`random_compat` offers a set of compatible functions for older versions of PHP, filling in the gap by using other PHP extensions when available.
We still include our existing `wp_rand()` functionality as a fallback for when no proper CSPRNG exists on the system.
Props sarciszewski
See #28633
Built from https://develop.svn.wordpress.org/trunk@34922
git-svn-id: http://core.svn.wordpress.org/trunk@34887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `_network_option()` parameter order will be changing to accept `$network_id` first. The `_site_option()` functions will remain in use throughout core as our way of retrieving a network option for the current network.
See #28290.
Built from https://develop.svn.wordpress.org/trunk@34912
git-svn-id: http://core.svn.wordpress.org/trunk@34877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For the past 6 years, WordPress has operated as an oEmbed consumer, allowing users to easily embed content from other sites. By adding oEmbed provider support, this allows any oEmbed consumer to embed posts from WordPress sites.
In addition to creating an oEmbed provider, WordPress' oEmbed consumer code has been enhanced to work with any site that provides oEmbed data (as long as it matches some strict security rules), and provides a preview from within the post editor.
For security, embeds appear within a sandboxed iframe - the iframe content is a template that can be styled or replaced entirely by the theme on the provider site.
Props swissspidy, pento, melchoyce, netweb, pfefferle, johnbillion, extendwings, davidbinda, danielbachhuber, SergeyBiryukov, afercia
Fixes#32522.
Built from https://develop.svn.wordpress.org/trunk@34903
git-svn-id: http://core.svn.wordpress.org/trunk@34868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Move all tests to a new 'multisite/isUploadSpaceAvailable.php'
* Store original `blog_upload_space` values before the class is loaded.
* Restore these values after each test tear down to avoid pollution.
Commit to testing `is_upload_space_available()` itself by always filtering the amount of space used through `pre_get_space_used`. This allows us to sanely test without worrying about the local environment. In the future, we may be able to remove some of these tests as `get_upload_space_available()` tests are built out and reliable.
See #34037.
Built from https://develop.svn.wordpress.org/trunk@34899
git-svn-id: http://core.svn.wordpress.org/trunk@34864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Move all tests to a new `multisite/getSpaceAllowed.php`
* Store original `blog_upload_space` values before the class is loaded.
* Restore these values after each test tear down to avoid pollution.
* Add a comprehensive set of expectations and results via data provider.
See #34037.
Built from https://develop.svn.wordpress.org/trunk@34898
git-svn-id: http://core.svn.wordpress.org/trunk@34863 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In 4.3 the widget controls were fully initialized up front along with the sidebar controls. The sidebar control depended (unnecessarily) on the widget control to ensure that `wp.customize.Widgets.savedWidgetIds` was defined. So after [34563] there could be a situation where the widgets are added/removed from a sidebar before their controls are initialized (if the sidebar section is never expanded), resulting in an error attempting to get a property off of an undefined value. So this change does the right thing and defines `savedWidgetIds` up front.
Also changes the `savedWidgetIds` variable type from an array to an object, to match how it is used as a dictionary lookup.
See #33901.
Built from https://develop.svn.wordpress.org/trunk@34883
git-svn-id: http://core.svn.wordpress.org/trunk@34848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Up until now password protected posts would only get a identifying class when
the password was still required. This adds a class for the case when that
requirement has been met.
For the other visibility types we already have `status-publish`
and `status-private`.
Props mdgl, F4rkie, wonderboymusic for initial patches.
Fixes#21899.
Built from https://develop.svn.wordpress.org/trunk@34881
git-svn-id: http://core.svn.wordpress.org/trunk@34846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress.org was taken down due to as Otto42 describes:
The previous version of this function added the query piece for the meta key = blog_id.capabilities, regardless of whether or not a role was requested. This limits the users returned to those with some defined role on this particular multisite instance.
See #22212
Built from https://develop.svn.wordpress.org/trunk@34880
git-svn-id: http://core.svn.wordpress.org/trunk@34845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The ajax delete comment tests are intermittently failing. Many of the assertions make it hard to tell why they are failing. This adds a message to one of those assertions that contains some info on what is being asserted with the goal that it helps developers understand why the failure is failing.
See #33968
Built from https://develop.svn.wordpress.org/trunk@34879
git-svn-id: http://core.svn.wordpress.org/trunk@34844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* 'role' now accepts an array or comma-separated list of role names. When passing multiple values for 'role', `WP_User_Query` will only match users that have all of the specified roles.
* 'role__in' accepts an array of role names, and allow the filtering of matched users to those with at least one of the specified roles.
* 'role__not_in' accepts an array of role names, and allows the filtering of matched users to those who have none of the specified roles.
Props swissspidy, mordauk, barrykooij, sirbrillig.
Fixes#22212.
Built from https://develop.svn.wordpress.org/trunk@34875
git-svn-id: http://core.svn.wordpress.org/trunk@34840 1a063a9b-81f0-0310-95a4-ce76da25c4cd