Changeset 54546
- Timestamp:
- 10/17/2022 05:39:41 PM (2 years ago)
- Location:
- branches/3.7
- Files:
-
- 8 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/3.7
- Property svn:mergeinfo changed
/trunk merged: 54521-54523,54525,54527,54529,54541
- Property svn:mergeinfo changed
-
branches/3.7/src
- Property svn:mergeinfo changed
/trunk/src merged: 54521-54523,54525,54527,54529,54541
- Property svn:mergeinfo changed
-
branches/3.7/src/wp-includes/comment.php
r25868 r54546 1509 1509 return 0; 1510 1510 1511 $filter_comment = false; 1512 if ( ! has_filter( 'pre_comment_content', 'wp_filter_kses' ) ) { 1513 $filter_comment = ! user_can( isset( $comment['user_id'] ) ? $comment['user_id'] : 0, 'unfiltered_html' ); 1514 } 1515 1516 if ( $filter_comment ) { 1517 add_filter( 'pre_comment_content', 'wp_filter_kses' ); 1518 } 1519 1511 1520 // Escape data pulled from DB. 1512 1521 $comment = wp_slash($comment); … … 1518 1527 1519 1528 $commentarr = wp_filter_comment( $commentarr ); 1529 1530 if ( $filter_comment ) { 1531 remove_filter( 'pre_comment_content', 'wp_filter_kses' ); 1532 } 1520 1533 1521 1534 // Now extract the merged array. -
branches/3.7/src/wp-includes/default-widgets.php
r33534 r54546 835 835 if ( is_wp_error($rss) ) { 836 836 if ( is_admin() || current_user_can('manage_options') ) 837 echo '<p>' . sprintf( __('<strong>RSS Error</strong>: %s'), $rss->get_error_message() ) . '</p>';837 echo '<p>' . sprintf( __('<strong>RSS Error</strong>: %s'), esc_html( $rss->get_error_message() ) ) . '</p>'; 838 838 return; 839 839 } … … 943 943 944 944 if ( !empty($error) ) 945 echo '<p class="widget-error"><strong>' . sprintf( __('RSS Error: %s'), $error) . '</strong></p>';945 echo '<p class="widget-error"><strong>' . sprintf( __('RSS Error: %s'), esc_html( $error ) ) . '</strong></p>'; 946 946 947 947 if ( $inputs['url'] ) : -
branches/3.7/src/wp-includes/functions.php
r46505 r54546 2222 2222 } else { 2223 2223 $html = __( 'Are you sure you want to do this?' ); 2224 if ( wp_get_referer() ) 2225 $html .= "</p><p><a href='" . esc_url( remove_query_arg( 'updated', wp_get_referer() ) ) . "'>" . __( 'Please try again.' ) . "</a>"; 2224 if ( wp_get_referer() ) { 2225 $wp_http_referer = remove_query_arg( 'updated', wp_get_referer() ); 2226 $wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) ); 2227 $html .= '</p><p>'; 2228 $html .= sprintf( 2229 '<a href="%s">%s</a>', 2230 esc_url( $wp_http_referer ), 2231 __( 'Please try again.' ) 2232 ); 2233 } 2226 2234 } 2227 2235 -
branches/3.7/src/wp-includes/pluggable.php
r47962 r54546 314 314 $phpmailer->ClearCustomHeaders(); 315 315 $phpmailer->ClearReplyTos(); 316 $phpmailer->Body = ''; 317 $phpmailer->AltBody = ''; 316 318 317 319 // From email and name -
branches/3.7/src/wp-mail.php
r39784 r54546 56 56 wp_die( __('There doesn’t seem to be any new mail.') ); 57 57 } 58 59 // Always run as an unauthenticated user. 60 wp_set_current_user( 0 ); 58 61 59 62 for ( $i = 1; $i <= $count; $i++ ) { … … 120 123 $author = sanitize_email($author); 121 124 if ( is_email($author) ) { 122 echo '<p>' . sprintf(__('Author is %s'), $author) . '</p>';123 125 $userdata = get_user_by('email', $author); 124 126 if ( ! empty( $userdata ) ) { -
branches/3.7/src/wp-trackback.php
r25616 r54546 13 13 wp( array( 'tb' => '1' ) ); 14 14 } 15 16 // Always run as an unauthenticated user. 17 wp_set_current_user( 0 ); 15 18 16 19 /**
Note: See TracChangeset
for help on using the changeset viewer.