer.