Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
150dd442d2 |
@@ -9,7 +9,7 @@
|
||||
<body>
|
||||
<h1 id="logo">
|
||||
<a href="https://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" /></a>
|
||||
<br /> Version 4.0.7
|
||||
<br /> Version 4.0.6
|
||||
</h1>
|
||||
<p style="text-align: center">Semantic Personal Publishing Platform</p>
|
||||
|
||||
|
||||
@@ -42,11 +42,7 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
|
||||
</h2>
|
||||
|
||||
<div class="changelog point-releases">
|
||||
<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 7 ); ?></h3>
|
||||
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed some security issues and fixed %2$s bug.',
|
||||
'<strong>Version %1$s</strong> addressed some security issues and fixed %2$s bugs.', 2 ), '4.0.7', number_format_i18n( 2 ) ); ?>
|
||||
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.0.7' ); ?>
|
||||
</p>
|
||||
<h3><?php echo _n( 'Maintenance and Security Release', 'Maintenance and Security Releases', 6 ); ?></h3>
|
||||
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed a security issue.',
|
||||
'<strong>Version %1$s</strong> addressed some security issues.', 2 ), '4.0.6' ); ?>
|
||||
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.0.6' ); ?>
|
||||
|
||||
@@ -1477,7 +1477,7 @@ function _admin_notice_post_locked() {
|
||||
// Allow plugins to prevent some users overriding the post lock
|
||||
if ( $override ) {
|
||||
?>
|
||||
<a class="button button-primary wp-tab-last" href="<?php echo esc_url( add_query_arg( 'get-post-lock', '1', wp_nonce_url( get_edit_post_link( $post->ID, 'url' ), 'lock-post_' . $post->ID ) ) ); ?>"><?php _e('Take over'); ?></a>
|
||||
<a class="button button-primary wp-tab-last" href="<?php echo esc_url( add_query_arg( 'get-post-lock', '1', get_edit_post_link( $post->ID, 'url' ) ) ); ?>"><?php _e('Take over'); ?></a>
|
||||
<?php
|
||||
}
|
||||
|
||||
|
||||
@@ -158,7 +158,6 @@ case 'edit':
|
||||
wp_die( __( 'You can’t edit this item because it is in the Trash. Please restore it and try again.' ) );
|
||||
|
||||
if ( ! empty( $_GET['get-post-lock'] ) ) {
|
||||
check_admin_referer( 'lock-post_' . $post_id );
|
||||
wp_set_post_lock( $post_id );
|
||||
wp_redirect( get_edit_post_link( $post_id, 'url' ) );
|
||||
exit();
|
||||
|
||||
@@ -1195,7 +1195,7 @@ final class WP_Customize_Widgets {
|
||||
return null;
|
||||
}
|
||||
|
||||
if ( ! hash_equals( $this->get_instance_hash_key( $decoded ), $value['instance_hash_key'] ) ) {
|
||||
if ( $this->get_instance_hash_key( $decoded ) !== $value['instance_hash_key'] ) {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@@ -326,14 +326,11 @@ class WP_Embed {
|
||||
* @return string Potentially modified $content.
|
||||
*/
|
||||
public function autoembed( $content ) {
|
||||
// Replace line breaks from all HTML elements with placeholders.
|
||||
$content = wp_replace_in_html_tags( $content, array( "\n" => '<!-- wp-line-break -->' ) );
|
||||
// Strip newlines from all elements.
|
||||
$content = wp_replace_in_html_tags( $content, array( "\n" => " " ) );
|
||||
|
||||
// Find URLs that are on their own line.
|
||||
$content = preg_replace_callback( '|^\s*(https?://[^\s"]+)\s*$|im', array( $this, 'autoembed_callback' ), $content );
|
||||
|
||||
// Put the line breaks back.
|
||||
return str_replace( '<!-- wp-line-break -->', "\n", $content );
|
||||
return preg_replace_callback( '|^\s*(https?://[^\s"]+)\s*$|im', array( $this, 'autoembed_callback' ), $content );
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -1354,7 +1354,7 @@ class WP_Widget_Tag_Cloud extends WP_Widget {
|
||||
?>
|
||||
<p>
|
||||
<label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:') ?></label>
|
||||
<input type="text" class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" value="<?php echo esc_attr( $title ); ?>" />
|
||||
<input type="text" class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" value="<?php echo $title; ?>" />
|
||||
</p>
|
||||
<p>
|
||||
<label for="<?php echo $this->get_field_id('nav_menu'); ?>"><?php _e('Select Menu:'); ?></label>
|
||||
|
||||
@@ -405,8 +405,8 @@ function wpautop($pee, $br = true) {
|
||||
$pee = preg_replace('!(</' . $allblocks . '>)!', "$1\n\n", $pee);
|
||||
$pee = str_replace(array("\r\n", "\r"), "\n", $pee); // cross-platform newlines
|
||||
|
||||
// Find newlines in all elements and add placeholders.
|
||||
$pee = wp_replace_in_html_tags( $pee, array( "\n" => " <!-- wpnl --> " ) );
|
||||
// Strip newlines from all elements.
|
||||
$pee = wp_replace_in_html_tags( $pee, array( "\n" => " " ) );
|
||||
|
||||
if ( strpos( $pee, '<option' ) !== false ) {
|
||||
// no P/BR around option
|
||||
@@ -459,59 +459,9 @@ function wpautop($pee, $br = true) {
|
||||
if ( !empty($pre_tags) )
|
||||
$pee = str_replace(array_keys($pre_tags), array_values($pre_tags), $pee);
|
||||
|
||||
// Restore newlines in all elements.
|
||||
$pee = str_replace( " <!-- wpnl --> ", "\n", $pee );
|
||||
|
||||
return $pee;
|
||||
}
|
||||
|
||||
/**
|
||||
* Separate HTML elements and comments from the text.
|
||||
*
|
||||
* @since 4.2.4
|
||||
*
|
||||
* @param string $input The text which has to be formatted.
|
||||
* @return array The formatted text.
|
||||
*/
|
||||
function wp_html_split( $input ) {
|
||||
static $regex;
|
||||
|
||||
if ( ! isset( $regex ) ) {
|
||||
$comments =
|
||||
'!' // Start of comment, after the <.
|
||||
. '(?:' // Unroll the loop: Consume everything until --> is found.
|
||||
. '-(?!->)' // Dash not followed by end of comment.
|
||||
. '[^\-]*+' // Consume non-dashes.
|
||||
. ')*+' // Loop possessively.
|
||||
. '(?:-->)?'; // End of comment. If not found, match all input.
|
||||
|
||||
$cdata =
|
||||
'!\[CDATA\[' // Start of comment, after the <.
|
||||
. '[^\]]*+' // Consume non-].
|
||||
. '(?:' // Unroll the loop: Consume everything until ]]> is found.
|
||||
. '](?!]>)' // One ] not followed by end of comment.
|
||||
. '[^\]]*+' // Consume non-].
|
||||
. ')*+' // Loop possessively.
|
||||
. '(?:]]>)?'; // End of comment. If not found, match all input.
|
||||
|
||||
$regex =
|
||||
'/(' // Capture the entire match.
|
||||
. '<' // Find start of element.
|
||||
. '(?(?=!--)' // Is this a comment?
|
||||
. $comments // Find end of comment.
|
||||
. '|'
|
||||
. '(?(?=!\[CDATA\[)' // Is this a comment?
|
||||
. $cdata // Find end of comment.
|
||||
. '|'
|
||||
. '[^>]*>?' // Find end of element. If not found, match all input.
|
||||
. ')'
|
||||
. ')'
|
||||
. ')/s';
|
||||
}
|
||||
|
||||
return preg_split( $regex, $input, -1, PREG_SPLIT_DELIM_CAPTURE );
|
||||
}
|
||||
|
||||
/**
|
||||
* Replace characters or phrases within HTML elements only.
|
||||
*
|
||||
@@ -523,7 +473,25 @@ function wp_html_split( $input ) {
|
||||
*/
|
||||
function wp_replace_in_html_tags( $haystack, $replace_pairs ) {
|
||||
// Find all elements.
|
||||
$textarr = wp_html_split( $haystack );
|
||||
$comments =
|
||||
'!' // Start of comment, after the <.
|
||||
. '(?:' // Unroll the loop: Consume everything until --> is found.
|
||||
. '-(?!->)' // Dash not followed by end of comment.
|
||||
. '[^\-]*+' // Consume non-dashes.
|
||||
. ')*+' // Loop possessively.
|
||||
. '(?:-->)?'; // End of comment. If not found, match all input.
|
||||
|
||||
$regex =
|
||||
'/(' // Capture the entire match.
|
||||
. '<' // Find start of element.
|
||||
. '(?(?=!--)' // Is this a comment?
|
||||
. $comments // Find end of comment.
|
||||
. '|'
|
||||
. '[^>]*>?' // Find end of element. If not found, match all input.
|
||||
. ')'
|
||||
. ')/s';
|
||||
|
||||
$textarr = preg_split( $regex, $haystack, -1, PREG_SPLIT_DELIM_CAPTURE );
|
||||
$changed = false;
|
||||
|
||||
// Optimize when searching for one item.
|
||||
|
||||
@@ -2888,11 +2888,10 @@ function wp_untrash_post_comments( $post = null ) {
|
||||
|
||||
foreach ( $group_by_status as $status => $comments ) {
|
||||
// Sanity check. This shouldn't happen.
|
||||
if ( 'post-trashed' == $status ) {
|
||||
if ( 'post-trashed' == $status )
|
||||
$status = '0';
|
||||
}
|
||||
$comments_in = implode( ', ', array_map( 'intval', $comments ) );
|
||||
$wpdb->query( $wpdb->prepare( "UPDATE $wpdb->comments SET comment_approved = %s WHERE comment_ID IN ($comments_in)", $status ) );
|
||||
$comments_in = implode( "', '", $comments );
|
||||
$wpdb->query( "UPDATE $wpdb->comments SET comment_approved = '$status' WHERE comment_ID IN ('" . $comments_in . "')" );
|
||||
}
|
||||
|
||||
clean_comment_cache( array_keys($statuses) );
|
||||
|
||||
@@ -332,10 +332,29 @@ function do_shortcodes_in_html_tags( $content, $ignore_html ) {
|
||||
$trans = array( '[' => '[', ']' => ']' );
|
||||
|
||||
$pattern = get_shortcode_regex();
|
||||
$textarr = wp_html_split( $content );
|
||||
|
||||
$comment_regex =
|
||||
'!' // Start of comment, after the <.
|
||||
. '(?:' // Unroll the loop: Consume everything until --> is found.
|
||||
. '-(?!->)' // Dash not followed by end of comment.
|
||||
. '[^\-]*+' // Consume non-dashes.
|
||||
. ')*+' // Loop possessively.
|
||||
. '(?:-->)?'; // End of comment. If not found, match all input.
|
||||
|
||||
$regex =
|
||||
'/(' // Capture the entire match.
|
||||
. '<' // Find start of element.
|
||||
. '(?(?=!--)' // Is this a comment?
|
||||
. $comment_regex // Find end of comment.
|
||||
. '|'
|
||||
. '[^>]*>?' // Find end of element. If not found, match all input.
|
||||
. ')'
|
||||
. ')/s';
|
||||
|
||||
$textarr = preg_split( $regex, $content, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY );
|
||||
|
||||
foreach ( $textarr as &$element ) {
|
||||
if ( '' == $element || '<' !== $element[0] ) {
|
||||
if ( '<' !== $element[0] ) {
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -350,7 +369,7 @@ function do_shortcodes_in_html_tags( $content, $ignore_html ) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if ( $ignore_html || '<!--' === substr( $element, 0, 4 ) || '<![CDATA[' === substr( $element, 0, 9 ) ) {
|
||||
if ( $ignore_html || '<!--' === substr( $element, 0, 4 ) ) {
|
||||
// Encode all [ and ] chars.
|
||||
$element = strtr( $element, $trans );
|
||||
continue;
|
||||
@@ -358,11 +377,6 @@ function do_shortcodes_in_html_tags( $content, $ignore_html ) {
|
||||
|
||||
$attributes = wp_kses_attr_parse( $element );
|
||||
if ( false === $attributes ) {
|
||||
// Some plugins are doing things like [name] <[email]>.
|
||||
if ( 1 === preg_match( '%^<\s*\[\[?[^\[\]]+\]%', $element ) ) {
|
||||
$element = preg_replace_callback( "/$pattern/s", 'do_shortcode_tag', $element );
|
||||
}
|
||||
|
||||
// Looks like we found some crazy unfiltered HTML. Skipping it for sanity.
|
||||
$element = strtr( $element, $trans );
|
||||
continue;
|
||||
|
||||
@@ -673,6 +673,8 @@ function preview_theme() {
|
||||
|
||||
// Prevent theme mods to current theme being used on theme being previewed
|
||||
add_filter( 'pre_option_theme_mods_' . get_option( 'stylesheet' ), '__return_empty_array' );
|
||||
|
||||
ob_start( 'preview_theme_ob_filter' );
|
||||
}
|
||||
add_action('setup_theme', 'preview_theme');
|
||||
|
||||
@@ -710,7 +712,7 @@ function _preview_theme_stylesheet_filter() {
|
||||
* @return string
|
||||
*/
|
||||
function preview_theme_ob_filter( $content ) {
|
||||
return $content;
|
||||
return preg_replace_callback( "|(<a.*?href=([\"']))(.*?)([\"'].*?>)|", 'preview_theme_ob_filter_callback', $content );
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -725,7 +727,26 @@ function preview_theme_ob_filter( $content ) {
|
||||
* @return string
|
||||
*/
|
||||
function preview_theme_ob_filter_callback( $matches ) {
|
||||
return $matches[0];
|
||||
if ( strpos($matches[4], 'onclick') !== false )
|
||||
$matches[4] = preg_replace('#onclick=([\'"]).*?(?<!\\\)\\1#i', '', $matches[4]); //Strip out any onclicks from rest of <a>. (?<!\\\) means to ignore the '" if it's escaped by \ to prevent breaking mid-attribute.
|
||||
if (
|
||||
( false !== strpos($matches[3], '/wp-admin/') )
|
||||
||
|
||||
( false !== strpos( $matches[3], '://' ) && 0 !== strpos( $matches[3], home_url() ) )
|
||||
||
|
||||
( false !== strpos($matches[3], '/feed/') )
|
||||
||
|
||||
( false !== strpos($matches[3], '/trackback/') )
|
||||
)
|
||||
return $matches[1] . "#$matches[2] onclick=$matches[2]return false;" . $matches[4];
|
||||
|
||||
$stylesheet = isset( $_GET['stylesheet'] ) ? $_GET['stylesheet'] : '';
|
||||
$template = isset( $_GET['template'] ) ? $_GET['template'] : '';
|
||||
|
||||
$link = add_query_arg( array( 'preview' => 1, 'template' => $template, 'stylesheet' => $stylesheet, 'preview_iframe' => 1 ), $matches[3] );
|
||||
if ( 0 === strpos($link, 'preview=1') )
|
||||
$link = "?$link";
|
||||
return $matches[1] . esc_attr( $link ) . $matches[4];
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
*
|
||||
* @global string $wp_version
|
||||
*/
|
||||
$wp_version = '4.0.7';
|
||||
$wp_version = '4.0.6';
|
||||
|
||||
/**
|
||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||
|
||||
Reference in New Issue
Block a user