Commit 386d2b9b authored by lucha's avatar lucha
Browse files

Wordpress 4.8.2

parent e23ac6b2
......@@ -44,25 +44,15 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
</h2>
<div class="changelog point-releases">
<h3><?php _e( 'Maintenance Release' ); ?></h3>
<p>
<?php
printf(
/* translators: 1: WordPress version number, 2: plural number of bugs. */
_n(
'<strong>Version %1$s</strong> addressed %2$s bug.',
'<strong>Version %1$s</strong> addressed %2$s bugs.',
29
),
'4.8.1',
number_format_i18n( 29 )
);
?>
<?php
/* translators: %s: Codex URL */
printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.8.1' );
?>
</p>
<h3><?php _e( 'Maintenance and Security Releases' ); ?></h3>
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed some security issues and fixed %2$s bug.',
'<strong>Version %1$s</strong> addressed some security issues and fixed %2$s bugs.', 5 ), '4.8.2', number_format_i18n( 5 ) ); ?>
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.8.2' ); ?>
</p>
<p><?php printf( _n( '<strong>Version %1$s</strong> addressed %2$s bug.',
'<strong>Version %1$s</strong> addressed %2$s bugs.', 29 ), '4.8.1', number_format_i18n( 29 ) ); ?>
<?php printf( __( 'For more information, see <a href="%s">the release notes</a>.' ), 'https://codex.wordpress.org/Version_4.8.1' ); ?>
</p>
</div>
<div class="feature-section one-col">
......
......@@ -74,7 +74,7 @@ do_action( "{$taxonomy}_pre_edit_form", $tag, $taxonomy ); ?>
<div id="message" class="updated">
<p><strong><?php echo $message; ?></strong></p>
<?php if ( $wp_http_referer ) { ?>
<p><a href="<?php echo esc_url( $wp_http_referer ); ?>"><?php
<p><a href="<?php echo esc_url( wp_validate_redirect( esc_url_raw( $wp_http_referer ), admin_url( 'term.php?taxonomy=' . $taxonomy ) ) ); ?>"><?php
/* translators: %s: taxonomy name */
printf( _x( '&larr; Back to %s', 'admin screen' ), $tax->labels->name );
?></a></p>
......
......@@ -601,16 +601,16 @@ class WP_Plugins_List_Table extends WP_List_Table {
if ( $is_active ) {
if ( current_user_can( 'manage_network_plugins' ) ) {
/* translators: %s: plugin name */
$actions['deactivate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=deactivate&amp;plugin=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'deactivate-plugin_' . $plugin_file ) . '" aria-label="' . esc_attr( sprintf( _x( 'Network Deactivate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Network Deactivate' ) . '</a>';
$actions['deactivate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=deactivate&amp;plugin=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'deactivate-plugin_' . $plugin_file ) . '" aria-label="' . esc_attr( sprintf( _x( 'Network Deactivate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Network Deactivate' ) . '</a>';
}
} else {
if ( current_user_can( 'manage_network_plugins' ) ) {
/* translators: %s: plugin name */
$actions['activate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=activate&amp;plugin=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'activate-plugin_' . $plugin_file ) . '" class="edit" aria-label="' . esc_attr( sprintf( _x( 'Network Activate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Network Activate' ) . '</a>';
$actions['activate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=activate&amp;plugin=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'activate-plugin_' . $plugin_file ) . '" class="edit" aria-label="' . esc_attr( sprintf( _x( 'Network Activate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Network Activate' ) . '</a>';
}
if ( current_user_can( 'delete_plugins' ) && ! is_plugin_active( $plugin_file ) ) {
/* translators: %s: plugin name */
$actions['delete'] = '<a href="' . wp_nonce_url( 'plugins.php?action=delete-selected&amp;checked[]=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'bulk-plugins' ) . '" class="delete" aria-label="' . esc_attr( sprintf( _x( 'Delete %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Delete' ) . '</a>';
$actions['delete'] = '<a href="' . wp_nonce_url( 'plugins.php?action=delete-selected&amp;checked[]=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'bulk-plugins' ) . '" class="delete" aria-label="' . esc_attr( sprintf( _x( 'Delete %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Delete' ) . '</a>';
}
}
} else {
......@@ -624,14 +624,14 @@ class WP_Plugins_List_Table extends WP_List_Table {
);
} elseif ( $is_active ) {
/* translators: %s: plugin name */
$actions['deactivate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=deactivate&amp;plugin=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'deactivate-plugin_' . $plugin_file ) . '" aria-label="' . esc_attr( sprintf( _x( 'Deactivate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Deactivate' ) . '</a>';
$actions['deactivate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=deactivate&amp;plugin=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'deactivate-plugin_' . $plugin_file ) . '" aria-label="' . esc_attr( sprintf( _x( 'Deactivate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Deactivate' ) . '</a>';
} else {
/* translators: %s: plugin name */
$actions['activate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=activate&amp;plugin=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'activate-plugin_' . $plugin_file ) . '" class="edit" aria-label="' . esc_attr( sprintf( _x( 'Activate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Activate' ) . '</a>';
$actions['activate'] = '<a href="' . wp_nonce_url( 'plugins.php?action=activate&amp;plugin=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'activate-plugin_' . $plugin_file ) . '" class="edit" aria-label="' . esc_attr( sprintf( _x( 'Activate %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Activate' ) . '</a>';
if ( ! is_multisite() && current_user_can( 'delete_plugins' ) ) {
/* translators: %s: plugin name */
$actions['delete'] = '<a href="' . wp_nonce_url( 'plugins.php?action=delete-selected&amp;checked[]=' . $plugin_file . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'bulk-plugins' ) . '" class="delete" aria-label="' . esc_attr( sprintf( _x( 'Delete %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Delete' ) . '</a>';
$actions['delete'] = '<a href="' . wp_nonce_url( 'plugins.php?action=delete-selected&amp;checked[]=' . urlencode( $plugin_file ) . '&amp;plugin_status=' . $context . '&amp;paged=' . $page . '&amp;s=' . $s, 'bulk-plugins' ) . '" class="delete" aria-label="' . esc_attr( sprintf( _x( 'Delete %s', 'plugin' ), $plugin_data['Name'] ) ) . '">' . __( 'Delete' ) . '</a>';
}
} // end if $is_active
......@@ -639,7 +639,7 @@ class WP_Plugins_List_Table extends WP_List_Table {
if ( ( ! is_multisite() || $screen->in_admin( 'network' ) ) && current_user_can( 'edit_plugins' ) && is_writable( WP_PLUGIN_DIR . '/' . $plugin_file ) ) {
/* translators: %s: plugin name */
$actions['edit'] = '<a href="plugin-editor.php?file=' . $plugin_file . '" class="edit" aria-label="' . esc_attr( sprintf( __( 'Edit %s' ), $plugin_data['Name'] ) ) . '">' . __( 'Edit' ) . '</a>';
$actions['edit'] = '<a href="plugin-editor.php?file=' . urlencode( $plugin_file ) . '" class="edit" aria-label="' . esc_attr( sprintf( __( 'Edit %s' ), $plugin_data['Name'] ) ) . '">' . __( 'Edit' ) . '</a>';
}
} // end if $context
......
......@@ -647,6 +647,10 @@ function _unzip_file_ziparchive($file, $to, $needed_dirs = array() ) {
if ( '__MACOSX/' === substr($info['name'], 0, 9) ) // Skip the OS X-created __MACOSX directory
continue;
if ( 0 !== validate_file( $info['name'] ) ) {
return new WP_Error( 'invalid_file_ziparchive', __( 'Could not extract file from archive.' ), $info['name'] );
}
$uncompressed_size += $info['size'];
if ( '/' === substr( $info['name'], -1 ) ) {
......@@ -807,6 +811,10 @@ function _unzip_file_pclzip($file, $to, $needed_dirs = array()) {
if ( '__MACOSX/' === substr($file['filename'], 0, 9) ) // Don't extract the OS X-created __MACOSX directory files
continue;
if ( 0 !== validate_file( $file['filename'] ) ) {
return new WP_Error( 'invalid_file_pclzip', __( 'Could not extract file from archive.' ), $file['filename'] );
}
if ( ! $wp_filesystem->put_contents( $to . $file['filename'], $file['content'], FS_CHMOD_FILE) )
return new WP_Error( 'copy_failed_pclzip', __( 'Could not copy file.' ), $file['filename'] );
}
......
......@@ -772,7 +772,7 @@ function page_template_dropdown( $default = '', $post_type = 'page' ) {
ksort( $templates );
foreach ( array_keys( $templates ) as $template ) {
$selected = selected( $default, $templates[ $template ], false );
echo "\n\t<option value='" . $templates[ $template ] . "' $selected>$template</option>";
echo "\n\t<option value='" . esc_attr( $templates[ $template ] ) . "' $selected>" . esc_html( $template ) . "</option>";
}
}
......
......@@ -279,7 +279,7 @@ if ( defined( 'DO_NOT_UPGRADE_GLOBAL_TABLES' ) ) {
*/
$language = '';
if ( ! empty( $_REQUEST['language'] ) ) {
$language = preg_replace( '/[^a-zA-Z_]/', '', $_REQUEST['language'] );
$language = preg_replace( '/[^a-zA-Z0-9_]/', '', $_REQUEST['language'] );
} elseif ( isset( $GLOBALS['wp_local_package'] ) ) {
$language = $GLOBALS['wp_local_package'];
}
......
......@@ -80,7 +80,7 @@ wp.textWidgets = ( function( $ ) {
// Sync input fields to hidden sync fields which actually get sent to the server.
_.each( control.fields, function( fieldInput, fieldName ) {
fieldInput.on( 'input change', function updateSyncField() {
var syncInput = control.syncContainer.find( 'input[type=hidden].' + fieldName );
var syncInput = control.syncContainer.find( '.sync-input.' + fieldName );
if ( syncInput.val() !== fieldInput.val() ) {
syncInput.val( fieldInput.val() );
syncInput.trigger( 'change' );
......@@ -88,7 +88,7 @@ wp.textWidgets = ( function( $ ) {
});
// Note that syncInput cannot be re-used because it will be destroyed with each widget-updated event.
fieldInput.val( control.syncContainer.find( 'input[type=hidden].' + fieldName ).val() );
fieldInput.val( control.syncContainer.find( '.sync-input.' + fieldName ).val() );
});
},
......@@ -144,11 +144,11 @@ wp.textWidgets = ( function( $ ) {
var control = this, syncInput;
if ( ! control.fields.title.is( document.activeElement ) ) {
syncInput = control.syncContainer.find( 'input[type=hidden].title' );
syncInput = control.syncContainer.find( '.sync-input.title' );
control.fields.title.val( syncInput.val() );
}
syncInput = control.syncContainer.find( 'input[type=hidden].text' );
syncInput = control.syncContainer.find( '.sync-input.text' );
if ( control.fields.text.is( ':visible' ) ) {
if ( ! control.fields.text.is( document.activeElement ) ) {
control.fields.text.val( syncInput.val() );
......
wp.textWidgets=function(a){"use strict";var b={dismissedPointers:[]};return b.TextWidgetControl=Backbone.View.extend({events:{},initialize:function(b){var c=this;if(!b.el)throw new Error("Missing options.el");if(!b.syncContainer)throw new Error("Missing options.syncContainer");Backbone.View.prototype.initialize.call(c,b),c.syncContainer=b.syncContainer,c.$el.addClass("text-widget-fields"),c.$el.html(wp.template("widget-text-control-fields")),c.customHtmlWidgetPointer=c.$el.find(".wp-pointer.custom-html-widget-pointer"),c.customHtmlWidgetPointer.length&&(c.customHtmlWidgetPointer.find(".close").on("click",function(b){b.preventDefault(),c.customHtmlWidgetPointer.hide(),a("#"+c.fields.text.attr("id")+"-html").focus(),c.dismissPointers(["text_widget_custom_html"])}),c.customHtmlWidgetPointer.find(".add-widget").on("click",function(a){a.preventDefault(),c.customHtmlWidgetPointer.hide(),c.openAvailableWidgetsPanel()})),c.pasteHtmlPointer=c.$el.find(".wp-pointer.paste-html-pointer"),c.pasteHtmlPointer.length&&c.pasteHtmlPointer.find(".close").on("click",function(a){a.preventDefault(),c.pasteHtmlPointer.hide(),c.editor.focus(),c.dismissPointers(["text_widget_custom_html","text_widget_paste_html"])}),c.fields={title:c.$el.find(".title"),text:c.$el.find(".text")},_.each(c.fields,function(a,b){a.on("input change",function(){var d=c.syncContainer.find("input[type=hidden]."+b);d.val()!==a.val()&&(d.val(a.val()),d.trigger("change"))}),a.val(c.syncContainer.find("input[type=hidden]."+b).val())})},dismissPointers:function(a){_.each(a,function(a){wp.ajax.post("dismiss-wp-pointer",{pointer:a}),b.dismissedPointers.push(a)})},openAvailableWidgetsPanel:function(){var a;wp.customize.section.each(function(b){b.extended(wp.customize.Widgets.SidebarSection)&&b.expanded()&&(a=wp.customize.control("sidebars_widgets["+b.params.sidebarId+"]"))}),a&&setTimeout(function(){wp.customize.Widgets.availableWidgetsPanel.open(a),wp.customize.Widgets.availableWidgetsPanel.$search.val("HTML").trigger("keyup")})},updateFields:function(){var a,b=this;b.fields.title.is(document.activeElement)||(a=b.syncContainer.find("input[type=hidden].title"),b.fields.title.val(a.val())),a=b.syncContainer.find("input[type=hidden].text"),b.fields.text.is(":visible")?b.fields.text.is(document.activeElement)||b.fields.text.val(a.val()):b.editor&&!b.editorFocused&&a.val()!==b.fields.text.val()&&b.editor.setContent(wp.editor.autop(a.val()))},initializeEditor:function(){function c(){var e,k,l;if(document.getElementById(d)){if("undefined"==typeof window.tinymce)return void wp.editor.initialize(d,{quicktags:!0});if(tinymce.get(d)&&(i=tinymce.get(d).isHidden(),wp.editor.remove(d)),wp.editor.initialize(d,{tinymce:{wpautop:!0},quicktags:!0}),l=function(b){b.show(),b.find(".close").focus(),wp.a11y.speak(b.find("h3, p").map(function(){return a(this).text()}).get().join("\n\n"))},e=window.tinymce.get(d),!e)throw new Error("Failed to initialize editor");k=function(){a(e.getWin()).on("unload",function(){_.defer(c)}),i&&switchEditors.go(d,"html"),a("#"+d+"-html").on("click",function(){g.pasteHtmlPointer.hide(),-1===b.dismissedPointers.indexOf("text_widget_custom_html")&&l(g.customHtmlWidgetPointer)}),a("#"+d+"-tmce").on("click",function(){g.customHtmlWidgetPointer.hide()}),e.on("pastepreprocess",function(a){var c=a.content;-1===b.dismissedPointers.indexOf("text_widget_paste_html")&&c&&/&lt;\w+.*?&gt;/.test(c)&&_.delay(function(){l(g.pasteHtmlPointer)},250)})},e.initialized?k():e.on("init",k),g.editorFocused=!1,e.on("focus",function(){g.editorFocused=!0}),e.on("paste",function(){e.setDirty(!0),f()}),e.on("NodeChange",function(){j=!0}),e.on("NodeChange",_.debounce(f,h)),e.on("blur hide",function(){g.editorFocused=!1,f()}),g.editor=e}}var d,e,f,g=this,h=1e3,i=!1,j=!1;e=g.fields.text,d=e.attr("id"),f=function(){var a=300;g.editor.isDirty()&&(wp.customize&&wp.customize.state&&(wp.customize.state("processing").set(wp.customize.state("processing").get()+1),_.delay(function(){wp.customize.state("processing").set(wp.customize.state("processing").get()-1)},a)),g.editor.isHidden()||g.editor.save()),j&&(e.trigger("change"),j=!1)},g.syncContainer.closest(".widget").find("[name=savewidget]:first").on("click",function(){f()}),c()}}),b.widgetControls={},b.handleWidgetAdded=function(c,d){var e,f,g,h,i,j,k,l,m=50;e=d.find("> .widget-inside > .form, > .widget-inside > form"),f=e.find("> .id_base").val(),"text"===f&&(h=e.find(".widget-id").val(),b.widgetControls[h]||e.find(".visual").val()&&(k=a("<div></div>"),l=d.find(".widget-content:first"),l.before(k),g=new b.TextWidgetControl({el:k,syncContainer:l}),b.widgetControls[h]=g,i=d.parent(),(j=function(){i.is(":animated")?setTimeout(j,m):g.initializeEditor()})()))},b.setupAccessibleMode=function(){var c,d,e,f,g;c=a(".editwidget > form"),0!==c.length&&(d=c.find("> .widget-control-actions > .id_base").val(),"text"===d&&c.find(".visual").val()&&(f=a("<div></div>"),g=c.find("> .widget-inside"),g.before(f),e=new b.TextWidgetControl({el:f,syncContainer:g}),e.initializeEditor()))},b.handleWidgetUpdated=function(a,c){var d,e,f,g;d=c.find("> .widget-inside > .form, > .widget-inside > form"),g=d.find("> .id_base").val(),"text"===g&&(e=d.find("> .widget-id").val(),f=b.widgetControls[e],f&&f.updateFields())},b.init=function(){var c=a(document);c.on("widget-added",b.handleWidgetAdded),c.on("widget-synced widget-updated",b.handleWidgetUpdated),a(function(){var c;"widgets"===window.pagenow&&(c=a(".widgets-holder-wrap:not(#available-widgets)").find("div.widget"),c.one("click.toggle-widget-expanded",function(){var c=a(this);b.handleWidgetAdded(new jQuery.Event("widget-added"),c)}),a(window).on("load",function(){b.setupAccessibleMode()}))})},b}(jQuery);
\ No newline at end of file
wp.textWidgets=function(a){"use strict";var b={dismissedPointers:[]};return b.TextWidgetControl=Backbone.View.extend({events:{},initialize:function(b){var c=this;if(!b.el)throw new Error("Missing options.el");if(!b.syncContainer)throw new Error("Missing options.syncContainer");Backbone.View.prototype.initialize.call(c,b),c.syncContainer=b.syncContainer,c.$el.addClass("text-widget-fields"),c.$el.html(wp.template("widget-text-control-fields")),c.customHtmlWidgetPointer=c.$el.find(".wp-pointer.custom-html-widget-pointer"),c.customHtmlWidgetPointer.length&&(c.customHtmlWidgetPointer.find(".close").on("click",function(b){b.preventDefault(),c.customHtmlWidgetPointer.hide(),a("#"+c.fields.text.attr("id")+"-html").focus(),c.dismissPointers(["text_widget_custom_html"])}),c.customHtmlWidgetPointer.find(".add-widget").on("click",function(a){a.preventDefault(),c.customHtmlWidgetPointer.hide(),c.openAvailableWidgetsPanel()})),c.pasteHtmlPointer=c.$el.find(".wp-pointer.paste-html-pointer"),c.pasteHtmlPointer.length&&c.pasteHtmlPointer.find(".close").on("click",function(a){a.preventDefault(),c.pasteHtmlPointer.hide(),c.editor.focus(),c.dismissPointers(["text_widget_custom_html","text_widget_paste_html"])}),c.fields={title:c.$el.find(".title"),text:c.$el.find(".text")},_.each(c.fields,function(a,b){a.on("input change",function(){var d=c.syncContainer.find(".sync-input."+b);d.val()!==a.val()&&(d.val(a.val()),d.trigger("change"))}),a.val(c.syncContainer.find(".sync-input."+b).val())})},dismissPointers:function(a){_.each(a,function(a){wp.ajax.post("dismiss-wp-pointer",{pointer:a}),b.dismissedPointers.push(a)})},openAvailableWidgetsPanel:function(){var a;wp.customize.section.each(function(b){b.extended(wp.customize.Widgets.SidebarSection)&&b.expanded()&&(a=wp.customize.control("sidebars_widgets["+b.params.sidebarId+"]"))}),a&&setTimeout(function(){wp.customize.Widgets.availableWidgetsPanel.open(a),wp.customize.Widgets.availableWidgetsPanel.$search.val("HTML").trigger("keyup")})},updateFields:function(){var a,b=this;b.fields.title.is(document.activeElement)||(a=b.syncContainer.find(".sync-input.title"),b.fields.title.val(a.val())),a=b.syncContainer.find(".sync-input.text"),b.fields.text.is(":visible")?b.fields.text.is(document.activeElement)||b.fields.text.val(a.val()):b.editor&&!b.editorFocused&&a.val()!==b.fields.text.val()&&b.editor.setContent(wp.editor.autop(a.val()))},initializeEditor:function(){function c(){var e,k,l;if(document.getElementById(d)){if("undefined"==typeof window.tinymce)return void wp.editor.initialize(d,{quicktags:!0});if(tinymce.get(d)&&(i=tinymce.get(d).isHidden(),wp.editor.remove(d)),wp.editor.initialize(d,{tinymce:{wpautop:!0},quicktags:!0}),l=function(b){b.show(),b.find(".close").focus(),wp.a11y.speak(b.find("h3, p").map(function(){return a(this).text()}).get().join("\n\n"))},e=window.tinymce.get(d),!e)throw new Error("Failed to initialize editor");k=function(){a(e.getWin()).on("unload",function(){_.defer(c)}),i&&switchEditors.go(d,"html"),a("#"+d+"-html").on("click",function(){g.pasteHtmlPointer.hide(),-1===b.dismissedPointers.indexOf("text_widget_custom_html")&&l(g.customHtmlWidgetPointer)}),a("#"+d+"-tmce").on("click",function(){g.customHtmlWidgetPointer.hide()}),e.on("pastepreprocess",function(a){var c=a.content;-1===b.dismissedPointers.indexOf("text_widget_paste_html")&&c&&/&lt;\w+.*?&gt;/.test(c)&&_.delay(function(){l(g.pasteHtmlPointer)},250)})},e.initialized?k():e.on("init",k),g.editorFocused=!1,e.on("focus",function(){g.editorFocused=!0}),e.on("paste",function(){e.setDirty(!0),f()}),e.on("NodeChange",function(){j=!0}),e.on("NodeChange",_.debounce(f,h)),e.on("blur hide",function(){g.editorFocused=!1,f()}),g.editor=e}}var d,e,f,g=this,h=1e3,i=!1,j=!1;e=g.fields.text,d=e.attr("id"),f=function(){var a=300;g.editor.isDirty()&&(wp.customize&&wp.customize.state&&(wp.customize.state("processing").set(wp.customize.state("processing").get()+1),_.delay(function(){wp.customize.state("processing").set(wp.customize.state("processing").get()-1)},a)),g.editor.isHidden()||g.editor.save()),j&&(e.trigger("change"),j=!1)},g.syncContainer.closest(".widget").find("[name=savewidget]:first").on("click",function(){f()}),c()}}),b.widgetControls={},b.handleWidgetAdded=function(c,d){var e,f,g,h,i,j,k,l,m=50;e=d.find("> .widget-inside > .form, > .widget-inside > form"),f=e.find("> .id_base").val(),"text"===f&&(h=e.find(".widget-id").val(),b.widgetControls[h]||e.find(".visual").val()&&(k=a("<div></div>"),l=d.find(".widget-content:first"),l.before(k),g=new b.TextWidgetControl({el:k,syncContainer:l}),b.widgetControls[h]=g,i=d.parent(),(j=function(){i.is(":animated")?setTimeout(j,m):g.initializeEditor()})()))},b.setupAccessibleMode=function(){var c,d,e,f,g;c=a(".editwidget > form"),0!==c.length&&(d=c.find("> .widget-control-actions > .id_base").val(),"text"===d&&c.find(".visual").val()&&(f=a("<div></div>"),g=c.find("> .widget-inside"),g.before(f),e=new b.TextWidgetControl({el:f,syncContainer:g}),e.initializeEditor()))},b.handleWidgetUpdated=function(a,c){var d,e,f,g;d=c.find("> .widget-inside > .form, > .widget-inside > form"),g=d.find("> .id_base").val(),"text"===g&&(e=d.find("> .widget-id").val(),f=b.widgetControls[e],f&&f.updateFields())},b.init=function(){var c=a(document);c.on("widget-added",b.handleWidgetAdded),c.on("widget-synced widget-updated",b.handleWidgetUpdated),a(function(){var c;"widgets"===window.pagenow&&(c=a(".widgets-holder-wrap:not(#available-widgets)").find("div.widget"),c.one("click.toggle-widget-expanded",function(){var c=a(this);b.handleWidgetAdded(new jQuery.Event("widget-added"),c)}),a(window).on("load",function(){b.setupAccessibleMode()}))})},b}(jQuery);
\ No newline at end of file
......@@ -37,11 +37,11 @@ if ( empty( $plugins ) ) {
$file = '';
$plugin = '';
if ( isset( $_REQUEST['file'] ) ) {
$file = sanitize_text_field( $_REQUEST['file'] );
$file = wp_unslash( $_REQUEST['file'] );
}
if ( isset( $_REQUEST['plugin'] ) ) {
$plugin = sanitize_text_field( $_REQUEST['plugin'] );
$plugin = wp_unslash( $_REQUEST['plugin'] );
}
if ( empty( $plugin ) ) {
......@@ -107,10 +107,10 @@ if ( isset( $_REQUEST['action'] ) && 'update' === $_REQUEST['action'] ) {
}
if ( ( ! empty( $_GET['networkwide'] ) && ! is_plugin_active_for_network( $file ) ) || ! is_plugin_active( $file ) ) {
activate_plugin( $plugin, "plugin-editor.php?file=$file&phperror=1", ! empty( $_GET['networkwide'] ) );
activate_plugin( $plugin, "plugin-editor.php?file=" . urlencode( $file ) . "&phperror=1", ! empty( $_GET['networkwide'] ) );
} // we'll override this later if the plugin can be included without fatal error
wp_redirect( self_admin_url("plugin-editor.php?file=$file&plugin=$plugin&a=te&scrollto=$scrollto") );
wp_redirect( self_admin_url( 'plugin-editor.php?file=' . urlencode( $file ) . '&plugin=' . urlencode( $plugin ) . "&a=te&scrollto=$scrollto" ) );
exit;
}
......@@ -203,18 +203,18 @@ if ( isset( $_REQUEST['action'] ) && 'update' === $_REQUEST['action'] ) {
if ( is_plugin_active( $plugin ) ) {
if ( is_writeable( $real_file ) ) {
/* translators: %s: plugin file name */
echo sprintf( __( 'Editing %s (active)' ), '<strong>' . $file . '</strong>' );
echo sprintf( __( 'Editing %s (active)' ), '<strong>' . esc_html( $file ) . '</strong>' );
} else {
/* translators: %s: plugin file name */
echo sprintf( __( 'Browsing %s (active)' ), '<strong>' . $file . '</strong>' );
echo sprintf( __( 'Browsing %s (active)' ), '<strong>' . esc_html( $file ) . '</strong>' );
}
} else {
if ( is_writeable( $real_file ) ) {
/* translators: %s: plugin file name */
echo sprintf( __( 'Editing %s (inactive)' ), '<strong>' . $file . '</strong>' );
echo sprintf( __( 'Editing %s (inactive)' ), '<strong>' . esc_html( $file ) . '</strong>' );
} else {
/* translators: %s: plugin file name */
echo sprintf( __( 'Browsing %s (inactive)' ), '<strong>' . $file . '</strong>' );
echo sprintf( __( 'Browsing %s (inactive)' ), '<strong>' . esc_html( $file ) . '</strong>' );
}
}
?></big>
......@@ -259,7 +259,7 @@ foreach ( $plugin_files as $plugin_file ) :
continue;
}
?>
<li<?php echo $file == $plugin_file ? ' class="highlight"' : ''; ?>><a href="plugin-editor.php?file=<?php echo urlencode( $plugin_file ) ?>&amp;plugin=<?php echo urlencode( $plugin ) ?>"><?php echo $plugin_file ?></a></li>
<li<?php echo $file == $plugin_file ? ' class="highlight"' : ''; ?>><a href="plugin-editor.php?file=<?php echo urlencode( $plugin_file ) ?>&amp;plugin=<?php echo urlencode( $plugin ) ?>"><?php echo esc_html( $plugin_file ); ?></a></li>
<?php endforeach; ?>
</ul>
</div>
......
......@@ -17,7 +17,7 @@ $pagenum = $wp_list_table->get_pagenum();
$action = $wp_list_table->current_action();
$plugin = isset($_REQUEST['plugin']) ? $_REQUEST['plugin'] : '';
$plugin = isset($_REQUEST['plugin']) ? wp_unslash( $_REQUEST['plugin'] ) : '';
$s = isset($_REQUEST['s']) ? urlencode( wp_unslash( $_REQUEST['s'] ) ) : '';
// Clean up request URI from temporary args for screen options/paging uri's to work as expected.
......@@ -39,10 +39,10 @@ if ( $action ) {
check_admin_referer('activate-plugin_' . $plugin);
$result = activate_plugin($plugin, self_admin_url('plugins.php?error=true&plugin=' . $plugin), is_network_admin() );
$result = activate_plugin($plugin, self_admin_url('plugins.php?error=true&plugin=' . urlencode( $plugin ) ), is_network_admin() );
if ( is_wp_error( $result ) ) {
if ( 'unexpected_output' == $result->get_error_code() ) {
$redirect = self_admin_url('plugins.php?error=true&charsout=' . strlen($result->get_error_data()) . '&plugin=' . $plugin . "&plugin_status=$status&paged=$page&s=$s");
$redirect = self_admin_url('plugins.php?error=true&charsout=' . strlen($result->get_error_data()) . '&plugin=' . urlencode( $plugin ) . "&plugin_status=$status&paged=$page&s=$s");
wp_redirect(add_query_arg('_error_nonce', wp_create_nonce('plugin-activation-error_' . $plugin), $redirect));
exit;
} else {
......@@ -73,7 +73,7 @@ if ( $action ) {
check_admin_referer('bulk-plugins');
$plugins = isset( $_POST['checked'] ) ? (array) $_POST['checked'] : array();
$plugins = isset( $_POST['checked'] ) ? (array) wp_unslash( $_POST['checked'] ) : array();
if ( is_network_admin() ) {
foreach ( $plugins as $i => $plugin ) {
......@@ -122,9 +122,9 @@ if ( $action ) {
check_admin_referer( 'bulk-plugins' );
if ( isset( $_GET['plugins'] ) )
$plugins = explode( ',', $_GET['plugins'] );
$plugins = explode( ',', wp_unslash( $_GET['plugins'] ) );
elseif ( isset( $_POST['checked'] ) )
$plugins = (array) $_POST['checked'];
$plugins = (array) wp_unslash( $_POST['checked'] );
else
$plugins = array();
......@@ -197,7 +197,7 @@ if ( $action ) {
check_admin_referer('bulk-plugins');
$plugins = isset( $_POST['checked'] ) ? (array) $_POST['checked'] : array();
$plugins = isset( $_POST['checked'] ) ? (array) wp_unslash( $_POST['checked'] ) : array();
// Do not deactivate plugins which are already deactivated.
if ( is_network_admin() ) {
$plugins = array_filter( $plugins, 'is_plugin_active_for_network' );
......@@ -234,7 +234,7 @@ if ( $action ) {
check_admin_referer('bulk-plugins');
//$_POST = from the plugin form; $_GET = from the FTP details screen.
$plugins = isset( $_REQUEST['checked'] ) ? (array) $_REQUEST['checked'] : array();
$plugins = isset( $_REQUEST['checked'] ) ? (array) wp_unslash( $_REQUEST['checked'] ) : array();
if ( empty( $plugins ) ) {
wp_redirect( self_admin_url("plugins.php?plugin_status=$status&paged=$page&s=$s") );
exit;
......@@ -368,7 +368,7 @@ if ( $action ) {
default:
if ( isset( $_POST['checked'] ) ) {
check_admin_referer('bulk-plugins');
$plugins = isset( $_POST['checked'] ) ? (array) $_POST['checked'] : array();
$plugins = isset( $_POST['checked'] ) ? (array) wp_unslash( $_POST['checked'] ) : array();
$sendback = wp_get_referer();
/** This action is documented in wp-admin/edit-comments.php */
......
......@@ -105,7 +105,7 @@ function setup_config_display_header( $body_classes = array() ) {
$language = '';
if ( ! empty( $_REQUEST['language'] ) ) {
$language = preg_replace( '/[^a-zA-Z_]/', '', $_REQUEST['language'] );
$language = preg_replace( '/[^a-zA-Z0-9_]/', '', $_REQUEST['language'] );
} elseif ( isset( $GLOBALS['wp_local_package'] ) ) {
$language = $GLOBALS['wp_local_package'];
}
......
......@@ -99,7 +99,7 @@ if ( empty( $file ) ) {
$relative_file = 'style.css';
$file = $allowed_files['style.css'];
} else {
$relative_file = $file;
$relative_file = wp_unslash( $file );
$file = $theme->get_stylesheet_directory() . '/' . $relative_file;
}
......@@ -156,10 +156,12 @@ default:
<div id="message" class="updated notice is-dismissible"><p><?php _e( 'File edited successfully.' ) ?></p></div>
<?php endif;
$description = get_file_description( $relative_file );
$file_description = get_file_description( $relative_file );
$file_show = array_search( $file, array_filter( $allowed_files ) );
if ( $description != $file_show )
$description .= ' <span>(' . $file_show . ')</span>';
$description = esc_html( $file_description );
if ( $file_description != $file_show ) {
$description .= ' <span>(' . esc_html( $file_show ) . ')</span>';
}
?>
<div class="wrap">
<h1><?php echo esc_html( $title ); ?></h1>
......@@ -230,9 +232,9 @@ if ( $allowed_files ) :
echo "\t<ul>\n";
}
$file_description = get_file_description( $filename );
$file_description = esc_html( get_file_description( $filename ) );
if ( $filename !== basename( $absolute_filename ) || $file_description !== $filename ) {
$file_description .= '<br /><span class="nonessential">(' . $filename . ')</span>';
$file_description .= '<br /><span class="nonessential">(' . esc_html( $filename ) . ')</span>';
}
if ( $absolute_filename === $file ) {
......
......@@ -189,7 +189,7 @@ include(ABSPATH . 'wp-admin/admin-header.php');
<p><strong><?php _e('User updated.') ?></strong></p>
<?php endif; ?>
<?php if ( $wp_http_referer && false === strpos( $wp_http_referer, 'user-new.php' ) && ! IS_PROFILE_PAGE ) : ?>
<p><a href="<?php echo esc_url( $wp_http_referer ); ?>"><?php _e('&larr; Back to Users'); ?></a></p>
<p><a href="<?php echo esc_url( wp_validate_redirect( esc_url_raw( $wp_http_referer ), self_admin_url( 'users.php' ) ) ); ?>"><?php _e('&larr; Back to Users'); ?></a></p>
<?php endif; ?>
</div>
<?php endif; ?>
......
......@@ -265,7 +265,7 @@ final class WP_Customize_Manager {
}
$this->original_stylesheet = get_stylesheet();
$this->theme = wp_get_theme( $args['theme'] );
$this->theme = wp_get_theme( 0 === validate_file( $args['theme'] ) ? $args['theme'] : null );
$this->messenger_channel = $args['messenger_channel'];
$this->_changeset_uuid = $args['changeset_uuid'];
......
......@@ -753,25 +753,31 @@ function wp_filter_oembed_result( $result, $data, $url ) {
}
$html = $content[1] . $content[2];
if ( ! empty( $content[1] ) ) {
// We have a blockquote to fall back on. Hide the iframe by default.
$html = str_replace( '<iframe', '<iframe style="position: absolute; clip: rect(1px, 1px, 1px, 1px);"', $html );
$html = str_replace( '<blockquote', '<blockquote class="wp-embedded-content"', $html );
}
$html = str_replace( '<iframe', '<iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted"', $html );
preg_match( '/ src=[\'"]([^\'"]*)[\'"]/', $html, $results );
preg_match( '/ src=([\'"])(.*?)\1/', $html, $results );
if ( ! empty( $results ) ) {
$secret = wp_generate_password( 10, false );
$url = esc_url( "{$results[1]}#?secret=$secret" );
$url = esc_url( "{$results[2]}#?secret=$secret" );
$q = $results[1];
$html = str_replace( $results[0], " src=\"$url\" data-secret=\"$secret\"", $html );
$html = str_replace( $results[0], ' src=' . $q . $url . $q . ' data-secret=' . $q . $secret . $q, $html );
$html = str_replace( '<blockquote', "<blockquote data-secret=\"$secret\"", $html );
}
$allowed_html['blockquote']['data-secret'] = true;
$allowed_html['iframe']['data-secret'] = true;
$html = wp_kses( $html, $allowed_html );
if ( ! empty( $content[1] ) ) {
// We have a blockquote to fall back on. Hide the iframe by default.
$html = str_replace( '<iframe', '<iframe style="position: absolute; clip: rect(1px, 1px, 1px, 1px);"', $html );
$html = str_replace( '<blockquote', '<blockquote class="wp-embedded-content"', $html );
}
$html = str_ireplace( '<iframe', '<iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted"', $html );
return $html;
}
......
......@@ -5077,7 +5077,7 @@ function _print_emoji_detection_script() {
?>
<script type="text/javascript">
window._wpemojiSettings = <?php echo wp_json_encode( $settings ); ?>;
!function(a,b,c){function d(a){var b,c,d,e,f=String.fromCharCode;if(!k||!k.fillText)return!1;switch(k.clearRect(0,0,j.width,j.height),k.textBaseline="top",k.font="600 32px Arial",a){case"flag":return k.fillText(f(55356,56826,55356,56819),0,0),b=j.toDataURL(),k.clearRect(0,0,j.width,j.height),k.fillText(f(55356,56826,8203,55356,56819),0,0),c=j.toDataURL(),b===c&&(k.clearRect(0,0,j.width,j.height),k.fillText(f(55356,57332,56128,56423,56128,56418,56128,56421,56128,56430,56128,56423,56128,56447),0,0),b=j.toDataURL(),k.clearRect(0,0,j.width,j.height),k.fillText(f(55356,57332,8203,56128,56423,8203,56128,56418,8203,56128,56421,8203,56128,56430,8203,56128,56423,8203,56128,56447),0,0),c=j.toDataURL(),b!==c);case"emoji4":return k.fillText(f(55358,56794,8205,9794,65039),0,0),d=j.toDataURL(),k.clearRect(0,0,j.width,j.height),k.fillText(f(55358,56794,8203,9794,65039),0,0),e=j.toDataURL(),d!==e}return!1}function e(a){var c=b.createElement("script");c.src=a,c.defer=c.type="text/javascript",b.getElementsByTagName("head")[0].appendChild(c)}var f,g,h,i,j=b.createElement("canvas"),k=j.getContext&&j.getContext("2d");for(i=Array("flag","emoji4"),c.supports={everything:!0,everythingExceptFlag:!0},h=0;h<i.length;h++)c.supports[i[h]]=d(i[h]),c.supports.everything=c.supports.everything&&c.supports[i[h]],"flag"!==i[h]&&(c.supports.everythingExceptFlag=c.supports.everythingExceptFlag&&c.supports[i[h]]);c.supports.everythingExceptFlag=c.supports.everythingExceptFlag&&!c.supports.flag,c.DOMReady=!1,c.readyCallback=function(){c.DOMReady=!0},c.supports.everything||(g=function(){c.readyCallback()},b.addEventListener?(b.addEventListener("DOMContentLoaded",g,!1),a.addEventListener("load",g,!1)):(a.attachEvent("onload",g),b.attachEvent("onreadystatechange",function(){"complete"===b.readyState&&c.readyCallback()})),f=c.source||{},f.concatemoji?e(f.concatemoji):f.wpemoji&&f.twemoji&&(e(f.twemoji),e(f.wpemoji)))}(window,document,window._wpemojiSettings);
!function(a,b,c){function d(a){var b,c,d,e,f=String.fromCharCode;if(!k||!k.fillText)return!1;switch(k.clearRect(0,0,j.width,j.height),k.textBaseline="top",k.font="600 32px Arial",a){case"flag":return k.fillText(f(55356,56826,55356,56819),0,0),b=j.toDataURL(),k.clearRect(0,0,j.width,j.height),k.fillText(f(55356,56826,8203,55356,56819),0,0),c=j.toDataURL(),b!==c&&(k.clearRect(0,0,j.width,j.height),k.fillText(f(55356,57332,56128,56423,56128,56418,56128,56421,56128,56430,56128,56423,56128,56447),0,0),b=j.toDataURL(),k.clearRect(0,0,j.width,j.height),k.fillText(f(55356,57332,8203,56128,56423,8203,56128,56418,8203,56128,56421,8203,56128,56430,8203,56128,56423,8203,56128,56447),0,0),c=j.toDataURL(),b!==c);case"emoji4":return k.fillText(f(55358,56794,8205,9794,65039),0,0),d=j.toDataURL(),k.clearRect(0,0,j.width,j.height),k.fillText(f(55358,56794,8203,9794,65039),0,0),e=j.toDataURL(),d!==e}return!1}function e(a){var c=b.createElement("script");c.src=a,c.defer=c.type="text/javascript",b.getElementsByTagName("head")[0].appendChild(c)}var f,g,h,i,j=b.createElement("canvas"),k=j.getContext&&j.getContext("2d");for(i=Array("flag","emoji4"),c.supports={everything:!0,everythingExceptFlag:!0},h=0;h<i.length;h++)c.supports[i[h]]=d(i[h]),c.supports.everything=c.supports.everything&&c.supports[i[h]],"flag"!==i[h]&&(c.supports.everythingExceptFlag=c.supports.everythingExceptFlag&&c.supports[i[h]]);c.supports.everythingExceptFlag=c.supports.everythingExceptFlag&&!c.supports.flag,c.DOMReady=!1,c.readyCallback=function(){c.DOMReady=!0},c.supports.everything||(g=function(){c.readyCallback()},b.addEventListener?(b.addEventListener("DOMContentLoaded",g,!1),a.addEventListener("load",g,!1)):(a.attachEvent("onload",g),b.attachEvent("onreadystatechange",function(){"complete"===b.readyState&&c.readyCallback()})),f=c.source||{},f.concatemoji?e(f.concatemoji):f.wpemoji&&f.twemoji&&(e(f.twemoji),e(f.wpemoji)))}(window,document,window._wpemojiSettings);
</script>
<?php
}
......
......@@ -155,8 +155,6 @@
encodedText,
instance;
text = tinymce.DOM.decode( text );
if ( text.indexOf( '[' ) !== -1 && text.indexOf( ']' ) !== -1 ) {
// Looks like a shortcode? Remove any line breaks from inside of shortcodes
// or autop will replace them with <p> and <br> later and the string won't match.
......@@ -431,7 +429,7 @@
var selected = node === editor.selection.getNode();
var $viewNode;
if ( ! this.loader && $( node ).text() !== this.text ) {
if ( ! this.loader && $( node ).text() !== tinymce.DOM.decode( this.text ) ) {
editor.dom.setAttrib( node, 'data-wpview-marker', null );
return;
}
......@@ -502,6 +500,14 @@
setIframes: function( head, body, callback, rendered ) {
var self = this;
if ( body.indexOf( '[' ) !== -1 && body.indexOf( ']' ) !== -1 ) {
var shortcodesRegExp = new RegExp( '\\[\\/?(?:' + window.mceViewL10n.shortcodes.join( '|' ) + ')[^\\]]*?\\]', 'g' );
// Escape tags inside shortcode previews.
body = body.replace( shortcodesRegExp, function( match ) {
return match.replace( /</g, '&lt;' ).replace( />/g, '&gt;' );
} );
}
this.getNodes( function( editor, node ) {
var dom = editor.dom,
styles = '',
......
!function(a,b,c,d){"use strict";var e={},f={};b.mce=b.mce||{},b.mce.views={register:function(a,c){e[a]=b.mce.View.extend(_.extend(c,{type:a}))},unregister:function(a){delete e[a]},get:function(a){return e[a]},unbind:function(){_.each(f,function(a){a.unbind()})},setMarkers:function(a){var b,c,d=[{content:a}],f=this;return _.each(e,function(a,e){c=d.slice(),d=[],_.each(c,function(c){var g,h,i=c.content;if(c.processed)return void d.push(c);for(;i&&(g=a.prototype.match(i));)g.index&&d.push({content:i.substring(0,g.index)}),b=f.createInstance(e,g.content,g.options),h=b.loader?".":b.text,d.push({content:b.ignore?h:'<p data-wpview-marker="'+b.encodedText+'">'+h+"</p>",processed:!0}),i=i.slice(g.index+g.content.length);i&&d.push({content:i})})}),a=_.pluck(d,"content").join(""),a.replace(/<p>\s*<p data-wpview-marker=/g,"<p data-wpview-marker=").replace(/<\/p>\s*<\/p>/g,"</p>")},createInstance:function(a,b,c,d){var e,g,h=this.get(a);return b=tinymce.DOM.decode(b),b.indexOf("[")!==-1&&b.indexOf("]")!==-1&&(b=b.replace(/\[[^\]]+\]/g,function(a){return a.replace(/[\r\n]/g,"")})),!d&&(g=this.getInstance(b))?g:(e=encodeURIComponent(b),c=_.extend(c||{},{text:b,encodedText:e}),f[e]=new h(c))},getInstance:function(a){return"string"==typeof a?f[encodeURIComponent(a)]:f[d(a).attr("data-wpview-text")]},getText:function(a){return decodeURIComponent(d(a).attr("data-wpview-text")||"")},render:function(a){_.each(f,function(b){b.render(null,a)})},update:function(a,b,c,d){var e=this.getInstance(c);e&&e.update(a,b,c,d)},edit:function(a,b){var c=this.getInstance(b);c&&c.edit&&c.edit(c.text,function(d,e){c.update(d,a,b,e)})},remove:function(a,b){var c=this.getInstance(b);c&&c.remove(a,b)}},b.mce.View=function(a){_.extend(this,a),this.initialize()},b.mce.View.extend=Backbone.View.extend,_.extend(b.mce.View.prototype,{content:null,loader:!0,initialize:function(){},getContent:function(){return this.content},render:function(a,b){null!=a&&(this.content=a),a=this.getContent(),(this.loader||a)&&(b&&this.unbind(),this.replaceMarkers(),a?this.setContent(a,function(a,b){d(b).data("rendered",!0),this.bindNode.call(this,a,b)},!!b&&null):this.setLoader())},bindNode:function(){},unbindNode:function(){},unbind:function(){this.getNodes(function(a,b){this.unbindNode.call(this,a,b)},!0)},getEditors:function(a){_.each(tinymce.editors,function(b){b.plugins.wpview&&a.call(this,b)},this)},getNodes:function(a,b){this.getEditors(function(c){var e=this;d(c.getBody()).find('[data-wpview-text="'+e.encodedText+'"]').filter(function(){var a;return null==b||(a=d(this).data("rendered")===!0,b?a:!a)}).each(function(){a.call(e,c,this,this)})})},getMarkers:function(a){this.getEditors(function(b){var c=this;d(b.getBody()).find('[data-wpview-marker="'+this.encodedText+'"]').each(function(){a.call(c,b,this)})})},replaceMarkers:function(){this.getMarkers(function(a,b){var c,e=b===a.selection.getNode();return this.loader||d(b).text()===this.text?(c=a.$('<div class="wpview wpview-wrap" data-wpview-text="'+this.encodedText+'" data-wpview-type="'+this.type+'" contenteditable="false"></div>'),a.$(b).replaceWith(c),void(e&&setTimeout(function(){a.selection.select(c[0]),a.selection.collapse()}))):void a.dom.setAttrib(b,"data-wpview-marker",null)})},removeMarkers:function(){this.getMarkers(function(a,b){a.dom.setAttrib(b,"data-wpview-marker",null)})},setContent:function(a,b,c){_.isObject(a)&&(a.sandbox||a.head||a.body.indexOf("<script")!==-1)?this.setIframes(a.head||"",a.body,b,c):_.isString(a)&&a.indexOf("<script")!==-1?this.setIframes("",a,b,c):this.getNodes(function(c,d){a=a.body||a,a.indexOf("<iframe")!==-1&&(a+='<span class="mce-shim"></span>'),c.undoManager.transact(function(){d.innerHTML="",d.appendChild(_.isString(a)?c.dom.createFragment(a):a),c.dom.add(d,"span",{"class":"wpview-end"})}),b&&b.call(this,c,d)},c)},setIframes:function(a,c,e,f){var g=this;this.getNodes(function(f,h){function i(){var a;r||l.contentWindow&&(a=d(l),g.iframeHeight=d(n.body).height(),a.height()!==g.iframeHeight&&(a.height(g.iframeHeight),f.nodeChanged()))}function j(){f.isHidden()||(d(h).data("rendered",null),setTimeout(function(){b.mce.views.render()}))}function k(){p=new o(_.debounce(i,100)),p.observe(n.body,{attributes:!0,childList:!0,subtree:!0})}var l,m,n,o,p,q,r,s=f.dom,t="",u=f.getBody().className||"",v=f.getDoc().getElementsByTagName("head")[0];if(tinymce.each(s.$('link[rel="stylesheet"]',v),function(a){a.href&&a.href.indexOf("skins/lightgray/content.min.css")===-1&&a.href.indexOf("skins/wordpress/wp-content.css")===-1&&(t+=s.getOuterHTML(a))}),g.iframeHeight&&s.add(h,"span",{"data-mce-bogus":1,style:{display:"block",width:"100%",height:g.iframeHeight}},"\u200b"),f.undoManager.transact(function(){h.innerHTML="",l=s.add(h,"iframe",{src:tinymce.Env.ie?'javascript:""':"",frameBorder:"0",allowTransparency:"true",scrolling:"no","class":"wpview-sandbox",style:{width:"100%",display:"block"},height:g.iframeHeight}),s.add(h,"span",{"class":"mce-shim"}),s.add(h,"span",{"class":"wpview-end"})}),l.contentWindow){if(m=l.contentWindow,n=m.document,n.open(),n.write('<!DOCTYPE html><html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />'+a+t+'<style>html {background: transparent;padding: 0;margin: 0;}body#wpview-iframe-sandbox {background: transparent;padding: 1px 0 !important;margin: -1px 0 0 !important;}body#wpview-iframe-sandbox:before,body#wpview-iframe-sandbox:after {display: none;content: "";}iframe {max-width: 100%;}</style></head><body id="wpview-iframe-sandbox" class="'+u+'">'+c+"</body></html>"),n.close(),g.iframeHeight&&(r=!0,setTimeout(function(){r=!1,i()},3e3)),d(m).on("load",i).on("unload",j),o=m.MutationObserver||m.WebKitMutationObserver||m.MozMutationObserver)n.body?k():n.addEventListener("DOMContentLoaded",k,!1);else for(q=1;q<6;q++)setTimeout(i,700*q);e&&e.call(g,f,h)}},f)},setLoader:function(a){this.setContent('<div class="loading-placeholder"><div class="dashicons dashicons-'+(a||"admin-media")+'"></div><div class="wpview-loading"><ins></ins></div></div>')},setError:function(a,b){this.setContent('<div class="wpview-error"><div class="dashicons dashicons-'+(b||"no")+'"></div><p>'+a+"</p></div>")},match:function(a){var b=c.next(this.type,a);if(b)return{index:b.index,content:b.content,options:{shortcode:b.shortcode}}},update:function(a,c,f,g){_.find(e,function(e,h){var i=e.prototype.match(a);if(i)return d(f).data("rendered",!1),c.dom.setAttrib(f,"data-wpview-text",encodeURIComponent(a)),b.mce.views.createInstance(h,a,i.options,g).render(),c.selection.select(f),c.nodeChanged(),c.focus(),!0})},remove:function(a,b){this.unbindNode.call(this,a,b),a.dom.remove(b),a.focus()}})}(window,window.wp,window.wp.shortcode,window.jQuery),function(a,b,c,d){function e(b){var c={};return a.tinymce?!b||b.indexOf("<")===-1&&b.indexOf(">")===-1?b:(j=j||new a.tinymce.html.Schema(c),k=k||new a.tinymce.html.DomParser(c,j),l=l||new a.tinymce.html.Serializer(c,j),l.serialize(k.parse(b,{forced_root_block:!1}))):b.replace(/<[^>]+>/g,"")}var f,g,h,i,j,k,l;f={state:[],edit:function(a,b){var d=this.type,e=c[d].edit(a);this.pausePlayers&&this.pausePlayers(),_.each(this.state,function(a){e.state(a).on("update",function(a){b(c[d].shortcode(a).string(),"gallery"===d)})}),e.on("close",function(){e.detach()}),e.open()}},g=_.extend({},f,{state:["gallery-edit"],template:c.template("editor-gallery"),initialize:function(){var a=c.gallery.attachments(this.shortcode,c.view.settings.post.id),b=this.shortcode.attrs