Skip to content

Commit

Permalink
Merge remote-tracking branch 'refs/remotes/origin/master' into latest
Browse files Browse the repository at this point in the history
  • Loading branch information
patrickebates committed Sep 20, 2017
2 parents f45fbf5 + a6a4076 commit 8611bc9
Show file tree
Hide file tree
Showing 34 changed files with 181 additions and 110 deletions.
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
Project Nami
===============

### Version: `1.6.1` ###
### Version: `1.6.2` ###

### Description: ###
[![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://deploy.azure.com/?repository=https://github.com/ProjectNami/projectnami/tree/latest)
Expand Down
28 changes: 9 additions & 19 deletions wp-admin/about.php
Original file line number Diff line number Diff line change
Expand Up @@ -39,25 +39,15 @@
</h2>

<div class="changelog point-releases">
<h3><?php _e( 'Maintenance Release' ); ?></h3>
<p>
<?php
printf(
/* translators: 1: WordPress version number, 2: plural number of bugs. */
_n(
'<strong>Version %1$s</strong> addressed %2$s bug.',
'<strong>Version %1$s</strong> addressed %2$s bugs.',
29
),
'4.8.1',
number_format_i18n( 29 )
);
?>
<?php
/* translators: %s: Codex URL */
printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.8.1' );
?>
</p>
<h3><?php _e( 'Maintenance and Security Releases' ); ?></h3>
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed some security issues and fixed %2$s bug.',
'<strong>Version %1$s</strong> addressed some security issues and fixed %2$s bugs.', 5 ), '4.8.2', number_format_i18n( 5 ) ); ?>
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.8.2' ); ?>
</p>
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed %2$s bug.',
'<strong>Version %1$s</strong> addressed %2$s bugs.', 29 ), '4.8.1', number_format_i18n( 29 ) ); ?>
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.8.1' ); ?>
</p>
</div>

<div class="feature-section one-col">
Expand Down
2 changes: 1 addition & 1 deletion wp-admin/edit-tag-form.php
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@
<div id="message" class="updated">
<p><strong><?php echo $message; ?></strong></p>
<?php if ( $wp_http_referer ) { ?>
<p><a href="<?php echo esc_url( $wp_http_referer ); ?>"><?php
<p><a href="<?php echo esc_url( wp_validate_redirect( esc_url_raw( $wp_http_referer ), admin_url( 'term.php?taxonomy=' . $taxonomy ) ) ); ?>"><?php
/* translators: %s: taxonomy name */
printf( _x( '&larr; Back to %s', 'admin screen' ), $tax->labels->name );
?></a></p>
Expand Down
14 changes: 7 additions & 7 deletions wp-admin/includes/class-wp-plugins-list-table.php
Original file line number Diff line number Diff line change
Expand Up @@ -601,16 +601,16 @@ public function single_row( $item ) {
if ( $is_active ) {
if ( current_user_can( 'manage_network_plugins' ) ) {
/* translators: %s: plugin name */
$actions['deactivate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=deactivate&amp;plugin=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'deactivate-plugin_' . $plugin_file ) . '" aria-label="' . esc_attr( sprintf( _x( 'Network Deactivate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Network Deactivate' ) . '</a>';
$actions['deactivate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=deactivate&amp;plugin=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'deactivate-plugin_' . $plugin_file ) . '" aria-label="' . esc_attr( sprintf( _x( 'Network Deactivate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Network Deactivate' ) . '</a>';
}
} else {
if ( current_user_can( 'manage_network_plugins' ) ) {
/* translators: %s: plugin name */
$actions['activate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=activate&amp;plugin=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'activate-plugin_' . $plugin_file ) . '" class="edit" aria-label="' . esc_attr( sprintf( _x( 'Network Activate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Network Activate' ) . '</a>';
$actions['activate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=activate&amp;plugin=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'activate-plugin_' . $plugin_file ) . '" class="edit" aria-label="' . esc_attr( sprintf( _x( 'Network Activate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Network Activate' ) . '</a>';
}
if ( current_user_can( 'delete_plugins' ) && ! is_plugin_active( $plugin_file ) ) {
/* translators: %s: plugin name */
$actions['delete'] = '<a href="' . wp_nonce_url( 'plugins.php?action=delete-selected&amp;checked[]=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'bulk-plugins' ) . '" class="delete" aria-label="' . esc_attr( sprintf( _x( 'Delete %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Delete' ) . '</a>';
$actions['delete'] = '<a href="' . wp_nonce_url( 'plugins.php?action=delete-selected&amp;checked[]=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'bulk-plugins' ) . '" class="delete" aria-label="' . esc_attr( sprintf( _x( 'Delete %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Delete' ) . '</a>';
}
}
} else {
Expand All @@ -624,22 +624,22 @@ public function single_row( $item ) {
);
} elseif ( $is_active ) {
/* translators: %s: plugin name */
$actions['deactivate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=deactivate&amp;plugin=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'deactivate-plugin_' . $plugin_file ) . '" aria-label="' . esc_attr( sprintf( _x( 'Deactivate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Deactivate' ) . '</a>';
$actions['deactivate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=deactivate&amp;plugin=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'deactivate-plugin_' . $plugin_file ) . '" aria-label="' . esc_attr( sprintf( _x( 'Deactivate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Deactivate' ) . '</a>';
} else {
/* translators: %s: plugin name */
$actions['activate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=activate&amp;plugin=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'activate-plugin_' . $plugin_file ) . '" class="edit" aria-label="' . esc_attr( sprintf( _x( 'Activate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Activate' ) . '</a>';
$actions['activate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=activate&amp;plugin=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'activate-plugin_' . $plugin_file ) . '" class="edit" aria-label="' . esc_attr( sprintf( _x( 'Activate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Activate' ) . '</a>';

if ( ! is_multisite() && current_user_can( 'delete_plugins' ) ) {
/* translators: %s: plugin name */
$actions['delete'] = '<a href="' . wp_nonce_url( 'plugins.php?action=delete-selected&amp;checked[]=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'bulk-plugins' ) . '" class="delete" aria-label="' . esc_attr( sprintf( _x( 'Delete %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Delete' ) . '</a>';
$actions['delete'] = '<a href="' . wp_nonce_url( 'plugins.php?action=delete-selected&amp;checked[]=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'bulk-plugins' ) . '" class="delete" aria-label="' . esc_attr( sprintf( _x( 'Delete %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Delete' ) . '</a>';
}
} // end if $is_active

} // end if $screen->in_admin( 'network' )

if ( ( ! is_multisite() || $screen->in_admin( 'network' ) ) && current_user_can( 'edit_plugins' ) && is_writable( WP_PLUGIN_DIR . '/' . $plugin_file ) ) {
/* translators: %s: plugin name */
$actions['edit'] = '<a href="plugin-editor.php?file=' . $plugin_file . '" class="edit" aria-label="' . esc_attr( sprintf( __( 'Edit %s' ), $plugin_data['Name'] ) ) . '">' . __( 'Edit' ) . '</a>';
$actions['edit'] = '<a href="plugin-editor.php?file=' . urlencode( $plugin_file ) . '" class="edit" aria-label="' . esc_attr( sprintf( __( 'Edit %s' ), $plugin_data['Name'] ) ) . '">' . __( 'Edit' ) . '</a>';
}
} // end if $context

Expand Down
8 changes: 8 additions & 0 deletions wp-admin/includes/file.php
Original file line number Diff line number Diff line change
Expand Up @@ -647,6 +647,10 @@ function _unzip_file_ziparchive($file, $to, $needed_dirs = array() ) {
if ( '__MACOSX/' === substr($info['name'], 0, 9) ) // Skip the OS X-created __MACOSX directory
continue;

if ( 0 !== validate_file( $info['name'] ) ) {
return new WP_Error( 'invalid_file_ziparchive', __( 'Could not extract file from archive.' ), $info['name'] );
}

$uncompressed_size += $info['size'];

if ( '/' === substr( $info['name'], -1 ) ) {
Expand Down Expand Up @@ -807,6 +811,10 @@ function _unzip_file_pclzip($file, $to, $needed_dirs = array()) {
if ( '__MACOSX/' === substr($file['filename'], 0, 9) ) // Don't extract the OS X-created __MACOSX directory files
continue;

if ( 0 !== validate_file( $file['filename'] ) ) {
return new WP_Error( 'invalid_file_pclzip', __( 'Could not extract file from archive.' ), $file['filename'] );
}

if ( ! $wp_filesystem->put_contents( $to . $file['filename'], $file['content'], FS_CHMOD_FILE) )
return new WP_Error( 'copy_failed_pclzip', __( 'Could not copy file.' ), $file['filename'] );
}
Expand Down
2 changes: 1 addition & 1 deletion wp-admin/includes/template.php
Original file line number Diff line number Diff line change
Expand Up @@ -771,7 +771,7 @@ function page_template_dropdown( $default = '', $post_type = 'page' ) {
ksort( $templates );
foreach ( array_keys( $templates ) as $template ) {
$selected = selected( $default, $templates[ $template ], false );
echo "\n\t<option value='" . $templates[ $template ] . "' $selected>$template</option>";
echo "\n\t<option value='" . esc_attr( $templates[ $template ] ) . "' $selected>" . esc_html( $template ) . "</option>";
}
}

Expand Down
2 changes: 1 addition & 1 deletion wp-admin/install.php
Original file line number Diff line number Diff line change
Expand Up @@ -280,7 +280,7 @@ function display_setup_form( $error = null ) {
*/
$language = '';
if ( ! empty( $_REQUEST['language'] ) ) {
$language = preg_replace( '/[^a-zA-Z_]/', '', $_REQUEST['language'] );
$language = preg_replace( '/[^a-zA-Z0-9_]/', '', $_REQUEST['language'] );
} elseif ( isset( $GLOBALS['wp_local_package'] ) ) {
$language = $GLOBALS['wp_local_package'];
}
Expand Down
8 changes: 4 additions & 4 deletions wp-admin/js/widgets/text-widgets.js
Original file line number Diff line number Diff line change
Expand Up @@ -80,15 +80,15 @@ wp.textWidgets = ( function( $ ) {
// Sync input fields to hidden sync fields which actually get sent to the server.
_.each( control.fields, function( fieldInput, fieldName ) {
fieldInput.on( 'input change', function updateSyncField() {
var syncInput = control.syncContainer.find( 'input[type=hidden].' + fieldName );
var syncInput = control.syncContainer.find( '.sync-input.' + fieldName );
if ( syncInput.val() !== fieldInput.val() ) {
syncInput.val( fieldInput.val() );
syncInput.trigger( 'change' );
}
});

// Note that syncInput cannot be re-used because it will be destroyed with each widget-updated event.
fieldInput.val( control.syncContainer.find( 'input[type=hidden].' + fieldName ).val() );
fieldInput.val( control.syncContainer.find( '.sync-input.' + fieldName ).val() );
});
},

Expand Down Expand Up @@ -144,11 +144,11 @@ wp.textWidgets = ( function( $ ) {
var control = this, syncInput;

if ( ! control.fields.title.is( document.activeElement ) ) {
syncInput = control.syncContainer.find( 'input[type=hidden].title' );
syncInput = control.syncContainer.find( '.sync-input.title' );
control.fields.title.val( syncInput.val() );
}

syncInput = control.syncContainer.find( 'input[type=hidden].text' );
syncInput = control.syncContainer.find( '.sync-input.text' );
if ( control.fields.text.is( ':visible' ) ) {
if ( ! control.fields.text.is( document.activeElement ) ) {
control.fields.text.val( syncInput.val() );
Expand Down
Loading

0 comments on commit 8611bc9

Please sign in to comment.