WordPress/wp-includes/default-filters.php

768 lines
35 KiB
PHP
Raw Normal View History

<?php
/**
* Sets up the default filters and actions for most
* of the WordPress hooks.
*
* This file is loaded very early in the bootstrap which
* means many functions are not yet available and site
* information such as if this is multisite is unknown.
* Before using functions besides `add_filter` and
* `add_action`, verify things will work as expected.
*
* If you need to remove a default hook, this file will
* give you the priority to use for removing the hook.
*
* Not all of the default hooks are found in this file.
* For instance, administration-related hooks are located in
* wp-admin/includes/admin-filters.php.
*
* If a hook should only be called from a specific context
* (admin area, multisite environment…), please move it
* to a more appropriate file instead.
*
* @package WordPress
*/
// Strip, trim, kses, special chars for string saves.
foreach ( array( 'pre_term_name', 'pre_comment_author_name', 'pre_link_name', 'pre_link_target', 'pre_link_rel', 'pre_user_display_name', 'pre_user_first_name', 'pre_user_last_name', 'pre_user_nickname' ) as $filter ) {
add_filter( $filter, 'sanitize_text_field' );
add_filter( $filter, 'wp_filter_kses' );
add_filter( $filter, '_wp_specialchars', 30 );
}
// Strip, kses, special chars for string display.
foreach ( array( 'term_name', 'comment_author_name', 'link_name', 'link_target', 'link_rel', 'user_display_name', 'user_first_name', 'user_last_name', 'user_nickname' ) as $filter ) {
if ( is_admin() ) {
// These are expensive. Run only on admin pages for defense in depth.
add_filter( $filter, 'sanitize_text_field' );
add_filter( $filter, 'wp_kses_data' );
}
add_filter( $filter, '_wp_specialchars', 30 );
}
// Kses only for textarea saves.
foreach ( array( 'pre_term_description', 'pre_link_description', 'pre_link_notes', 'pre_user_description' ) as $filter ) {
add_filter( $filter, 'wp_filter_kses' );
}
// Kses only for textarea admin displays.
if ( is_admin() ) {
foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description' ) as $filter ) {
add_filter( $filter, 'wp_kses_data' );
}
add_filter( 'comment_text', 'wp_kses_post' );
}
// Email saves.
foreach ( array( 'pre_comment_author_email', 'pre_user_email' ) as $filter ) {
add_filter( $filter, 'trim' );
add_filter( $filter, 'sanitize_email' );
add_filter( $filter, 'wp_filter_kses' );
}
// Email admin display.
foreach ( array( 'comment_author_email', 'user_email' ) as $filter ) {
add_filter( $filter, 'sanitize_email' );
if ( is_admin() ) {
add_filter( $filter, 'wp_kses_data' );
}
}
// Save URL.
foreach ( array(
'pre_comment_author_url',
'pre_user_url',
'pre_link_url',
'pre_link_image',
'pre_link_rss',
'pre_post_guid',
) as $filter ) {
add_filter( $filter, 'wp_strip_all_tags' );
add_filter( $filter, 'sanitize_url' );
add_filter( $filter, 'wp_filter_kses' );
}
// Display URL.
foreach ( array( 'user_url', 'link_url', 'link_image', 'link_rss', 'comment_url', 'post_guid' ) as $filter ) {
if ( is_admin() ) {
add_filter( $filter, 'wp_strip_all_tags' );
}
add_filter( $filter, 'esc_url' );
if ( is_admin() ) {
add_filter( $filter, 'wp_kses_data' );
}
}
// Slugs.
add_filter( 'pre_term_slug', 'sanitize_title' );
add_filter( 'wp_insert_post_data', '_wp_customize_changeset_filter_insert_post_data', 10, 2 );
// Keys.
foreach ( array( 'pre_post_type', 'pre_post_status', 'pre_post_comment_status', 'pre_post_ping_status' ) as $filter ) {
add_filter( $filter, 'sanitize_key' );
}
// Mime types.
add_filter( 'pre_post_mime_type', 'sanitize_mime_type' );
add_filter( 'post_mime_type', 'sanitize_mime_type' );
// Meta.
add_filter( 'register_meta_args', '_wp_register_meta_args_allowed_list', 10, 2 );
// Counts.
add_action( 'admin_init', 'wp_schedule_update_user_counts' );
add_action( 'wp_update_user_counts', 'wp_schedule_update_user_counts', 10, 0 );
foreach ( array( 'user_register', 'deleted_user' ) as $action ) {
add_action( $action, 'wp_maybe_update_user_counts', 10, 0 );
}
// Post meta.
add_action( 'added_post_meta', 'wp_cache_set_posts_last_changed' );
add_action( 'updated_post_meta', 'wp_cache_set_posts_last_changed' );
add_action( 'deleted_post_meta', 'wp_cache_set_posts_last_changed' );
// User meta.
add_action( 'added_user_meta', 'wp_cache_set_users_last_changed' );
add_action( 'updated_user_meta', 'wp_cache_set_users_last_changed' );
add_action( 'deleted_user_meta', 'wp_cache_set_users_last_changed' );
add_action( 'add_user_role', 'wp_cache_set_users_last_changed' );
add_action( 'set_user_role', 'wp_cache_set_users_last_changed' );
add_action( 'remove_user_role', 'wp_cache_set_users_last_changed' );
// Term meta.
add_action( 'added_term_meta', 'wp_cache_set_terms_last_changed' );
add_action( 'updated_term_meta', 'wp_cache_set_terms_last_changed' );
add_action( 'deleted_term_meta', 'wp_cache_set_terms_last_changed' );
add_filter( 'get_term_metadata', 'wp_check_term_meta_support_prefilter' );
add_filter( 'add_term_metadata', 'wp_check_term_meta_support_prefilter' );
add_filter( 'update_term_metadata', 'wp_check_term_meta_support_prefilter' );
add_filter( 'delete_term_metadata', 'wp_check_term_meta_support_prefilter' );
add_filter( 'get_term_metadata_by_mid', 'wp_check_term_meta_support_prefilter' );
add_filter( 'update_term_metadata_by_mid', 'wp_check_term_meta_support_prefilter' );
add_filter( 'delete_term_metadata_by_mid', 'wp_check_term_meta_support_prefilter' );
add_filter( 'update_term_metadata_cache', 'wp_check_term_meta_support_prefilter' );
// Comment meta.
add_action( 'added_comment_meta', 'wp_cache_set_comments_last_changed' );
add_action( 'updated_comment_meta', 'wp_cache_set_comments_last_changed' );
add_action( 'deleted_comment_meta', 'wp_cache_set_comments_last_changed' );
// Places to balance tags on input.
foreach ( array( 'content_save_pre', 'excerpt_save_pre', 'comment_save_pre', 'pre_comment_content' ) as $filter ) {
add_filter( $filter, 'convert_invalid_entities' );
add_filter( $filter, 'balanceTags', 50 );
}
// Format strings for display.
foreach ( array( 'comment_author', 'term_name', 'link_name', 'link_description', 'link_notes', 'bloginfo', 'wp_title', 'document_title', 'widget_title' ) as $filter ) {
add_filter( $filter, 'wptexturize' );
add_filter( $filter, 'convert_chars' );
add_filter( $filter, 'esc_html' );
}
// Format WordPress.
foreach ( array( 'the_content', 'the_title', 'wp_title', 'document_title' ) as $filter ) {
add_filter( $filter, 'capital_P_dangit', 11 );
}
add_filter( 'comment_text', 'capital_P_dangit', 31 );
// Format titles.
foreach ( array( 'single_post_title', 'single_cat_title', 'single_tag_title', 'single_month_title', 'nav_menu_attr_title', 'nav_menu_description' ) as $filter ) {
add_filter( $filter, 'wptexturize' );
add_filter( $filter, 'strip_tags' );
}
// Format text area for display.
foreach ( array( 'term_description', 'get_the_post_type_description' ) as $filter ) {
add_filter( $filter, 'wptexturize' );
add_filter( $filter, 'convert_chars' );
add_filter( $filter, 'wpautop' );
add_filter( $filter, 'shortcode_unautop' );
}
// Format for RSS.
add_filter( 'term_name_rss', 'convert_chars' );
// Pre save hierarchy.
add_filter( 'wp_insert_post_parent', 'wp_check_post_hierarchy_for_loops', 10, 2 );
add_filter( 'wp_update_term_parent', 'wp_check_term_hierarchy_for_loops', 10, 3 );
// Display filters.
add_filter( 'the_title', 'wptexturize' );
add_filter( 'the_title', 'convert_chars' );
add_filter( 'the_title', 'trim' );
add_filter( 'the_content', 'do_blocks', 9 );
add_filter( 'the_content', 'wptexturize' );
add_filter( 'the_content', 'convert_smilies', 20 );
add_filter( 'the_content', 'wpautop' );
add_filter( 'the_content', 'shortcode_unautop' );
add_filter( 'the_content', 'prepend_attachment' );
Security, Site Health: Make migrating a site to HTTPS a one-click interaction. Switching a WordPress site from HTTP to HTTPS has historically been a tedious task. While on the surface the Site Address and WordPress Address have to be updated, existing content still remains using HTTP URLs where hard-coded in the database. Furthermore, updating _two_ URLs to migrate to HTTPS is still a fairly unintuitive step which is not clearly explained. This changeset simplifies migration from HTTP to HTTPS and, where possible, makes it a one-click interaction. * Automatically replace insecure versions of the Site Address (`home_url()`) with its HTTPS counterpart on the fly if the site has been migrated from HTTP to HTTPS. This is accomplished by introducing a `https_migration_required` option and enabling it when the `home_url()` is accordingly changed. * A new `wp_replace_insecure_home_url()` function is hooked into various pieces of content to replace URLs accordingly. * The migration only kicks in when the Site Address (`home_url()`) and WordPress Address (`site_url()`) match, which is the widely common case. Configurations where these differ are often maintained by more advanced users, where this migration routine would be less essential - something to potentially iterate on in the future though. * The migration does not actually update content in the database. More savvy users that prefer to do that can prevent the migration logic from running by either deleting the `https_migration_required` option or using the new `wp_should_replace_insecure_home_url` filter. * For fresh sites that do not have any content yet at the point of changing the URLs to HTTPS, the migration will also be skipped since it would not be relevant. * Expose a primary action in the Site Health recommendation, if HTTPS is already supported by the environment, built on top of the HTTPS detection mechanism from [49904]. When clicked, the default behavior is to update `home_url()` and `site_url()` in one go to their HTTPS counterpart. * A new `wp_update_urls_to_https()` function takes care of the update routine. * A new `update_https` meta capability is introduced to control access. * If the site's URLs are controlled by constants, this update is not automatically possible, so in these scenarios the user is informed about that in the HTTPS status check in Site Health. * Allow hosting providers to modify the URLs linked to in the HTTPS status check in Site Health, similar to how that is possible for the URLs around updating the PHP version. * A `WP_UPDATE_HTTPS_URL` environment variable or `wp_update_https_url` filter can be used to provide a custom URL with guidance about updating the site to use HTTPS. * A `WP_DIRECT_UPDATE_HTTPS_URL` environment variable or `wp_direct_update_https_url` filter can be used to provide a custom URL for the primary CTA to update the site to use HTTPS. Props flixos90, timothyblynjacobs. Fixes #51437. Built from https://develop.svn.wordpress.org/trunk@50131 git-svn-id: http://core.svn.wordpress.org/trunk@49810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 01:10:01 +01:00
add_filter( 'the_content', 'wp_replace_insecure_home_url' );
add_filter( 'the_content', 'do_shortcode', 11 ); // AFTER wpautop().
add_filter( 'the_content', 'wp_filter_content_tags', 12 ); // Runs after do_shortcode().
add_filter( 'the_excerpt', 'wptexturize' );
add_filter( 'the_excerpt', 'convert_smilies' );
add_filter( 'the_excerpt', 'convert_chars' );
add_filter( 'the_excerpt', 'wpautop' );
add_filter( 'the_excerpt', 'shortcode_unautop' );
Security, Site Health: Make migrating a site to HTTPS a one-click interaction. Switching a WordPress site from HTTP to HTTPS has historically been a tedious task. While on the surface the Site Address and WordPress Address have to be updated, existing content still remains using HTTP URLs where hard-coded in the database. Furthermore, updating _two_ URLs to migrate to HTTPS is still a fairly unintuitive step which is not clearly explained. This changeset simplifies migration from HTTP to HTTPS and, where possible, makes it a one-click interaction. * Automatically replace insecure versions of the Site Address (`home_url()`) with its HTTPS counterpart on the fly if the site has been migrated from HTTP to HTTPS. This is accomplished by introducing a `https_migration_required` option and enabling it when the `home_url()` is accordingly changed. * A new `wp_replace_insecure_home_url()` function is hooked into various pieces of content to replace URLs accordingly. * The migration only kicks in when the Site Address (`home_url()`) and WordPress Address (`site_url()`) match, which is the widely common case. Configurations where these differ are often maintained by more advanced users, where this migration routine would be less essential - something to potentially iterate on in the future though. * The migration does not actually update content in the database. More savvy users that prefer to do that can prevent the migration logic from running by either deleting the `https_migration_required` option or using the new `wp_should_replace_insecure_home_url` filter. * For fresh sites that do not have any content yet at the point of changing the URLs to HTTPS, the migration will also be skipped since it would not be relevant. * Expose a primary action in the Site Health recommendation, if HTTPS is already supported by the environment, built on top of the HTTPS detection mechanism from [49904]. When clicked, the default behavior is to update `home_url()` and `site_url()` in one go to their HTTPS counterpart. * A new `wp_update_urls_to_https()` function takes care of the update routine. * A new `update_https` meta capability is introduced to control access. * If the site's URLs are controlled by constants, this update is not automatically possible, so in these scenarios the user is informed about that in the HTTPS status check in Site Health. * Allow hosting providers to modify the URLs linked to in the HTTPS status check in Site Health, similar to how that is possible for the URLs around updating the PHP version. * A `WP_UPDATE_HTTPS_URL` environment variable or `wp_update_https_url` filter can be used to provide a custom URL with guidance about updating the site to use HTTPS. * A `WP_DIRECT_UPDATE_HTTPS_URL` environment variable or `wp_direct_update_https_url` filter can be used to provide a custom URL for the primary CTA to update the site to use HTTPS. Props flixos90, timothyblynjacobs. Fixes #51437. Built from https://develop.svn.wordpress.org/trunk@50131 git-svn-id: http://core.svn.wordpress.org/trunk@49810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 01:10:01 +01:00
add_filter( 'the_excerpt', 'wp_replace_insecure_home_url' );
add_filter( 'the_excerpt', 'wp_filter_content_tags', 12 );
add_filter( 'get_the_excerpt', 'wp_trim_excerpt', 10, 2 );
add_filter( 'the_post_thumbnail_caption', 'wptexturize' );
add_filter( 'the_post_thumbnail_caption', 'convert_smilies' );
add_filter( 'the_post_thumbnail_caption', 'convert_chars' );
add_filter( 'comment_text', 'wptexturize' );
add_filter( 'comment_text', 'convert_chars' );
add_filter( 'comment_text', 'make_clickable', 9 );
add_filter( 'comment_text', 'force_balance_tags', 25 );
add_filter( 'comment_text', 'convert_smilies', 20 );
add_filter( 'comment_text', 'wpautop', 30 );
add_filter( 'comment_excerpt', 'convert_chars' );
add_filter( 'list_cats', 'wptexturize' );
add_filter( 'wp_sprintf', 'wp_sprintf_l', 10, 2 );
add_filter( 'widget_text', 'balanceTags' );
add_filter( 'widget_text_content', 'capital_P_dangit', 11 );
add_filter( 'widget_text_content', 'wptexturize' );
add_filter( 'widget_text_content', 'convert_smilies', 20 );
add_filter( 'widget_text_content', 'wpautop' );
add_filter( 'widget_text_content', 'shortcode_unautop' );
Security, Site Health: Make migrating a site to HTTPS a one-click interaction. Switching a WordPress site from HTTP to HTTPS has historically been a tedious task. While on the surface the Site Address and WordPress Address have to be updated, existing content still remains using HTTP URLs where hard-coded in the database. Furthermore, updating _two_ URLs to migrate to HTTPS is still a fairly unintuitive step which is not clearly explained. This changeset simplifies migration from HTTP to HTTPS and, where possible, makes it a one-click interaction. * Automatically replace insecure versions of the Site Address (`home_url()`) with its HTTPS counterpart on the fly if the site has been migrated from HTTP to HTTPS. This is accomplished by introducing a `https_migration_required` option and enabling it when the `home_url()` is accordingly changed. * A new `wp_replace_insecure_home_url()` function is hooked into various pieces of content to replace URLs accordingly. * The migration only kicks in when the Site Address (`home_url()`) and WordPress Address (`site_url()`) match, which is the widely common case. Configurations where these differ are often maintained by more advanced users, where this migration routine would be less essential - something to potentially iterate on in the future though. * The migration does not actually update content in the database. More savvy users that prefer to do that can prevent the migration logic from running by either deleting the `https_migration_required` option or using the new `wp_should_replace_insecure_home_url` filter. * For fresh sites that do not have any content yet at the point of changing the URLs to HTTPS, the migration will also be skipped since it would not be relevant. * Expose a primary action in the Site Health recommendation, if HTTPS is already supported by the environment, built on top of the HTTPS detection mechanism from [49904]. When clicked, the default behavior is to update `home_url()` and `site_url()` in one go to their HTTPS counterpart. * A new `wp_update_urls_to_https()` function takes care of the update routine. * A new `update_https` meta capability is introduced to control access. * If the site's URLs are controlled by constants, this update is not automatically possible, so in these scenarios the user is informed about that in the HTTPS status check in Site Health. * Allow hosting providers to modify the URLs linked to in the HTTPS status check in Site Health, similar to how that is possible for the URLs around updating the PHP version. * A `WP_UPDATE_HTTPS_URL` environment variable or `wp_update_https_url` filter can be used to provide a custom URL with guidance about updating the site to use HTTPS. * A `WP_DIRECT_UPDATE_HTTPS_URL` environment variable or `wp_direct_update_https_url` filter can be used to provide a custom URL for the primary CTA to update the site to use HTTPS. Props flixos90, timothyblynjacobs. Fixes #51437. Built from https://develop.svn.wordpress.org/trunk@50131 git-svn-id: http://core.svn.wordpress.org/trunk@49810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 01:10:01 +01:00
add_filter( 'widget_text_content', 'wp_replace_insecure_home_url' );
add_filter( 'widget_text_content', 'do_shortcode', 11 ); // Runs after wpautop(); note that $post global will be null when shortcodes run.
add_filter( 'widget_text_content', 'wp_filter_content_tags', 12 ); // Runs after do_shortcode().
add_filter( 'widget_block_content', 'do_blocks', 9 );
add_filter( 'widget_block_content', 'do_shortcode', 11 );
add_filter( 'widget_block_content', 'wp_filter_content_tags', 12 ); // Runs after do_shortcode().
Block Editor: Package updates for 5.8 beta 1. This includes the following fixes: Widgets Editor: - Load widgets.php https://github.com/WordPress/gutenberg/pull/32299 - Fix Legacy Widget Preview https://github.com/WordPress/gutenberg/pull/32300 - Fix error when saving empty Legacy Widget block https://github.com/WordPress/gutenberg/pull/32359 Widget blocks in the customizer: - Fix deselection blocks when the inspector is open https://github.com/WordPress/gutenberg/pull/32361 - Display wide widgets as popovers https://github.com/WordPress/gutenberg/pull/31736 Global Styles: - Align classNames generation between client and server https://github.com/WordPress/gutenberg/pull/32352 - Group typography block supports https://github.com/WordPress/gutenberg/pull/32252 https://github.com/WordPress/gutenberg/pull/32444 https://github.com/WordPress/gutenberg/pull/32459 - Make theme.json syntax errors more visible to the users https://github.com/WordPress/gutenberg/pull/32404 Template Editor: - Update the appearance of the template details https://github.com/WordPress/gutenberg/pull/32042 - Fix layout definition https://github.com/WordPress/gutenberg/pull/32425 - Fix grouping post content block https://github.com/WordPress/gutenberg/pull/32453 Miscellaneous: - Prevent saving when the post is locked https://github.com/WordPress/gutenberg/pull/32341 - Fix allowed block patterns selector https://github.com/WordPress/gutenberg/pull/32376 - Fix wrong results in the Post Author picker https://github.com/WordPress/gutenberg/pull/32344 - Fix notices position in top toolbar mode https://github.com/WordPress/gutenberg/pull/32238 - Allow non-latin characters in post slugs https://github.com/WordPress/gutenberg/pull/32232 - Fix Random collapse of the color settings panel https://github.com/WordPress/gutenberg/pull/32388 - Fix theme logo theme mode not being removed on theme removal https://github.com/WordPress/gutenberg/pull/32370 - Fix block alignment styles in the editor https://github.com/WordPress/gutenberg/pull/32454 - Fix some block toolbar overlaps https://github.com/WordPress/gutenberg/pull/32424 - Fix content loss when switching list types https://github.com/WordPress/gutenberg/pull/32432 Performance: - Improve the performance of buttons block https://github.com/WordPress/gutenberg/pull/32356 - Improve the performance of the container blocks https://github.com/WordPress/gutenberg/pull/32380 Props noisysocks, nosolosw, jorgefilipecosta. See #52991. Built from https://develop.svn.wordpress.org/trunk@51089 git-svn-id: http://core.svn.wordpress.org/trunk@50698 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-08 10:09:53 +02:00
add_filter( 'block_type_metadata', 'wp_migrate_old_typography_shape' );
Security, Site Health: Make migrating a site to HTTPS a one-click interaction. Switching a WordPress site from HTTP to HTTPS has historically been a tedious task. While on the surface the Site Address and WordPress Address have to be updated, existing content still remains using HTTP URLs where hard-coded in the database. Furthermore, updating _two_ URLs to migrate to HTTPS is still a fairly unintuitive step which is not clearly explained. This changeset simplifies migration from HTTP to HTTPS and, where possible, makes it a one-click interaction. * Automatically replace insecure versions of the Site Address (`home_url()`) with its HTTPS counterpart on the fly if the site has been migrated from HTTP to HTTPS. This is accomplished by introducing a `https_migration_required` option and enabling it when the `home_url()` is accordingly changed. * A new `wp_replace_insecure_home_url()` function is hooked into various pieces of content to replace URLs accordingly. * The migration only kicks in when the Site Address (`home_url()`) and WordPress Address (`site_url()`) match, which is the widely common case. Configurations where these differ are often maintained by more advanced users, where this migration routine would be less essential - something to potentially iterate on in the future though. * The migration does not actually update content in the database. More savvy users that prefer to do that can prevent the migration logic from running by either deleting the `https_migration_required` option or using the new `wp_should_replace_insecure_home_url` filter. * For fresh sites that do not have any content yet at the point of changing the URLs to HTTPS, the migration will also be skipped since it would not be relevant. * Expose a primary action in the Site Health recommendation, if HTTPS is already supported by the environment, built on top of the HTTPS detection mechanism from [49904]. When clicked, the default behavior is to update `home_url()` and `site_url()` in one go to their HTTPS counterpart. * A new `wp_update_urls_to_https()` function takes care of the update routine. * A new `update_https` meta capability is introduced to control access. * If the site's URLs are controlled by constants, this update is not automatically possible, so in these scenarios the user is informed about that in the HTTPS status check in Site Health. * Allow hosting providers to modify the URLs linked to in the HTTPS status check in Site Health, similar to how that is possible for the URLs around updating the PHP version. * A `WP_UPDATE_HTTPS_URL` environment variable or `wp_update_https_url` filter can be used to provide a custom URL with guidance about updating the site to use HTTPS. * A `WP_DIRECT_UPDATE_HTTPS_URL` environment variable or `wp_direct_update_https_url` filter can be used to provide a custom URL for the primary CTA to update the site to use HTTPS. Props flixos90, timothyblynjacobs. Fixes #51437. Built from https://develop.svn.wordpress.org/trunk@50131 git-svn-id: http://core.svn.wordpress.org/trunk@49810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 01:10:01 +01:00
add_filter( 'wp_get_custom_css', 'wp_replace_insecure_home_url' );
// RSS filters.
add_filter( 'the_title_rss', 'strip_tags' );
add_filter( 'the_title_rss', 'ent2ncr', 8 );
add_filter( 'the_title_rss', 'esc_html' );
add_filter( 'the_content_rss', 'ent2ncr', 8 );
add_filter( 'the_content_feed', 'wp_staticize_emoji' );
add_filter( 'the_content_feed', '_oembed_filter_feed_content' );
add_filter( 'the_excerpt_rss', 'convert_chars' );
add_filter( 'the_excerpt_rss', 'ent2ncr', 8 );
add_filter( 'comment_author_rss', 'ent2ncr', 8 );
add_filter( 'comment_text_rss', 'ent2ncr', 8 );
add_filter( 'comment_text_rss', 'esc_html' );
add_filter( 'comment_text_rss', 'wp_staticize_emoji' );
add_filter( 'bloginfo_rss', 'ent2ncr', 8 );
add_filter( 'the_author', 'ent2ncr', 8 );
add_filter( 'the_guid', 'esc_url' );
// Email filters.
add_filter( 'wp_mail', 'wp_staticize_emoji_for_email' );
Robots: Introduce Robots API. This changeset introduces a filter-based Robots API, providing central control over the `robots` meta tag. * Introduces `wp_robots()` function which should be called anywhere a `robots` meta tag should be included. * Introduces `wp_robots` filter which allows adding or modifying directives for the `robots` meta tag. The `wp_robots()` function is entirely filter-based, i.e. if no filter is added to `wp_robots`, no directives will be present, and therefore the entire `robots` meta tag will be omitted. * Introduces the following `wp_robots` filter functions which replace similar existing functions that were manually rendering a `robots` meta tag: * `wp_robots_noindex()` replaces `noindex()`, which has been deprecated. * `wp_robots_no_robots()` replaces `wp_no_robots()`, which has been deprecated. * `wp_robots_sensitive_page()` replaces `wp_sensitive_page_meta()`, which has been deprecated. Its rendering of the `referrer` meta tag has been moved to another new function `wp_strict_cross_origin_referrer()`. Migration to the new functions is straightforward. For example, a call to `add_action( 'wp_head', 'wp_no_robots' )` should be replaced with `add_filter( 'wp_robots', 'wp_robots_no_robots' )`. Plugins and themes that render their own `robots` meta tags are encouraged to switch to rely on the `wp_robots` filter in order to use the central management layer now provided by WordPress core. Props adamsilverstein, flixos90, timothyblynjacobs, westonruter. See #51511. Built from https://develop.svn.wordpress.org/trunk@49992 git-svn-id: http://core.svn.wordpress.org/trunk@49693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 02:37:00 +01:00
// Robots filters.
add_filter( 'wp_robots', 'wp_robots_noindex' );
add_filter( 'wp_robots', 'wp_robots_noindex_embeds' );
add_filter( 'wp_robots', 'wp_robots_noindex_search' );
add_filter( 'wp_robots', 'wp_robots_max_image_preview_large' );
Robots: Introduce Robots API. This changeset introduces a filter-based Robots API, providing central control over the `robots` meta tag. * Introduces `wp_robots()` function which should be called anywhere a `robots` meta tag should be included. * Introduces `wp_robots` filter which allows adding or modifying directives for the `robots` meta tag. The `wp_robots()` function is entirely filter-based, i.e. if no filter is added to `wp_robots`, no directives will be present, and therefore the entire `robots` meta tag will be omitted. * Introduces the following `wp_robots` filter functions which replace similar existing functions that were manually rendering a `robots` meta tag: * `wp_robots_noindex()` replaces `noindex()`, which has been deprecated. * `wp_robots_no_robots()` replaces `wp_no_robots()`, which has been deprecated. * `wp_robots_sensitive_page()` replaces `wp_sensitive_page_meta()`, which has been deprecated. Its rendering of the `referrer` meta tag has been moved to another new function `wp_strict_cross_origin_referrer()`. Migration to the new functions is straightforward. For example, a call to `add_action( 'wp_head', 'wp_no_robots' )` should be replaced with `add_filter( 'wp_robots', 'wp_robots_no_robots' )`. Plugins and themes that render their own `robots` meta tags are encouraged to switch to rely on the `wp_robots` filter in order to use the central management layer now provided by WordPress core. Props adamsilverstein, flixos90, timothyblynjacobs, westonruter. See #51511. Built from https://develop.svn.wordpress.org/trunk@49992 git-svn-id: http://core.svn.wordpress.org/trunk@49693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 02:37:00 +01:00
// Mark site as no longer fresh.
foreach (
array(
'publish_post',
'publish_page',
'wp_ajax_save-widget',
'wp_ajax_widgets-order',
'customize_save_after',
'rest_after_save_widget',
'rest_delete_widget',
'rest_save_sidebar',
) as $action
) {
add_action( $action, '_delete_option_fresh_site', 0 );
Customize: Introduce starter content and site freshness state. A theme can opt-in for tailored starter content to apply to the customizer when previewing the theme on a fresh install, when `fresh_site` is at its initial `1` value. Starter content is staged in the customizer and does not go live unless the changes are published. Initial starter content is added to Twenty Seventeen. * The `fresh_site` flag is cleared when a published post or page is saved, when widgets are modified, or when the customizer state is saved. * Starter content is registered via `starter-content` theme support, where the argument is an array containing `widgets`, `posts`, `nav_menus`, `options`, and `theme_mods`. Posts/pages in starter content are created with the `auto-draft` status, re-using the page/post stubs feature added to nav menus and the static front page controls. * A `get_theme_starter_content` filter allows for plugins to extend a theme's starter content. * Starter content in themes can/should re-use existing starter content items in core by using named placeholders. * Import theme starter content into customized state when fresh site. * Prevent original_title differences from causing refreshes if title is present. * Ensure nav menu item url is set according to object when previewing. * Make sure initial saved state is false if there are dirty settings without an existing changeset. * Ensure dirty settings are cleaned upon changeset publishing. Props helen, westonruter, ocean90. Fixes #38114, #38533. Built from https://develop.svn.wordpress.org/trunk@38991 git-svn-id: http://core.svn.wordpress.org/trunk@38934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-28 04:57:35 +02:00
}
// Misc filters.
add_filter( 'wp_default_autoload_value', 'wp_filter_default_autoload_value_via_option_size', 5, 4 ); // Allow the value to be overridden at the default priority.
add_filter( 'option_ping_sites', 'privacy_ping_filter' );
add_filter( 'option_blog_charset', '_wp_specialchars' ); // IMPORTANT: This must not be wp_specialchars() or esc_html() or it'll cause an infinite loop.
add_filter( 'option_blog_charset', '_canonical_charset' );
add_filter( 'option_home', '_config_wp_home' );
add_filter( 'option_siteurl', '_config_wp_siteurl' );
add_filter( 'tiny_mce_before_init', '_mce_set_direction' );
add_filter( 'teeny_mce_before_init', '_mce_set_direction' );
add_filter( 'pre_kses', 'wp_pre_kses_less_than' );
add_filter( 'pre_kses', 'wp_pre_kses_block_attributes', 10, 3 );
add_filter( 'sanitize_title', 'sanitize_title_with_dashes', 10, 3 );
add_action( 'check_comment_flood', 'check_comment_flood_db', 10, 4 );
add_filter( 'comment_flood_filter', 'wp_throttle_comment_flood', 10, 3 );
add_filter( 'pre_comment_content', 'wp_rel_ugc', 15 );
add_filter( 'comment_email', 'antispambot' );
add_filter( 'option_tag_base', '_wp_filter_taxonomy_base' );
add_filter( 'option_category_base', '_wp_filter_taxonomy_base' );
add_filter( 'the_posts', '_close_comments_for_old_posts', 10, 2 );
add_filter( 'comments_open', '_close_comments_for_old_post', 10, 2 );
add_filter( 'pings_open', '_close_comments_for_old_post', 10, 2 );
add_filter( 'editable_slug', 'urldecode' );
add_filter( 'editable_slug', 'esc_textarea' );
add_filter( 'pingback_ping_source_uri', 'pingback_ping_source_uri' );
add_filter( 'xmlrpc_pingback_error', 'xmlrpc_pingback_error' );
add_filter( 'title_save_pre', 'trim' );
add_action( 'transition_comment_status', '_clear_modified_cache_on_transition_comment_status', 10, 2 );
add_filter( 'http_request_host_is_external', 'allowed_http_request_hosts', 10, 2 );
// REST API filters.
add_action( 'xmlrpc_rsd_apis', 'rest_output_rsd' );
add_action( 'wp_head', 'rest_output_link_wp_head', 10, 0 );
add_action( 'template_redirect', 'rest_output_link_header', 11, 0 );
add_action( 'auth_cookie_malformed', 'rest_cookie_collect_status' );
add_action( 'auth_cookie_expired', 'rest_cookie_collect_status' );
add_action( 'auth_cookie_bad_username', 'rest_cookie_collect_status' );
add_action( 'auth_cookie_bad_hash', 'rest_cookie_collect_status' );
add_action( 'auth_cookie_valid', 'rest_cookie_collect_status' );
add_action( 'application_password_failed_authentication', 'rest_application_password_collect_status' );
add_action( 'application_password_did_authenticate', 'rest_application_password_collect_status', 10, 2 );
add_filter( 'rest_authentication_errors', 'rest_application_password_check_errors', 90 );
add_filter( 'rest_authentication_errors', 'rest_cookie_check_errors', 100 );
// Actions.
add_action( 'wp_head', '_wp_render_title_tag', 1 );
add_action( 'wp_head', 'wp_enqueue_scripts', 1 );
add_action( 'wp_head', 'wp_resource_hints', 2 );
add_action( 'wp_head', 'wp_preload_resources', 1 );
add_action( 'wp_head', 'feed_links', 2 );
add_action( 'wp_head', 'feed_links_extra', 3 );
add_action( 'wp_head', 'rsd_link' );
add_action( 'wp_head', 'locale_stylesheet' );
add_action( 'publish_future_post', 'check_and_publish_future_post', 10, 1 );
Robots: Introduce Robots API. This changeset introduces a filter-based Robots API, providing central control over the `robots` meta tag. * Introduces `wp_robots()` function which should be called anywhere a `robots` meta tag should be included. * Introduces `wp_robots` filter which allows adding or modifying directives for the `robots` meta tag. The `wp_robots()` function is entirely filter-based, i.e. if no filter is added to `wp_robots`, no directives will be present, and therefore the entire `robots` meta tag will be omitted. * Introduces the following `wp_robots` filter functions which replace similar existing functions that were manually rendering a `robots` meta tag: * `wp_robots_noindex()` replaces `noindex()`, which has been deprecated. * `wp_robots_no_robots()` replaces `wp_no_robots()`, which has been deprecated. * `wp_robots_sensitive_page()` replaces `wp_sensitive_page_meta()`, which has been deprecated. Its rendering of the `referrer` meta tag has been moved to another new function `wp_strict_cross_origin_referrer()`. Migration to the new functions is straightforward. For example, a call to `add_action( 'wp_head', 'wp_no_robots' )` should be replaced with `add_filter( 'wp_robots', 'wp_robots_no_robots' )`. Plugins and themes that render their own `robots` meta tags are encouraged to switch to rely on the `wp_robots` filter in order to use the central management layer now provided by WordPress core. Props adamsilverstein, flixos90, timothyblynjacobs, westonruter. See #51511. Built from https://develop.svn.wordpress.org/trunk@49992 git-svn-id: http://core.svn.wordpress.org/trunk@49693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 02:37:00 +01:00
add_action( 'wp_head', 'wp_robots', 1 );
add_action( 'wp_head', 'print_emoji_detection_script', 7 );
add_action( 'wp_head', 'wp_print_styles', 8 );
add_action( 'wp_head', 'wp_print_head_scripts', 9 );
add_action( 'wp_head', 'wp_generator' );
add_action( 'wp_head', 'rel_canonical' );
add_action( 'wp_head', 'wp_shortlink_wp_head', 10, 0 );
add_action( 'wp_head', 'wp_custom_css_cb', 101 );
add_action( 'wp_head', 'wp_site_icon', 99 );
add_action( 'wp_footer', 'wp_print_footer_scripts', 20 );
add_action( 'template_redirect', 'wp_shortlink_header', 11, 0 );
add_action( 'wp_print_footer_scripts', '_wp_footer_scripts' );
add_action( 'init', '_register_core_block_patterns_and_categories' );
add_action( 'init', 'check_theme_switched', 99 );
add_action( 'init', array( 'WP_Block_Supports', 'init' ), 22 );
Themes: Introduce wp_theme_has_theme_json() for public consumption. Adds `wp_theme_has_theme_json()` for public consumption, to replace the private internal Core-only `WP_Theme_JSON_Resolver::theme_has_support()` method. This new global function checks if a theme or its parent has a `theme.json` file. For performance, results are cached as an integer `1` or `0` in the `'theme_json'` group with `'wp_theme_has_theme_json'` key. This is a non-persistent cache. Why? To make the derived data from `theme.json` is always fresh from the potential modifications done via hooks that can use dynamic data (modify the stylesheet depending on some option, settings depending on user permissions, etc.). Also adds a new public function `wp_clean_theme_json_cache()` to clear the cache on `'switch_theme'` and `start_previewing_theme'`. References: * [https://github.com/WordPress/gutenberg/pull/45168 Gutenberg PR 45168] Add `wp_theme_has_theme_json` as a public API to know whether a theme has a `theme.json`. * [https://github.com/WordPress/gutenberg/pull/45380 Gutenberg PR 45380] Deprecate `WP_Theme_JSON_Resolver:theme_has_support()`. * [https://github.com/WordPress/gutenberg/pull/46150 Gutenberg PR 46150] Make `theme.json` object caches non-persistent. * [https://github.com/WordPress/gutenberg/pull/45979 Gutenberg PR 45979] Don't check if constants set by `wp_initial_constants()` are defined. * [https://github.com/WordPress/gutenberg/pull/45950 Gutenberg PR 45950] Cleaner logic in `wp_theme_has_theme_json`. Follow-up to [54493], [53282], [52744], [52049], [50959]. Props oandregal, afragen, alexstine, aristath, azaozz, costdev, flixos90, hellofromTonya, mamaduka, mcsf, ocean90, spacedmonkey. Fixes #56975. Built from https://develop.svn.wordpress.org/trunk@55086 git-svn-id: http://core.svn.wordpress.org/trunk@54619 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-01-18 12:40:10 +01:00
add_action( 'switch_theme', 'wp_clean_theme_json_cache' );
add_action( 'start_previewing_theme', 'wp_clean_theme_json_cache' );
add_action( 'after_switch_theme', '_wp_menus_changed' );
add_action( 'after_switch_theme', '_wp_sidebars_changed' );
Script Loader: Replace hardcoded output of style tags with calls to `wp_add_inline_style`. In this commit, enhancements have been made by replacing manually constructed style tags with calls to `wp_add_inline_style`. Previously, numerous style tags were generated and output directly in the header, resulting in redundant code and bypassing the core's style enqueueing system. This approach made it challenging for third-party developers to manage and control the output of these style tags. To ensure backward compatibility, the following functions have been deprecated and replaced: - print_embed_styles - print_emoji_styles - wp_admin_bar_header - _admin_bar_bump_cb Backward compatibility shims have also been added, ensuring that if these functions were previously unhooked from there actions, they will continue to not output a style tag. However, for the following functions, conversion to use inline styles was not feasible due to the potential disruption it might cause by changing the style tag IDs, potentially breaking JavaScript functionality for a number of plugins in the repository: - custom-background - wp-custom These changes improve code maintainability and enhance the flexibility and control available to developers when managing style outputs within WordPress core. Props spacedmonkey, hlunter, westonruter, flixos90. Fixes #58775. Built from https://develop.svn.wordpress.org/trunk@56682 git-svn-id: http://core.svn.wordpress.org/trunk@56194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-25 19:06:34 +02:00
add_action( 'wp_enqueue_scripts', 'wp_enqueue_emoji_styles' );
add_action( 'wp_print_styles', 'print_emoji_styles' ); // Retained for backwards-compatibility. Unhooked by wp_enqueue_emoji_styles().
if ( isset( $_GET['replytocom'] ) ) {
Robots: Introduce Robots API. This changeset introduces a filter-based Robots API, providing central control over the `robots` meta tag. * Introduces `wp_robots()` function which should be called anywhere a `robots` meta tag should be included. * Introduces `wp_robots` filter which allows adding or modifying directives for the `robots` meta tag. The `wp_robots()` function is entirely filter-based, i.e. if no filter is added to `wp_robots`, no directives will be present, and therefore the entire `robots` meta tag will be omitted. * Introduces the following `wp_robots` filter functions which replace similar existing functions that were manually rendering a `robots` meta tag: * `wp_robots_noindex()` replaces `noindex()`, which has been deprecated. * `wp_robots_no_robots()` replaces `wp_no_robots()`, which has been deprecated. * `wp_robots_sensitive_page()` replaces `wp_sensitive_page_meta()`, which has been deprecated. Its rendering of the `referrer` meta tag has been moved to another new function `wp_strict_cross_origin_referrer()`. Migration to the new functions is straightforward. For example, a call to `add_action( 'wp_head', 'wp_no_robots' )` should be replaced with `add_filter( 'wp_robots', 'wp_robots_no_robots' )`. Plugins and themes that render their own `robots` meta tags are encouraged to switch to rely on the `wp_robots` filter in order to use the central management layer now provided by WordPress core. Props adamsilverstein, flixos90, timothyblynjacobs, westonruter. See #51511. Built from https://develop.svn.wordpress.org/trunk@49992 git-svn-id: http://core.svn.wordpress.org/trunk@49693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 02:37:00 +01:00
add_filter( 'wp_robots', 'wp_robots_no_robots' );
}
// Login actions.
Robots: Introduce Robots API. This changeset introduces a filter-based Robots API, providing central control over the `robots` meta tag. * Introduces `wp_robots()` function which should be called anywhere a `robots` meta tag should be included. * Introduces `wp_robots` filter which allows adding or modifying directives for the `robots` meta tag. The `wp_robots()` function is entirely filter-based, i.e. if no filter is added to `wp_robots`, no directives will be present, and therefore the entire `robots` meta tag will be omitted. * Introduces the following `wp_robots` filter functions which replace similar existing functions that were manually rendering a `robots` meta tag: * `wp_robots_noindex()` replaces `noindex()`, which has been deprecated. * `wp_robots_no_robots()` replaces `wp_no_robots()`, which has been deprecated. * `wp_robots_sensitive_page()` replaces `wp_sensitive_page_meta()`, which has been deprecated. Its rendering of the `referrer` meta tag has been moved to another new function `wp_strict_cross_origin_referrer()`. Migration to the new functions is straightforward. For example, a call to `add_action( 'wp_head', 'wp_no_robots' )` should be replaced with `add_filter( 'wp_robots', 'wp_robots_no_robots' )`. Plugins and themes that render their own `robots` meta tags are encouraged to switch to rely on the `wp_robots` filter in order to use the central management layer now provided by WordPress core. Props adamsilverstein, flixos90, timothyblynjacobs, westonruter. See #51511. Built from https://develop.svn.wordpress.org/trunk@49992 git-svn-id: http://core.svn.wordpress.org/trunk@49693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 02:37:00 +01:00
add_action( 'login_head', 'wp_robots', 1 );
add_filter( 'login_head', 'wp_resource_hints', 8 );
add_action( 'login_head', 'wp_print_head_scripts', 9 );
add_action( 'login_head', 'print_admin_styles', 9 );
add_action( 'login_head', 'wp_site_icon', 99 );
add_action( 'login_footer', 'wp_print_footer_scripts', 20 );
add_action( 'login_init', 'send_frame_options_header', 10, 0 );
// Feed generator tags.
foreach ( array( 'rss2_head', 'commentsrss2_head', 'rss_head', 'rdf_header', 'atom_head', 'comments_atom_head', 'opml_head', 'app_head' ) as $action ) {
add_action( $action, 'the_generator' );
}
// Feed Site Icon.
add_action( 'atom_head', 'atom_site_icon' );
add_action( 'rss2_head', 'rss2_site_icon' );
// WP Cron.
if ( ! defined( 'DOING_CRON' ) ) {
add_action( 'init', 'wp_cron' );
}
Security, Site Health: Make migrating a site to HTTPS a one-click interaction. Switching a WordPress site from HTTP to HTTPS has historically been a tedious task. While on the surface the Site Address and WordPress Address have to be updated, existing content still remains using HTTP URLs where hard-coded in the database. Furthermore, updating _two_ URLs to migrate to HTTPS is still a fairly unintuitive step which is not clearly explained. This changeset simplifies migration from HTTP to HTTPS and, where possible, makes it a one-click interaction. * Automatically replace insecure versions of the Site Address (`home_url()`) with its HTTPS counterpart on the fly if the site has been migrated from HTTP to HTTPS. This is accomplished by introducing a `https_migration_required` option and enabling it when the `home_url()` is accordingly changed. * A new `wp_replace_insecure_home_url()` function is hooked into various pieces of content to replace URLs accordingly. * The migration only kicks in when the Site Address (`home_url()`) and WordPress Address (`site_url()`) match, which is the widely common case. Configurations where these differ are often maintained by more advanced users, where this migration routine would be less essential - something to potentially iterate on in the future though. * The migration does not actually update content in the database. More savvy users that prefer to do that can prevent the migration logic from running by either deleting the `https_migration_required` option or using the new `wp_should_replace_insecure_home_url` filter. * For fresh sites that do not have any content yet at the point of changing the URLs to HTTPS, the migration will also be skipped since it would not be relevant. * Expose a primary action in the Site Health recommendation, if HTTPS is already supported by the environment, built on top of the HTTPS detection mechanism from [49904]. When clicked, the default behavior is to update `home_url()` and `site_url()` in one go to their HTTPS counterpart. * A new `wp_update_urls_to_https()` function takes care of the update routine. * A new `update_https` meta capability is introduced to control access. * If the site's URLs are controlled by constants, this update is not automatically possible, so in these scenarios the user is informed about that in the HTTPS status check in Site Health. * Allow hosting providers to modify the URLs linked to in the HTTPS status check in Site Health, similar to how that is possible for the URLs around updating the PHP version. * A `WP_UPDATE_HTTPS_URL` environment variable or `wp_update_https_url` filter can be used to provide a custom URL with guidance about updating the site to use HTTPS. * A `WP_DIRECT_UPDATE_HTTPS_URL` environment variable or `wp_direct_update_https_url` filter can be used to provide a custom URL for the primary CTA to update the site to use HTTPS. Props flixos90, timothyblynjacobs. Fixes #51437. Built from https://develop.svn.wordpress.org/trunk@50131 git-svn-id: http://core.svn.wordpress.org/trunk@49810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 01:10:01 +01:00
// HTTPS migration.
add_action( 'update_option_home', 'wp_update_https_migration_required', 10, 2 );
// 2 Actions 2 Furious.
add_action( 'do_feed_rdf', 'do_feed_rdf', 10, 0 );
add_action( 'do_feed_rss', 'do_feed_rss', 10, 0 );
add_action( 'do_feed_rss2', 'do_feed_rss2', 10, 1 );
add_action( 'do_feed_atom', 'do_feed_atom', 10, 1 );
add_action( 'do_pings', 'do_all_pings', 10, 0 );
add_action( 'do_all_pings', 'do_all_pingbacks', 10, 0 );
add_action( 'do_all_pings', 'do_all_enclosures', 10, 0 );
add_action( 'do_all_pings', 'do_all_trackbacks', 10, 0 );
add_action( 'do_all_pings', 'generic_ping', 10, 0 );
add_action( 'do_robots', 'do_robots' );
2019-12-28 22:20:04 +01:00
add_action( 'do_favicon', 'do_favicon' );
add_action( 'set_comment_cookies', 'wp_set_comment_cookies', 10, 3 );
add_action( 'sanitize_comment_cookies', 'sanitize_comment_cookies' );
add_action( 'init', 'smilies_init', 5 );
add_action( 'plugins_loaded', 'wp_maybe_load_widgets', 0 );
add_action( 'plugins_loaded', 'wp_maybe_load_embeds', 0 );
add_action( 'shutdown', 'wp_ob_end_flush_all', 1 );
// Create a revision whenever a post is updated.
Revisions: framework for storing post meta revisions. Enable the storing of post meta in revisions including autosaves and previews: Add a new argument `revisions_enabled` to the `register_meta` function which enables storing meta in revisions. Add a new `wp_post_revision_meta_keys` filter which developers can use to control which meta is revisioned - it passes an array of the meta keys with revisions enabled as well as the post type. Meta keys with revisions enabled are also stored for autosaves, and are restored when a revision or autosave is restored. In addition, meta values are now stored with the autosave revision used for previews. Changes to meta can now be previewed correctly without overwriting the published meta (see #20299) or passing data as a query variable, as the editor currently does to preview changes to the featured image. Changes to meta with revisions enabled are considered when determining if a new revision should be created. A new revision is created if the meta value has changed since the last revision. Revisions are now saved on the `wp_after_insert_post` hook instead of `post_updated`. The `wp_after_insert_post` action is fired after post meta has been saved by the REST API which enables attaching meta to the revision. To ensure backwards compatibility with existing action uses, `wp_save_post_revision_on_insert` function exits early if plugins have removed the previous `do_action( 'post_updated', 'wp_save_post_revision' )` call. Props: alexkingorg, johnbillion, markjaquith, WraithKenny, kovshenin, azaozz, tv-productions, p51labs, mattheu, mikeschroder, Mamaduka, ellatrix, timothyblynjacobs, jakemgold, bookwyrm, ryanduff, mintindeed, wonderboymusic, sanchothefat, westonruter, spacedmonkey, hellofromTonya, drewapicture, adamsilverstein, swisspiddy. Fixes #20564, #20299. Built from https://develop.svn.wordpress.org/trunk@56714 git-svn-id: http://core.svn.wordpress.org/trunk@56226 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-26 17:32:19 +02:00
add_action( 'wp_after_insert_post', 'wp_save_post_revision_on_insert', 9, 3 );
add_action( 'post_updated', 'wp_save_post_revision', 10, 1 );
add_action( 'publish_post', '_publish_post_hook', 5, 1 );
add_action( 'transition_post_status', '_transition_post_status', 5, 3 );
add_action( 'transition_post_status', '_update_term_count_on_transition_post_status', 10, 3 );
add_action( 'comment_form', 'wp_comment_form_unfiltered_html_nonce' );
// Privacy.
add_action( 'user_request_action_confirmed', '_wp_privacy_account_request_confirmed' );
add_action( 'user_request_action_confirmed', '_wp_privacy_send_request_confirmation_notification', 12 ); // After request marked as completed.
add_filter( 'wp_privacy_personal_data_exporters', 'wp_register_comment_personal_data_exporter' );
add_filter( 'wp_privacy_personal_data_exporters', 'wp_register_media_personal_data_exporter' );
add_filter( 'wp_privacy_personal_data_exporters', 'wp_register_user_personal_data_exporter', 1 );
add_filter( 'wp_privacy_personal_data_erasers', 'wp_register_comment_personal_data_eraser' );
add_action( 'init', 'wp_schedule_delete_old_privacy_export_files' );
add_action( 'wp_privacy_delete_old_export_files', 'wp_privacy_delete_old_export_files' );
// Cron tasks.
add_action( 'wp_scheduled_delete', 'wp_scheduled_delete' );
add_action( 'wp_scheduled_auto_draft_delete', 'wp_delete_auto_drafts' );
add_action( 'importer_scheduled_cleanup', 'wp_delete_attachment' );
add_action( 'upgrader_scheduled_cleanup', 'wp_delete_attachment' );
add_action( 'delete_expired_transients', 'delete_expired_transients' );
// Navigation menu actions.
add_action( 'delete_post', '_wp_delete_post_menu_item' );
add_action( 'delete_term', '_wp_delete_tax_menu_item', 10, 3 );
add_action( 'transition_post_status', '_wp_auto_add_pages_to_menu', 10, 3 );
add_action( 'delete_post', '_wp_delete_customize_changeset_dependent_auto_drafts' );
// Post Thumbnail specific image filtering.
add_action( 'begin_fetch_post_thumbnail_html', '_wp_post_thumbnail_class_filter_add' );
add_action( 'end_fetch_post_thumbnail_html', '_wp_post_thumbnail_class_filter_remove' );
add_action( 'begin_fetch_post_thumbnail_html', '_wp_post_thumbnail_context_filter_add' );
add_action( 'end_fetch_post_thumbnail_html', '_wp_post_thumbnail_context_filter_remove' );
// Redirect old slugs.
add_action( 'template_redirect', 'wp_old_slug_redirect' );
add_action( 'post_updated', 'wp_check_for_changed_slugs', 12, 3 );
add_action( 'attachment_updated', 'wp_check_for_changed_slugs', 12, 3 );
// Redirect old dates.
add_action( 'post_updated', 'wp_check_for_changed_dates', 12, 3 );
add_action( 'attachment_updated', 'wp_check_for_changed_dates', 12, 3 );
// Nonce check for post previews.
add_action( 'init', '_show_post_preview' );
// Output JS to reset window.name for previews.
add_action( 'wp_head', 'wp_post_preview_js', 1 );
// Timezone.
add_filter( 'pre_option_gmt_offset', 'wp_timezone_override_offset' );
// If the upgrade hasn't run yet, assume link manager is used.
add_filter( 'default_option_link_manager_enabled', '__return_true' );
// This option no longer exists; tell plugins we always support auto-embedding.
add_filter( 'pre_option_embed_autourls', '__return_true' );
Force comment pagination on single posts. Previously, the 'page_comments' toggle allowed users to disable comment pagination. This toggle was only superficial, however. Even with 'page_comments' turned on, `comments_template()` loaded all of a post's comments into memory, and passed them to `wp_list_comments()` and `Walker_Comment`, the latter of which produced markup for only the current page of comments. In other words, it was possible to enable 'page_comments', thereby showing only a subset of a post's comments on a given page, but all comments continued to be loaded in the background. This technique scaled poorly. Posts with hundreds or thousands of comments would load slowly, or not at all, even when the 'comments_per_page' setting was set to a reasonable number. Recent changesets have addressed this problem through more efficient tree- walking, better descendant caching, and more selective queries for top-level post comments. The current changeset completes the project by addressing the root issue: that loading a post causes all of its comments to be loaded too. Here's the breakdown: * Comment pagination is now forced. Setting 'page_comments' to false leads to evil things when you have many comments. If you want to avoid pagination, set 'comments_per_page' to something high. * The 'page_comments' setting has been expunged from options-discussion.php, and from places in the codebase where it was referenced. For plugins relying on 'page_comments', we now force the value to `true` with a `pre_option` filter. * `comments_template()` now queries for an appropriately small number of comments. Usually, this means the `comments_per_page` value. * To preserve the current (odd) behavior for comment pagination links, some unholy hacks have been inserted into `comments_template()`. The ugliness is insulated in this function for backward compatibility and to minimize collateral damage. A side-effect is that, for certain settings of 'default_comments_page', up to 2x the value of `comments_per_page` might be fetched at a time. * In support of these changes, a `$format` parameter has been added to `WP_Comment::get_children()`. This param allows you to request a flattened array of comment children, suitable for feeding into `Walker_Comment`. * `WP_Query` loops are now informed about total available comment counts and comment pages by the `WP_Comment_Query` (`found_comments`, `max_num_pages`), instead of by `Walker_Comment`. Aside from radical performance improvements in the case of a post with many comments, this changeset fixes a bug that caused the first page of comments to be partial (`found_comments` % `comments_per_page`), rather than the last, as you'd expect. Props boonebgorges, wonderboymusic. Fixes #8071. Built from https://develop.svn.wordpress.org/trunk@34561 git-svn-id: http://core.svn.wordpress.org/trunk@34525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-25 22:40:25 +02:00
// Default settings for heartbeat.
add_filter( 'heartbeat_settings', 'wp_heartbeat_settings' );
// Check if the user is logged out.
add_action( 'admin_enqueue_scripts', 'wp_auth_check_load' );
add_filter( 'heartbeat_send', 'wp_auth_check' );
add_filter( 'heartbeat_nopriv_send', 'wp_auth_check' );
// Default authentication filters.
add_filter( 'authenticate', 'wp_authenticate_username_password', 20, 3 );
add_filter( 'authenticate', 'wp_authenticate_email_password', 20, 3 );
add_filter( 'authenticate', 'wp_authenticate_application_password', 20, 3 );
add_filter( 'authenticate', 'wp_authenticate_spam_check', 99 );
add_filter( 'determine_current_user', 'wp_validate_auth_cookie' );
add_filter( 'determine_current_user', 'wp_validate_logged_in_cookie', 20 );
add_filter( 'determine_current_user', 'wp_validate_application_password', 20 );
// Split term updates.
add_action( 'admin_init', '_wp_check_for_scheduled_split_terms' );
add_action( 'split_shared_term', '_wp_check_split_default_terms', 10, 4 );
add_action( 'split_shared_term', '_wp_check_split_terms_in_menus', 10, 4 );
add_action( 'split_shared_term', '_wp_check_split_nav_menu_terms', 10, 4 );
add_action( 'wp_split_shared_term_batch', '_wp_batch_split_terms' );
// Comment type updates.
add_action( 'admin_init', '_wp_check_for_scheduled_update_comment_type' );
add_action( 'wp_update_comment_type_batch', '_wp_batch_update_comment_type' );
// Email notifications.
add_action( 'comment_post', 'wp_new_comment_notify_moderator' );
add_action( 'comment_post', 'wp_new_comment_notify_postauthor' );
add_action( 'after_password_reset', 'wp_password_change_notification' );
add_action( 'register_new_user', 'wp_send_new_user_notifications' );
add_action( 'edit_user_created_user', 'wp_send_new_user_notifications', 10, 2 );
// REST API actions.
add_action( 'init', 'rest_api_init' );
add_action( 'rest_api_init', 'rest_api_default_filters', 10, 1 );
add_action( 'rest_api_init', 'register_initial_settings', 10 );
REST API: Introduce the Content API endpoints. REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following: - Posts: Read and write access to all post data, for all types of post-based data, including pages and media. - Comments: Read and write access to all comment data. This includes pingbacks and trackbacks. - Terms: Read and write access to all term data. - Users: Read and write access to all user data. This includes public access to some data for post authors. - Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins. - Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline. Love your REST API, WordPress! The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!" Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic. Fixes #38373. Built from https://develop.svn.wordpress.org/trunk@38832 git-svn-id: http://core.svn.wordpress.org/trunk@38775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-20 04:55:32 +02:00
add_action( 'rest_api_init', 'create_initial_rest_routes', 99 );
add_action( 'parse_request', 'rest_api_loaded' );
// Sitemaps actions.
add_action( 'init', 'wp_sitemaps_get_server' );
/**
* Filters formerly mixed into wp-includes.
*/
// Theme.
add_action( 'setup_theme', 'create_initial_theme_features', 0 );
add_action( 'after_setup_theme', '_add_default_theme_supports', 1 );
add_action( 'wp_loaded', '_custom_header_background_just_in_time' );
add_action( 'wp_head', '_custom_logo_header_styles' );
add_action( 'plugins_loaded', '_wp_customize_include' );
add_action( 'transition_post_status', '_wp_customize_publish_changeset', 10, 3 );
add_action( 'admin_enqueue_scripts', '_wp_customize_loader_settings' );
add_action( 'delete_attachment', '_delete_attachment_theme_mod' );
add_action( 'transition_post_status', '_wp_keep_alive_customize_changeset_dependent_auto_drafts', 20, 3 );
// Block Theme Previews.
add_action( 'plugins_loaded', 'wp_initialize_theme_preview_hooks', 1 );
// Calendar widget cache.
add_action( 'save_post', 'delete_get_calendar_cache' );
add_action( 'delete_post', 'delete_get_calendar_cache' );
add_action( 'update_option_start_of_week', 'delete_get_calendar_cache' );
add_action( 'update_option_gmt_offset', 'delete_get_calendar_cache' );
// Author.
add_action( 'transition_post_status', '__clear_multi_author_cache' );
// Post.
add_action( 'init', 'create_initial_post_types', 0 ); // Highest priority.
add_action( 'admin_menu', '_add_post_type_submenus' );
add_action( 'before_delete_post', '_reset_front_page_settings_for_post' );
add_action( 'wp_trash_post', '_reset_front_page_settings_for_post' );
add_action( 'change_locale', 'create_initial_post_types' );
// Post Formats.
add_filter( 'request', '_post_format_request' );
add_filter( 'term_link', '_post_format_link', 10, 3 );
add_filter( 'get_post_format', '_post_format_get_term' );
add_filter( 'get_terms', '_post_format_get_terms', 10, 3 );
add_filter( 'wp_get_object_terms', '_post_format_wp_get_object_terms' );
// KSES.
add_action( 'init', 'kses_init' );
add_action( 'set_current_user', 'kses_init' );
// Script Loader.
add_action( 'wp_default_scripts', 'wp_default_scripts' );
add_action( 'wp_default_scripts', 'wp_default_packages' );
add_action( 'wp_default_scripts', 'wp_default_script_modules' );
add_action( 'wp_enqueue_scripts', 'wp_localize_jquery_ui_datepicker', 1000 );
add_action( 'wp_enqueue_scripts', 'wp_common_block_scripts_and_styles' );
add_action( 'wp_enqueue_scripts', 'wp_enqueue_classic_theme_styles' );
add_action( 'admin_enqueue_scripts', 'wp_localize_jquery_ui_datepicker', 1000 );
add_action( 'admin_enqueue_scripts', 'wp_common_block_scripts_and_styles' );
add_action( 'enqueue_block_assets', 'wp_enqueue_registered_block_scripts_and_styles' );
add_action( 'enqueue_block_assets', 'enqueue_block_styles_assets', 30 );
/*
* `wp_enqueue_registered_block_scripts_and_styles` is bound to both
* `enqueue_block_editor_assets` and `enqueue_block_assets` hooks
* since the introduction of the block editor in WordPress 5.0.
*
* The way this works is that the block assets are loaded before any other assets.
* For example, this is the order of styles for the editor:
*
* - front styles registered for blocks, via `styles` handle (block.json)
* - editor styles registered for blocks, via `editorStyles` handle (block.json)
* - editor styles enqueued via `enqueue_block_editor_assets` hook
* - front styles enqueued via `enqueue_block_assets` hook
*/
add_action( 'enqueue_block_editor_assets', 'wp_enqueue_registered_block_scripts_and_styles' );
add_action( 'enqueue_block_editor_assets', 'enqueue_editor_block_styles_assets' );
add_action( 'enqueue_block_editor_assets', 'wp_enqueue_editor_block_directory_assets' );
add_action( 'enqueue_block_editor_assets', 'wp_enqueue_editor_format_library_assets' );
Update @wordpress packages Update packages to include these bug fixes from Gutenberg: - Image block: Set image display to grid when no alignment sent to properly align caption on resize - Update and align template descriptions - Site Editor - prevent loading state from showing the admin menu. - Add client side routing for Site Editor - Navigation: Add clearance for appender in submenus. - Fix CSS Custom Properties for presets in the site editor - Add/navigation blocks post processing after migration from menu items - Allow selector ordering to ensure theme.json root selector margin takes precedence - Do not remove theme presets if defaults are hidden - Format library: fix unsetting highlight color - FSE: Fix template resolution to give precedence to child theme PHP templates over parent theme block templates with equal specificity - ColorPalette: Improving accessibility and visibility - Update: Make the color popover on the gradient picker appear as expected - Site Editor: Display a notice if export fails - Fix docs and function naming for gallery block registration in PHP - Switch to addEventListener for load event in the navigation block view script - Fix mistake in _remove_theme_attribute_in_block_template_content - Better synchronisation between Gutenberg and Core code - Move the block page templates hook into compat/5.9 folder - Moves to the template loader hooks and functions into lib/compat folder - Refactor the gutenberg_is_fse_theme function to use wp_is_block_theme - Site Editor: Update support doc URL in Welcome Guide - Global Styles: Add Welcome Guide toggle - Hide remove control point when removing would break gradient control - Don't request the deprecated navigation areas endpoint outside of the Gutenberg plugin - Image: Fix resizer controls being hidden in Safari when switching between alignments - Remove Navigation Menus from WP Admin sidebar - Site Editor: Hide the block appender in the Template Part editor - Site Editor: Use server definition for the Template Areas - Synchronize wp_is_block_theme and block-templates block support with Core - E2E: Retry login again after a bad nonce request to prevent intermittent test failures - Fix theme requirement validation with WP 5.8 - Fix WP 5.9 check for conditionally running code - Fix post comment form input width - Border Style Control: Update styling for consistency with border width control - Fix form-submit styles by adding button classes to the submit-button in post-comments block - Site Editor: Fix edit template part link in header dropdown - Move duotone palette to the bottom of global styles gradients - Fix how appearanceTools works - Move WP 5.9 wp-admin menus compatibility code to lib/compat folder - Revert "Site Editor: Set the <title> on the list page to be same as the CPT name" - Site Editor: Document Actions: add SR text to heading 1 - Do not register global styles CPT in WordPress 5.9 - Global Styles: Move the 'Edit colors' button to a standard menu item - Fix styles for previews and patterns - Site Editor: Fix failing E2E test - Templates: Search for old template names in the parent theme too - Remove 4 instances of 'gutenberg' text domain from WordPress core - Fix content loss when ungrouping template parts or reusable blocks - Simplify the RESET_BLOCK action to fix template part focus mode content loss - [Global Styles]: Make Blocks section more distinguishable - Only use block markup for comment form button when using a block theme - Navigation: Fix vertical alignment of page list in modal. - Fix: ToggleGroupControl active state - Remove gutenberg_ prefix from @wordpress/block-library Props ocean90, oandregal, hellofromtonya, youknowriad. See #54487. Built from https://develop.svn.wordpress.org/trunk@52364 git-svn-id: http://core.svn.wordpress.org/trunk@51956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-14 02:57:26 +01:00
add_action( 'enqueue_block_editor_assets', 'wp_enqueue_global_styles_css_custom_properties' );
add_action( 'wp_print_scripts', 'wp_just_in_time_script_localization' );
add_filter( 'print_scripts_array', 'wp_prototype_before_jquery' );
add_action( 'customize_controls_print_styles', 'wp_resource_hints', 1 );
add_action( 'admin_head', 'wp_check_widget_editor_deps' );
add_filter( 'block_editor_settings_all', 'wp_add_editor_classic_theme_styles' );
// Global styles can be enqueued in both the header and the footer. See https://core.trac.wordpress.org/ticket/53494.
add_action( 'wp_enqueue_scripts', 'wp_enqueue_global_styles' );
add_action( 'wp_footer', 'wp_enqueue_global_styles', 1 );
// Block supports, and other styles parsed and stored in the Style Engine.
add_action( 'wp_enqueue_scripts', 'wp_enqueue_stored_styles' );
add_action( 'wp_footer', 'wp_enqueue_stored_styles', 1 );
add_action( 'wp_default_styles', 'wp_default_styles' );
add_filter( 'style_loader_src', 'wp_style_loader_src', 10, 2 );
add_action( 'wp_head', 'wp_maybe_inline_styles', 1 ); // Run for styles enqueued in <head>.
add_action( 'wp_footer', 'wp_maybe_inline_styles', 1 ); // Run for late-loaded styles in the footer.
/*
* Block specific actions and filters.
*/
// Footnotes Block.
add_action( 'init', '_wp_footnotes_kses_init' );
add_action( 'set_current_user', '_wp_footnotes_kses_init' );
add_filter( 'force_filtered_html_on_import', '_wp_footnotes_force_filtered_html_on_import_filter', 999 );
/*
* Disable "Post Attributes" for wp_navigation post type. The attributes are
* also conditionally enabled when a site has custom templates. Block Theme
* templates can be available for every post type.
*/
add_filter( 'theme_wp_navigation_templates', '__return_empty_array' );
// Taxonomy.
add_action( 'init', 'create_initial_taxonomies', 0 ); // Highest priority.
add_action( 'change_locale', 'create_initial_taxonomies' );
// Canonical.
add_action( 'template_redirect', 'redirect_canonical' );
add_action( 'template_redirect', 'wp_redirect_admin_locations', 1000 );
// Media.
add_action( 'wp_playlist_scripts', 'wp_playlist_scripts' );
add_action( 'customize_controls_enqueue_scripts', 'wp_plupload_default_settings' );
add_action( 'plugins_loaded', '_wp_add_additional_image_sizes', 0 );
add_filter( 'plupload_default_settings', 'wp_show_heic_upload_error' );
// Nav menu.
add_filter( 'nav_menu_item_id', '_nav_menu_item_id_use_once', 10, 2 );
add_filter( 'nav_menu_css_class', 'wp_nav_menu_remove_menu_item_has_children_class', 10, 4 );
// Widgets.
add_action( 'after_setup_theme', 'wp_setup_widgets_block_editor', 1 );
add_action( 'init', 'wp_widgets_init', 1 );
add_action( 'change_locale', array( 'WP_Widget_Media', 'reset_default_labels' ) );
add_action( 'widgets_init', '_wp_block_theme_register_classic_sidebars', 1 );
// Admin Bar.
// Don't remove. Wrong way to disable.
add_action( 'template_redirect', '_wp_admin_bar_init', 0 );
add_action( 'admin_init', '_wp_admin_bar_init' );
Script Loader: Replace hardcoded output of style tags with calls to `wp_add_inline_style`. In this commit, enhancements have been made by replacing manually constructed style tags with calls to `wp_add_inline_style`. Previously, numerous style tags were generated and output directly in the header, resulting in redundant code and bypassing the core's style enqueueing system. This approach made it challenging for third-party developers to manage and control the output of these style tags. To ensure backward compatibility, the following functions have been deprecated and replaced: - print_embed_styles - print_emoji_styles - wp_admin_bar_header - _admin_bar_bump_cb Backward compatibility shims have also been added, ensuring that if these functions were previously unhooked from there actions, they will continue to not output a style tag. However, for the following functions, conversion to use inline styles was not feasible due to the potential disruption it might cause by changing the style tag IDs, potentially breaking JavaScript functionality for a number of plugins in the repository: - custom-background - wp-custom These changes improve code maintainability and enhance the flexibility and control available to developers when managing style outputs within WordPress core. Props spacedmonkey, hlunter, westonruter, flixos90. Fixes #58775. Built from https://develop.svn.wordpress.org/trunk@56682 git-svn-id: http://core.svn.wordpress.org/trunk@56194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-25 19:06:34 +02:00
add_action( 'wp_enqueue_scripts', 'wp_enqueue_admin_bar_bump_styles' );
add_action( 'wp_enqueue_scripts', 'wp_enqueue_admin_bar_header_styles' );
add_action( 'admin_enqueue_scripts', 'wp_enqueue_admin_bar_header_styles' );
add_action( 'before_signup_header', '_wp_admin_bar_init' );
add_action( 'activate_header', '_wp_admin_bar_init' );
add_action( 'wp_body_open', 'wp_admin_bar_render', 0 );
add_action( 'wp_footer', 'wp_admin_bar_render', 1000 ); // Back-compat for themes not using `wp_body_open`.
add_action( 'in_admin_header', 'wp_admin_bar_render', 0 );
// Former admin filters that can also be hooked on the front end.
add_action( 'media_buttons', 'media_buttons' );
add_filter( 'image_send_to_editor', 'image_add_caption', 20, 8 );
add_filter( 'media_send_to_editor', 'image_media_send_to_editor', 10, 3 );
// Embeds.
add_action( 'rest_api_init', 'wp_oembed_register_route' );
add_filter( 'rest_pre_serve_request', '_oembed_rest_pre_serve_request', 10, 4 );
add_action( 'wp_head', 'wp_oembed_add_discovery_links' );
add_action( 'wp_head', 'wp_oembed_add_host_js' ); // Back-compat for sites disabling oEmbed host JS by removing action.
add_filter( 'embed_oembed_html', 'wp_maybe_enqueue_oembed_host_js' );
add_action( 'embed_head', 'enqueue_embed_scripts', 1 );
add_action( 'embed_head', 'print_emoji_detection_script' );
Script Loader: Replace hardcoded output of style tags with calls to `wp_add_inline_style`. In this commit, enhancements have been made by replacing manually constructed style tags with calls to `wp_add_inline_style`. Previously, numerous style tags were generated and output directly in the header, resulting in redundant code and bypassing the core's style enqueueing system. This approach made it challenging for third-party developers to manage and control the output of these style tags. To ensure backward compatibility, the following functions have been deprecated and replaced: - print_embed_styles - print_emoji_styles - wp_admin_bar_header - _admin_bar_bump_cb Backward compatibility shims have also been added, ensuring that if these functions were previously unhooked from there actions, they will continue to not output a style tag. However, for the following functions, conversion to use inline styles was not feasible due to the potential disruption it might cause by changing the style tag IDs, potentially breaking JavaScript functionality for a number of plugins in the repository: - custom-background - wp-custom These changes improve code maintainability and enhance the flexibility and control available to developers when managing style outputs within WordPress core. Props spacedmonkey, hlunter, westonruter, flixos90. Fixes #58775. Built from https://develop.svn.wordpress.org/trunk@56682 git-svn-id: http://core.svn.wordpress.org/trunk@56194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-25 19:06:34 +02:00
add_action( 'embed_head', 'wp_enqueue_embed_styles', 9 );
add_action( 'embed_head', 'print_embed_styles' ); // Retained for backwards-compatibility. Unhooked by wp_enqueue_embed_styles().
add_action( 'embed_head', 'wp_print_head_scripts', 20 );
add_action( 'embed_head', 'wp_print_styles', 20 );
Robots: Introduce Robots API. This changeset introduces a filter-based Robots API, providing central control over the `robots` meta tag. * Introduces `wp_robots()` function which should be called anywhere a `robots` meta tag should be included. * Introduces `wp_robots` filter which allows adding or modifying directives for the `robots` meta tag. The `wp_robots()` function is entirely filter-based, i.e. if no filter is added to `wp_robots`, no directives will be present, and therefore the entire `robots` meta tag will be omitted. * Introduces the following `wp_robots` filter functions which replace similar existing functions that were manually rendering a `robots` meta tag: * `wp_robots_noindex()` replaces `noindex()`, which has been deprecated. * `wp_robots_no_robots()` replaces `wp_no_robots()`, which has been deprecated. * `wp_robots_sensitive_page()` replaces `wp_sensitive_page_meta()`, which has been deprecated. Its rendering of the `referrer` meta tag has been moved to another new function `wp_strict_cross_origin_referrer()`. Migration to the new functions is straightforward. For example, a call to `add_action( 'wp_head', 'wp_no_robots' )` should be replaced with `add_filter( 'wp_robots', 'wp_robots_no_robots' )`. Plugins and themes that render their own `robots` meta tags are encouraged to switch to rely on the `wp_robots` filter in order to use the central management layer now provided by WordPress core. Props adamsilverstein, flixos90, timothyblynjacobs, westonruter. See #51511. Built from https://develop.svn.wordpress.org/trunk@49992 git-svn-id: http://core.svn.wordpress.org/trunk@49693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-21 02:37:00 +01:00
add_action( 'embed_head', 'wp_robots' );
add_action( 'embed_head', 'rel_canonical' );
add_action( 'embed_head', 'locale_stylesheet', 30 );
add_action( 'enqueue_embed_scripts', 'wp_enqueue_emoji_styles' );
add_action( 'embed_content_meta', 'print_embed_comments_button' );
add_action( 'embed_content_meta', 'print_embed_sharing_button' );
add_action( 'embed_footer', 'print_embed_sharing_dialog' );
add_action( 'embed_footer', 'print_embed_scripts' );
add_action( 'embed_footer', 'wp_print_footer_scripts', 20 );
add_filter( 'excerpt_more', 'wp_embed_excerpt_more', 20 );
add_filter( 'the_excerpt_embed', 'wptexturize' );
add_filter( 'the_excerpt_embed', 'convert_chars' );
add_filter( 'the_excerpt_embed', 'wpautop' );
add_filter( 'the_excerpt_embed', 'shortcode_unautop' );
add_filter( 'the_excerpt_embed', 'wp_embed_excerpt_attachment' );
add_filter( 'oembed_dataparse', 'wp_filter_oembed_iframe_title_attribute', 5, 3 );
add_filter( 'oembed_dataparse', 'wp_filter_oembed_result', 10, 3 );
add_filter( 'oembed_response_data', 'get_oembed_response_data_rich', 10, 4 );
add_filter( 'pre_oembed_result', 'wp_filter_pre_oembed_result', 10, 3 );
// Capabilities.
add_filter( 'user_has_cap', 'wp_maybe_grant_install_languages_cap', 1 );
add_filter( 'user_has_cap', 'wp_maybe_grant_resume_extensions_caps', 1 );
add_filter( 'user_has_cap', 'wp_maybe_grant_site_health_caps', 1, 4 );
// Block templates post type and rendering.
add_filter( 'render_block_context', '_block_template_render_without_post_block_context' );
add_filter( 'pre_wp_unique_post_slug', 'wp_filter_wp_template_unique_post_slug', 10, 5 );
add_action( 'save_post_wp_template_part', 'wp_set_unique_slug_on_create_template_part' );
add_action( 'wp_enqueue_scripts', 'wp_enqueue_block_template_skip_link' );
add_action( 'wp_footer', 'the_block_template_skip_link' ); // Retained for backwards-compatibility. Unhooked by wp_enqueue_block_template_skip_link().
add_action( 'after_setup_theme', 'wp_enable_block_templates', 1 );
add_action( 'wp_loaded', '_add_template_loader_filters' );
// wp_navigation post type.
add_filter( 'rest_wp_navigation_item_schema', array( 'WP_Navigation_Fallback', 'update_wp_navigation_post_schema' ) );
// Fluid typography.
add_filter( 'render_block', 'wp_render_typography_support', 10, 2 );
// User preferences.
add_action( 'init', 'wp_register_persisted_preferences_meta' );
// CPT wp_block custom postmeta field.
add_action( 'init', 'wp_create_initial_post_meta' );
Revisions: framework for storing post meta revisions. Enable the storing of post meta in revisions including autosaves and previews: Add a new argument `revisions_enabled` to the `register_meta` function which enables storing meta in revisions. Add a new `wp_post_revision_meta_keys` filter which developers can use to control which meta is revisioned - it passes an array of the meta keys with revisions enabled as well as the post type. Meta keys with revisions enabled are also stored for autosaves, and are restored when a revision or autosave is restored. In addition, meta values are now stored with the autosave revision used for previews. Changes to meta can now be previewed correctly without overwriting the published meta (see #20299) or passing data as a query variable, as the editor currently does to preview changes to the featured image. Changes to meta with revisions enabled are considered when determining if a new revision should be created. A new revision is created if the meta value has changed since the last revision. Revisions are now saved on the `wp_after_insert_post` hook instead of `post_updated`. The `wp_after_insert_post` action is fired after post meta has been saved by the REST API which enables attaching meta to the revision. To ensure backwards compatibility with existing action uses, `wp_save_post_revision_on_insert` function exits early if plugins have removed the previous `do_action( 'post_updated', 'wp_save_post_revision' )` call. Props: alexkingorg, johnbillion, markjaquith, WraithKenny, kovshenin, azaozz, tv-productions, p51labs, mattheu, mikeschroder, Mamaduka, ellatrix, timothyblynjacobs, jakemgold, bookwyrm, ryanduff, mintindeed, wonderboymusic, sanchothefat, westonruter, spacedmonkey, hellofromTonya, drewapicture, adamsilverstein, swisspiddy. Fixes #20564, #20299. Built from https://develop.svn.wordpress.org/trunk@56714 git-svn-id: http://core.svn.wordpress.org/trunk@56226 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-26 17:32:19 +02:00
// Include revisioned meta when considering whether a post revision has changed.
add_filter( 'wp_save_post_revision_post_has_changed', 'wp_check_revisioned_meta_fields_have_changed', 10, 3 );
// Save revisioned post meta immediately after a revision is saved
add_action( '_wp_put_post_revision', 'wp_save_revisioned_meta_fields', 10, 2 );
// Include revisioned meta when creating or updating an autosave revision.
add_action( 'wp_creating_autosave', 'wp_autosave_post_revisioned_meta_fields' );
// When restoring revisions, also restore revisioned meta.
add_action( 'wp_restore_post_revision', 'wp_restore_post_revision_meta', 10, 2 );
Introduce font-face styles generator and printer. Introducing Font Face, a server-side `@font-face` styles generator and printer. tl;dr: * Introduces Font Face. * Deprecates `_wp_theme_json_webfonts_handler()`. **Introduce Font Face** From an array of fonts (i.e. each font-family and its font variations to be processed), it: 1. Validates each `font-face` declaration, i.e. the CSS property and value pairing. If validation fails, processing stops with no font-face styles printed. 3. Generates the `@font-face` CSS for each font-family. 4. Prints the CSS within a `<style id="wp-fonts-local">` element. The entry point into Font Face is through a new global function called `wp_print_font_faces()`, which is automatically called: * when the `'wp_head'` hook runs (for the front-end). * when the `'admin_print_styles'` hook runs (for the back-end). * when `_wp_get_iframed_editor_assets()` runs to inject the `@font-face` styles into the iframed editor. Once called, it gets the fonts from Theme_JSON merged data layer, which includes theme defined fonts and user activated fonts (once the Font Library #59166 is introduced into Core). For classic sites, themes and plugins can directly call `wp_print_font_faces()` and pass their fonts array to it for processing. **Deprecates `_wp_theme_json_webfonts_handler()`.** As Font Face is a direct replacement, the stopgap code in `_wp_theme_json_webfonts_handler()` (introduced in 6.0.0 via [53282]) is deprecated and unused in Core. **Props note:** There's a long multiple year history baked into Font Face, which dates back to the early versions of a web font API (see #46370 and [https://github.com/WordPress/gutenberg/issues/41479 roadmap]. The props list includes those who contributed from those early versions up to this commit. **References:** * #46370 original (Web)Fonts API proposal for registering and enqueuing web fonts. * [https://github.com/WordPress/gutenberg/issues/41479 Gutenberg tracking issue] which includes the evolution from Webfonts API to Fonts API to Font Face. * [53282] / #55567 Added the stopgap code `_wp_theme_json_webfonts_handler()` in 6.0. * [https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face @font-face on mdn web docs] * #59166 Font Library: Font manager for WordPress Follow-up to [53282]. Props aristath, jonoaldersonwp, hellofromTonya, andraganescu, annezazu, antonvlasenko, arena, askdesign, azaozz, bph, bradley2083, colorful-tones, costdev, davidbaumwald, desrosj, dingo_d, djcowan, domainsupport, dryanpress, elmastudio, flixos90, francina, garrett-eclipse, gigitux, grantmkin, grapplerulrich, gziolo, ironprogrammer, jb510, jeffpaul, jeremyyip, jffng, joostdevalk, jorgefilipecosta, juanmaguitar, mamaduka, matveb, mburridge, mitogh, ndiego, ntsekouras, oandregal, ocean90, oglekler, paaljoachim, pagelab, peterwilsoncc, poena, priethor, scruffian, SergeyBiryukov, shiloey, simison, skorasaurus, soean, westonruter, wildworks, zaguiini. Fixes #59165. Built from https://develop.svn.wordpress.org/trunk@56500 git-svn-id: http://core.svn.wordpress.org/trunk@56012 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-08-31 23:49:20 +02:00
// Font management.
add_action( 'wp_head', 'wp_print_font_faces', 50 );
add_action( 'deleted_post', '_wp_after_delete_font_family', 10, 2 );
add_action( 'before_delete_post', '_wp_before_delete_font_face', 10, 2 );
add_action( 'init', '_wp_register_default_font_collections' );
Introduce font-face styles generator and printer. Introducing Font Face, a server-side `@font-face` styles generator and printer. tl;dr: * Introduces Font Face. * Deprecates `_wp_theme_json_webfonts_handler()`. **Introduce Font Face** From an array of fonts (i.e. each font-family and its font variations to be processed), it: 1. Validates each `font-face` declaration, i.e. the CSS property and value pairing. If validation fails, processing stops with no font-face styles printed. 3. Generates the `@font-face` CSS for each font-family. 4. Prints the CSS within a `<style id="wp-fonts-local">` element. The entry point into Font Face is through a new global function called `wp_print_font_faces()`, which is automatically called: * when the `'wp_head'` hook runs (for the front-end). * when the `'admin_print_styles'` hook runs (for the back-end). * when `_wp_get_iframed_editor_assets()` runs to inject the `@font-face` styles into the iframed editor. Once called, it gets the fonts from Theme_JSON merged data layer, which includes theme defined fonts and user activated fonts (once the Font Library #59166 is introduced into Core). For classic sites, themes and plugins can directly call `wp_print_font_faces()` and pass their fonts array to it for processing. **Deprecates `_wp_theme_json_webfonts_handler()`.** As Font Face is a direct replacement, the stopgap code in `_wp_theme_json_webfonts_handler()` (introduced in 6.0.0 via [53282]) is deprecated and unused in Core. **Props note:** There's a long multiple year history baked into Font Face, which dates back to the early versions of a web font API (see #46370 and [https://github.com/WordPress/gutenberg/issues/41479 roadmap]. The props list includes those who contributed from those early versions up to this commit. **References:** * #46370 original (Web)Fonts API proposal for registering and enqueuing web fonts. * [https://github.com/WordPress/gutenberg/issues/41479 Gutenberg tracking issue] which includes the evolution from Webfonts API to Fonts API to Font Face. * [53282] / #55567 Added the stopgap code `_wp_theme_json_webfonts_handler()` in 6.0. * [https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face @font-face on mdn web docs] * #59166 Font Library: Font manager for WordPress Follow-up to [53282]. Props aristath, jonoaldersonwp, hellofromTonya, andraganescu, annezazu, antonvlasenko, arena, askdesign, azaozz, bph, bradley2083, colorful-tones, costdev, davidbaumwald, desrosj, dingo_d, djcowan, domainsupport, dryanpress, elmastudio, flixos90, francina, garrett-eclipse, gigitux, grantmkin, grapplerulrich, gziolo, ironprogrammer, jb510, jeffpaul, jeremyyip, jffng, joostdevalk, jorgefilipecosta, juanmaguitar, mamaduka, matveb, mburridge, mitogh, ndiego, ntsekouras, oandregal, ocean90, oglekler, paaljoachim, pagelab, peterwilsoncc, poena, priethor, scruffian, SergeyBiryukov, shiloey, simison, skorasaurus, soean, westonruter, wildworks, zaguiini. Fixes #59165. Built from https://develop.svn.wordpress.org/trunk@56500 git-svn-id: http://core.svn.wordpress.org/trunk@56012 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-08-31 23:49:20 +02:00
// Add ignoredHookedBlocks metadata attribute to the template and template part post types.
Block Hooks: Pass correct context to filters. The `$context` argument passed to filters such as `hooked_block_types`, `hooked_block`, and `hooked_block_{$hooked_block_type}` allows them to conditionally insert a hooked block. If the anchor block is contained in a template or template part, `$context` will be set to a `WP_Block_Template` object reflecting that template or part. The aforementioned filters are applied when hooked block insertion is run upon reading a template (or part) from the DB (and before sending the template/part content with hooked blocks inserted over the REST API to the client), but also upon writing to the DB, as that's when the `ignoredHookedBlocks` metadata attribute is set. Prior to this changeset, the `$context` passed to Block Hooks related filters in the latter case reflected the template/part that was already stored in the database (if any), which is a bug; instead, it needs to reflect the template/part that will result from the incoming `POST` network request that will trigger a database update. Those incoming changes are encapsulated in the `$changes` argument passed to the `reset_pre_insert_template` and `reset_pre_insert_template_part` filters, respectively, and thus to the `inject_ignored_hooked_blocks_metadata_attributes` function that is hooked to them. `$changes` is of type `stdClass` and only contains the fields that need to be updated. That means that in order to create a `WP_Block_Template` object, a two-step process is needed: - Emulate what the updated `wp_template` or `wp_template_part` post object in the database will look like by merging `$changes` on top of the existing `$post` object fetched from the DB, or from the theme's block template (part) file, if any. - Create a `WP_Block_Template` from the resulting object. To achieve the latter, a new helper method (`_build_block_template_object_from_post_object`) is extracted from the existing `_build_block_template_result_from_post` function. (The latter cannot be used directly as it includes a few database calls that will fail if no post object for the template has existed yet in the database.) While somewhat complicated to implement, the overall change allows for better separation of concerns and isolation of entities. This is visible e.g. in the fact that `inject_ignored_hooked_blocks_metadata_attributes` no longer requires a `$request` argument, which is reflected by unit tests no longer needing to create a `$request` object to pass to it, thus decoupling the function from the templates endpoint controller. Unit tests for `inject_ignored_hooked_blocks_metadata_attributes` have been moved to a new, separate file. Test coverage has been added such that now, all three relevant scenarios are covered: - The template doesn't exist in the DB, nor is there a block theme template file for it. - The template doesn't exist in the DB, but there is a block theme template file for it. - The template already exists in the DB. Those scenarios also correspond to the logical branching inside `WP_REST_Templates_Controller::prepare_item_for_database`, which is where `inject_ignored_hooked_blocks_metadata_attributes` gets its data from. Props tomjcafferkey, bernhard-reiter, gziolo, swissspidy. Fixes #60754. Built from https://develop.svn.wordpress.org/trunk@57919 git-svn-id: http://core.svn.wordpress.org/trunk@57420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-04-03 17:11:14 +02:00
add_filter( 'rest_pre_insert_wp_template', 'inject_ignored_hooked_blocks_metadata_attributes' );
add_filter( 'rest_pre_insert_wp_template_part', 'inject_ignored_hooked_blocks_metadata_attributes' );
Block Hooks: Move ignoredHookedBlocks metadata injection logic. As of [57790], the Templates endpoint uses the `rest_pre_insert_*` filter to inject the `ignoredHookedBlocks` metadata attribute into anchor blocks, prior to persisting a template or template part to the database. The same principle was implemented for the Navigation endpoint (where additionally, first and last child blocks added at the top level are store in the `wp_navigation` post object's post meta). The required logic was added to the Navigation block's code, i.e. inside the Gutenberg code repository, and then synchronized to Core. In order to harmonize the code between the two endpoints, this changeset introduces a new `update_ignored_hooked_blocks_postmeta` function, which is based on the Navigation block's `block_core_navigation_update_ignore_hooked_blocks_meta`, alongside a few helper functions, and hooks it to the `rest_pre_insert_wp_navigation` filter hook. (The Navigation block has been prepared in [58275] to add an additional conditional to check for the new `update_ignored_hooked_blocks_postmeta` filter so there won't be any collisions.) Eventually, this will allow to deprecate `block_core_navigation_update_ignore_hooked_blocks_meta` (and some related functions), and remove the relevant code from the Navigation block. It also paves the way for some other future changes, such as inserting a hooked block as a Template Part block's first or last child (#60854). Props tomjcafferkey, bernhard-reiter. Fixes #60759. Built from https://develop.svn.wordpress.org/trunk@58291 git-svn-id: http://core.svn.wordpress.org/trunk@57751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-06-03 14:05:15 +02:00
// Update ignoredHookedBlocks postmeta for wp_navigation post type.
add_filter( 'rest_pre_insert_wp_navigation', 'update_ignored_hooked_blocks_postmeta' );
// Inject hooked blocks into the wp_navigation post type REST response.
add_filter( 'rest_prepare_wp_navigation', 'insert_hooked_blocks_into_rest_response', 10, 2 );
unset( $filter, $action );