Changeset 54547
- Timestamp:
- 10/17/2022 05:43:54 PM (2 years ago)
- Location:
- branches/3.8
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/3.8
- Property svn:mergeinfo changed
/trunk merged: 54521-54523,54525,54527,54529,54541
- Property svn:mergeinfo changed
-
branches/3.8/src/wp-includes/comment.php
r26492 r54547 1833 1833 return 0; 1834 1834 1835 $filter_comment = false; 1836 if ( ! has_filter( 'pre_comment_content', 'wp_filter_kses' ) ) { 1837 $filter_comment = ! user_can( isset( $comment['user_id'] ) ? $comment['user_id'] : 0, 'unfiltered_html' ); 1838 } 1839 1840 if ( $filter_comment ) { 1841 add_filter( 'pre_comment_content', 'wp_filter_kses' ); 1842 } 1843 1835 1844 // Escape data pulled from DB. 1836 1845 $comment = wp_slash($comment); … … 1842 1851 1843 1852 $commentarr = wp_filter_comment( $commentarr ); 1853 1854 if ( $filter_comment ) { 1855 remove_filter( 'pre_comment_content', 'wp_filter_kses' ); 1856 } 1844 1857 1845 1858 // Now extract the merged array. -
branches/3.8/src/wp-includes/default-widgets.php
r33533 r54547 835 835 if ( is_wp_error($rss) ) { 836 836 if ( is_admin() || current_user_can('manage_options') ) 837 echo '<p>' . sprintf( __('<strong>RSS Error</strong>: %s'), $rss->get_error_message() ) . '</p>';837 echo '<p>' . sprintf( __('<strong>RSS Error</strong>: %s'), esc_html( $rss->get_error_message() ) ) . '</p>'; 838 838 return; 839 839 } … … 943 943 944 944 if ( !empty($error) ) 945 echo '<p class="widget-error"><strong>' . sprintf( __('RSS Error: %s'), $error) . '</strong></p>';945 echo '<p class="widget-error"><strong>' . sprintf( __('RSS Error: %s'), esc_html( $error ) ) . '</strong></p>'; 946 946 947 947 if ( $inputs['url'] ) : -
branches/3.8/src/wp-includes/functions.php
r46504 r54547 2218 2218 } else { 2219 2219 $html = __( 'Are you sure you want to do this?' ); 2220 if ( wp_get_referer() ) 2221 $html .= "</p><p><a href='" . esc_url( remove_query_arg( 'updated', wp_get_referer() ) ) . "'>" . __( 'Please try again.' ) . "</a>"; 2220 if ( wp_get_referer() ) { 2221 $wp_http_referer = remove_query_arg( 'updated', wp_get_referer() ); 2222 $wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) ); 2223 $html .= '</p><p>'; 2224 $html .= sprintf( 2225 '<a href="%s">%s</a>', 2226 esc_url( $wp_http_referer ), 2227 __( 'Please try again.' ) 2228 ); 2229 } 2222 2230 } 2223 2231 -
branches/3.8/src/wp-includes/pluggable.php
r47965 r54547 311 311 $phpmailer->ClearCustomHeaders(); 312 312 $phpmailer->ClearReplyTos(); 313 $phpmailer->Body = ''; 314 $phpmailer->AltBody = ''; 313 315 314 316 // From email and name -
branches/3.8/src/wp-mail.php
r39782 r54547 60 60 wp_die( __('There doesn’t seem to be any new mail.') ); 61 61 } 62 63 // Always run as an unauthenticated user. 64 wp_set_current_user( 0 ); 62 65 63 66 for ( $i = 1; $i <= $count; $i++ ) { … … 124 127 $author = sanitize_email($author); 125 128 if ( is_email($author) ) { 126 echo '<p>' . sprintf(__('Author is %s'), $author) . '</p>';127 129 $userdata = get_user_by('email', $author); 128 130 if ( ! empty( $userdata ) ) { -
branches/3.8/src/wp-trackback.php
r25616 r54547 13 13 wp( array( 'tb' => '1' ) ); 14 14 } 15 16 // Always run as an unauthenticated user. 17 wp_set_current_user( 0 ); 15 18 16 19 /**
Note: See TracChangeset
for help on using the changeset viewer.