Changeset 56895
- Timestamp:
- 10/12/2023 04:07:43 PM (10 months ago)
- Location:
- branches/6.2
- Files:
-
- 17 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/6.2
- Property svn:mergeinfo changed
/trunk merged: 56833-56838
- Property svn:mergeinfo changed
-
branches/6.2/src/wp-admin/includes/ajax-actions.php
r55769 r56895 3856 3856 $shortcode = wp_unslash( $_POST['shortcode'] ); 3857 3857 3858 3859 3860 3861 3862 3863 3864 3865 3866 3867 3868 3869 3870 3871 3872 3873 3858 3874 if ( ! empty( $_POST['post_ID'] ) ) { 3859 3875 $post = get_post( (int) $_POST['post_ID'] ); … … 3862 3878 // The embed shortcode requires a post. 3863 3879 if ( ! $post || ! current_user_can( 'edit_post', $post->ID ) ) { 3864 if ( 'embed' === $shortcode) {3880 if ( ) { 3865 3881 wp_send_json_error(); 3866 3882 } -
branches/6.2/src/wp-admin/includes/class-wp-comments-list-table.php
r55276 r56895 641 641 642 642 $this->user_can = current_user_can( 'edit_comment', $comment->comment_ID ); 643 644 645 646 647 648 649 650 651 652 653 654 655 643 656 644 657 echo "<tr id='comment-$comment->comment_ID' class='$the_comment_class'>"; -
branches/6.2/src/wp-admin/includes/class-wp-list-table.php
r55293 r56895 818 818 $pending_comments_number 819 819 ); 820 821 822 823 824 825 826 827 828 829 830 831 832 833 820 834 821 835 if ( ! $approved_comments && ! $pending_comments ) { -
branches/6.2/src/wp-admin/includes/dashboard.php
r55576 r56895 1102 1102 echo '<ul id="the-comment-list" data-wp-lists="list:comment">'; 1103 1103 foreach ( $comments as $comment ) { 1104 _wp_dashboard_recent_comments_row( $comment ); 1104 1105 $comment_post = get_post( $comment->comment_post_ID ); 1106 if ( 1107 current_user_can( 'edit_post', $comment->comment_post_ID ) || 1108 ( 1109 empty( $comment_post->post_password ) && 1110 current_user_can( 'read_post', $comment->comment_post_ID ) 1111 ) 1112 ) { 1113 _wp_dashboard_recent_comments_row( $comment ); 1114 } 1105 1115 } 1106 1116 echo '</ul>'; -
branches/6.2/src/wp-admin/includes/user.php
r55283 r56895 614 614 * @since 5.6.0 615 615 * @since 6.2.0 Allow insecure HTTP connections for the local environment. 616 616 617 * 617 618 * @param array $request { … … 627 628 */ 628 629 function wp_is_authorize_application_password_request_valid( $request, $user ) { 629 $error = new WP_Error(); 630 $is_local = 'local' === wp_get_environment_type(); 631 632 if ( ! empty( $request['success_url'] ) ) { 633 $scheme = wp_parse_url( $request['success_url'], PHP_URL_SCHEME ); 634 635 if ( 'http' === $scheme && ! $is_local ) { 630 $error = new WP_Error(); 631 632 if ( isset( $request['success_url'] ) ) { 633 $validated_success_url = wp_is_authorize_application_redirect_url_valid( $request['success_url'] ); 634 if ( is_wp_error( $validated_success_url ) ) { 636 635 $error->add( 637 'invalid_redirect_scheme',638 __( 'The success URL must be served over a secure connection.')636 , 637 ) 639 638 ); 640 639 } 641 640 } 642 641 643 if ( ! empty( $request['reject_url'] ) ) { 644 $scheme = wp_parse_url( $request['reject_url'], PHP_URL_SCHEME ); 645 646 if ( 'http' === $scheme && ! $is_local ) { 642 if ( isset( $request['reject_url'] ) ) { 643 $validated_reject_url = wp_is_authorize_application_redirect_url_valid( $request['reject_url'] ); 644 if ( is_wp_error( $validated_reject_url ) ) { 647 645 $error->add( 648 'invalid_redirect_scheme',649 __( 'The rejection URL must be served over a secure connection.')646 , 647 ) 650 648 ); 651 649 } … … 676 674 return true; 677 675 } 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 -
branches/6.2/src/wp-includes/Requests/src/Hooks.php
r54997 r56895 97 97 return true; 98 98 } 99 100 101 102 99 103 } -
branches/6.2/src/wp-includes/Requests/src/Iri.php
r54997 r56895 718 718 } 719 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 720 734 /** 721 735 * Set the entire IRI. Returns true on success, false on failure (if there -
branches/6.2/src/wp-includes/Requests/src/Session.php
r54997 r56895 266 266 } 267 267 268 269 270 271 268 272 /** 269 273 * Merge a request's data with the default data -
branches/6.2/src/wp-includes/class-wp-block-patterns-registry.php
r55174 r56895 198 198 } 199 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 200 215 /** 201 216 * Utility method to retrieve the main instance of the class. -
branches/6.2/src/wp-includes/class-wp-block-type-registry.php
r54133 r56895 169 169 } 170 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 171 185 /** 172 186 * Utility method to retrieve the main instance of the class. -
branches/6.2/src/wp-includes/class-wp-theme.php
r55426 r56895 741 741 742 742 /** 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 743 765 * Adds theme data to cache. 744 766 * … … 1809 1831 return strnatcasecmp( $a->name_translated, $b->name_translated ); 1810 1832 } 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1811 1845 } -
branches/6.2/src/wp-includes/media.php
r55769 r56895 2460 2460 } 2461 2461 } elseif ( ! empty( $atts['exclude'] ) ) { 2462 2462 2463 $attachments = get_children( 2463 2464 array( … … 2472 2473 ); 2473 2474 } else { 2475 2474 2476 $attachments = get_children( 2475 2477 array( … … 2482 2484 ) 2483 2485 ); 2486 2487 2488 2489 2490 2491 2492 2493 2494 2495 2496 2484 2497 } 2485 2498 … … 2816 2829 } 2817 2830 2831 2832 2833 2834 2835 2836 2837 2838 2839 2818 2840 if ( empty( $attachments ) ) { 2819 2841 return ''; -
branches/6.2/src/wp-includes/rest-api.php
r55293 r56895 1069 1069 1070 1070 if ( ! $result ) { 1071 1071 1072 return new WP_Error( 'rest_cookie_invalid_nonce', __( 'Cookie check failed' ), array( 'status' => 403 ) ); 1072 1073 } -
branches/6.2/src/wp-includes/rest-api/class-wp-rest-server.php
r55361 r56895 360 360 361 361 /** 362 * Filters whether to send nocache headers on a REST API request.363 *364 * @since 4.4.0365 *366 * @param bool $rest_send_nocache_headers Whether to send no-cache headers.367 */368 $send_no_cache_headers = apply_filters( 'rest_send_nocache_headers', is_user_logged_in() );369 if ( $send_no_cache_headers ) {370 foreach ( wp_get_nocache_headers() as $header => $header_value ) {371 if ( empty( $header_value ) ) {372 $this->remove_header( $header );373 } else {374 $this->send_header( $header, $header_value );375 }376 }377 }378 379 /**380 362 * Filters whether the REST API is enabled. 381 363 * … … 431 413 * header. 432 414 */ 415 433 416 if ( isset( $_GET['_method'] ) ) { 434 417 $request->set_method( $_GET['_method'] ); 435 418 } elseif ( isset( $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'] ) ) { 436 419 $request->set_method( $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'] ); 420 437 421 } 438 422 … … 493 477 */ 494 478 $served = apply_filters( 'rest_pre_serve_request', false, $result, $request, $this ); 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 495 501 496 502 if ( ! $served ) { -
branches/6.2/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php
r55325 r56895 319 319 320 320 if ( ! empty( $prepared_args['search'] ) ) { 321 322 323 321 324 $prepared_args['search'] = '*' . $prepared_args['search'] . '*'; 322 325 } -
branches/6.2/src/wp-includes/shortcodes.php
r55119 r56895 167 167 } 168 168 return false; 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 169 207 } 170 208
Note: See TracChangeset
for help on using the changeset viewer.