Commit Graph

31944 Commits

Author SHA1 Message Date
Dion Hulse
0e322469a6 Use PHP7's random_int() CSPRNG functionality in wp_rand() with a fallback to the random_compat library for PHP 5.x.
`random_compat` offers a set of compatible functions for older versions of PHP, filling in the gap by using other PHP extensions when available.
We still include our existing `wp_rand()` functionality as a fallback for when no proper CSPRNG exists on the system.

Props sarciszewski
See #28633

Built from https://develop.svn.wordpress.org/trunk@34922


git-svn-id: http://core.svn.wordpress.org/trunk@34887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 00:02:24 +00:00
Sergey Biryukov
047501800d Customizer: Replace context for two strings added in [30306] with a translator comment.
Fixes #34203.
Built from https://develop.svn.wordpress.org/trunk@34921


git-svn-id: http://core.svn.wordpress.org/trunk@34886 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 23:54:24 +00:00
John Blackbourn
6d21ed0d99 Avoid stripping square brackets from URLs, and instead correctly encode them. Square brackets must be encoded in the path, path parameters, query parameters, and fragment, but must not be encoded in anything up to the domain and port.
Adds tests.

Fixes #16859

Built from https://develop.svn.wordpress.org/trunk@34920


git-svn-id: http://core.svn.wordpress.org/trunk@34885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 23:39:23 +00:00
Boone Gorges
846510ea6f Handle WP_User objects properly in update_user_caches().
We should not be storing the `WP_User` object in the cache, as it may contain
usermeta and other data that's cache elsewhere.

Props dd32.
See #24635.
Built from https://develop.svn.wordpress.org/trunk@34919


git-svn-id: http://core.svn.wordpress.org/trunk@34884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 22:42:25 +00:00
Boone Gorges
b0e0323337 Add tests for update_user_caches().
See #24635.
Built from https://develop.svn.wordpress.org/trunk@34918


git-svn-id: http://core.svn.wordpress.org/trunk@34883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 22:35:26 +00:00
John Blackbourn
9daa848297 Correctly set the scheme of the home and siteurl options when creating a new site on multisite that uses some combination of HTTPS in the admin area or on the front end.
Fixes #33620
Props tryon, johnbillion

Built from https://develop.svn.wordpress.org/trunk@34916


git-svn-id: http://core.svn.wordpress.org/trunk@34881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 21:46:25 +00:00
John Blackbourn
45230b5fc7 Correctly encode the url parameter that gets passed to WordPress' own oEmbed endpoint URL.
Fixes #34193
Props ocean90

Built from https://develop.svn.wordpress.org/trunk@34915


git-svn-id: http://core.svn.wordpress.org/trunk@34880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 21:43:25 +00:00
John Blackbourn
c83a66cbf3 Add an optional $description parameter to status_header() so custom HTTP status descriptions can be provided.
Fixes #21472
Props nbachiyski, iamfriendly

Built from https://develop.svn.wordpress.org/trunk@34914


git-svn-id: http://core.svn.wordpress.org/trunk@34879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 21:26:25 +00:00
Andrea Fercia
17f53091ed Bump H3 headings to H2 on the Network Admin > Sites > Edit Site screens.
The navigation tabs appear in an `<h3>` heading immediately following the main `<h1>` and need to have a proper hierarchy.
Also, fix the tabs focus style and introduce a new `.nav-tab-small` CSS class.

Fixes #34079.
Built from https://develop.svn.wordpress.org/trunk@34913


git-svn-id: http://core.svn.wordpress.org/trunk@34878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 17:35:24 +00:00
Jeremy Felt
9926983b66 Revert [34778], continue using _site_option() for the current network.
The `_network_option()` parameter order will be changing to accept `$network_id` first. The `_site_option()` functions will remain in use throughout core as our way of retrieving a network option for the current network.

See #28290.

Built from https://develop.svn.wordpress.org/trunk@34912


git-svn-id: http://core.svn.wordpress.org/trunk@34877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 17:11:25 +00:00
Drew Jaynes
feb2267a13 Docs: Improve documentation for post_submit_meta_box(), which serves as the display callback for the 'Publish' meta box.
* `$post` is now correctly defined as being of the `WP_Post` type
* Adds a hash notation for the `$args` array
* Other minor fixes.

Props drebbitsweb.
Fixes #34171.

Built from https://develop.svn.wordpress.org/trunk@34911


git-svn-id: http://core.svn.wordpress.org/trunk@34876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 16:34:24 +00:00
John Blackbourn
471752f59a Prevent a PHP notice when POSTing to wp-login.php?action=register without a user_login or user_email field in the POST request.
Fixes #34192

Built from https://develop.svn.wordpress.org/trunk@34910


git-svn-id: http://core.svn.wordpress.org/trunk@34875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 14:43:25 +00:00
John Blackbourn
2d745fabe3 Prevent a PHP notice from appearing on wp-login.php?action=postpass when there's no $_POST['post_password'] parameter. Redirects to the referer if there is one (if there isn't one it'll just exit with a blank screen; no need for a user-friendly error message here).
Fixes #34160
Props iamfriendly

Built from https://develop.svn.wordpress.org/trunk@34909


git-svn-id: http://core.svn.wordpress.org/trunk@34874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 14:30:25 +00:00
Dominik Schilling
3baa1336ec Embeds: Autoprefixer for [34903].
See #32522.
Built from https://develop.svn.wordpress.org/trunk@34908


git-svn-id: http://core.svn.wordpress.org/trunk@34873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 14:07:25 +00:00
John Blackbourn
35f613833e Update the explanatory text which accompanies the list of whitelisted oEmbed providers, following the change to the default value of the discover argument in WP_oEmbed::get_provider().
See #32522

Built from https://develop.svn.wordpress.org/trunk@34907


git-svn-id: http://core.svn.wordpress.org/trunk@34872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 13:05:25 +00:00
Gary Pendergast
c317248d13 Build: Fix a filename typo in [34903].
Props peterwilsoncc.

See #32522.


Built from https://develop.svn.wordpress.org/trunk@34906


git-svn-id: http://core.svn.wordpress.org/trunk@34871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 12:05:26 +00:00
Gary Pendergast
8c0e2bb4e8 Tests: Exclude the oembed/headers.php test file, which was marked as PHP >= 5.3.0 in [34904].
See #32522.


Built from https://develop.svn.wordpress.org/trunk@34905


git-svn-id: http://core.svn.wordpress.org/trunk@34870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 12:01:25 +00:00
Gary Pendergast
6a18efb313 Embeds: After [34903], remove an accidentally included text domain, and exclude a test failing in PHP 5.2.
Built from https://develop.svn.wordpress.org/trunk@34904


git-svn-id: http://core.svn.wordpress.org/trunk@34869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 11:01:25 +00:00
Gary Pendergast
83c3e3e00e Embeds: Add oEmbed provider support.
For the past 6 years, WordPress has operated as an oEmbed consumer, allowing users to easily embed content from other sites. By adding oEmbed provider support, this allows any oEmbed consumer to embed posts from WordPress sites.

In addition to creating an oEmbed provider, WordPress' oEmbed consumer code has been enhanced to work with any site that provides oEmbed data (as long as it matches some strict security rules), and provides a preview from within the post editor.

For security, embeds appear within a sandboxed iframe - the iframe content is a template that can be styled or replaced entirely by the theme on the provider site.

Props swissspidy, pento, melchoyce, netweb, pfefferle, johnbillion, extendwings, davidbinda, danielbachhuber, SergeyBiryukov, afercia

Fixes #32522.


Built from https://develop.svn.wordpress.org/trunk@34903


git-svn-id: http://core.svn.wordpress.org/trunk@34868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 10:36:25 +00:00
Jeremy Felt
31b29fccbd Tests: Remove static capture of space used and space allowed.
Originally introduced in [34601], this was necessary to avoid test pollution. Now that things have been separated and written to play nicely, we can remove this.

See #34037.

Built from https://develop.svn.wordpress.org/trunk@34902


git-svn-id: http://core.svn.wordpress.org/trunk@34867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 07:25:24 +00:00
Jeremy Felt
297148d985 Tests: Improve tests for upload_is_user_over_quota().
* Move all tests to a new 'multisite/uploadIsUserOverQuota.php'
* Use `get_space_allowed` and `pre_get_space_used` filters to help avoid test pollution.

See #34037.

Built from https://develop.svn.wordpress.org/trunk@34901


git-svn-id: http://core.svn.wordpress.org/trunk@34866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 07:21:24 +00:00
Jeremy Felt
7b3fa2221a Tests: Account for non-numeric strings in tests for get_space_allowed().
Provides a specific test for a case where a non-numeric strings are assigned to `blog_upload_space` at both the site and network levels.

See #34037.

Built from https://develop.svn.wordpress.org/trunk@34900


git-svn-id: http://core.svn.wordpress.org/trunk@34865 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 06:17:24 +00:00
Jeremy Felt
7f2f3d614e Tests: Improve tests for is_upload_space_available().
* Move all tests to a new 'multisite/isUploadSpaceAvailable.php'
* Store original `blog_upload_space` values before the class is loaded.
* Restore these values after each test tear down to avoid pollution.

Commit to testing `is_upload_space_available()` itself by always filtering the amount of space used through `pre_get_space_used`. This allows us to sanely test without worrying about the local environment. In the future, we may be able to remove some of these tests as `get_upload_space_available()` tests are built out and reliable.

See #34037.

Built from https://develop.svn.wordpress.org/trunk@34899


git-svn-id: http://core.svn.wordpress.org/trunk@34864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 06:15:25 +00:00
Jeremy Felt
daea4ff02f Tests: Improve tests for get_space_allowed().
* Move all tests to a new `multisite/getSpaceAllowed.php`
* Store original `blog_upload_space` values before the class is loaded.
* Restore these values after each test tear down to avoid pollution.
* Add a comprehensive set of expectations and results via data provider.

See #34037.

Built from https://develop.svn.wordpress.org/trunk@34898


git-svn-id: http://core.svn.wordpress.org/trunk@34863 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 04:58:24 +00:00
Scott Taylor
a1ead3c7e3 List Tables: in _WP_List_Table_Compat::get_column_info(), also return $primary, which is expected since [33016].
Props tyxla.
Fixes #34148.

Built from https://develop.svn.wordpress.org/trunk@34897


git-svn-id: http://core.svn.wordpress.org/trunk@34862 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 03:12:24 +00:00
Boone Gorges
226bb29ff0 Move wp_installing() to load.php.
Various functions in load.php need to check whether WP is in installation mode.
Let's let them.

Props adamsilverstein.
See #31130.
Built from https://develop.svn.wordpress.org/trunk@34896


git-svn-id: http://core.svn.wordpress.org/trunk@34861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 03:02:23 +00:00
Scott Taylor
ae813883f5 Meta Boxes: add an action, post_submitbox_minor_actions. post_submitbox_misc_actions already exists. Pass $post to both for context - avoids having to check for a global post.
Props jonathanbardo, chriscct7, DrewAPicture.
Fixes #26267.

Built from https://develop.svn.wordpress.org/trunk@34895


git-svn-id: http://core.svn.wordpress.org/trunk@34860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 02:45:25 +00:00
Scott Taylor
4d3223b28e Introduce wp_get_server_protocol() to DRY protocol parsing logic and make adding more protocols, like HTTP/2, easier.
Props johnbillion, wonderboymusic.
Fixes #34131.

Built from https://develop.svn.wordpress.org/trunk@34894


git-svn-id: http://core.svn.wordpress.org/trunk@34859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 02:35:26 +00:00
Scott Taylor
2783773775 Meta Boxes: reboot some of the code in postbox.js to support aria-expanded attribute toggling and to properly reference static class properties.
Props afercia, wonderboymusic.
Fixes #33754.

Built from https://develop.svn.wordpress.org/trunk@34893


git-svn-id: http://core.svn.wordpress.org/trunk@34858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 01:58:25 +00:00
Scott Taylor
a3ec4d45f3 List Tables: after [34276], decrease horizontal padding for sorted column headers (causing weirdness in the Count column of tax list tables) - the vertical padding change suffices in fixing the original issue.
Fixes #27945.

Built from https://develop.svn.wordpress.org/trunk@34892


git-svn-id: http://core.svn.wordpress.org/trunk@34857 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 01:40:24 +00:00
Scott Taylor
0c2b2a0e3d List Tables/WP_Screen: in WP_Screen, add methods to store, retrieve, and render screen reader text, primarily used by list table screens.
These additions are based on an audit and recommendations by the Accessibility team. #a11y'all

Props afercia.
Fixes #32147.

Built from https://develop.svn.wordpress.org/trunk@34891


git-svn-id: http://core.svn.wordpress.org/trunk@34856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 01:28:25 +00:00
Scott Taylor
b3a07ab8ea Rewrite/Permalinks/Canonical: in url_to_postid(), call set_url_scheme() on the URL to combat mixed content issues and find posts cross-scheme.
Adds unit tests.

Props swissspidy.
Fixes #34144.

Built from https://develop.svn.wordpress.org/trunk@34890


git-svn-id: http://core.svn.wordpress.org/trunk@34855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 01:07:24 +00:00
Scott Taylor
7547dc5125 Posts List Table: ensure that "All" gets the "current" CSS class when applicable.
Props afercia.
Fixes #19609.

Built from https://develop.svn.wordpress.org/trunk@34889


git-svn-id: http://core.svn.wordpress.org/trunk@34854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 00:09:24 +00:00
Scott Taylor
27fd5b762b Build Tools: upgrade grunt-browserify to ~4.0.0 and remove the watch task for browserify, which has its own internal watcher. Run npm install to update.
Props iseulde.
Fixes #31911.

Built from https://develop.svn.wordpress.org/trunk@34888


git-svn-id: http://core.svn.wordpress.org/trunk@34853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 00:00:43 +00:00
Sergey Biryukov
987ec5e6ad Remove closing PHP tag from wp-includes/class-phpass.php.
Previously: [19712], [28678].

Props iamfriendly, amandato.
Fixes #30534.
Built from https://develop.svn.wordpress.org/trunk@34887


git-svn-id: http://core.svn.wordpress.org/trunk@34852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 23:45:25 +00:00
Drew Jaynes
51a5e818da Docs: Only document get_posts() argument defaults that differ from, or aren't present in the defaults offered by WP_Query::parse_query().
Props johnbillion.
Fixes #34156.

Built from https://develop.svn.wordpress.org/trunk@34886


git-svn-id: http://core.svn.wordpress.org/trunk@34851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 23:19:24 +00:00
Drew Jaynes
fa4fed0f80 Login: Pass the $errors object as a parameter to the lostpassword_post hook.
Props iamfriendly.
Fixes #32116.

Built from https://develop.svn.wordpress.org/trunk@34885


git-svn-id: http://core.svn.wordpress.org/trunk@34850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 23:00:25 +00:00
Drew Jaynes
6079c4c6d2 Docs: _pad_term_counts() takes an array of objects passed by reference, not term IDs.
Props wpsmith.
Fixes #34174.

Built from https://develop.svn.wordpress.org/trunk@34884


git-svn-id: http://core.svn.wordpress.org/trunk@34849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 22:39:23 +00:00
Weston Ruter
aa044b054e Customizer: Ensure that wp.customize.Widgets.savedWidgetIds is defined up front.
In 4.3 the widget controls were fully initialized up front along with the sidebar controls. The sidebar control depended (unnecessarily) on the widget control to ensure that `wp.customize.Widgets.savedWidgetIds` was defined. So after [34563] there could be a situation where the widgets are added/removed from a sidebar before their controls are initialized (if the sidebar section is never expanded), resulting in an error attempting to get a property off of an undefined value. So this change does the right thing and defines `savedWidgetIds` up front.

Also changes the `savedWidgetIds` variable type from an array to an object, to match how it is used as a dictionary lookup.

See #33901.

Built from https://develop.svn.wordpress.org/trunk@34883


git-svn-id: http://core.svn.wordpress.org/trunk@34848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 21:59:25 +00:00
Jeremy Felt
8286a4f214 Registration: Remove the last remaining Lucida Grande from WordPress.
Defer to default styling provided by the theme (and browser) in `wp-activate.php` and remove the `font-family` and `color` from the provided internal stylesheet.

Previously, [17327] and [18406].

Fixes #34145.

Built from https://develop.svn.wordpress.org/trunk@34882


git-svn-id: http://core.svn.wordpress.org/trunk@34847 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 21:56:24 +00:00
Konstantin Obenland
442c393599 Posts: Add post class for password protected posts.
Up until now password protected posts would only get a identifying class when
the password was still required. This adds a class for the case when that
requirement has been met.

For the other visibility types we already have `status-publish`
and `status-private`.

Props mdgl, F4rkie, wonderboymusic for initial patches.
Fixes #21899.


Built from https://develop.svn.wordpress.org/trunk@34881


git-svn-id: http://core.svn.wordpress.org/trunk@34846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 21:54:24 +00:00
Aaron Jorbin
a93ec5244d Revert [34875] due to unintentional breaking change
WordPress.org was taken down due to as Otto42 describes:

The previous version of this function added the query piece for the meta key = blog_id.capabilities, regardless of whether or not a role was requested. This limits the users returned to those with some defined role on this particular multisite instance.

See #22212



Built from https://develop.svn.wordpress.org/trunk@34880


git-svn-id: http://core.svn.wordpress.org/trunk@34845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 20:58:24 +00:00
Aaron Jorbin
2ac3027a58 Add message with status info to temperamental assertion.
The ajax delete comment tests are intermittently failing. Many of the assertions make it hard to tell why they are failing. This adds a message to one of those assertions that contains some info on what is being asserted with the goal that it helps developers understand why the failure is failing.

See #33968


Built from https://develop.svn.wordpress.org/trunk@34879


git-svn-id: http://core.svn.wordpress.org/trunk@34844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 19:56:24 +00:00
Sergey Biryukov
2702fd12cf Transients: Clarify the expiration_of_site_transient_$transient filter description.
See #21330.
Built from https://develop.svn.wordpress.org/trunk@34878


git-svn-id: http://core.svn.wordpress.org/trunk@34843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 18:11:24 +00:00
Dominik Schilling
e237e59172 Transients: Rename filters added in [34865].
* `expiration_pre_set_transient_$transient` => `expiration_of_transient_$transient`
* `expiration_pre_set_site_transient_$transient` => `expiration_of_site_transient_$transient`

Fix hook docs.

Props chriscct7.
Fixes #21330.
Built from https://develop.svn.wordpress.org/trunk@34877


git-svn-id: http://core.svn.wordpress.org/trunk@34842 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 17:59:25 +00:00
Drew Jaynes
1e2caf6712 Docs: Update an inline comment in wp_get_attachment_image_sizes(), which came in as part of the Responsive Images merge in [34855].
Props joemcgill.
See #33641.

Built from https://develop.svn.wordpress.org/trunk@34876


git-svn-id: http://core.svn.wordpress.org/trunk@34841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 17:47:24 +00:00
Boone Gorges
f233b37d07 Improve role-related arguments in WP_User_Query.
* 'role' now accepts an array or comma-separated list of role names. When passing multiple values for 'role', `WP_User_Query` will only match users that have all of the specified roles.
* 'role__in' accepts an array of role names, and allow the filtering of matched users to those with at least one of the specified roles.
* 'role__not_in' accepts an array of role names, and allows the filtering of matched users to those who have none of the specified roles.

Props swissspidy, mordauk, barrykooij, sirbrillig.
Fixes #22212.
Built from https://develop.svn.wordpress.org/trunk@34875


git-svn-id: http://core.svn.wordpress.org/trunk@34840 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 17:40:47 +00:00
Aaron Jorbin
0978abe76c Adjust detection of stream timeouts in maybe skip tests for https tests
This is a follow up to [34848].

See #33968.


Built from https://develop.svn.wordpress.org/trunk@34874


git-svn-id: http://core.svn.wordpress.org/trunk@34839 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 17:40:24 +00:00
Dominik Schilling
0bc1d84fc7 MS Themes List Table: Fix inverted logic for displaying the "No items" message.
Fixes #25464.
Built from https://develop.svn.wordpress.org/trunk@34873


git-svn-id: http://core.svn.wordpress.org/trunk@34838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 17:35:23 +00:00
Sergey Biryukov
551b904985 Fix typo in [34848].
See #33968.
Built from https://develop.svn.wordpress.org/trunk@34872


git-svn-id: http://core.svn.wordpress.org/trunk@34837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 17:28:24 +00:00