break;
default:
if ( ! $wp_filesystem->find_folder($dir) )
- return new WP_Error('fs_no_folder', sprintf($this->strings['fs_no_folder'], $dir));
+ return new WP_Error( 'fs_no_folder', sprintf( $this->strings['fs_no_folder'], esc_html( basename( $dir ) ) ) );
break;
}
}
$this->skin->plugin_info = get_plugin_data( WP_PLUGIN_DIR . '/' . $plugin, false, true);
if ( !isset( $current->response[ $plugin ] ) ) {
- $this->skin->set_result(false);
+ $this->skin->set_result(true);
$this->skin->before();
- $this->skin->error('up_to_date');
+ $this->skin->feedback('up_to_date');
$this->skin->after();
- $results[$plugin] = false;
+ $results[$plugin] = true;
continue;
}
return $this->result;
// Force refresh of theme update information
- delete_site_transient('update_themes');
- search_theme_directories( true );
- foreach ( wp_get_themes() as $theme )
- $theme->cache_delete();
+ wp_clean_themes_cache();
return true;
}
return $this->result;
// Force refresh of theme update information
- delete_site_transient('update_themes');
- search_theme_directories( true );
- foreach ( wp_get_themes() as $theme )
- $theme->cache_delete();
+ wp_clean_themes_cache();
return true;
}
foreach ( $themes as $theme ) {
$this->update_current++;
+ $this->skin->theme_info = $this->theme_info($theme);
+
if ( !isset( $current->response[ $theme ] ) ) {
- $this->skin->set_result(false);
+ $this->skin->set_result(true);
$this->skin->before();
- $this->skin->error('up_to_date');
+ $this->skin->feedback('up_to_date');
$this->skin->after();
- $results[$theme] = false;
+ $results[$theme] = true;
continue;
}
- $this->skin->theme_info = $this->theme_info($theme);
-
// Get the URL to the zip file
$r = $current->response[ $theme ];
remove_filter('upgrader_clear_destination', array(&$this, 'delete_old_theme'), 10, 4);
// Force refresh of theme update information
- delete_site_transient('update_themes');
- search_theme_directories( true );
- foreach ( wp_get_themes() as $theme )
- $theme->cache_delete();
+ wp_clean_themes_cache();
return $results;
}
if ( $theme != get_stylesheet() ) // If not current
return $return;
- // Ensure stylesheet name hasnt changed after the upgrade:
- // @TODO: Note, This doesn't handle the Template changing, or the Template name changing.
+ // Ensure stylesheet name hasn't changed after the upgrade:
if ( $theme == get_stylesheet() && $theme != $this->result['destination_name'] ) {
- $theme_info = $this->theme_info();
+ wp_clean_themes_cache();
$stylesheet = $this->result['destination_name'];
- $template = $theme_info->get_template();
- switch_theme($template, $stylesheet, true);
+ switch_theme( $stylesheet );
}
//Time to remove maintenance mode
} elseif ( is_wp_error($errors) && $errors->get_error_code() ) {
foreach ( $errors->get_error_messages() as $message ) {
if ( $errors->get_error_data() )
- $this->feedback($message . ' ' . $errors->get_error_data() );
+ $this->feedback($message . ' ' . esc_html( $errors->get_error_data() ) );
else
$this->feedback($message);
}
if ( strpos($string, '%') !== false ) {
$args = func_get_args();
$args = array_splice($args, 1);
- if ( !empty($args) )
+ if ( $args ) {
+ $args = array_map( 'strip_tags', $args );
+ $args = array_map( 'esc_html', $args );
$string = vsprintf($string, $args);
+ }
}
if ( empty($string) )
return;
function after() {
$this->plugin = $this->upgrader->plugin_info();
if ( !empty($this->plugin) && !is_wp_error($this->result) && $this->plugin_active ){
- echo '<iframe style="border:0;overflow:hidden" width="100%" height="170px" src="' . wp_nonce_url('update.php?action=activate-plugin&networkwide=' . $this->plugin_network_active . '&plugin=' . $this->plugin, 'activate-plugin_' . $this->plugin) .'"></iframe>';
+ echo '<iframe style="border:0;overflow:hidden" width="100%" height="170px" src="' . wp_nonce_url('update.php?action=activate-plugin&networkwide=' . $this->plugin_network_active . '&plugin=' . urlencode( $this->plugin ), 'activate-plugin_' . $this->plugin) .'"></iframe>';
}
$update_actions = array(
- 'activate_plugin' => '<a href="' . wp_nonce_url('plugins.php?action=activate&plugin=' . $this->plugin, 'activate-plugin_' . $this->plugin) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin') . '</a>',
+ 'activate_plugin' => '<a href="' . wp_nonce_url('plugins.php?action=activate&plugin=' . urlencode( $this->plugin ), 'activate-plugin_' . $this->plugin) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin') . '</a>',
'plugins_page' => '<a href="' . self_admin_url('plugins.php') . '" title="' . esc_attr__('Go to plugins page') . '" target="_parent">' . __('Return to Plugins page') . '</a>'
);
- if ( $this->plugin_active )
- unset( $update_actions['activate_plugin'] );
- if ( ! $this->result || is_wp_error($this->result) )
+ if ( $this->plugin_active || ! $this->result || is_wp_error( $this->result ) || ! current_user_can( 'activate_plugins' ) )
unset( $update_actions['activate_plugin'] );
$update_actions = apply_filters('update_plugin_complete_actions', $update_actions, $this->plugin);
if ( strpos($string, '%') !== false ) {
$args = func_get_args();
$args = array_splice($args, 1);
- if ( !empty($args) )
+ if ( $args ) {
+ $args = array_map( 'strip_tags', $args );
+ $args = array_map( 'esc_html', $args );
$string = vsprintf($string, $args);
+ }
}
if ( empty($string) )
return;
if ( is_wp_error($error) ) {
foreach ( $error->get_error_messages() as $emessage ) {
if ( $error->get_error_data() )
- $messages[] = $emessage . ' ' . $error->get_error_data();
+ $messages[] = $emessage . ' ' . esc_html( $error->get_error_data() );
else
$messages[] = $emessage;
}
function before($title = '') {
$this->in_loop = true;
- printf( '<h4>' . $this->upgrader->strings['skin_before_update_header'] . ' <img alt="" src="' . admin_url( 'images/wpspin_light.gif' ) . '" class="hidden waiting-' . $this->upgrader->update_current . '" style="vertical-align:middle;" /></h4>', $title, $this->upgrader->update_current, $this->upgrader->update_count);
- echo '<script type="text/javascript">jQuery(\'.waiting-' . esc_js($this->upgrader->update_current) . '\').show();</script>';
+ printf( '<h4>' . $this->upgrader->strings['skin_before_update_header'] . ' <span class="spinner waiting-' . $this->upgrader->update_current . '"></span></h4>', $title, $this->upgrader->update_current, $this->upgrader->update_count);
+ echo '<script type="text/javascript">jQuery(\'.waiting-' . esc_js($this->upgrader->update_current) . '\').css("display", "inline-block");</script>';
echo '<div class="update-messages hide-if-js" id="progress-' . esc_attr($this->upgrader->update_current) . '"><p>';
$this->flush_output();
}
'plugins_page' => '<a href="' . self_admin_url('plugins.php') . '" title="' . esc_attr__('Go to plugins page') . '" target="_parent">' . __('Return to Plugins page') . '</a>',
'updates_page' => '<a href="' . self_admin_url('update-core.php') . '" title="' . esc_attr__('Go to WordPress Updates page') . '" target="_parent">' . __('Return to WordPress Updates') . '</a>'
);
+ if ( ! current_user_can( 'activate_plugins' ) )
+ unset( $update_actions['plugins_page'] );
$update_actions = apply_filters('update_bulk_plugins_complete_actions', $update_actions, $this->plugin_info);
if ( ! empty($update_actions) )
'themes_page' => '<a href="' . self_admin_url('themes.php') . '" title="' . esc_attr__('Go to themes page') . '" target="_parent">' . __('Return to Themes page') . '</a>',
'updates_page' => '<a href="' . self_admin_url('update-core.php') . '" title="' . esc_attr__('Go to WordPress Updates page') . '" target="_parent">' . __('Return to WordPress Updates') . '</a>'
);
+ if ( ! current_user_can( 'switch_themes' ) && ! current_user_can( 'edit_theme_options' ) )
+ unset( $update_actions['themes_page'] );
$update_actions = apply_filters('update_bulk_theme_complete_actions', $update_actions, $this->theme_info );
if ( ! empty($update_actions) )
$from = isset($_GET['from']) ? stripslashes($_GET['from']) : 'plugins';
if ( 'import' == $from )
- $install_actions['activate_plugin'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&from=import&plugin=' . $plugin_file, 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin & Run Importer') . '</a>';
+ $install_actions['activate_plugin'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&from=import&plugin=' . urlencode( $plugin_file ), 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin & Run Importer') . '</a>';
else
- $install_actions['activate_plugin'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&plugin=' . $plugin_file, 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin') . '</a>';
+ $install_actions['activate_plugin'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&plugin=' . urlencode( $plugin_file ), 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin') . '</a>';
if ( is_multisite() && current_user_can( 'manage_network_plugins' ) ) {
- $install_actions['network_activate'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&networkwide=1&plugin=' . $plugin_file, 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin for all sites in this network') . '" target="_parent">' . __('Network Activate') . '</a>';
+ $install_actions['network_activate'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&networkwide=1&plugin=' . urlencode( $plugin_file ), 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin for all sites in this network') . '" target="_parent">' . __('Network Activate') . '</a>';
unset( $install_actions['activate_plugin'] );
}
$install_actions['plugins_page'] = '<a href="' . self_admin_url('plugins.php') . '" title="' . esc_attr__('Return to Plugins page') . '" target="_parent">' . __('Return to Plugins page') . '</a>';
if ( ! $this->result || is_wp_error($this->result) ) {
+ unset( $install_actions['activate_plugin'], $install_actions['network_activate'] );
+ } elseif ( ! current_user_can( 'activate_plugins' ) ) {
unset( $install_actions['activate_plugin'] );
- unset( $install_actions['network_activate'] );
}
+
$install_actions = apply_filters('install_plugin_complete_actions', $install_actions, $this->api, $plugin_file);
if ( ! empty($install_actions) )
$this->feedback(implode(' | ', (array)$install_actions));
$preview_link = add_query_arg( array(
'preview' => 1,
- 'template' => $template,
- 'stylesheet' => $stylesheet,
- ), trailingslashit( get_home_url() ) );
+ 'template' => urlencode( $template ),
+ 'stylesheet' => urlencode( $stylesheet ),
+ ), trailingslashit( home_url() ) );
$activate_link = add_query_arg( array(
'action' => 'activate',
- 'template' => $template,
- 'stylesheet' => $stylesheet,
+ 'template' => urlencode( $template ),
+ 'stylesheet' => urlencode( $stylesheet ),
), admin_url('themes.php') );
$activate_link = wp_nonce_url( $activate_link, 'switch-theme_' . $stylesheet );
$install_actions['activate'] = '<a href="' . esc_url( $activate_link ) . '" class="activatelink" title="' . esc_attr( sprintf( __('Activate “%s”'), $name ) ) . '">' . __('Activate') . '</a>';
if ( is_network_admin() && current_user_can( 'manage_network_themes' ) )
- $install_actions['network_enable'] = '<a href="' . esc_url( wp_nonce_url( 'themes.php?action=enable&theme=' . $stylesheet, 'enable-theme_' . $stylesheet ) ) . '" title="' . esc_attr__( 'Enable this theme for all sites in this network' ) . '" target="_parent">' . __( 'Network Enable' ) . '</a>';
+ $install_actions['network_enable'] = '<a href="' . esc_url( wp_nonce_url( 'themes.php?action=enable&theme=' . urlencode( $stylesheet ), 'enable-theme_' . $stylesheet ) ) . '" title="' . esc_attr__( 'Enable this theme for all sites in this network' ) . '" target="_parent">' . __( 'Network Enable' ) . '</a>';
if ( $this->type == 'web' )
$install_actions['themes_page'] = '<a href="' . self_admin_url('theme-install.php') . '" title="' . esc_attr__('Return to Theme Installer') . '" target="_parent">' . __('Return to Theme Installer') . '</a>';
- else
+ elseif ( current_user_can( 'switch_themes' ) || current_user_can( 'edit_theme_options' ) )
$install_actions['themes_page'] = '<a href="' . self_admin_url('themes.php') . '" title="' . esc_attr__('Themes page') . '" target="_parent">' . __('Return to Themes page') . '</a>';
- if ( ! $this->result || is_wp_error($this->result) || is_network_admin() )
+ if ( ! $this->result || is_wp_error($this->result) || is_network_admin() || ! current_user_can( 'switch_themes' ) )
unset( $install_actions['activate'], $install_actions['preview'] );
$install_actions = apply_filters('install_theme_complete_actions', $install_actions, $this->api, $stylesheet, $theme_info);
$preview_link = add_query_arg( array(
'preview' => 1,
- 'template' => $template,
- 'stylesheet' => $stylesheet,
- ), trailingslashit( get_home_url() ) );
+ 'template' => urlencode( $template ),
+ 'stylesheet' => urlencode( $stylesheet ),
+ ), trailingslashit( home_url() ) );
$activate_link = add_query_arg( array(
'action' => 'activate',
- 'template' => $template,
- 'stylesheet' => $stylesheet,
+ 'template' => urlencode( $template ),
+ 'stylesheet' => urlencode( $stylesheet ),
), admin_url('themes.php') );
$activate_link = wp_nonce_url( $activate_link, 'switch-theme_' . $stylesheet );
if ( get_stylesheet() == $stylesheet ) {
- $update_actions['preview'] = '<a href="' . wp_customize_url( $stylesheet ) . '" class="hide-if-no-customize load-customize" title="' . esc_attr( sprintf( __('Customize “%s”'), $name ) ) . '">' . __('Customize') . '</a>';
- } else {
+ if ( current_user_can( 'edit_theme_options' ) )
+ $update_actions['preview'] = '<a href="' . wp_customize_url( $stylesheet ) . '" class="hide-if-no-customize load-customize" title="' . esc_attr( sprintf( __('Customize “%s”'), $name ) ) . '">' . __('Customize') . '</a>';
+ } elseif ( current_user_can( 'switch_themes' ) ) {
$update_actions['preview'] = '<a href="' . esc_url( $preview_link ) . '" class="hide-if-customize" title="' . esc_attr( sprintf( __('Preview “%s”'), $name ) ) . '">' . __('Preview') . '</a>';
$update_actions['preview'] .= '<a href="' . wp_customize_url( $stylesheet ) . '" class="hide-if-no-customize load-customize" title="' . esc_attr( sprintf( __('Preview “%s”'), $name ) ) . '">' . __('Live Preview') . '</a>';
$update_actions['activate'] = '<a href="' . esc_url( $activate_link ) . '" class="activatelink" title="' . esc_attr( sprintf( __('Activate “%s”'), $name ) ) . '">' . __('Activate') . '</a>';
return true;
}
-}
\ No newline at end of file
+}
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff