Compare commits
15 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
bdd79a43f5 | ||
|
|
71f5f5fe6a | ||
|
505af40a68 | ||
|
|
4cad77d676 | ||
|
e3c8323406 | ||
|
ae9bfeddd3 | ||
|
|
b572e86a4a | ||
|
|
f1b5da36be | ||
|
8698e8339a | ||
|
|
9f7b91d4bc | ||
|
|
d7915c3e73 | ||
|
|
149cdb0766 | ||
|
|
82f8529ad5 | ||
|
|
94278eddb6 | ||
|
|
009b1b4257 |
@@ -1,6 +1,6 @@
|
||||
WordPress - Web publishing software
|
||||
|
||||
Copyright 2017 by the contributors
|
||||
Copyright 2018 by the contributors
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
||||
@@ -8,7 +8,6 @@
|
||||
<body>
|
||||
<h1 id="logo">
|
||||
<a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" /></a>
|
||||
<br /> Version 3.7.22
|
||||
</h1>
|
||||
<p style="text-align: center">Semantic Personal Publishing Platform</p>
|
||||
|
||||
|
||||
@@ -36,7 +36,19 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
|
||||
</h2>
|
||||
|
||||
<div class="changelog point-releases">
|
||||
<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 23 ); ?></h3>
|
||||
<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 26 ); ?></h3>
|
||||
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
|
||||
'<strong>Version %1$s</strong> addressed some security issues.', 2 ), '3.7.26' ); ?>
|
||||
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_3.7.26' ); ?>
|
||||
</p>
|
||||
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
|
||||
'<strong>Version %1$s</strong> addressed some security issues.', 1 ), '3.7.25' ); ?>
|
||||
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_3.7.25' ); ?>
|
||||
</p>
|
||||
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
|
||||
'<strong>Version %1$s</strong> addressed some security issues.', 4 ), '3.7.24' ); ?>
|
||||
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_3.7.24' ); ?>
|
||||
</p>
|
||||
<p><?php printf( __( '<strong>Version %s</strong> addressed one security issue.' ), '3.7.23' ); ?>
|
||||
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_3.7.23' ); ?>
|
||||
</p>
|
||||
|
||||
@@ -562,6 +562,9 @@ $_old_files = array(
|
||||
'wp-admin/js/cat.js',
|
||||
'wp-admin/js/cat.min.js',
|
||||
'wp-includes/js/tinymce/plugins/wpeditimage/js/editimage.min.js',
|
||||
// 4.9.2
|
||||
'wp-includes/js/mediaelement/flashmediaelement.swf',
|
||||
'wp-includes/js/mediaelement/silverlightmediaelement.xap',
|
||||
);
|
||||
|
||||
/**
|
||||
@@ -878,7 +881,11 @@ function update_core($from, $to) {
|
||||
$old_file = $to . $old_file;
|
||||
if ( !$wp_filesystem->exists($old_file) )
|
||||
continue;
|
||||
$wp_filesystem->delete($old_file, true);
|
||||
|
||||
// If the file isn't deleted, try writing an empty string to the file instead.
|
||||
if ( ! $wp_filesystem->delete( $old_file, true ) && $wp_filesystem->is_file( $old_file ) ) {
|
||||
$wp_filesystem->put_contents( $old_file, '' );
|
||||
}
|
||||
}
|
||||
|
||||
// Remove any Genericons example.html's from the filesystem
|
||||
|
||||
@@ -72,7 +72,7 @@ if ( isset($_REQUEST['action']) && 'adduser' == $_REQUEST['action'] ) {
|
||||
add_existing_user_to_blog( array( 'user_id' => $user_id, 'role' => $_REQUEST[ 'role' ] ) );
|
||||
$redirect = add_query_arg( array('update' => 'addnoconfirmation'), 'user-new.php' );
|
||||
} else {
|
||||
$newuser_key = substr( md5( $user_id ), 0, 5 );
|
||||
$newuser_key = wp_generate_password( 20, false );
|
||||
add_option( 'new_user_' . $newuser_key, array( 'user_id' => $user_id, 'email' => $user_details->user_email, 'role' => $_REQUEST[ 'role' ] ) );
|
||||
|
||||
$roles = get_editable_roles();
|
||||
|
||||
@@ -395,7 +395,7 @@ function rss_enclosure() {
|
||||
$t = preg_split('/[ \t]/', trim($enclosure[2]) );
|
||||
$type = $t[0];
|
||||
|
||||
echo apply_filters('rss_enclosure', '<enclosure url="' . trim(htmlspecialchars($enclosure[0])) . '" length="' . trim($enclosure[1]) . '" type="' . $type . '" />' . "\n");
|
||||
echo apply_filters( 'rss_enclosure', '<enclosure url="' . esc_url( trim( $enclosure[0] ) ) . '" length="' . absint( trim( $enclosure[1] ) ) . '" type="' . esc_attr( $type ) . '" />' . "\n" );
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -426,7 +426,7 @@ function atom_enclosure() {
|
||||
if ($key == 'enclosure') {
|
||||
foreach ( (array) $val as $enc ) {
|
||||
$enclosure = explode("\n", $enc);
|
||||
echo apply_filters('atom_enclosure', '<link href="' . trim(htmlspecialchars($enclosure[0])) . '" rel="enclosure" length="' . trim($enclosure[1]) . '" type="' . trim($enclosure[2]) . '" />' . "\n");
|
||||
echo apply_filters( 'atom_enclosure', '<link href="' . esc_url( trim( $enclosure[0] ) ) . '" rel="enclosure" length="' . absint( trim( $enclosure[1] ) ) . '" type="' . esc_attr( trim( $enclosure[2] ) ) . '" />' . "\n" );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2108,8 +2108,9 @@ function get_allowed_mime_types( $user = null ) {
|
||||
if ( function_exists( 'current_user_can' ) )
|
||||
$unfiltered = $user ? user_can( $user, 'unfiltered_html' ) : current_user_can( 'unfiltered_html' );
|
||||
|
||||
if ( empty( $unfiltered ) )
|
||||
unset( $t['htm|html'] );
|
||||
if ( empty( $unfiltered ) ) {
|
||||
unset( $t['htm|html'], $t['js'] );
|
||||
}
|
||||
|
||||
return apply_filters( 'upload_mimes', $t, $user );
|
||||
}
|
||||
|
||||
@@ -1927,12 +1927,14 @@ function language_attributes($doctype = 'html') {
|
||||
if ( function_exists( 'is_rtl' ) && is_rtl() )
|
||||
$attributes[] = 'dir="rtl"';
|
||||
|
||||
if ( $lang = get_bloginfo('language') ) {
|
||||
if ( get_option('html_type') == 'text/html' || $doctype == 'html' )
|
||||
$attributes[] = "lang=\"$lang\"";
|
||||
if ( $lang = get_bloginfo( 'language' ) ) {
|
||||
if ( get_option( 'html_type' ) == 'text/html' || $doctype == 'html' ) {
|
||||
$attributes[] = 'lang="' . esc_attr( $lang ) . '"';
|
||||
}
|
||||
|
||||
if ( get_option('html_type') != 'text/html' || $doctype == 'xhtml' )
|
||||
$attributes[] = "xml:lang=\"$lang\"";
|
||||
if ( get_option( 'html_type' ) != 'text/html' || $doctype == 'xhtml' ) {
|
||||
$attributes[] = 'xml:lang="' . esc_attr( $lang ) . '"';
|
||||
}
|
||||
}
|
||||
|
||||
$output = implode(' ', $attributes);
|
||||
@@ -2253,25 +2255,25 @@ function get_the_generator( $type = '' ) {
|
||||
|
||||
switch ( $type ) {
|
||||
case 'html':
|
||||
$gen = '<meta name="generator" content="WordPress ' . get_bloginfo( 'version' ) . '">';
|
||||
$gen = '<meta name="generator" content="WordPress ' . esc_attr( get_bloginfo( 'version' ) ) . '">';
|
||||
break;
|
||||
case 'xhtml':
|
||||
$gen = '<meta name="generator" content="WordPress ' . get_bloginfo( 'version' ) . '" />';
|
||||
$gen = '<meta name="generator" content="WordPress ' . esc_attr( get_bloginfo( 'version' ) ) . '" />';
|
||||
break;
|
||||
case 'atom':
|
||||
$gen = '<generator uri="http://wordpress.org/" version="' . get_bloginfo_rss( 'version' ) . '">WordPress</generator>';
|
||||
$gen = '<generator uri="https://wordpress.org/" version="' . esc_attr( get_bloginfo_rss( 'version' ) ) . '">WordPress</generator>';
|
||||
break;
|
||||
case 'rss2':
|
||||
$gen = '<generator>http://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) . '</generator>';
|
||||
$gen = '<generator>' . esc_url_raw( 'https://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) ) . '</generator>';
|
||||
break;
|
||||
case 'rdf':
|
||||
$gen = '<admin:generatorAgent rdf:resource="http://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) . '" />';
|
||||
$gen = '<admin:generatorAgent rdf:resource="' . esc_url_raw( 'https://wordpress.org/?v=' . get_bloginfo_rss( 'version' ) ) . '" />';
|
||||
break;
|
||||
case 'comment':
|
||||
$gen = '<!-- generator="WordPress/' . get_bloginfo( 'version' ) . '" -->';
|
||||
$gen = '<!-- generator="WordPress/' . esc_attr( get_bloginfo( 'version' ) ) . '" -->';
|
||||
break;
|
||||
case 'export':
|
||||
$gen = '<!-- generator="WordPress/' . get_bloginfo_rss('version') . '" created="'. date('Y-m-d H:i') . '" -->';
|
||||
$gen = '<!-- generator="WordPress/' . esc_attr( get_bloginfo_rss( 'version' ) ) . '" created="' . date( 'Y-m-d H:i' ) . '" -->';
|
||||
break;
|
||||
}
|
||||
return apply_filters( "get_the_generator_{$type}", $gen, $type );
|
||||
|
||||
Binary file not shown.
Binary file not shown.
@@ -4,7 +4,7 @@
|
||||
*
|
||||
* @global string $wp_version
|
||||
*/
|
||||
$wp_version = '3.7.23';
|
||||
$wp_version = '3.7.26';
|
||||
|
||||
/**
|
||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||
|
||||
@@ -1394,7 +1394,7 @@ class wpdb {
|
||||
// If ext/hash is not present, compat.php's hash_hmac() does not support sha256.
|
||||
$algo = function_exists( 'hash' ) ? 'sha256' : 'sha1';
|
||||
// Old WP installs may not have AUTH_SALT defined.
|
||||
$salt = defined( 'AUTH_SALT' ) ? AUTH_SALT : rand();
|
||||
$salt = defined( 'AUTH_SALT' ) && AUTH_SALT ? AUTH_SALT : (string) rand();
|
||||
|
||||
$placeholder = '{' . hash_hmac( $algo, uniqid( $salt, true ), $salt ) . '}';
|
||||
}
|
||||
|
||||
@@ -14,10 +14,10 @@ require( dirname(__FILE__) . '/wp-load.php' );
|
||||
// Redirect to https login if forced to use SSL
|
||||
if ( force_ssl_admin() && ! is_ssl() ) {
|
||||
if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
|
||||
wp_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
|
||||
wp_safe_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
|
||||
exit();
|
||||
} else {
|
||||
wp_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
|
||||
wp_safe_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
|
||||
exit();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user