davidbaumwald
3dd30db613
Grouped backports to the 4.5 branch.
...
- Comments: Prevent users who can not see a post from seeing comments on it.
- Shortcodes: Restrict media shortcode ajax to certain type.
- REST API: Ensure no-cache headers are sent when methods are overridden.
- Prevent unintended behavior when certain objects are unserialized.
Merges [56834], [56835], [56836], and [56838] to the 4.5 branch.
Props xknown, jorbin, joehoyle, timothyblynjacobs, peterwilsoncc, ehtis, tykoted, antpb, rmccue.
Built from https://develop.svn.wordpress.org/branches/4.5@56857
git-svn-id: http://core.svn.wordpress.org/branches/4.5@56368 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-10-12 18:10:07 +00:00
Rachel Baker
f99ec3db18
Comments: In the comments list table, only link rows inside the “Submitted On” column to the comment if it is publicly viewable.
...
The date within the comments list table “Submitted On” column will only be wrapped in `get_comment_link()` if the comment is approved and associated with a valid `comment_post_ID`.
Fixes #35279 .
Built from https://develop.svn.wordpress.org/trunk@36521
git-svn-id: http://core.svn.wordpress.org/trunk@36488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-12 21:43:26 +00:00
Boone Gorges
b5d12e130c
Comments: Restore the ability to bypass post_id filter using 0 or '0'.
...
The changes introduced in [36381], while logical and clearly awesome, introduce
the potential for much breakage. Those who want to query for comments with a
null `comment_post_ID` should use `'post_in' => array( 0 )` instead.
Reverts [36381], [36387].
See #35090 .
Built from https://develop.svn.wordpress.org/trunk@36480
git-svn-id: http://core.svn.wordpress.org/trunk@36447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-05 18:50:25 +00:00
Boone Gorges
00cf77999d
In comments list table, $post_id
should default to false
rather than 0.
...
After [36381], the default value of `0` was causing the list table at
edit-comments.php to be empty. `false` prevents this.
This fix is likely temporary, while more research is done into the backward
compatibility concerns tied to [36381].
See #35090 .
Built from https://develop.svn.wordpress.org/trunk@36387
git-svn-id: http://core.svn.wordpress.org/trunk@36354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-23 22:16:26 +00:00
Rachel Baker
9065794462
List Tables: Use the $GLOBALS array when unsetting the global post and comment in WP_Comments_List_Table::single_row()
.
...
In r35674 only the local variables were unset, when using `unset()` with a global variable the `$GLOBALS` array must be used.
Fixes #35506 .
Built from https://develop.svn.wordpress.org/trunk@36339
git-svn-id: http://core.svn.wordpress.org/trunk@36306 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-18 02:50:27 +00:00
Andrea Fercia
2d76f3cb83
Accessibility: Remove title attributes from the Comments screen.
...
Fixes #35304 .
Built from https://develop.svn.wordpress.org/trunk@36298
git-svn-id: http://core.svn.wordpress.org/trunk@36265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-14 16:04:27 +00:00
John Blackbourn
f63dc802cb
Comments: Correct the docblocks for various methods in the comment list table class.
...
See #32246
Built from https://develop.svn.wordpress.org/trunk@36248
git-svn-id: http://core.svn.wordpress.org/trunk@36215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-10 00:52:25 +00:00
Ella Iseulde Van Dorpe
657d3b50af
Make date format consistent across the admin
...
The 'date_format' and 'time_format' options shouldn't affect the backend.
See #30864
Built from https://develop.svn.wordpress.org/trunk@35811
git-svn-id: http://core.svn.wordpress.org/trunk@35775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-07 04:26:27 +00:00
John Blackbourn
ec24d6e001
In a similar vein to [34133], escape the email address and IP address of comment authors to increase defence in depth.
...
Built from https://develop.svn.wordpress.org/trunk@35748
git-svn-id: http://core.svn.wordpress.org/trunk@35712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-29 02:43:24 +00:00
Sergey Biryukov
ae04eba0b6
Comments: After [35670], change the CSS class for the pending comments count back to moderated
.
...
Fixes #34680 .
Built from https://develop.svn.wordpress.org/trunk@35726
git-svn-id: http://core.svn.wordpress.org/trunk@35690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-22 15:23:26 +00:00
Scott Taylor
838592c1ba
List Tables: because we can never eradicate the existence of globals, ensure that $comment
is hoisted into the global space inside WP_Comments_List_Table::single_row()
.
...
Fixes #34654 .
Built from https://develop.svn.wordpress.org/trunk@35674
git-svn-id: http://core.svn.wordpress.org/trunk@35638 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-18 19:05:30 +00:00
Sergey Biryukov
bc41f44158
I18N: After [34424], replace the placeholder with comments count after translate_nooped_plural()
runs, not before.
...
Props hnle.
Fixes #34680 .
Built from https://develop.svn.wordpress.org/trunk@35670
git-svn-id: http://core.svn.wordpress.org/trunk@35634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-18 18:04:28 +00:00
Sergey Biryukov
0d4cf36199
I18N: Remove <a>
tag from translatable string in wp-admin/includes/class-wp-comments-list-table.php
.
...
Props ramiy.
Fixes #34686 .
Built from https://develop.svn.wordpress.org/trunk@35666
git-svn-id: http://core.svn.wordpress.org/trunk@35630 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-18 17:34:27 +00:00
Drew Jaynes
64f5e0683a
Docs: Document use of the $comment_status
global in the DocBlock for WP_Comments_List_Table::handle_row_actions()
.
...
Props shimakyohsuke.
Fixes #34425 .
Built from https://develop.svn.wordpress.org/trunk@35490
git-svn-id: http://core.svn.wordpress.org/trunk@35454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-02 21:33:27 +00:00
Dion Hulse
d2aca078b6
Comments: Use a full URL rather than a relative one for links which can contain IPv6 addresses to avoid an issue where the URL was being eaten by escaping functions.
...
See #34407 , #34202
Fixes #34054
Built from https://develop.svn.wordpress.org/trunk@35368
git-svn-id: http://core.svn.wordpress.org/trunk@35332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-23 05:14:25 +00:00
Drew Jaynes
8a386cb24f
Docs: Add missing file headers to the list table classes and adjust class DocBlocks accordingly.
...
See #33701 .
Built from https://develop.svn.wordpress.org/trunk@35241
git-svn-id: http://core.svn.wordpress.org/trunk@35207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-17 15:13:25 +00:00
Scott Taylor
0c2b2a0e3d
List Tables/WP_Screen: in WP_Screen
, add methods to store, retrieve, and render screen reader text, primarily used by list table screens.
...
These additions are based on an audit and recommendations by the Accessibility team. #a11y'all
Props afercia.
Fixes #32147 .
Built from https://develop.svn.wordpress.org/trunk@34891
git-svn-id: http://core.svn.wordpress.org/trunk@34856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 01:28:25 +00:00
Andrea Fercia
6fdd384fe0
Comments List Table: fix the translators comment for all count after [34506].
...
See #17275 .
Built from https://develop.svn.wordpress.org/trunk@34508
git-svn-id: http://core.svn.wordpress.org/trunk@34472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-24 18:40:24 +00:00
Scott Taylor
4671e03766
Comments List Table: include count for "All". Dynamically update.
...
Fixes #17275 .
Built from https://develop.svn.wordpress.org/trunk@34506
git-svn-id: http://core.svn.wordpress.org/trunk@34470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-24 17:57:25 +00:00
Scott Taylor
bc5eb3a623
Comments: add date
column to WP_Comments_List_Table
to allow sorting and to break out the date/time from the comment content column.
...
Props jshreve.
Fixes #15520 .
Built from https://develop.svn.wordpress.org/trunk@34504
git-svn-id: http://core.svn.wordpress.org/trunk@34468 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-24 17:27:26 +00:00
Sergey Biryukov
8db1c75a7e
Remove extra HTML from translatable strings in WP_Comments_List_Table::get_views()
.
...
Add a context and translator comments.
Props Tmeister for initial patch.
Fixes #31859 .
Built from https://develop.svn.wordpress.org/trunk@34424
git-svn-id: http://core.svn.wordpress.org/trunk@34388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 14:33:25 +00:00
Scott Taylor
f9c2a88a8a
List Tables: when comparing string literals (non-numeric in nature) against vars, strict comparison can/should be used.
...
Props wonderboymusic, Viper007Bond.
Fixes #21249 .
Built from https://develop.svn.wordpress.org/trunk@34383
git-svn-id: http://core.svn.wordpress.org/trunk@34347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 06:06:25 +00:00
Sergey Biryukov
7adaef50bb
Include placeholders in translator comments.
...
See #31857 .
Built from https://develop.svn.wordpress.org/trunk@34304
git-svn-id: http://core.svn.wordpress.org/trunk@34268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-18 18:58:24 +00:00
Scott Taylor
ec01716bb2
Don't use HTML tags in translation strings for "In Reply To" links for comments in the admin.
...
Props ramiy.
Fixes #31857 .
Built from https://develop.svn.wordpress.org/trunk@34297
git-svn-id: http://core.svn.wordpress.org/trunk@34261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-18 18:36:24 +00:00
Scott Taylor
5920e8eb13
Move WP_Post_Comments_List_Table
to its own file.
...
See #33413 .
Built from https://develop.svn.wordpress.org/trunk@34223
git-svn-id: http://core.svn.wordpress.org/trunk@34187 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-16 06:53:24 +00:00
Scott Taylor
98acab10ea
Comments/PHP Notices: check that a parent comment exists before displaying an orphan's link to it in the admin.
...
Props rachelbaker.
Fixes #33710 .
Built from https://develop.svn.wordpress.org/trunk@34015
git-svn-id: http://core.svn.wordpress.org/trunk@33984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 20:51:23 +00:00
Scott Taylor
52516a68ab
After the global
churn in [33964], also set $post
to null
at the end of WP_Comments_List_Table::single_row()
to ensure that an orphaned comment doesn't inherit the previous row's $post
context.
...
See #33638 .
Built from https://develop.svn.wordpress.org/trunk@33986
git-svn-id: http://core.svn.wordpress.org/trunk@33955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 03:12:23 +00:00
Scott Taylor
71f955dc84
In WP_Comments_List_Table
, favor passing WP_Comment
instances instead of $comment_ID
to template functions. This allows us to bypass unnecessary cache lookups and simply pass the object through when it is set.
...
See #33638 .
Built from https://develop.svn.wordpress.org/trunk@33964
git-svn-id: http://core.svn.wordpress.org/trunk@33933 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 03:00:24 +00:00
Scott Taylor
80a20e5c3d
Handle more cases (untrailingslashit
, HTTPS urls) for sanitizing an author URL for display in the comments list table.
...
Props afercia, mehulkaklotar, swissspidy, johnbillion.
Fixes #33291 .
Built from https://develop.svn.wordpress.org/trunk@33894
git-svn-id: http://core.svn.wordpress.org/trunk@33863 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-03 23:23:24 +00:00
Drew Jaynes
375d30f699
Docs: Add a duplicate filter comment to the comment_email
filter call in WP_Comments_List_Table
, introduced in [33829].
...
See #11566 .
Built from https://develop.svn.wordpress.org/trunk@33830
git-svn-id: http://core.svn.wordpress.org/trunk@33798 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-31 21:22:21 +00:00
Scott Taylor
a5b157ffde
Remove the hamburger global'ing from [33828]: since no args are passed to comment_author_email_link()
, the internals can be simplified and applied inline.
...
See #11566 .
Built from https://develop.svn.wordpress.org/trunk@33829
git-svn-id: http://core.svn.wordpress.org/trunk@33797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-31 21:09:21 +00:00
Scott Taylor
d0a1a47708
Fix warnings after [33826]. Only only one function call needs a global $comment
, we shall hamburger it.
...
See #11566 .
Built from https://develop.svn.wordpress.org/trunk@33828
git-svn-id: http://core.svn.wordpress.org/trunk@33796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-31 20:59:21 +00:00
Scott Taylor
7ab015c5ab
WP_Comments_List_Table::single_row()
has no reason to set the $comment
global. No other methods use it, and we are not in template/loop context. This can mess with the response of get_comment()
elsewhere, since get_comment()
internally bypasses the cache/db when a global is set.
...
See #11566 .
Built from https://develop.svn.wordpress.org/trunk@33826
git-svn-id: http://core.svn.wordpress.org/trunk@33794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-31 20:42:21 +00:00
Sergey Biryukov
8b1fe986c3
Use wp_html_excerpt()
to properly cut comment author URL for display on Comments screen.
...
props brettz95, solarissmoke.
fixes #15659 .
Built from https://develop.svn.wordpress.org/trunk@33825
git-svn-id: http://core.svn.wordpress.org/trunk@33793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-31 20:41:21 +00:00
Scott Taylor
20f6db2b18
Comment List Tables:
...
* Ensure that dynamic bubble counts are in sync by `comment_post_ID`
* Scope `:animated` to `#the-comment-list`
See #11200 .
Built from https://develop.svn.wordpress.org/trunk@33662
git-svn-id: http://core.svn.wordpress.org/trunk@33629 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-20 16:36:25 +00:00
Scott Taylor
2e2223ae74
Comments List Table:
...
* In a view that initially has comments, but they get removed due to user actions: show the `No Items` row instead of bombing out and showing nothing (which looks broken)
* To accomplish this, in `WP_Comments_List_Table::display()`: call `->display_rows_or_placeholder()` instead of `->display()`
* Listen for the end of row `.fadeOut()`s if necessary using jQuery Promises
Fixes #11200 .
Built from https://develop.svn.wordpress.org/trunk@33657
git-svn-id: http://core.svn.wordpress.org/trunk@33624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-20 05:54:25 +00:00
Scott Taylor
df618f3461
Comments List Table:
...
* Show count next to "Approved"
* Properly increment/decrement counts when row actions are clicked
* In `_wp_ajax_delete_comment_response()`, return the comment's `status` with the `supplemental` data
* Handle counts properly on each scenario of `undo`
See #11200 .
Built from https://develop.svn.wordpress.org/trunk@33655
git-svn-id: http://core.svn.wordpress.org/trunk@33622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-20 02:51:25 +00:00
Dominik Schilling
f74a907eac
Capabilities: Fall back to the edit_posts
capability for orphaned comments.
...
Also avoid PHP notices because of orphaned comments in the comments list table.
Includes unit test.
props pento, dd32.
fixes #33154 .
Built from https://develop.svn.wordpress.org/trunk@33614
git-svn-id: http://core.svn.wordpress.org/trunk@33581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-13 22:31:24 +00:00
Helen Hou-Sandí
7b7ae2ee25
Comments list table: Display that cute lil comment bubble.
...
The comments list table suffers from "wall of text" problems, which the two plain text links compounded.
props obenland. fixes #33149 .
Built from https://develop.svn.wordpress.org/trunk@33490
git-svn-id: http://core.svn.wordpress.org/trunk@33457 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-29 18:08:25 +00:00
Sergey Biryukov
48a1c86245
Comment string tweaks:
...
* Merge two strings about an invalid comment ID.
* Add missing context to 'Mark as Spam' string.
* Merge two 'In Response To' strings, replace redundant context with a translator comment.
props pavelevap.
fixes #32334 .
Built from https://develop.svn.wordpress.org/trunk@33436
git-svn-id: http://core.svn.wordpress.org/trunk@33403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-26 23:36:24 +00:00
Scott Taylor
4d34e37311
List Tables:
...
* In `->handle_row_actions()`, bail immediately if `$primary` and `$column_name` do not match. Saves us a nesting level and avoids declaring code that is unusable.
* In `WP_List_Table::single_row_columns()`, allow `_column_{$name}` to be called dynamically by core to avoid having to override the entirety of `->single_row_columns()` in `WP_MS_Users_List_Table` and `WP_Posts_List_Table`
* In `WP_MS_Sites_List_Table`, `id` is not a column.
Props wonderboymusic, paulwilde.
Fixes #29881 .
Built from https://develop.svn.wordpress.org/trunk@33270
git-svn-id: http://core.svn.wordpress.org/trunk@33242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-14 17:47:24 +00:00
Helen Hou-Sandí
6e73f1282e
List tables: Better accessibility and design for the comments bubble.
...
It is now plain text in the comments list table's "In Response To" column, where it was visually a bit confusing to have the bubble. For other list tables, it now shows a little notification bubble with the number of pending comments. The bubble and notification become plain text in the responsive list table view. It also shows no bubble when there are no comments at all, reducing some of the visual noise.
props picard102, afercia, karinchristen.
fixes #32152 .
Built from https://develop.svn.wordpress.org/trunk@33155
git-svn-id: http://core.svn.wordpress.org/trunk@33127 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-10 21:44:25 +00:00
Helen Hou-Sandí
df220685a0
List tables: Account for comments being reused on the post edit screen.
...
Adding the `.wp-list-table` class gets us a few responsive goodies for free. And now it won't show a strange button outline.
see #32395 .
Built from https://develop.svn.wordpress.org/trunk@33101
git-svn-id: http://core.svn.wordpress.org/trunk@33072 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-07 00:09:24 +00:00
Helen Hou-Sandí
8eb7f71e6b
List tables: A better responsive view.
...
Instead of truncating columns, the data that's already in the markup can now be toggled into view. Only seems appropriate to celebrate four years of contributing by finally doing the first thing I ever mocked up.
Known issues / concerns:
* Custom list tables that don't define a primary column will show nothing at all. These are not extremely common, as `WP_List_Table` isn't really recommended for plugin consumption, but it happens. We need to come up with some kind of fallback.
* Some visual elements, particularly whitespace, could use refining.
* Needs a11y review.
* Touch performance on iOS feels sluggish - is there anything we can do about that?
* Would this be better accordion-style (only one expanded at a time)?
* Is `wp_strip_all_tags()` good enough for column titles that have HTML in them? It's essentially a workaround for the fact that core's comments column does that for the icon, which maybe it shouldn't. Perhaps worth another ticket, as a markup change would be fairly independent.
* Visual hierarchy is not great when expanded (also worthy of another ticket).
* Quick edit now becomes noticeably more annoying to cancel out of, as you have to scroll all the way down and you lose your position from before it was opened. Again, worthy of another ticket.
props Michael Arestad, helen.
see #32395 .
Built from https://develop.svn.wordpress.org/trunk@33016
git-svn-id: http://core.svn.wordpress.org/trunk@32987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 01:31:25 +00:00
Scott Taylor
5c6b63d3a6
if
is a statment, not a function.
...
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32800
git-svn-id: http://core.svn.wordpress.org/trunk@32771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-16 20:01:25 +00:00
Scott Taylor
f88b42be94
In WP_Comments_List_Table::column_comment()
, $post
and $the_comment_status
are unused, as is the $comment_status
global.
...
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32736
git-svn-id: http://core.svn.wordpress.org/trunk@32707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-12 18:39:25 +00:00
Drew Jaynes
5457eb4933
Add missing return descriptions and fix formatting of inline documentation introduced in [32644].
...
See #25408 . See #32246 .
Built from https://develop.svn.wordpress.org/trunk@32660
git-svn-id: http://core.svn.wordpress.org/trunk@32630 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-31 01:18:26 +00:00
Scott Taylor
6a08b00632
Add @access
annotations to methods that have no doc block in wp-admin/includes/*
.
...
Makes it easier to search for no doc blocks via `}[\n\t\r ]+(protected|private|public)`.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32656
git-svn-id: http://core.svn.wordpress.org/trunk@32626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 21:32:24 +00:00
Scott Taylor
c6a4512b1b
Add missing doc blocks to wp-admin/includes/*
.
...
Fix some egregious uses of tabbing.
Some functions can simply return `apply_filters(...)` instead of setting a variable that is immediately returned.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32654
git-svn-id: http://core.svn.wordpress.org/trunk@32624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 20:17:26 +00:00
Helen Hou-Sandí
f5646cd9e5
Define a primary column for WP_Post_Comments_List_Table
.
...
props boonebgorges.
see #25408 .
Built from https://develop.svn.wordpress.org/trunk@32651
git-svn-id: http://core.svn.wordpress.org/trunk@32621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 15:52:25 +00:00