This changeset fixes encoding issues in background update emails by applying `html_entity_decode()` on Plugin/Theme names in `send_plugin_theme_email()`.
Props paulschreiber, audrasjb, benjgrolleau, sanketchodavadiya, robinwpdeveloper, paulamit.
Fixes#56964.
Built from https://develop.svn.wordpress.org/trunk@55411
git-svn-id: http://core.svn.wordpress.org/trunk@54944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset moves the `wp-theme-plugin-editor` admin script before `</body>` instead of in the `<head>`. This fixes an issue where the collapse admin menu feature was not working in the Theme|Plugin File Editor screens.
Props itsnikhilpatel, dilipbheda, stalukder03, audrasjb, adeltahri, Ankit-K-Gupta, mahbubshovan.
Fixes#57073.
Built from https://develop.svn.wordpress.org/trunk@55410
git-svn-id: http://core.svn.wordpress.org/trunk@54943 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `rss_widget_feed_link` filter added in [52031] documents the parameter as a string, but recommends removing by returning false. Change the recommendation and documentation to make this consistent and update Twenty Twenty One to use the new recommended return value. Maintains documentation as possibly returning `false` for backwards compatibility.
Props sabernhardt, Mista-Flo.
Fixes#57594.
Built from https://develop.svn.wordpress.org/trunk@55409
git-svn-id: http://core.svn.wordpress.org/trunk@54942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This type of transformation isn't always appropriate, especially for non-English language sites. Displaying the original option name makes it more clear what option is being changed.
Props SergeyBiryukov, sabernhardt, afrin29, afshanadiya
Fixes#50572
Built from https://develop.svn.wordpress.org/trunk@55408
git-svn-id: http://core.svn.wordpress.org/trunk@54941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Setting a bookmark on a tag should set its "start" position before the opening "<", e.g.:
{{{
<div> Testing a <b>Bookmark</b>
----------------^
}}}
The previous calculation assumed this is always one byte to the left from `$tag_name_starts_at`.
However, in a closing tag that index points to a solidus symbol "/":
{{{
<div> Testing a <b>Bookmark</b>
----------------------------^
}}}
The bookmark should therefore start two bytes before the tag name:
{{{
<div> Testing a <b>Bookmark</b>
---------------------------^
}}}
This changeset achieves this by:
* Using the correct starting index for closing tag bookmarks.
* Adding `array( 'tag_closers' => 'visit' )` in `WP_HTML_Tag_Processor::seek()`.
Follow-up to [55203].
Props zieladam, dmsnell, flixos90.
Fixes#57787.
See #57575.
Built from https://develop.svn.wordpress.org/trunk@55407
git-svn-id: http://core.svn.wordpress.org/trunk@54940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While the guard condition was technically correct, it's not practical or necessary to provide this protection for every use of every filter, and it adds unnecessary burden to translators to provide translations for strings that will likely not be seen.
Follow up to [55254].
Fixes#57320
Built from https://develop.svn.wordpress.org/trunk@55406
git-svn-id: http://core.svn.wordpress.org/trunk@54939 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds Deep, Outlined, and Crisp default shadow presets to Core's `theme.json` file.
Updates the Natural and Sharp `'shadow'` styles.
These shadow presets are used to populate the Shadow tools in the Site Editor's Global Styles UI.
References:
* [https://github.com/WordPress/gutenberg/pull/46502 Gutenberg PR 46502]
Follow-up to [55176].
Props franz00, madhudollu, ajlende, beafialho, costdev, dhrupo, fabiankaegy, hellofromTonya, jameskoster, joen, kellychoffman, mamaduka, mtias, oandregal, priethor, richtabor, scruffian.
Fixes#57708.
See #57559.
Built from https://develop.svn.wordpress.org/trunk@55405
git-svn-id: http://core.svn.wordpress.org/trunk@54938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to avoid timeout in Imagick operations.
Previously, Imagick operations could silently error by timeout and produce unexpected results. The new `::set_imagick_time_limit()` method, now used in `::resize()` and `::crop()`, will better handle garbage collection in these cases as well as better align Imagick's timeout with PHP timeout, assuming it is set.
Props drzraf, audrasjb, costdev, antpb, SergeyBiryukov.
Fixes#52569.
Built from https://develop.svn.wordpress.org/trunk@55404
git-svn-id: http://core.svn.wordpress.org/trunk@54937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the HTML API was introduced a number of fields were switched from private visibility to protected so that Gutenberg and other systems could more easily enhance the behaviors through subclassing. The $this->html property was overlooked but important for systems using the Tag Processor to stich HTML, specifically performing operations on innerHTML and innerText.
Follow-up [55203].
Props dmsnell.
See #57575.
Built from https://develop.svn.wordpress.org/trunk@55402
git-svn-id: http://core.svn.wordpress.org/trunk@54935 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures the `$term_ids` variable only contains term IDs and is not filled with full term objects due to deprecated term caching.
Introduced in [55252].
Props skithund, Chouby, joemcgill, flixos90, ocean90.
Fixes#57150.
Built from https://develop.svn.wordpress.org/trunk@55401
git-svn-id: http://core.svn.wordpress.org/trunk@54934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the wp_check_password function was used for validating keys, while the PasswordHash class was used for creating keys. This would prevent Recovery Mode from working on sites that provide a custom implementation for the wp_check_password pluggable function.
Props calvinalkan.
Fixes#56787.
Built from https://develop.svn.wordpress.org/trunk@55397
git-svn-id: http://core.svn.wordpress.org/trunk@54930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes a regression introduced in [41163], where the link in change confirmation emails for users with no roles in a multisite install was incorrect, causing them to be unable to change their email address. This changeset replaces `admin_url()` with `self_admin_url()` to restore the previous fix.
Follow-up to [38876], [40632], [41165], [41163].
Props roytanck, SergeyBiryukov, johnbillion, afrin29.
Fixes#57164.
Built from https://develop.svn.wordpress.org/trunk@55396
git-svn-id: http://core.svn.wordpress.org/trunk@54929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Includes the following changes:
- Upgrade Playwright to 1.30.0
- [Block Editor - Inserter]: preload media categories empty check - client side
- Navigation: Fixes undo and redo for nesting operations in the navigation block's inspector
- Fix: OffCanvasEditor does not inserts submenu on collapsed items.
- OffCanvasEditor: Only allow some blocks to be converted to submenus
- Navigation: Updates "Add Submenu item" text to "Add Submenu link"
- Update: Make OffCanvasEditor use LeafMoreMenu by default.
- Template Part: Performance: Replace usage of wp_get_theme()->get_stylesheet() with get_stylesheet()
- Widget Editor: Fix a problem with 'Move to Widget Area' button not working
- Reusable Blocks: Use React 18 rendering for import dropdown
- useAsyncList: flush state updates when processing queue
- Refactor the site editor URLs for better backward compatibility
- Template editor: only disable the save button if no changes rather than hiding it
- [Quote]: Fix deprectated large style specificity rule
- Style Book: Allow button text labels for style book icon
- List View: Scroll selected block into view when single block selection changes
- Post editor: revert iframed editor for WP core only
- Fix the Publish region position and focus style.
- Remove "& Shadow" from the Border ScreenHeader title
- Site editor: specify focus state color for template navigation button
References: [1e2b2f680c Gutenberg's commit for publishing the packages]
Props ntsekouras, ellatrix.
See #57471.
Built from https://develop.svn.wordpress.org/trunk@55392
git-svn-id: http://core.svn.wordpress.org/trunk@54925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Modifies `WP_Http::make_absolute_url()` to prevent it from dropping URL fragments, this in turn fixes the same issue for `links_add_base_url()`.
Props costdev, sergeybiryukov, dshanske, schlessera, jrf, desrosj, dd32.
Fixes#56231.
Built from https://develop.svn.wordpress.org/trunk@55370
git-svn-id: http://core.svn.wordpress.org/trunk@54903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces client and server side validation to ensure the `replytocom` query string parameter can not be exploited to reply to an unapproved comment or display the name of an unapproved commenter.
This only affects commenting via the front end of the site. Comment replies via the dashboard continue their current behaviour of logging the reply and approving the parent comment.
Introduces the `$post` parameter, defaulting to the current global post, to `get_cancel_comment_reply_link()` and `comment_form_title()`.
Introduces `_get_comment_reply_id()` for determining the comment reply ID based on the `replytocom` query string parameter.
Renames the parameter `$post_id` to `$post` in `get_comment_id_fields()` and `comment_id_fields()` to accept either a post ID or `WP_Post` object.
Adds a new `WP_Error` return state to `wp_handle_comment_submission()` to prevent replies to unapproved comments. The error code is `comment_reply_to_unapproved_comment` with the message `Sorry, replies to unapproved comments are not allowed.`.
Props costdev, jrf, hellofromtonya, fasuto, boniu91, milana_cap.
Fixes#53962.
Built from https://develop.svn.wordpress.org/trunk@55369
git-svn-id: http://core.svn.wordpress.org/trunk@54902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes the conditions for when to enqueue the opinionated block styles (i.e. `'wp-block-library-theme'` stylesheet):
* the theme adds `'wp-block-styles'` theme support;
* and no editor styles are declared.
This resolves an issue with themes that do not add the `'wp-block-styles'` theme support while not impacting themes that do.
Follow-up to [53419], [52069], [50761], [44157].
Props mikachan, costdev, glendaviesnz, hellofromTonya, jffng, mamaduka, ndiego, poena, sannevndrmeulen, scruffian.
Fixes#57561.
Built from https://develop.svn.wordpress.org/trunk@55368
git-svn-id: http://core.svn.wordpress.org/trunk@54901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This resolves a fatal error and displays an actionable message if the `mysqli` PHP extension is missing.
Previously, `wp_check_php_mysql_versions()` performed an early check whether `mysql`, `mysqli`, or `mysqlnd` extensions are loaded, but that did not work if the `mysqlnd` extension is the only one present.
Checking specifically for `mysqli_connect()` or `mysql_connect()` functions should be a more reliable approach and more closely mirrors the existing checks in the `wpdb` class.
Follow-up to [1955], [4489], [7234], [12732], [19760], [27257], [36434].
Props bgin, desrosj, dimadin, ipajen, hellofromTonya, sc0ttkclark, azaozz, SergeyBiryukov.
Fixes#51988.
Built from https://develop.svn.wordpress.org/trunk@55367
git-svn-id: http://core.svn.wordpress.org/trunk@54900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `$post_ID` variable is [546f59c678/WordPress/Sniffs/NamingConventions/ValidVariableNameSniff.php (L54) technically allowed in WPCS], as there is a global of the same name that needs to remain for backward compatibility. However, this name is mostly a remnant of legacy code, and switching to `$post_id` where appropriate brings more consistency with the rest of core.
Additionally, this commit resolves a few WPCS warnings in core:
{{{
Variable "$post_IDs" is not in valid snake_case format
}}}
This affects:
* Function parameters in:
* `add_meta()`
* `post_preview()`
* `WP_Embed::delete_oembed_caches()`
* `WP_Embed::cache_oembed()`
* `wp_get_post_cats()`
* `wp_set_post_cats()`
* `wp_unique_post_slug()`
* `wp_set_post_categories()`
* `wp_check_post_hierarchy_for_loops()`
* `wp_add_trashed_suffix_to_post_name_for_trashed_posts()`
* `wp_filter_wp_template_unique_post_slug()`
* `wp_xmlrpc_server::add_enclosure_if_new()`
* `wp_xmlrpc_server::attach_uploads()`
* `wp_xmlrpc_server::mt_getTrackbackPings()`
* Internal variables in:
* `wp_ajax_inline_save()`
* `wp_ajax_set_post_thumbnail()`
* `wp_ajax_get_post_thumbnail_html()`
* `edit_post()`
* `bulk_edit_posts()`
* `wp_write_post()`
* `WP_Embed::shortcode()`
* `wp_insert_post()`
* `wp_xmlrpc_server::_insert_post()`
* `wp_xmlrpc_server::blogger_getPost()`
* `wp_xmlrpc_server::blogger_newPost()`
* `wp_xmlrpc_server::blogger_editPost()`
* `wp_xmlrpc_server::blogger_deletePost()`
* `wp_xmlrpc_server::mw_getPost()`
* `wp_xmlrpc_server::mw_newPost()`
* `wp_xmlrpc_server::mw_editPost()`
* `wp_xmlrpc_server::mt_getPostCategories()`
* `wp_xmlrpc_server::mt_setPostCategories()`
* `wp_xmlrpc_server::mt_publishPost()`
* `wp_xmlrpc_server::pingback_ping()`
* Hook parameters in:
* `oembed_ttl`
* `embed_oembed_html`
* `wp_insert_post_parent`
* `add_trashed_suffix_to_trashed_posts`
* `pre_post_update`
* `edit_attachment`
* `attachment_updated`
* `add_attachment`
* `edit_post_{$post->post_type}`
* `edit_post`
* `post_updated`
* `save_post_{$post->post_type}`
* `save_post`
* `wp_insert_post`
* `pre_wp_unique_post_slug`
* `wp_unique_post_slug`
* `xmlrpc_call_success_blogger_newPost`
* `xmlrpc_call_success_blogger_editPost`
* `xmlrpc_call_success_blogger_deletePost`
* `xmlrpc_call_success_mw_newPost`
* `xmlrpc_call_success_mw_editPost`
Note: The name change only affects variable names and DocBlocks.
The change does not affect the `$post_ID` global still used in a few places.
Follow-up to [51399], [52958], [53723], [53729], [55190], [55308], [55334].
Props mahekkalola, tanjimtc71, SergeyBiryukov.
Fixes#57692.
Built from https://develop.svn.wordpress.org/trunk@55365
git-svn-id: http://core.svn.wordpress.org/trunk@54898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit renames a few internal variables for better clarity and consistency:
* `$nextpage` to `$next_page` in:
* `get_next_posts_page_link()`
* `get_next_posts_link()`
* `get_next_comments_link()`
* `$nextpage` to `$previous_page` in:
* `get_previous_posts_page_link()`
* `$prevpage` to `$previous_page` in:
* `get_previous_comments_link()`
Includes minor code layout fixes for better readability.
Follow-up to [5045], [8502], [8961], [28111].
Props dalirajab, SergeyBiryukov.
Fixes#57746.
Built from https://develop.svn.wordpress.org/trunk@55364
git-svn-id: http://core.svn.wordpress.org/trunk@54897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the `rest_pre_dispatch` filter could be used to return a `WP_Error` instance. This would cause a fatal error for `rest_post_dispath`
filters that were rightly expecting a `WP_REST_Response` object to be passed instead.
Props DaveFX, felipeelia.
Fixes#56566.
Built from https://develop.svn.wordpress.org/trunk@55361
git-svn-id: http://core.svn.wordpress.org/trunk@54894 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes an issue where the available theme updates count was not updated after a theme is deleted.
Props nazmulhasan103, riccardodicurti, sabernhardt, ironprogrammer, costdev, robinwpdeveloper, rahmantasnia.
Fixes#57183.
Built from https://develop.svn.wordpress.org/trunk@55359
git-svn-id: http://core.svn.wordpress.org/trunk@54892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This now runs in local Docker as well. Sets the executable propset to explicitly identify `install-tool.sh` and `setup.sh` as executable. Unclear if this will sync via the Git mirror; ideally it would as otherwise the two files show as modified in a Git clone even in a fresh container.
Props samruddhikhandale.
See #57187.
Built from https://develop.svn.wordpress.org/trunk@55353
git-svn-id: http://core.svn.wordpress.org/trunk@54886 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids a fatal error if these functions are called in a mu-plugin before `$wp_locale` is set:
* `wp_get_list_item_separator()`
* `wp_get_word_count_type()`
Follow-up to [52929], [52933], [55279], [55295].
Props kraftbj.
Fixes#56698.
Built from https://develop.svn.wordpress.org/trunk@55351
git-svn-id: http://core.svn.wordpress.org/trunk@54884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to clarify a few inline comments related to removing percent-encoded characters and HTML entities.
Affected functions:
* `sanitize_user()`
* `sanitize_title_with_dashes()`
* `sanitize_html_class()`
* `_sanitize_text_fields()`
* `get_comments_number_text()`
Follow-up to [465], [3454], [11433], [12503], [37987].
Props ace100, tanjimtc71, codemonksuvro, SergeyBiryukov.
Fixes#57712.
Built from https://develop.svn.wordpress.org/trunk@55346
git-svn-id: http://core.svn.wordpress.org/trunk@54879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Layout style properties are stored using indirect values, rather than direct CSS properties.
Allow users without the `unfiltered_html` capability to modify global styles using the indirect block spacing properties `contentSize`, `wideSize`, and `blockGap`, using a mapping of the eventual CSS property to the indirect property stored in `theme.json`. The mapped CSS property is then used for CSS validation.
Props andrewserong, costdev, hellofromtonya, mamaduka, mmtr86.
Fixes#57321.
Built from https://develop.svn.wordpress.org/trunk@55345
git-svn-id: http://core.svn.wordpress.org/trunk@54878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Sets the `styles` block setting to an empty array in the `REST_Block_Type_Controller_Test::test_get_item_invalid()` test to resolve:
{{{
Warning: foreach() argument must be of type array|object, string given in wp-includes/class-wp-theme-json.php on line 835
}}}
Previously the test set the `styles` setting to a string value, which is incompatible. The problem surfaced after [55172] added a `foreach` to iterate the `styles`. The root cause was due to this test passing a string instead of an array.
Why?
`WP_Block_Type` `styles` property is documented as only accepting an array data type. At the time of this changeset, it does not validate before setting the property.
Code interacting with the property expects it to be an array data type. The PHP Warning alerts that of a doing it wrong when the incorrect data type is registered for the block type.
Follow-up to [55172], [48173].
Props tanjimtc71, hellofromTonya, kapilpaul.
Fixes#57706.
Built from https://develop.svn.wordpress.org/trunk@55342
git-svn-id: http://core.svn.wordpress.org/trunk@54875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The call stack for `WP_UnitTestCase_Base::set_up()` includes a call to `WP_List_Util::pluck()`, which creates an inaccurate coverage report for this method.
To resolve, `parent::set_up()` is removed from `Tests_Functions_wpListPluck::set_up()`.
To ensure that deprecation and incorrect usage notices continue to be detectable, `$this->expectDeprecated()` is added in the test's `set_up()` fixture.
Follow-up to [51663], [28900].
Props costdev, jrf, SergeyBiryukov, audrasjb.
Fixes#56706.
Built from https://develop.svn.wordpress.org/trunk@55341
git-svn-id: http://core.svn.wordpress.org/trunk@54874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
