The return from `wp_logout_url()` is HTML-encoded due to its value passing through `wp_nonce_url()` and thus `esc_html()`. Adversely `wp_login_url()` passes through no such escaping and therefore should not be expected to return an HTML-encoded value.
Props akibjorklund for the initial patch.
Fixes#34352.
Built from https://develop.svn.wordpress.org/trunk@37753
git-svn-id: http://core.svn.wordpress.org/trunk@37718 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[37748] introduced `_wp_expand_nav_menu_post_data()` together with an `array_replace_recursive()` compatibility function for PHP 5.2.
Even though that compat function is tried and tested in other projects like BuddyPress, we need to add additional `isset()` checks in order to avoid 'Undefined index' notices in our case.
See #36590.
Built from https://develop.svn.wordpress.org/trunk@37750
git-svn-id: http://core.svn.wordpress.org/trunk@37715 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36510] allowed larger menus to be created in the Edit Menu screen by JSON-encoding the entire form into a single input field. However, it did not correctly handle nested arrays.
This introduces a new `_wp_expand_nav_menu_post_data()` helper function to handle this POST data which uses `array_replace_recursive()` internally. Since the latter is only available on PHP 5.3+, we add a compatibility function to ensure PHP 5.2 support.
Props ericlewis, neverything, swissspidy.
Fixes#36590 for trunk. See #14134.
Built from https://develop.svn.wordpress.org/trunk@37748
git-svn-id: http://core.svn.wordpress.org/trunk@37713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Custom permalink structures require at least one valid structure tag, e.g. `%postname%`. If none is included, it would leave users with broken permalinks.
Let's make sure this won't happen by validating the permalink structure.
Adds unit tests.
Props rockwell15 for initial patch.
Fixes#35936.
Built from https://develop.svn.wordpress.org/trunk@37747
git-svn-id: http://core.svn.wordpress.org/trunk@37712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the featured image takes longer to load, the browser might not know its exact dimensions yet and therefore sends an incorrect document height to the embedding site.
By sending the document's height again after the featured image has been loaded, we ensure that the iframe doesn't get cut off.
Fixes#35657.
Built from https://develop.svn.wordpress.org/trunk@37745
git-svn-id: http://core.svn.wordpress.org/trunk@37710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
UI controls that "do something" on a page shouldn't be links. This link behaves
like a toggle to expand the uploader panel and should be a `button` element with
an aria-expanded attribute. Also:
- improves consistency with the Plugin uploader
- keeps the themes list visible when the uploader is open
- displays a notice when JavaScript is off
- adds some `hide-if-no-js` CSS classes
- removes the `themes.router.navigate()` "upload" route: seems unnecessary and breaks history
Fixes#35457.
Built from https://develop.svn.wordpress.org/trunk@37742
git-svn-id: http://core.svn.wordpress.org/trunk@37707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When Open Sans was in use, the `300`, `400`, and `600` weights were loaded. `400` is the equivalent of `normal`; however, `bold` is equivalent to `700`, not `600`. With the move to system fonts, we need to be specific rather than relying on the lack of a `700` weight. Not all system fonts include a `600` weight; in those instances, they will use the `bold`/`700` weight.
The WordPress CSS Coding Standards have been updated accordingly.
props coderste.
see #36753.
Built from https://develop.svn.wordpress.org/trunk@37740
git-svn-id: http://core.svn.wordpress.org/trunk@37705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Unifies the APIs for getting a post's modified date or time with getting a post's date or time.
Adds the `$post` parameter to the functions `get_the_modified_date` and `get_the_modified_time`.
Adds the `$post` parameter to the filters `get_the_modified_date` and `get_the_modified_time`.
Props Soean, lukecavanagh.
Fixes#37059.
Built from https://develop.svn.wordpress.org/trunk@37738
git-svn-id: http://core.svn.wordpress.org/trunk@37703 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_Site_Query` provides for a cleaner `prepare_items()` method. It significantly improves the search experience in the sites list table:
* In a subdomain configuration, domain and path are searched for a provided terms.
* In a subdirectory configuration, path is searched for a provided term.
* The full domain is searched in a subdomain configuration rather than the portion not matching the network's domain.
* Terms are searched as `%term%` by default. Adding `*` in the middle of a term will search `%te%rm%`.
Props flixos90, Fab1en.
Fixes#33185, #24833, #21837, #36675.
Built from https://develop.svn.wordpress.org/trunk@37736
git-svn-id: http://core.svn.wordpress.org/trunk@37701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When Firefox repaints some elements, NVDA may announce "alert" even when there's
no actual message dispatched to the live region. The NVDA implementation differs
from other screen readers and is currently under discussion. To avoid a subpar
user experience better to remove the roles since they're basically redundant.
Fixes#36289.
Built from https://develop.svn.wordpress.org/trunk@37734
git-svn-id: http://core.svn.wordpress.org/trunk@37699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Gone are the days of isolation and feelings of "meh", brought on by The Bleak Screen of Sadness. For a shiny knight has arrived to usher our plugins and themes along their arduous journey of installation, updates, and the inevitable fate of ultimate deletion.
Props swissspidy, adamsilverstein, mapk, afragen, ocean90, ryelle, j-falk, michael-arestad, melchoyce, DrewAPicture, AdamSoucie, ethitter, pento, dd32, kraftbj, Ipstenu, jorbin, afercia, stephdau, paulwilde, jipmoors, khag7, svovaf, jipmoors, obenland.
Fixes#22029, #25828, #31002, #31529, #31530, #31773, #33637, #35032.
Built from https://develop.svn.wordpress.org/trunk@37714
git-svn-id: http://core.svn.wordpress.org/trunk@37680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This reduces the strictness of the duplicate check a little, but does prevent false duplicates for emoji or +1 comments by authors with matching names. The current logic was introduced all the way back in [2894].
Fixes#37093.
Built from https://develop.svn.wordpress.org/trunk@37713
git-svn-id: http://core.svn.wordpress.org/trunk@37679 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Send back setting validities with full refreshes and selective refreshes so that invalid settings can have notifications displayed immediately before attempting save, and so that these notifications can be cleared as soon as the input is corrected.
* Splits out JS logic for listing controls into separate methods `wp.customize.Setting.prototype.findControls()` and `wp.customize.findControlsForSettings()`.
* Adds a `setting` property to the `data` on notifications added to controls that are synced from their settings.
* Adds `selective-refresh-setting-validities` message sent from preview to pane.
* Changes `WP_Customize_Manager::validate_setting_values()` to return when settings are valid as well as invalid.
* Adds `WP_Customize_Manager::prepare_setting_validity_for_js()`.
* Add setting validities to data exported to JS in Customizer Preview and in selective refresh responses.
Fixes#36944.
Built from https://develop.svn.wordpress.org/trunk@37700
git-svn-id: http://core.svn.wordpress.org/trunk@37666 1a063a9b-81f0-0310-95a4-ce76da25c4cd