Changeset 49405 for branches/4.1
- Timestamp:
- 10/29/2020 07:09:27 PM (4 years ago)
- Location:
- branches/4.1
- Files:
-
- 1 added
- 14 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.1
- Property svn:mergeinfo changed
/branches/5.5 (added) merged: 49373-49379,49381 /trunk merged: 49380,49382-49388
- Property svn:mergeinfo changed
-
branches/4.1/src/wp-admin/admin-header.php
r30756 r49405 59 59 ?> 60 60 <script type="text/javascript"> 61 addLoadEvent = function(func){if(typeof jQuery!= "undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};62 var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative'); ?>',63 pagenow = '<?php echo $current_screen->id; ?>',64 typenow = '<?php echo $current_screen->post_type; ?>',65 adminpage = '<?php echo $admin_body_class; ?>',66 thousandsSeparator = '<?php echo addslashes( $wp_locale->number_format['thousands_sep'] ); ?>',67 decimalPoint = '<?php echo addslashes( $wp_locale->number_format['decimal_point'] ); ?>',61 addLoadEvent = function(func){if(typeof jQuery!=='undefined')jQuery(document).ready(func);else if(typeof wpOnload!=='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}}; 62 var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>', 63 pagenow = '<?php echo esc_js( $current_screen->id ); ?>', 64 typenow = '<?php echo esc_js( $current_screen->post_type ); ?>', 65 adminpage = '<?php echo esc_js( $admin_body_class ); ?>', 66 thousandsSeparator = '<?php echo esc_js( $wp_locale->number_format['thousands_sep'] ); ?>', 67 decimalPoint = '<?php echo esc_js( $wp_locale->number_format['decimal_point'] ); ?>', 68 68 isRtl = <?php echo (int) is_rtl(); ?>; 69 69 </script> -
branches/4.1/src/wp-admin/custom-background.php
r30931 r49405 517 517 */ 518 518 public function wp_set_background_image() { 519 check_ajax_referer( 'custom-background' ); 519 520 if ( ! current_user_can('edit_theme_options') || ! isset( $_POST['attachment_id'] ) ) exit; 520 521 $attachment_id = absint($_POST['attachment_id']); -
branches/4.1/src/wp-admin/custom-header.php
r30695 r49405 393 393 /* <![CDATA[ */ 394 394 (function($){ 395 var default_color = '<?php echo $default_color; ?>',395 var default_color = '<?php echo esc_js( $default_color ); ?>', 396 396 header_text_fields; 397 397 -
branches/4.1/src/wp-admin/includes/media.php
r47969 r49405 451 451 //<![CDATA[ 452 452 addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}}; 453 var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative'); ?>', pagenow = 'media-upload-popup', adminpage = 'media-upload-popup',453 var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>', pagenow = 'media-upload-popup', adminpage = 'media-upload-popup', 454 454 isRtl = <?php echo (int) is_rtl(); ?>; 455 455 //]]> -
branches/4.1/src/wp-admin/includes/ms.php
r30630 r49405 957 957 <script type="text/javascript"> 958 958 //<![CDATA[ 959 var tb_pathToImage = "<?php echo includes_url( 'js/thickbox/loadingAnimation.gif', 'relative' ); ?>";959 var tb_pathToImage = '<?php echo esc_js( includes_url( 'js/thickbox/loadingAnimation.gif', 'relative' ) ); ?>'; 960 960 //]]> 961 961 </script> -
branches/4.1/src/wp-admin/includes/template.php
r41446 r49405 1548 1548 addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}}; 1549 1549 function tb_close(){var win=window.dialogArguments||opener||parent||top;win.tb_remove();} 1550 var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative'); ?>',1551 pagenow = '<?php echo $current_screen->id; ?>',1552 typenow = '<?php echo $current_screen->post_type; ?>',1553 adminpage = '<?php echo $admin_body_class; ?>',1554 thousandsSeparator = '<?php echo addslashes( $wp_locale->number_format['thousands_sep'] ); ?>',1555 decimalPoint = '<?php echo addslashes( $wp_locale->number_format['decimal_point'] ); ?>',1550 var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>', 1551 pagenow = '<?php echo esc_js( $current_screen->id ); ?>', 1552 typenow = '<?php echo esc_js( $current_screen->post_type ); ?>', 1553 adminpage = '<?php echo esc_js( $admin_body_class ); ?>', 1554 thousandsSeparator = '<?php echo esc_js( $wp_locale->number_format['thousands_sep'] ); ?>', 1555 decimalPoint = '<?php echo esc_js( $wp_locale->number_format['decimal_point'] ); ?>', 1556 1556 isRtl = <?php echo (int) is_rtl(); ?>; 1557 1557 //]]> -
branches/4.1/src/wp-admin/js/custom-background.js
r26158 r49405 57 57 // Grab the selected attachment. 58 58 var attachment = frame.state().get('selection').first(); 59 var nonceValue = $( '#_wpnonce' ).val() || ''; 59 60 60 61 // Run an AJAX request to set the background image. … … 62 63 action: 'set-background-image', 63 64 attachment_id: attachment.id, 65 _ajax_nonce: nonceValue, 64 66 size: 'full' 65 67 }).done( function() { -
branches/4.1/src/wp-admin/js/media-gallery.js
r26232 r49405 2 2 jQuery(function($){ 3 3 $( 'body' ).bind( 'click.wp-gallery', function(e){ 4 var target = $( e.target ), id, img_size ;4 var target = $( e.target ), id, img_size, nonceValue; 5 5 6 6 if ( target.hasClass( 'wp-set-header' ) ) { … … 10 10 id = target.data( 'attachment-id' ); 11 11 img_size = $( 'input[name="attachments[' + id + '][image-size]"]:checked').val(); 12 nonceValue = $( '#_wpnonce' ).val() && ''; 12 13 13 14 jQuery.post(ajaxurl, { 14 15 action: 'set-background-image', 15 16 attachment_id: id, 17 _ajax_nonce: nonceValue, 16 18 size: img_size 17 19 }, function(){ -
branches/4.1/src/wp-admin/media-new.php
r27469 r49405 73 73 74 74 <script type="text/javascript"> 75 var post_id = <?php echo $post_id; ?>, shortform = 3;75 var post_id = <?php echo absint( $post_id ); ?>, shortform = 3; 76 76 </script> 77 <input type="hidden" name="post_id" id="post_id" value="<?php echo $post_id; ?>" />77 <input type="hidden" name="post_id" id="post_id" value="<?php echo absint( $post_id ); ?>" /> 78 78 <?php wp_nonce_field('media-form'); ?> 79 79 <div id="media-items" class="hide-if-no-js"></div> -
branches/4.1/src/wp-admin/network/site-users.php
r30356 r49405 179 179 <script type="text/javascript"> 180 180 /* <![CDATA[ */ 181 var current_site_id = <?php echo $id; ?>;181 var current_site_id = <?php echo absint( $id ); ?>; 182 182 /* ]]> */ 183 183 </script> -
branches/4.1/src/wp-includes/class-wp-xmlrpc-server.php
r40699 r49405 3293 3293 return new IXR_Error( 404, __( 'Invalid post ID.' ) ); 3294 3294 3295 if ( 3296 'publish' === get_post_status( $post_id ) && 3297 ! current_user_can( 'edit_post', $post_id ) && 3298 post_password_required( $post_id ) 3299 ) { 3300 return new IXR_Error( 403, __( 'Sorry, you are not allowed to comment on this post.' ) ); 3301 } 3302 3303 if ( 3304 'private' === get_post_status( $post_id ) && 3305 ! current_user_can( 'read_post', $post_id ) 3306 ) { 3307 return new IXR_Error( 403, __( 'Sorry, you are not allowed to comment on this post.' ) ); 3308 } 3309 3295 3310 $comment = array(); 3296 3311 $comment['comment_post_ID'] = $post_id; … … 3609 3624 do_action( 'xmlrpc_call', 'wp.getMediaItem' ); 3610 3625 3611 if ( ! $attachment = get_post($attachment_id) ) 3626 $attachment = get_post( $attachment_id ); 3627 if ( ! $attachment || 'attachment' !== $attachment->post_type ) { 3612 3628 return new IXR_Error( 404, __( 'Invalid attachment ID.' ) ); 3629 } 3613 3630 3614 3631 return $this->_prepare_media_item( $attachment ); -
branches/4.1/src/wp-includes/meta.php
r30848 r49405 1551 1551 * @return bool True if the key is protected, false otherwise. 1552 1552 */ 1553 function is_protected_meta( $meta_key, $meta_type = null ) { 1554 $protected = ( '_' == $meta_key[0] ); 1553 function is_protected_meta( $meta_key, $meta_type = '' ) { 1554 $sanitized_key = preg_replace( "/[^\x20-\x7E\p{L}]/", '', $meta_key ); 1555 $protected = strlen( $sanitized_key ) > 0 && ( '_' === $sanitized_key[0] ); 1555 1556 1556 1557 /** -
branches/4.1/tests/phpunit/tests/formatting/Utf8UriEncode.php
r25002 r49405 13 13 */ 14 14 function test_percent_encodes_non_reserved_characters( $utf8, $urlencoded ) { 15 $this->assertEquals( $urlencoded, utf8_uri_encode( $utf8 ) );15 $this->assertEquals( $urlencoded, utf8_uri_encode( $utf8 ) ); 16 16 } 17 17
Note: See TracChangeset
for help on using the changeset viewer.