Commit Graph

195 Commits

Author SHA1 Message Date
markjaquith 611b037efa use clean_url() instead of attribute_escape() when dealing with src/href to protect against XSS. props xknown. fixes #3986 for trunk.
git-svn-id: http://svn.automattic.com/wordpress/trunk@5056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-03-17 08:46:59 +00:00
ryan 209e967b71 Markup fix from quinnhigurashi. fixes #3602
git-svn-id: http://svn.automattic.com/wordpress/trunk@4758 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2007-01-17 03:26:11 +00:00
markjaquith 5a76c03203 new function for escaping within attributes: attribute_escape()
git-svn-id: http://svn.automattic.com/wordpress/trunk@4656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-12-21 10:10:04 +00:00
ryan 9f534ebae6 Remove trailing spaces and convert spaces to tabs. Props Nazgul. fixes #986
git-svn-id: http://svn.automattic.com/wordpress/trunk@4495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-11-19 07:56:05 +00:00
ryan eda9021317 Hold off on menu cleanup until next release. There be dragons.
git-svn-id: http://svn.automattic.com/wordpress/trunk@4480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-11-18 07:31:29 +00:00
matt 07126127e6 Admin functions cleanup, and change how we do titles and parents in the backend
git-svn-id: http://svn.automattic.com/wordpress/trunk@4478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-11-18 06:09:48 +00:00
markjaquith 29c36e2b75 Restore 2x missing <br />. Props Nazgul and Xmion. fixes #3221
git-svn-id: http://svn.automattic.com/wordpress/trunk@4447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-11-04 05:23:12 +00:00
ryan 37d767a019 Don't show user form without privs. Props westi. fixes #3142
git-svn-id: http://svn.automattic.com/wordpress/trunk@4216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-09-24 10:08:58 +00:00
ryan 207d876c81 Make those chars feel special.
git-svn-id: http://svn.automattic.com/wordpress/trunk@4112 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-08-24 22:33:16 +00:00
ryan 55af15d623 wp_reset_vars() from Sewar. fixes #2888
git-svn-id: http://svn.automattic.com/wordpress/trunk@3946 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-07-03 19:03:37 +00:00
ryan ff19f4b5a5 Use wp_redirect().
git-svn-id: http://svn.automattic.com/wordpress/trunk@3928 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-06-27 05:38:56 +00:00
ryan 8310e71be6 Better handling of users with no role. Props Mark Jaquith. #2809
git-svn-id: http://svn.automattic.com/wordpress/trunk@3859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-06-10 20:26:26 +00:00
ryan 5e7c850484 User management improvements from Mark Jaquith and David House. #2793
git-svn-id: http://svn.automattic.com/wordpress/trunk@3857 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-06-08 18:36:05 +00:00
ryan dac809b5a4 Add more fine grained user management caps. Part 1. #2775
git-svn-id: http://svn.automattic.com/wordpress/trunk@3846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-06-05 16:52:21 +00:00
ryan 8ea8979b73 Edit profile nonce fix from markjaquith. fixes #2776
git-svn-id: http://svn.automattic.com/wordpress/trunk@3839 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-06-04 03:41:33 +00:00
ryan 96c3f739a8 Update nonce action strings. Props mdawaffe.
git-svn-id: http://svn.automattic.com/wordpress/trunk@3804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-05-26 23:08:05 +00:00
ryan 547a3c96d7 A couple more nonces. #2678
git-svn-id: http://svn.automattic.com/wordpress/trunk@3760 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-05-04 09:20:44 +00:00
ryan 0497d716ad Get all error messages with get_error_messages().
git-svn-id: http://svn.automattic.com/wordpress/trunk@3679 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-04-02 00:48:14 +00:00
ryan cebb0a3a15 AJAXify user addition. Props mdawaffe. fixes #2624
git-svn-id: http://svn.automattic.com/wordpress/trunk@3677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-04-02 00:31:26 +00:00
ryan c3170f0c6b Check admin referer.
git-svn-id: http://svn.automattic.com/wordpress/trunk@3615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-03-05 22:45:44 +00:00
ryan dd202ce1f9 Death to trailing tabs. Props Mark J. fixes #2405
git-svn-id: http://svn.automattic.com/wordpress/trunk@3517 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-02-12 07:53:23 +00:00
ryan 6fbd70fcdb Role fixup from David House. fixes #2024
git-svn-id: http://svn.automattic.com/wordpress/trunk@3266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-12-05 03:11:55 +00:00
ryan b6f44dc532 Pull the values in WP_User::data directly into WP_User so that we don't have to do ->data->blah.
git-svn-id: http://svn.automattic.com/wordpress/trunk@3102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-11-16 02:54:23 +00:00
ryan a8b6fe21ba Show Role in profile and user edit. Don't allow users with edit_users caps to demote themselves. Props: davidhouse, ringmaster. fixes #1825
git-svn-id: http://svn.automattic.com/wordpress/trunk@2995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-11-06 03:58:52 +00:00
ryan cd0db4edfa Link love. Add get_link(), get_link_to_edit(), add_link(), edit_link(), wp_insert_link(), wp_update_link(), wp_delete_link()
git-svn-id: http://svn.automattic.com/wordpress/trunk@2889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-09-18 19:44:14 +00:00
ryan 5ba66d6c04 User create/update rework. Introduce wp_insert_user(), wp_create_user(), wp_update_user(), add_user(), update_user(), wp_new_user_notification().
git-svn-id: http://svn.automattic.com/wordpress/trunk@2872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-09-14 00:03:02 +00:00
matt 65546ba7a5 Draw more attention to the messages, which now blend in a little with the header. TODO: Put all messages in an array, abstract out HTML
git-svn-id: http://svn.automattic.com/wordpress/trunk@2762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-08-08 01:13:22 +00:00
ryan 7af36168cb Roles update + UI from Owen.
git-svn-id: http://svn.automattic.com/wordpress/trunk@2704 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-07-12 15:53:13 +00:00
matt 13f492ab75 Massive user_level fix. We were still using the user_level field in wp_users in some places, where we should just use the table prefixed usermeta value.
git-svn-id: http://svn.automattic.com/wordpress/trunk@2702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-07-09 01:27:46 +00:00
ryan 2c44f33f78 Straighten out user_id/user_ID conflict. Don't make user_id global in get_currentuserinfo() because it stomps on the local user_id in user-edit.
git-svn-id: http://svn.automattic.com/wordpress/trunk@2644 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-06-16 06:27:30 +00:00
matt 1f9a608be9 User data migration should be complete
git-svn-id: http://svn.automattic.com/wordpress/trunk@2636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-06-13 08:32:44 +00:00
matt de9cc8b12c More user updates
git-svn-id: http://svn.automattic.com/wordpress/trunk@2632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-06-12 23:14:52 +00:00
ryan 19c83838cf Don't throw 'typed only once' error when both password entries are blank. http://mosquito.wordpress.org/view.php?id=1178
git-svn-id: http://svn.automattic.com/wordpress/trunk@2489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-03-29 14:48:49 +00:00
ryan 5123086148 Change login noun to Username. http://mosquito.wordpress.org/view.php?id=1088 Props: Albert
git-svn-id: http://svn.automattic.com/wordpress/trunk@2437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-03-13 17:06:18 +00:00
matt 53eef6d943 Allowing more hooks into authentication - Hat tip: http://dev.webadmin.ufl.edu/~dwc/2005/03/02/authentication-plugins/
git-svn-id: http://svn.automattic.com/wordpress/trunk@2425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2005-03-09 22:49:42 +00:00
rboren e8d51ff0d0 Fix menu highlighting for Users. Patch from MooKitty. Bug 577.
git-svn-id: http://svn.automattic.com/wordpress/trunk@1998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2004-12-24 20:55:36 +00:00
saxmatt 15745c2230 Change dateYMDhour to be something more sane, bugfix on edit.php.
git-svn-id: http://svn.automattic.com/wordpress/trunk@1971 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2004-12-17 19:27:35 +00:00
saxmatt c3e1d51c20 Axing htmlspecialchars because it double-encodes-encodes. Better error handling around queries.
git-svn-id: http://svn.automattic.com/wordpress/trunk@1940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2004-12-12 20:41:19 +00:00
rboren fb1e3de410 Rationalize menu access levels. Submenus should have an access level greater than or equal to its parent. Require level 8 for all file editing pages.
git-svn-id: http://svn.automattic.com/wordpress/trunk@1924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2004-12-08 22:32:49 +00:00
saxmatt 6f7674778f Get number of posts correctly.
git-svn-id: http://svn.automattic.com/wordpress/trunk@1907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2004-12-01 16:12:53 +00:00
rboren ee2e45faab Save user profile. Bug 413.
git-svn-id: http://svn.automattic.com/wordpress/trunk@1838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2004-10-29 01:17:17 +00:00
rboren 04786f267d Split admin-header.php into admin.php and admin-header.php. Split menu.php into menu-header.php and menu.php. Add plugin admin page support.
git-svn-id: http://svn.automattic.com/wordpress/trunk@1818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2004-10-19 03:03:06 +00:00
rboren 6815460232 Use user ID for author permalink if sanitize_title returns an empty string. Bug 0000116.
git-svn-id: http://svn.automattic.com/wordpress/trunk@1520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2004-08-08 20:38:19 +00:00
rboren 0fb185071a Define add_magic_quotes() in user-edit.php. Bug 0000216.
git-svn-id: http://svn.automattic.com/wordpress/trunk@1515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2004-08-08 05:01:13 +00:00
saxmatt 48ac42cc30 Added ability to edit other users.
git-svn-id: http://svn.automattic.com/wordpress/trunk@1507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2004-08-01 09:13:50 +00:00