Commit Graph

24557 Commits

Author SHA1 Message Date
John Blackbourn
9fdbe6538e Docs: Remove & prefixes from parameter documentation to avoid doc parsing errors.
Props sudar for the original patch.

See #35974

Built from https://develop.svn.wordpress.org/trunk@41686


git-svn-id: http://core.svn.wordpress.org/trunk@41520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 22:03:33 +00:00
Sergey Biryukov
253541556e Widgets: Pass $instance to widget argument filters:
* `widget_archives_dropdown_args`
* `widget_archives_args`
* `widget_categories_dropdown_args`
* `widget_categories_args`
* `widget_meta_poweredby`
* `widget_pages_args`
* `widget_comments_args`
* `widget_posts_args`
* `widget_tag_cloud_args`

See [33971] for `widget_links_args` and [34662] for `widget_nav_menu_args`.

Props Takahashi_Fumiki.
Fixes #38017.
Built from https://develop.svn.wordpress.org/trunk@41685


git-svn-id: http://core.svn.wordpress.org/trunk@41519 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 22:02:47 +00:00
Andrea Fercia
a42b9cebde Quick/Bulk Edit: Improve the inline error messages styling.
- uses the core `notice` styles for the Quick Edit form inline error messages
- adds missing periods at the end of a few error messages

Props ocean90, karmatosed, melchoyce, afercia.
Fixes #35496.

Built from https://develop.svn.wordpress.org/trunk@41684


git-svn-id: http://core.svn.wordpress.org/trunk@41518 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 21:52:52 +00:00
Andrea Fercia
6a6795382a Accessibility: List Tables: use aria-current for the views current link.
The `aria-current` attribute is a simple, effective way to help assistive
technologies users orientate themselves within a list of items. Continues the 
introduction in core of the `aria-current` attribute after [41359] and [41371].

Props joedolson, flixos90, afercia.
Fixes #32399.

Built from https://develop.svn.wordpress.org/trunk@41683


git-svn-id: http://core.svn.wordpress.org/trunk@41517 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 19:44:47 +00:00
Andrea Fercia
c56dbad284 Accessibility: Improve the Dashboard Nearby Events widget wp.a11y.speak() messages.
Avoids to announce the "city updated" message on page load.

Fixes #42037.

Built from https://develop.svn.wordpress.org/trunk@41682


git-svn-id: http://core.svn.wordpress.org/trunk@41516 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 19:25:45 +00:00
John Blackbourn
3dda9e9257 Embeds: Add oEmbed support for someecards.com.
Props someecards

Fixes #40792

Built from https://develop.svn.wordpress.org/trunk@41681


git-svn-id: http://core.svn.wordpress.org/trunk@41515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 19:10:49 +00:00
John Blackbourn
7859e22ad5 Embeds: Switch the collegehumor.com oEmbed endpoint to HTTPS, as it redirects there by default now.
See #28507

Built from https://develop.svn.wordpress.org/trunk@41680


git-svn-id: http://core.svn.wordpress.org/trunk@41514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 19:06:46 +00:00
Weston Ruter
d8d8a01134 Customize: Fix jumping behavior upon scrolling up when a sticky header has its description expanded.
Props delawski.
See #34343, #41879.
Fixes #41850.

Built from https://develop.svn.wordpress.org/trunk@41679


git-svn-id: http://core.svn.wordpress.org/trunk@41513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 18:55:47 +00:00
Adam Silverstein
5087d26d2d WP-API JS Client: Improve support for meta.
* Add/fix `getMeta`, `getMetas`, `setMeta` and `setMetas` helpers for models that support meta.
* Add tests for new helpers, verify meta support for `Posts`, `Comments`, `Tags` and `Users`.
* Include meta data in fixture generation and fixture file driving tests.

Fixes #41055.

Built from https://develop.svn.wordpress.org/trunk@41678


git-svn-id: http://core.svn.wordpress.org/trunk@41512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 18:41:35 +00:00
Weston Ruter
df7af1ee21 Customize: Fix positioning of outer section (e.g. publish settings) on large screen sizes.
Also fix preview link CSS for desktop and mobile.

Props sayedwp, bduclos.
See #39896.
Fixes #42051.

Built from https://develop.svn.wordpress.org/trunk@41677


git-svn-id: http://core.svn.wordpress.org/trunk@41511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 18:40:48 +00:00
John Blackbourn
2e3581c3ad Embeds: Alignment following [41615].
See #38181

Built from https://develop.svn.wordpress.org/trunk@41676


git-svn-id: http://core.svn.wordpress.org/trunk@41510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 18:38:46 +00:00
Adam Silverstein
896d779541 Menus: Increase timeout for QUnit wpNavMenu trigger tests.
Fix an (intermittent) issue where the final assertion verifying all hooks have been triggered ran too early, resulting in the test failing. 

Fixes #31218.

Built from https://develop.svn.wordpress.org/trunk@41675


git-svn-id: http://core.svn.wordpress.org/trunk@41509 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 18:35:46 +00:00
John Blackbourn
acaf286151 Taxonomy: Add context and a translator comment to the new most_used label.
Fixes #41150

Built from https://develop.svn.wordpress.org/trunk@41674


git-svn-id: http://core.svn.wordpress.org/trunk@41508 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 18:25:46 +00:00
Konstantin Obenland
1e6810e433 Widgets: Revert format of sidebars_widgets.
Restores the data format of the `sidebars_widgets` theme mod to its pre [41555]
format. It can trigger PHP warnings after switching themes if that mod has not
been removed previously.

Fixes #39693.


Built from https://develop.svn.wordpress.org/trunk@41673


git-svn-id: http://core.svn.wordpress.org/trunk@41507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 18:11:46 +00:00
Weston Ruter
6db8e66b43 Customize: Improve styling of date/time Customizer control.
* Let date `legend` be screen reader text when time is not included.
* Skip rendering containers for label (title) and description when not supplied in registered control.
* Fix margins and padding.

Amends [41670].
Props westonruter, afercia, sayedwp.
Fixes #42022.

Built from https://develop.svn.wordpress.org/trunk@41672


git-svn-id: http://core.svn.wordpress.org/trunk@41506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 17:34:47 +00:00
Weston Ruter
31647252e7 Plugin Editor: Remove plugins_loaded from being re-triggered in plugin_sandbox_scrape().
Props jdgrimes.
Amends [41560].
Fixes #39766.

Built from https://develop.svn.wordpress.org/trunk@41671


git-svn-id: http://core.svn.wordpress.org/trunk@41505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 17:07:49 +00:00
Weston Ruter
a83e4eb40e Customize: Fix WP_Customize_Date_Time_Control to be re-usable for plugins and custom settings.
* Allow time fields to be omitted by constructing with `timeIncluded` as `false`.
* Ensure `reportValidity` is only called on a control when it is in an expanded section.
* Rename "ampm" to "meridian".
* Improve accessibility and fix HTML validation and style issues for both the date/time control and the preview link control.
* Fix styling of dropdowns and clean CSS.
* Improve accessibility of nav menus component.

Props westonruter, afercia, sayedwp, melchoyce.
Amends [41626].
See #39896.
Fixes #42022.

Built from https://develop.svn.wordpress.org/trunk@41670


git-svn-id: http://core.svn.wordpress.org/trunk@41504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 04:12:47 +00:00
Peter Wilson
8294b40161 Emoji: Refactor browser support tests.
Moves the repeated code in the emoji browser support test to a function to reduced the potential for errors and follow DRY principles.

Renames the "emoji4" test "emoji" as unicode version specific tests were removed in [38869].

Props peterwilsoncc, pento for code review.
Fixes #41156.


Built from https://develop.svn.wordpress.org/trunk@41669


git-svn-id: http://core.svn.wordpress.org/trunk@41503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 04:00:48 +00:00
Jeremy Felt
5ccf8eebb7 Multisite: Deprecate is_user_option_local().
`is_user_option_local()` was added during MU development and used for a handful of changesets before the code using it was removed again. It has not been used by MU or core since nor is it widely used elsewhere.

Fixes #41697.
Props bnap00, jeremyfelt.

Built from https://develop.svn.wordpress.org/trunk@41668


git-svn-id: http://core.svn.wordpress.org/trunk@41502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 03:38:45 +00:00
Weston Ruter
728e44ab5a Customize: Add infrastructure for trashing/reverting of unpublished changes; introduce full-screen OverlayNotification for trashing and theme install/preview.
* Introduce a new `wp.customize.previewer.trash()` JS API to trash the current changeset, along with logic to `WP_Customize_Manager` to handle deleting changeset drafts.
* Add `trashing` to `wp.customize.state` which is then used to update the UI.
* UI for trashing is pending design feedback. One possibility is to add a new trash button to Publish Settings section that invokes `wp.customize.previewer.trash()`.
* Improve logic for managing the visibility and disabled states for publish buttons.
* Prevent attempting `requestChangesetUpdate` while processing and bump processing while doing `save`.
* Update `changeset_date` state only if sent in save response.
* Merge `ThemesSection#loadThemePreview()` into `ThemesPanel#loadThemePreview()`.
* Remove unused `autosaved` state.
* Start autosaving and prompting at beforeunload after a change first happens. This is key for theme previews since even if a user did not make any changes, there were still dirty settings which would get stored in an auto-draft unexpectedly.
* Allow `Notification` to accept additional `classes` to be added to `container`.
* Introduce `OverlayNotification` and use for theme installing, previewing, and trashing. Such overlay notifications take over the entire window.

Props westonruter, celloexpressions.
See #37661, #39896, #21666, #35210.

Built from https://develop.svn.wordpress.org/trunk@41667


git-svn-id: http://core.svn.wordpress.org/trunk@41501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 03:37:46 +00:00
Jeremy Felt
bdd50f28b4 Docs: Clarify docs for hooked count/date updates
See #41017.

Built from https://develop.svn.wordpress.org/trunk@41666


git-svn-id: http://core.svn.wordpress.org/trunk@41500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 03:20:47 +00:00
Jeremy Felt
78880a6a0b Multisite: Only update a site's post count when post types of post are updated.
Previously, the query to update the count of published posts would run every time any post type transitioned between a `publish`/non-published status or was deleted.

Props sboisvert, JPry, spacedmonkey.
Fixes #42021.

Built from https://develop.svn.wordpress.org/trunk@41665


git-svn-id: http://core.svn.wordpress.org/trunk@41499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 03:09:44 +00:00
Jeremy Felt
b47cf7330c Multisite: Use get_networks() instead of a direct query in get_admin_users_for_domain().
Props spacedmonkey.
Fixes #41806.

Built from https://develop.svn.wordpress.org/trunk@41664


git-svn-id: http://core.svn.wordpress.org/trunk@41498 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 03:06:47 +00:00
Gary Pendergast
f0492c5da8 Database: Fix some PHP errors introduced in [41662].
PHP < 5.4 requires a `$matches` parameter to be passed to `preg_match_all()`

`wpdb::prepare()` can be called before translations are loaded, so needs appropriate `wp_load_translations_early()` calls.

See #42040.


Built from https://develop.svn.wordpress.org/trunk@41663


git-svn-id: http://core.svn.wordpress.org/trunk@41497 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 02:45:47 +00:00
Gary Pendergast
1603a9e067 Database: Throw a notice if wpdb::prepare() is called with an incorrect number of arguments
`wpdb::prepare()` currently gives no information if the number of arguments passed doesn't match the number of placeholders in the query. This change gives an explicit notice that the call was incorrect.

Also fixes an enrelated term meta test that was triggering this new notice.

Props thekt12 for the initial patch.
Fixes #42040.


Built from https://develop.svn.wordpress.org/trunk@41662


git-svn-id: http://core.svn.wordpress.org/trunk@41496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 02:11:47 +00:00
Jeremy Felt
abdfe59c28 Multisite: Use get_current_blog_id() instead of $wpdb->blogid.
`get_current_blog_id()` is more appropriate for determining the ID of the current site in most cases. This eliminates the need for the global `$wpdb` in several functions and is better than the implicit global used in admin pages.

Props bnap00, spacedmonkey.
Fixes #41684.

Built from https://develop.svn.wordpress.org/trunk@41661


git-svn-id: http://core.svn.wordpress.org/trunk@41495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 01:44:47 +00:00
Gary Pendergast
5f19289fc2 Docs: Clarify the docs for wpdb::prepare().
Make the usage of the `%` wildcard in queries clearer.

Props jrf.
Fixes #41983.


Built from https://develop.svn.wordpress.org/trunk@41660


git-svn-id: http://core.svn.wordpress.org/trunk@41494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 00:22:45 +00:00
Jeremy Felt
d5acf636b0 Build/Test Tools: Add ms-files test group to sub-task list.
Previously, the `ms-files` test group would not run in any automatic configuration. This ensures it is always run as part of the test suite in Travis CI.

Props netweb.
Fixes #41698.

Built from https://develop.svn.wordpress.org/trunk@41659


git-svn-id: http://core.svn.wordpress.org/trunk@41493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-01 22:16:48 +00:00
Andrea Fercia
1f4dab28fe Accessibility: Improve the Theme Details modal accessibility.
- sets the modal content to `role="document"` to make screen readers switch back to browse mode
- standardizes the Themes screen and Customizer modals interaction
- Themes screen modal: sets initial focus on the modal overlay instead of the primary button, avoiding to "skip" content for keyboard and screen reader users

Fixes #42055.

Built from https://develop.svn.wordpress.org/trunk@41658


git-svn-id: http://core.svn.wordpress.org/trunk@41492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-01 13:48:46 +00:00
Adam Silverstein
e23b4e9269 REST API JavaScript Client: improve support for model deletion/trash.
Update the way and location the JavaScript client determines which models/endpoints require the `force=true` parameter when being deleted to avoid a `rest_trash_not_supported` error. Identify models with endpoints that support DELETE, excluding those that support the trash (posts and pages by default). Also, move the check into the default `wp.api.WPApiBaseModel.initialize()` function.

Props caercam, euthelup.
Fixes #40672.


Built from https://develop.svn.wordpress.org/trunk@41657


git-svn-id: http://core.svn.wordpress.org/trunk@41491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-01 13:07:45 +00:00
Andrew Ozz
40d84f7503 Editor: Use editor.$ to improve removeSelectionMarker().
See #42029
Built from https://develop.svn.wordpress.org/trunk@41656


git-svn-id: http://core.svn.wordpress.org/trunk@41490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-01 10:33:47 +00:00
Andrew Ozz
5335ba8c20 Editor: pass the DOM library instance instead of a (fake) editor instance to getCursorMarkerSpan().
See #42029
Built from https://develop.svn.wordpress.org/trunk@41655


git-svn-id: http://core.svn.wordpress.org/trunk@41489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-01 09:42:47 +00:00
Felix Arntz
eedca8f3da Multisite: Fix wp_get_users_with_no_role() possibly including users with a role on a different site.
Prior to this change, when passing another site than the current one to `wp_get_users_with_no_role()` through its `$site_id` parameter, the function still used the roles available on the current site, which would cause users with other roles that possibly exist on the other site to show up as users without a role. Switching the site before retrieving the available rules fixes the issue.

Fixes #42015.

Built from https://develop.svn.wordpress.org/trunk@41654


git-svn-id: http://core.svn.wordpress.org/trunk@41488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-30 04:10:45 +00:00
Felix Arntz
5edfea22b9 Multisite: Fix count_users() possibly querying incorrect roles when passed a different site ID.
The `time` strategy in `count_users()` queries users by role. However, the roles queried for were not affected by passing another site than the current one through the `$site_id` parameter, causing users having roles that were not queried for to appear as users without a role. This changeset fixes the issue by switching the site before retrieving the roles to query for.

Fixes #42014.

Built from https://develop.svn.wordpress.org/trunk@41653


git-svn-id: http://core.svn.wordpress.org/trunk@41487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-30 03:54:45 +00:00
Felix Arntz
b0aaa16b32 Multisite: Display correct roles in Network > Site Users screen for sites other than the main site.
Props jeremyfelt.
Fixes #42013.

Built from https://develop.svn.wordpress.org/trunk@41652


git-svn-id: http://core.svn.wordpress.org/trunk@41486 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-30 03:20:46 +00:00
Weston Ruter
e0c3951b08 Embeds: Cache oEmbeds in an oembed_cache custom post type instead of postmeta when there is no global $post.
Add processing of embeds to rich Text widget.

Props swissspidy, westonruter, ocean90, johnbillion.
See #40854, #39994, #40935.
Fixes #34115.

Built from https://develop.svn.wordpress.org/trunk@41651


git-svn-id: http://core.svn.wordpress.org/trunk@41485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-30 01:15:48 +00:00
Weston Ruter
e90b5ee669 Customize: Remove unused JS variables to fix JSHint.
Amends [41649].
See #37661, #39896.

Built from https://develop.svn.wordpress.org/trunk@41650


git-svn-id: http://core.svn.wordpress.org/trunk@41484 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 22:04:47 +00:00
Weston Ruter
57044ac71e Customize: Improve interactions between the Themes panel and Publish Settings section.
* Deactivate the Themes panel immediately after changing selected status to non-publish.
* Animate publish settings button into view with publish button when collapsing Themes panel.
* Deactivate publish settings section and hide publish settings button entirely when customizer state is clean.
* Harden access of Themes panel in case it was removed by plugin.
* Fix throttling of `renderScreenshots` calls in `ThemesSection`.

Amends [41648], [41626].
See #37661, #39896, #34843.

Built from https://develop.svn.wordpress.org/trunk@41649


git-svn-id: http://core.svn.wordpress.org/trunk@41483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 21:52:45 +00:00
Weston Ruter
76f590b99b Customize: Introduce a new experience for discovering, installing, and previewing themes within the customizer.
Unify the theme-browsing and theme-customization experiences by introducing a comprehensive theme browser and installer directly accessible in the customizer. Replaces the customizer theme switcher with a full-screen panel for discovering/browsing and installing themes available on WordPress.org. Themes can now be installed and previewed directly in the customizer without entering the wp-admin context. Also includes an extensible framework for browsing and installing themes from other sources.

Also includes CSS auto-prefixing added via `grunt precommit:css`.

For details, see: https://make.wordpress.org/core/2016/10/03/feature-proposal-a-new-experience-for-discovering-installing-and-previewing-themes-in-the-customizer/

Previously [38813] but reverted in [39140].
Fixes #37661, #34843, #38666.
Props celloexpressions, folletto, westonruter, karmatosed, melchoyce, afercia.

Built from https://develop.svn.wordpress.org/trunk@41648


git-svn-id: http://core.svn.wordpress.org/trunk@41482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 20:13:50 +00:00
John Blackbourn
fb30317bad Build/Test tools: Partially revert [41367] as gd and exif aren't actually required to run WordPress.
See #41851

Built from https://develop.svn.wordpress.org/trunk@41647


git-svn-id: http://core.svn.wordpress.org/trunk@41481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 19:57:47 +00:00
Andrew Ozz
309c5559b4 Editor: improve attaching a callback on editor init.
See #42029
Built from https://develop.svn.wordpress.org/trunk@41646


git-svn-id: http://core.svn.wordpress.org/trunk@41480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 19:12:47 +00:00
Andrew Ozz
e4bd7a86a6 Editor: Improve keeping text selection when switching between Visual and Text modes.
Props biskobe.
See #42029.
Built from https://develop.svn.wordpress.org/trunk@41645


git-svn-id: http://core.svn.wordpress.org/trunk@41479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 17:50:45 +00:00
Sergey Biryukov
c1686e75bf Posts, Post Types: Correct test_submitting_comment_to_trashed_post_returns_error().
`wp_trash_post()` accepts a post ID, not a `WP_Post` object.

See #42030.
Built from https://develop.svn.wordpress.org/trunk@41644


git-svn-id: http://core.svn.wordpress.org/trunk@41478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 15:10:47 +00:00
Andrew Ozz
8fc05d8fba TinyMCE: fix "flickering inline toolbar" in Chrome in RTL mode by not showing tooltips while an inline toolbar is shown.
Fixes #42018.
Built from https://develop.svn.wordpress.org/trunk@41643


git-svn-id: http://core.svn.wordpress.org/trunk@41477 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 14:25:47 +00:00
Sergey Biryukov
79ffa7ff2a Posts, Post Types: In wp_delete_post(), wp_trash_post(), wp_untrash_post(), and wp_delete_attachment(), standardize on WP_Post as a return value and internal representation of the post data.
Props bor0, SergeyBiryukov.
Fixes #42030.
Built from https://develop.svn.wordpress.org/trunk@41642


git-svn-id: http://core.svn.wordpress.org/trunk@41476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 13:36:46 +00:00
Sergey Biryukov
6a2b59745e I18N: Use a consistent pattern for translator comments for placeholders in wp-admin/includes/dashboard.php.
See #41974.
Built from https://develop.svn.wordpress.org/trunk@41641


git-svn-id: http://core.svn.wordpress.org/trunk@41475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 11:44:45 +00:00
Sergey Biryukov
10c46f5751 I18N: Use a consistent pattern for translator comments for placeholders in Customizer and widget strings.
Props danieltj, Rahmohn.
Fixes #41974.
Built from https://develop.svn.wordpress.org/trunk@41640


git-svn-id: http://core.svn.wordpress.org/trunk@41474 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 11:42:48 +00:00
Sergey Biryukov
033b371145 I18N: Improve i18n in help text for Custom HTML widget and Additional CSS section.
Fixes #42032.
Built from https://develop.svn.wordpress.org/trunk@41639


git-svn-id: http://core.svn.wordpress.org/trunk@41473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 11:10:50 +00:00
Sergey Biryukov
70925e6741 Posts, Post Types: Introduce pre_trash_post and pre_untrash_post filters to allow for short-circuiting wp_trash_post() and wp_untrash_post().
This brings parity with `pre_delete_post` filter in `wp_delete_post()`, introduced in [34082].

Props bor0.
Fixes #42030.
Built from https://develop.svn.wordpress.org/trunk@41638


git-svn-id: http://core.svn.wordpress.org/trunk@41472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 10:19:49 +00:00
John Blackbourn
32b555d0a7 Build/Test tools: Update the WP_PHPUnit_Util_Getopt class for PHP 7.2 compatibility.
This removes usage of `each()` which is deprecated in PHP 7.2.

Props ayeshrajans

See #40109
Fixes #41525

Built from https://develop.svn.wordpress.org/trunk@41636


git-svn-id: http://core.svn.wordpress.org/trunk@41471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-28 23:15:47 +00:00
John Blackbourn
d306285fa2 Build/Test tools: Update some test cases in anticipation of code formatting corrections.
These two tests assume a certain level of indentation in code which does not conform to core's coding
standards and will hopefully be corrected at some point in #41057.

See #41057

Built from https://develop.svn.wordpress.org/trunk@41635


git-svn-id: http://core.svn.wordpress.org/trunk@41470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-28 22:56:50 +00:00
Dominik Schilling
9e097490af Embeds: In switched state, restore previous state if no post ID is found.
Fixes #40673.
Built from https://develop.svn.wordpress.org/trunk@41634


git-svn-id: http://core.svn.wordpress.org/trunk@41469 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-28 16:29:45 +00:00
John Blackbourn
0d629ec963 External Libraries: Update the Text_Diff_Engine_native class for PHP 7.2 compatibility.
This removes usage of `each()` and usage of text strings passed to `assert()`.

Props bor0

Fixes #41526

Built from https://develop.svn.wordpress.org/trunk@41633


git-svn-id: http://core.svn.wordpress.org/trunk@41468 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-28 13:59:45 +00:00
Gary Pendergast
c805479c8b Docs: Update the documentation for wpdb::prepare()
The inline documentation for `wpdb::prepare()` was kind of confusing, and didn't describe some of the behaviour correctly.

Fixes #41983.


Built from https://develop.svn.wordpress.org/trunk@41632


git-svn-id: http://core.svn.wordpress.org/trunk@41467 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-28 11:45:45 +00:00
Gary Pendergast
3a4e78f9bd Setup: Hide database errors while testing the table prefix.
If DB errors are shown during installation, the table prefix test will also show an error, even though we're deliberately trying to generate that error.

Fixes #40655.


Built from https://develop.svn.wordpress.org/trunk@41631


git-svn-id: http://core.svn.wordpress.org/trunk@41466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-28 07:58:46 +00:00
Gary Pendergast
ef3720ac49 Post Editor: Keep text selection between Visual and Text modes
When switching between post editor modes, the current cursor position and selection is now preserved. This allows authors to switch modes without losing the context of where they were in the document.

Props biskobe.
Fixes #41962.


Built from https://develop.svn.wordpress.org/trunk@41630


git-svn-id: http://core.svn.wordpress.org/trunk@41465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-28 06:45:46 +00:00
Gary Pendergast
dbd93ddbb6 Database: Add support for connecting to IPv6 hosts
IPv4 addresses are scarce, overworked, and underpaid. They're ready to retire, but we just won't let them go. If you care about their wellbeing, switch to IPv6 today.

Props schlessera, birgire.
Fixes #41722.


Built from https://develop.svn.wordpress.org/trunk@41629


git-svn-id: http://core.svn.wordpress.org/trunk@41464 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-28 05:37:44 +00:00
Gary Pendergast
0028a9555e Database: Don't quote placeholders in queries going through $wpdb->prepare()
To bring Core into line with the changes to `$wpdb->prepare()` in WordPress 4.8.2, query placeholders shouldn't be quoted.

Props jrf, johnjamesjacoby.
Fixes #41983.


Built from https://develop.svn.wordpress.org/trunk@41628


git-svn-id: http://core.svn.wordpress.org/trunk@41463 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-28 04:32:46 +00:00
Gary Pendergast
88f71a8adf Options: Add new alloptions and pre_cache_alloptions filters.
`pre_cache_alloptions` is run before the alloptions array is inserted into the cache, and is valuable for sanity checking the options, particularly if your caching scheme has size limitations.

`alloptions` is run before returning the alloptions array, and is useful for when you have extra information that alloptions should return.

Props sebastian.pisula, keesiemeijer.
Fixes #33958.


Built from https://develop.svn.wordpress.org/trunk@41627


git-svn-id: http://core.svn.wordpress.org/trunk@41462 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-28 00:23:47 +00:00
Weston Ruter
8043c2d8e5 Customize: Introduce drafting and scheduling for Customizer changesets.
* Incorporates code from the Customize Snapshots and Customize Posts feature plugins.
* Adds a new Publish Settings section for managing the changeset status, scheduled date, and frontend preview link.
* Updates Publish button to reflect the status selected in the Publish Settings (including Save Draft and Schedule).
* Deactivates the Themes section when a non-publish status selected, and deactivates the Publish Settings section when previewing a theme switch.
* Introduces an `outer` section type (`wp.customize.OuterSection` in JS) for the Publish Settings section to use and for available widgets and available nav menu panels to use in the future. These sections can be expanded while other sections are expanded.
* Introduces `WP_Customize_Date_Time_Control` in PHP and `wp.customize.DateTimeControl` in JS for managing a date/time value.
* Keeps track of scheduled time and proactively publish from the client when the time arrives, as opposed to waiting for WP Cron.
* Auto-publishes a scheduled changeset when attempting to access one that missed its schedule.
* Starts a new changeset if attempting to save a changeset that was previously publish.
* Adds `force` arg to `requestChangesetUpdate()` to force an update request even when there are no pending changes.
* Adds utils methods for `getCurrentTimestamp` and `getRemainingTime`.
* Adds new state values for `selectedChangesetStatus`, `changesetDate`, `selectedChangesetDate`.
* Fixes logic for when to short-circuit check to close Customizer when there are unsaved changes.
* Adds getter methods for `autosaved` and `branching` parameters, with the latter applying the `customize_changeset_branching` filter.
* Call to `establish_loaded_changeset` on the fly when `changeset_uuid()` is called if no changeset UUID was specififed.
* De-duplicates logic for dismissing auto-draft changesets.
* Includes unit tests.

Builds on [41597].
Props sayedwp, westonruter, melchoyce, JoshuaWold, folletto, stubgo, karmatosed, dlh, paaljoachim, afercia, johnregan3, utkarshpatel, valendesigns.
See #30937.
Fixes #39896, #28721, #39275.

Built from https://develop.svn.wordpress.org/trunk@41626


git-svn-id: http://core.svn.wordpress.org/trunk@41461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 22:25:46 +00:00
Felix Arntz
0892a6ebbf Multisite: Improve initializing available roles when switch sites.
Switching the available roles and the current user's capabilities no longer happens in `switch_to_blog()` and `restore_current_blog()`, instead it has been moved to a new function `wp_switch_roles_and_user()` which is hooked into the site switching process. This allows to improve performance by temporarily unhooking the function when roles and capabilities do not need to be switched.

This change ensures that switching available roles now works closer to switching user capabilities, particularly the changes in [41624]. A new `WP_Roles::for_site( $site_id )` method has been introduced, and the `WP_Roles::_init()` method has been deprecated. It is furthermore possible to retrieve the site ID for which the available roles are currently initialized through a new `WP_Roles::get_site_id()`.

Props johnjamesjacoby, flixos90.
Fixes #38645.

Built from https://develop.svn.wordpress.org/trunk@41625


git-svn-id: http://core.svn.wordpress.org/trunk@41460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 21:44:44 +00:00
Felix Arntz
21f18c2d30 Multisite: Initialize a user's roles correctly when setting them up for a different site.
While it has always been possible to initialize a user's roles and capabilities for another site than the current one in a multisite, the actual roles available were not switched prior to this change, possibly causing invalid roles to show up or actually valid capabilities not being available.

In order to fix this bug in a clean way, relevant parts of the `WP_User` class have been refactored. The ID of the site for which capabilities are currently initialized are now stored in a private property `WP_User::$site_id`. The `WP_User::for_blog( $blog_id )` and `WP_User::_init_caps( $cap_key )` methods have been deprecated in favor of `WP_User::for_site( $site_id )`. In addition, a new method `WP_User::get_site_id()` has been introduced to retrieve the site ID for which the user's capabilities are currently initialized.

Props ryanduff, jeremyfelt, flixos90.
Fixes #36961.

Built from https://develop.svn.wordpress.org/trunk@41624


git-svn-id: http://core.svn.wordpress.org/trunk@41459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 21:10:45 +00:00
John Blackbourn
7fc820382a Users: Remove the failing tests added in [41613] while they're investigated.
See #38741

Built from https://develop.svn.wordpress.org/trunk@41623


git-svn-id: http://core.svn.wordpress.org/trunk@41458 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 17:42:46 +00:00
Andrea Fercia
c65fe27ba1 Accessibility: Update and standardize the admin screen-reader-text CSS class.
Given the new WordPress browsers support policy, the `screen-reader-text` css
class used in the admin can be updated to use modern CSS and correct syntax. See
https://github.com/wpaccessibility/a11ythemepatterns/blob/master/read-more-links/style.css

Worth noting the `clip` property is deprecated and kept for IE11 and Edge.

- uses `clip-path` for modern browsers
- keeps `clip` for old browsers and update its value to a correct syntax
- resets `clip-path` to `none` where the class is used to dynamically reveal elements
- removes an old rule that made `screen-reader-text` completely invisible in the help tabs `#screen-meta`
- standardizes the rule across CSS files

Fixes #40970.

Built from https://develop.svn.wordpress.org/trunk@41622


git-svn-id: http://core.svn.wordpress.org/trunk@41457 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 17:27:45 +00:00
Andrea Fercia
8c7a2b1d54 Accessibility: Improve the sidebar toggles in the Widgets screen.
- uses button elements for the toggles
- uses `aria-expanded` on the toggles to communicate to assistive technologies the panels expanded/collapsed state
- adds the "circular focus" style to the toggles to give users a clear indication of the currently focused element
- standardizes CSS class names to `.toggle-indicator` and `.handlediv` as these names are already used across the admin for similar controls

Props monikarao, xavortm, mihai2u, Kopepasah.
Fixes #37013.

Built from https://develop.svn.wordpress.org/trunk@41621


git-svn-id: http://core.svn.wordpress.org/trunk@41456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 16:29:44 +00:00
Andrew Ozz
ddfa468e38 TinyMCE: disable the tests for wptextpatterns plugin in PhantomJS.
See #42009
Built from https://develop.svn.wordpress.org/trunk@41620


git-svn-id: http://core.svn.wordpress.org/trunk@41455 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 16:22:46 +00:00
Pascal Birchler
f71a685b11 Upgrade/Install: Update unit tests after [41611].
See #40764.

Built from https://develop.svn.wordpress.org/trunk@41619


git-svn-id: http://core.svn.wordpress.org/trunk@41454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 15:15:47 +00:00
John Blackbourn
2429d4acea Taxonomy: Introduce a back_to_items taxonomy label.
This is used after updating a taxonomy term in the link to return to the term listing screen.

Props benoitchantre

Fixes #41898

Built from https://develop.svn.wordpress.org/trunk@41618


git-svn-id: http://core.svn.wordpress.org/trunk@41453 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 14:39:45 +00:00
John Blackbourn
50a7d2b121 Options, Meta APIs: Require a confirmation link in an email to be clicked when a user attempts to change the network
admin email address on Multisite.

This mirrors the same functionality for the site admin email address and user profile email address.

Fixes #41254

Built from https://develop.svn.wordpress.org/trunk@41617


git-svn-id: http://core.svn.wordpress.org/trunk@41452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 14:17:45 +00:00
John Blackbourn
5c7a7a2989 Embeds: Documentation alignment following [41615].
See #38181

Built from https://develop.svn.wordpress.org/trunk@41616


git-svn-id: http://core.svn.wordpress.org/trunk@41451 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 13:27:44 +00:00
John Blackbourn
4b76c1f22f Embeds: Add support for Amazon Kindle instant previews.
Props jsepia, morganestes, adamsilverstein, swissspidy, jbpaul17, johnbillion, rugved

Fixes #38181

Built from https://develop.svn.wordpress.org/trunk@41615


git-svn-id: http://core.svn.wordpress.org/trunk@41450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 13:26:45 +00:00
John Blackbourn
255658fa31 Users: There is not, in fact, 12345 users on every WordPress installation.
Props spacedmonkey

See #38741

Built from https://develop.svn.wordpress.org/trunk@41614


git-svn-id: http://core.svn.wordpress.org/trunk@41449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 13:07:46 +00:00
John Blackbourn
807bc5a6c9 Users: Introduce the concept of a large site in order to speed up the Users screen when there are many users.
Calling the `count_users()` function is expensive, regardless of the counting strategy that's used, and it gets
slower the more users there are on a site. In order to speed up the Users screen in the admin area, calling
`count_users()` can be avoided entirely while still displaying the total count for users.

This introduces some new functions:

* `wp_is_large_user_count()`
* `wp_get_active_user_count()`
* `wp_update_active_user_count()`

A corresponding `wp_is_large_user_count` filter is also introduced.

Props tharsheblows, johnbillion

Fixes #38741

Built from https://develop.svn.wordpress.org/trunk@41613


git-svn-id: http://core.svn.wordpress.org/trunk@41448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 13:04:47 +00:00
Pascal Birchler
0fe4c3b3f2 Upgrade/Install: Fix updating plugins on the Add Plugins screen.
Props imath.
Fixes #41407.

Built from https://develop.svn.wordpress.org/trunk@41612


git-svn-id: http://core.svn.wordpress.org/trunk@41447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 11:59:47 +00:00
Pascal Birchler
2dd83960b9 Upgrade/Install: Show new version number when updating a theme on Multisite.
Props afragen.
Fixes #40764.

Built from https://develop.svn.wordpress.org/trunk@41611


git-svn-id: http://core.svn.wordpress.org/trunk@41446 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 09:44:45 +00:00
Pascal Birchler
95d8b4fa44 Themes: Adjust unit test after [41607].
Props ocean90.
See #40820.

Built from https://develop.svn.wordpress.org/trunk@41610


git-svn-id: http://core.svn.wordpress.org/trunk@41445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 08:53:44 +00:00
Pascal Birchler
5e7ce2a61a Plugins: Fix version number in docblock after [41608].
Props ocean90.
See #37430.

Built from https://develop.svn.wordpress.org/trunk@41609


git-svn-id: http://core.svn.wordpress.org/trunk@41444 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 08:52:47 +00:00
Pascal Birchler
1f5c7470fb Plugins: Improve error messages on plugins screen.
This unifies the layout and wording of error messages on both the plugins screen and the themes screen.

Props tinkerbelly, juhise, Ankit K Gupta, m1tk00, swissspidy, mrahmadawais, danieltj.
Fixes #37430.

Built from https://develop.svn.wordpress.org/trunk@41608


git-svn-id: http://core.svn.wordpress.org/trunk@41443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 08:46:45 +00:00
Pascal Birchler
e7beaa590f Themes: Adjust translated string after [41601].
Props obenland.
See #40820.

Built from https://develop.svn.wordpress.org/trunk@41607


git-svn-id: http://core.svn.wordpress.org/trunk@41442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 08:38:45 +00:00
Pascal Birchler
81a8f1cffe Embeds: Maintain switched state when embedding a post on Multisite.
Props bor0.
Fixes #40673.

Built from https://develop.svn.wordpress.org/trunk@41606


git-svn-id: http://core.svn.wordpress.org/trunk@41441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 08:36:48 +00:00
Dion Hulse
db86c635ba Standardise on performing api.WordPress.org requests over SSL when possible, falling back to non-SSL when appropriate.
This also standardises the `User-Agent` used when communicating with WordPress.org, allowing for more consistent version detection.

Fixes #42004.

Built from https://develop.svn.wordpress.org/trunk@41605


git-svn-id: http://core.svn.wordpress.org/trunk@41440 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 08:00:49 +00:00
Andrew Ozz
b32256701a TinyMCE: update to 4.6.7, changelog: https://www.tinymce.com/docs/changelog/#version467september182017.
Fixes #41996 #40956
Built from https://develop.svn.wordpress.org/trunk@41604


git-svn-id: http://core.svn.wordpress.org/trunk@41439 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-26 21:15:47 +00:00
Weston Ruter
cb8173e053 Customize: Dismiss all autosaved auto-drafts for user and not just the one suggested when dismissing restoration notification.
Amends [41597].
See #39896.

Built from https://develop.svn.wordpress.org/trunk@41603


git-svn-id: http://core.svn.wordpress.org/trunk@41438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-26 20:33:46 +00:00
Mel Choyce
eb38b0da9b Customizer: Improve small-screen styles in Widgets panel.
Props mrasharirfan, mrahmadawais.
Fixes #41614.

Built from https://develop.svn.wordpress.org/trunk@41602


git-svn-id: http://core.svn.wordpress.org/trunk@41437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-26 19:05:46 +00:00
Pascal Birchler
1ac10346ce Themes: Report theme as broken that sets itself as its parent.
Props davilera.
Fixes #40820.

Built from https://develop.svn.wordpress.org/trunk@41601


git-svn-id: http://core.svn.wordpress.org/trunk@41436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-26 08:54:47 +00:00
Pascal Birchler
742fc18cca Embeds: Improve performance when embedding a post on Multisite.
After [37798], this fixes embeds coming from a different site in the network.

Props imath.
Fixes #40673. See #36767. 

Built from https://develop.svn.wordpress.org/trunk@41600


git-svn-id: http://core.svn.wordpress.org/trunk@41435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-26 08:40:47 +00:00
Dion Hulse
af3c440b1d Embeds: Switch the Imgur oEmbed endpoint to use SSL as the HTTP version has been deprecated.
Props swissspidy.
Fixes #41984.

Built from https://develop.svn.wordpress.org/trunk@41599


git-svn-id: http://core.svn.wordpress.org/trunk@41434 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-26 08:33:44 +00:00
Pascal Birchler
fce70235f2 Permalinks: Change structure tag button state more reliably.
Changes the highlighted tag buttons accordingly when selecting one of the commong permalink settings.

Deprecates `options_permalink_add_js()` as that JavaScript isn't added inline anymore.

Fixes #29872.

Built from https://develop.svn.wordpress.org/trunk@41598


git-svn-id: http://core.svn.wordpress.org/trunk@41433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-26 08:24:46 +00:00
Weston Ruter
1a7616ad54 Customize: Extend changesets to support autosave revisions with restoration notifications, and introduce a new default linear history mode for saved changesets (with a filter for opt-in to changeset branching).
* Autosaved changes made on top of `auto-draft` changesets get written on top of the `auto-draft` itself, similar to how autosaves for posts will overwrite post drafts.
* Autosaved changes made to saved changesets (e.g. `draft`, `future`) will be placed into an autosave revision for that changeset and that user.
* Opening the Customizer will now prompt the user to restore their most recent auto-draft changeset; if notification is dismissed or ignored then the auto-draft will be marked as dismissed and will not be prompted to user in a notification again.
* Customizer will no longer automatically supply the `changeset_uuid` param in the `customize.php` URL when branching changesets are not active.
* If user closes Customizer explicitly via clicking on X link, then autosave auto-draft/autosave will be dismissed so as to not be prompted again.
* If there is a changeset already saved as a `draft` or `future` (UI is forthcoming) then this changeset will now be autoloaded for the user to keep making additional changes. This is the linear model for changesets.
* To restore the previous behavior of the Customizer where each session started a new changeset, regardless of whether or not there was an existing changeset saved, there is now a `customize_changeset_branching` hook which can be filtered to return `true`.
* `wp.customize.requestChangesetUpdate()` now supports a second with options including `autosave`, `title`, and `date`.
* The window `blur` event for `customize.php` has been replaced with a `visibilitychange` event to reduce autosave requests when clicking into preview window.
* Adds `autosaved` and `branching` args to `WP_Customize_Manager`.
* The `changeset_uuid` param for `WP_Customize_Manager` is extended to recognize a `false` value which causes the Customizer to defer identifying the UUID until `after_setup_theme` in the new `WP_Customize_Manager::establish_loaded_changeset()` method.
* A new `customize_autosaved` query parameter can now be supplied which is passed into the `autosaved` arg in `WP_Customize_Manager`; this option is an opt-in to source data from the autosave revision, allowing a user to restore autosaved changes.

Props westonruter, dlh, sayedwp, JoshuaWold, melchoyce.
See #39896.

Built from https://develop.svn.wordpress.org/trunk@41597


git-svn-id: http://core.svn.wordpress.org/trunk@41430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-26 07:38:45 +00:00
Felix Arntz
85712eb281 Multisite: Fix documentation issues for domain_exists().
Props stevenlinx.
Fixes #41619.

Built from https://develop.svn.wordpress.org/trunk@41596


git-svn-id: http://core.svn.wordpress.org/trunk@41429 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-26 00:12:45 +00:00
Weston Ruter
f1779f24ed Code Editors: Update the current file highlight to use notice styling.
Improves color contrast and readability, and reuses a core design pattern.

Props kekkakokkers, monopine, Travel_girl, afercia, melchoyce, karmatosed.
Fixes #31604.

Built from https://develop.svn.wordpress.org/trunk@41595


git-svn-id: http://core.svn.wordpress.org/trunk@41428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-25 21:46:47 +00:00
Konstantin Obenland
eea0e5f6f5 Widgets: Merge orphaned widgets on theme switch
Merges orphaned widgets into the inactive sidebar when switching themes.

Props bpayton.
See #39693.

Built from https://develop.svn.wordpress.org/trunk@41594


git-svn-id: http://core.svn.wordpress.org/trunk@41427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-25 16:19:46 +00:00
Sergey Biryukov
9597082ec9 Twenty Seventeen: Add Docker Hub icon to supported social links.
Props xkon.
Fixes #41529.
Built from https://develop.svn.wordpress.org/trunk@41593


git-svn-id: http://core.svn.wordpress.org/trunk@41426 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-25 13:49:43 +00:00
Sergey Biryukov
01efcd51a6 Twenty Seventeen: Add Periscope icon to supported social links.
Props xkon.
Fixes #40959.
Built from https://develop.svn.wordpress.org/trunk@41592


git-svn-id: http://core.svn.wordpress.org/trunk@41425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-25 13:14:45 +00:00
Sergey Biryukov
486ab09a0e I18N: Add translator comments for placeholders in WP_REST_Controller strings.
Props ramiy.
Fixes #41667.
Built from https://develop.svn.wordpress.org/trunk@41591


git-svn-id: http://core.svn.wordpress.org/trunk@41424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-25 10:27:43 +00:00
Weston Ruter
bb97df7b5f Widgets: Introduce Gallery widget for displaying image galleries.
* Galleries are managed in the widget in the same way they are managed in the post editor, both using the media manager.
* Gallery widget is merged from the Core Media Widgets v0.2.0 feature plugin and it extends `WP_Widget_Media` in the same way as is done for image, audio, and video widgets.
* Model syncing logic is updated to support booleans and arrays (of integers).
* Placeholder areas in media widgets are now clickable shortcuts for selecting media.
* Image widget placeholder is updated to match gallery widget where clicking preview is shortcut for editing media.

Props westonruter, joemcgill, timmydcrawford, m1tk00, obenland, melchoyce.
See #32417.
Fixes #41914.

Built from https://develop.svn.wordpress.org/trunk@41590


git-svn-id: http://core.svn.wordpress.org/trunk@41423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-25 06:28:45 +00:00
Sergey Biryukov
4865841343 Posts, Post Types: Pass the order parameter to get_{$adjacent}_post_sort filter.
Props manchumahara.
Fixes #41924.
Built from https://develop.svn.wordpress.org/trunk@41589


git-svn-id: http://core.svn.wordpress.org/trunk@41422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-24 23:01:44 +00:00
Sergey Biryukov
4a42f4e835 I18N: Replace code fragments in translatable strings for rest_trash_not_supported errors with a placeholder.
Props ramiy.
Fixes #41643.
Built from https://develop.svn.wordpress.org/trunk@41588


git-svn-id: http://core.svn.wordpress.org/trunk@41421 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-24 22:29:46 +00:00
Sergey Biryukov
982ba72da9 I18N: Replace method name in a translatable string in WP_REST_Controller::register_routes() with a placeholder.
Props ramiy.
Fixes #41667.
Built from https://develop.svn.wordpress.org/trunk@41587


git-svn-id: http://core.svn.wordpress.org/trunk@41420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-24 22:04:46 +00:00
Andrea Fercia
d1948f623a Accessibility: CodeMirror editing areas minor improvements.
- properly labels all the code editor areas (Theme/Plugin, Custom HTML widget, Additional CSS), whether CodeMirror is enabled or disabled
- adds `role="textbox"` and `aria-multiline="true"` to the CodeMirror editing area to allow assistive technologies properly identify it as a textarea
- standardizes the "keyboard trap" help text across the admin and keeps it as a list for better readability
- use the Help text elements as target for `aria-describedby`, to make screen readers read out the help text when focusing the editors
- fixes the `aria-expanded` attribute usage in the Customizer "Additional CSS" help toggle
- moves focus to the CodeMirror editing area when clicking on the associated label
- in the Plugin editor screen: changes a `<big>` element to `<h2>` for better semantics and consistency with the Theme editor screen
- also, removes a few textdomain leftovers, see `better-code-editing` and `default`

Props westonruter, melchoyce, afercia.
Fixes #41872.

Built from https://develop.svn.wordpress.org/trunk@41586


git-svn-id: http://core.svn.wordpress.org/trunk@41419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-24 16:00:46 +00:00
Sergey Biryukov
0170c40e24 Plugins: Restore "Clear List" button functionality for recently active plugins.
Props obenland.
Fixes #41080.
Built from https://develop.svn.wordpress.org/trunk@41585


git-svn-id: http://core.svn.wordpress.org/trunk@41418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-24 15:16:46 +00:00
Andrew Ozz
a5f8097899 Retire Press This and extract it to a plugin. First run.
Props kraftbj, azaozz.
See #41689.
Built from https://develop.svn.wordpress.org/trunk@41584


git-svn-id: http://core.svn.wordpress.org/trunk@41417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-24 14:22:54 +00:00
Sergey Biryukov
400bc41731 I18N: Allow for post custom field name in the_meta() to be translated, e.g. to insert a non-breaking space before the colon.
Props audrasjb, johnbillion.
Fixes #41653.
Built from https://develop.svn.wordpress.org/trunk@41583


git-svn-id: http://core.svn.wordpress.org/trunk@41416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-24 11:28:46 +00:00
Weston Ruter
58761c1ff2 Customize: Remove unnecessary call to refresh() a CodeMirror instance upon focus in Code Editor control.
This also fixes an issue with the cursor not being set in the expected location with an `inputStyle=contenteditable`.

Props afercia.
See #41897.
Fixes #41900.

Built from https://develop.svn.wordpress.org/trunk@41582


git-svn-id: http://core.svn.wordpress.org/trunk@41415 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 18:46:49 +00:00
Sergey Biryukov
d379f839cf Posts, Post Types: Pass $post parameter to post_submitbox_start, attachment_submitbox_misc_actions, media_submitbox_misc_sections, audio_submitbox_misc_sections filters.
Props sebastian.pisula, SergeyBiryukov.
Fixes #36206.
Built from https://develop.svn.wordpress.org/trunk@41581


git-svn-id: http://core.svn.wordpress.org/trunk@41414 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 17:07:46 +00:00
Sergey Biryukov
29fa55f71d Twenty Sixteen: After [41343], add missing space to if condition in twentysixteen_content_image_sizes_attr().
Fixes #38468.
Built from https://develop.svn.wordpress.org/trunk@41580


git-svn-id: http://core.svn.wordpress.org/trunk@41413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 12:25:45 +00:00
Sergey Biryukov
fa5abb2474 I18N: Remove HTML tags from translatable strings in wp-activate.php.
Props ramiy.
Fixes #41645.
Built from https://develop.svn.wordpress.org/trunk@41579


git-svn-id: http://core.svn.wordpress.org/trunk@41412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 12:21:47 +00:00
Sergey Biryukov
649eb34d2a Login and Registration: Replace home URL in password reset email with the site name to avoid confusing the user with multiple links.
Props Presskopp, code-monkey.
Fixes #38328.
Built from https://develop.svn.wordpress.org/trunk@41578


git-svn-id: http://core.svn.wordpress.org/trunk@41411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 11:44:46 +00:00
Sergey Biryukov
b844c63db0 Customize: Tweak "New Custom HTML Widget" pointer text to be a bit less informal and more inclusive.
Props birgire, mrasharirfan, danieltj.
Fixes #41798.
Built from https://develop.svn.wordpress.org/trunk@41577


git-svn-id: http://core.svn.wordpress.org/trunk@41410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 11:26:46 +00:00
Sergey Biryukov
c28cc57f3b Quick/Bulk Edit: Remove duplicate inline-edit-{$screen->post_type} CSS class from Quick Edit table rows.
Props ibachal.
Fixes #41906.
Built from https://develop.svn.wordpress.org/trunk@41576


git-svn-id: http://core.svn.wordpress.org/trunk@41409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 11:02:46 +00:00
Sergey Biryukov
77f011704e XML-RPC: Update the string in test_parent_for_nonhierarchical() to match the string added in [41574].
Props netweb.
Fixes #41637.
Built from https://develop.svn.wordpress.org/trunk@41575


git-svn-id: http://core.svn.wordpress.org/trunk@41408 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 08:20:49 +00:00
Sergey Biryukov
b8edb91f43 I18N: Merge two similar "Cannot set parent term" error strings.
Props ramiy.
Fixes #41637.
Built from https://develop.svn.wordpress.org/trunk@41574


git-svn-id: http://core.svn.wordpress.org/trunk@41407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 22:08:46 +00:00
Sergey Biryukov
6fa2cea232 Docs: Add @access private entries for _get_component_from_parsed_url_array() and _wp_translate_php_url_constant_to_key().
Props ajayghaghretiya1.
Fixes #41282.
Built from https://develop.svn.wordpress.org/trunk@41573


git-svn-id: http://core.svn.wordpress.org/trunk@41406 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 22:00:47 +00:00
Sergey Biryukov
bcb126292c I18N: Merge two similar error strings.
Props ramiy.
Fixes #39172.
Built from https://develop.svn.wordpress.org/trunk@41572


git-svn-id: http://core.svn.wordpress.org/trunk@41405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 20:55:45 +00:00
Andrew Ozz
58b769a057 Plupload: also delete plupload.full.min.js when updating.
See #41755.
Built from https://develop.svn.wordpress.org/trunk@41571


git-svn-id: http://core.svn.wordpress.org/trunk@41404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 20:48:46 +00:00
Andrew Ozz
41ad3f294f Plupload: minify and load plupload.js and moxie.js separately to make them easier to debug.
Props gmariani405, azaozz.
Fixes #41755.
Built from https://develop.svn.wordpress.org/trunk@41570


git-svn-id: http://core.svn.wordpress.org/trunk@41403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 20:10:48 +00:00
Sergey Biryukov
b07cffe99a Media: Improve the preview of transparent images in Attachment Details modal by using CSS3 to show a checkered background.
Props powerzilly, stevepuddick.
Fixes #41948.
Built from https://develop.svn.wordpress.org/trunk@41569


git-svn-id: http://core.svn.wordpress.org/trunk@41402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 19:57:47 +00:00
Sergey Biryukov
7c4cdbff27 Admin CSS: Autoprefixer for [41329].
See #39662.
Built from https://develop.svn.wordpress.org/trunk@41568


git-svn-id: http://core.svn.wordpress.org/trunk@41401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 19:51:47 +00:00
Sergey Biryukov
ba67e5f09c Docs: Correct filename references in duplicate hook comments for post_password_required filter.
Props coffee2code.
Fixes #41959.
Built from https://develop.svn.wordpress.org/trunk@41567


git-svn-id: http://core.svn.wordpress.org/trunk@41400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 18:34:45 +00:00
Sergey Biryukov
c2dcfa5278 Help/About: Tweak Help tabs on Users screen for consistency with Posts screen.
Props bnap00, Arena94.
Fixes #40553.
Built from https://develop.svn.wordpress.org/trunk@41566


git-svn-id: http://core.svn.wordpress.org/trunk@41399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 18:31:48 +00:00
Sergey Biryukov
f69b784ec7 Embeds: Introduce embed_thumbnail_id filter for thumbnail image ID in the embed template.
Props ketuchetan, Dency, jontyravi, Ov3rfly.
Fixes #39759.
Built from https://develop.svn.wordpress.org/trunk@41565


git-svn-id: http://core.svn.wordpress.org/trunk@41398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 17:35:48 +00:00
Sergey Biryukov
5046ef73c3 Docs: Correct description for insert_user_meta filter.
Props milana_cap, desrosj.
Fixes #41951.
Built from https://develop.svn.wordpress.org/trunk@41564


git-svn-id: http://core.svn.wordpress.org/trunk@41397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 13:14:45 +00:00
Sergey Biryukov
4db08514ea Taxonomy: Convert tag cloud in Tags meta box to a list (<ul>) for better semantics and accessibility.
An unordered list allows screen reader users to know in advance how many tags are within the list.

Props audrasjb, afercia.
Fixes #40187.
Built from https://develop.svn.wordpress.org/trunk@41563


git-svn-id: http://core.svn.wordpress.org/trunk@41396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 11:28:44 +00:00
Sergey Biryukov
fff6cc8fc8 Docs: Change $args to $r in the DocBlock for http_api_debug filter to match the variable name.
Props bor0, ronakganatra.
Fixes #41379.
Built from https://develop.svn.wordpress.org/trunk@41562


git-svn-id: http://core.svn.wordpress.org/trunk@41395 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 09:33:47 +00:00
Weston Ruter
bf1eb1b505 Plugin Editor: Use include_once instead of include in plugin_sandbox_scrape() to fix unit tests broken with [41560].
See #39766.

Built from https://develop.svn.wordpress.org/trunk@41561


git-svn-id: http://core.svn.wordpress.org/trunk@41394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 02:01:45 +00:00
Weston Ruter
aff467e1cb Plugin Editor: Improve reliability of detecting PHP fatal errors when editing an active plugin.
* Invalidate PHP opcache after file is updated to ensure `include` will ''include'' the written changes.
* Define `WP_ADMIN` when activating plugin in sandbox so plugin code targeting admin will be loaded.
* Do actions that get triggered when loading the admin to ensure plugin code runs that could cause errors on plugin editor screen (and lock out access).
* Fix ability to re-activate a plugin after editing a PHP file other than the main plugin file, and ensure PHP fatal error will be displayed in such cases.
* Consolidate duplicated code into `plugin_sandbox_scrape()` and re-use in `activate_plugin()`.
* Show an error notice instead of a success notice when a file is updated but a plugin was deactivated due to a fatal error.
* Update style of warning when editing an active plugin to be styled as an actual warning notice.

See #12423, #21622.
Fixes #39766.

Built from https://develop.svn.wordpress.org/trunk@41560


git-svn-id: http://core.svn.wordpress.org/trunk@41393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 01:36:48 +00:00
Adam Silverstein
415e9379f9 Revisions: correct a timezone display issue.
When preparing the data for the revisions screen, add ' +0000' to the gmt date string before passing it thru `strtotime`.

Props biranit, nacin, buley.
Fixes #25365.

Built from https://develop.svn.wordpress.org/trunk@41559


git-svn-id: http://core.svn.wordpress.org/trunk@41392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 23:33:44 +00:00
Weston Ruter
f0b5c39bde Customize: Introduce extensible code editor Customizer control for CodeMirror.
* Adds `WP_Customize_Code_Editor_Control` and `wp.customize.CodeEditorControl()`.
* Control respects user preference for syntax highlighting, showing a textarea when user opts out.
* Code editor control takes the ad hoc code for Additional CSS and makes it reusable and extensible, for Additional CSS in core and plugins to use (such as Jetpack).
* Replace `settings` arg in `wp_enqueue_code_editor()` with separate args for `codemirror`, `csslint`, `jshint`, and `htmlhint`.
* Prefix `codemirror` script and style handles with `wp-` to prevent collisions, as also the object is exported as `wp.CodeMirror` in JS.
* Reduce indent size in Customizer code editor instances and Custom HTML widget to use tab size of 2 instead of 4 to save on space.

See #12423, #38707, #35395.
Fixes #41897.

Built from https://develop.svn.wordpress.org/trunk@41558


git-svn-id: http://core.svn.wordpress.org/trunk@41391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 23:04:45 +00:00
Adam Silverstein
43eb51d4a6 Customizer: retain aspect ration when cropping media w/ shift+click/drag.
Enforce a 1:1 ratio when holding the shift key and dragging in the image cropping tool in the customizer context.

Props melchoyce, mikeschroder.
Fixes #40211.

Built from https://develop.svn.wordpress.org/trunk@41557


git-svn-id: http://core.svn.wordpress.org/trunk@41390 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 22:45:44 +00:00
Adam Silverstein
220d5aec74 Login: Password reset - add hide icon & confirm weak password checkbox.
Extends the password features added in 4.3 to the password reset flow.

Props johnbillion, manolis09, umesh.nevase, Nikschavan.


Built from https://develop.svn.wordpress.org/trunk@41556


git-svn-id: http://core.svn.wordpress.org/trunk@41389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 21:29:48 +00:00
Konstantin Obenland
27536e99c5 Widgets: Improved sidebar mapping on theme switch
Builds on efforts brought forward in #17979.

This will send sidebars through three levels of mapping:

1. If both themes have only one sidebar, that gets mapped.
2. If both themes have sidebars with the same slug, they get mapped.
3. Sidebars that (even partially) match slugs from a similar kind of sidebar will get mapped.

Finally, if the theme has previously been active and we have a record of its 
sidebar configuration then, any unmapped sidebar will be restored to its 
previous state.

Props westonruter, obenland, alexvorn2, timmydcrawford.
See #39693.


Built from https://develop.svn.wordpress.org/trunk@41555


git-svn-id: http://core.svn.wordpress.org/trunk@41388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 18:46:46 +00:00
Andrew Ozz
76296ef657 Remove SWFUpload,
- Refactor swfupload.js to output a simple upload form, and handlers.js.
- Delete the SWFUpload plugins directory and swfupload.swf.
- Remove flash cookies "hack" from async-upload.php.

See #41752.
Built from https://develop.svn.wordpress.org/trunk@41554


git-svn-id: http://core.svn.wordpress.org/trunk@41387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 16:35:48 +00:00
Adam Silverstein
639d215300 REST API JS Client: Improve nonce handling, refresh stale nonce on sync.
Keep the nonce used for cookie based authentication fresh by pulling in and using any new nonce supplied in the response headers.

* Enable passing nonce to init so each api/endpoint can use a unique nonce.
* Store nonce for endpoint on endpointModel.
* New model helper `nonce()` retrieves a model's routeModel nonce.
* When a response header contains a nonce that doesn't match the stored nonce, replace it.

Fixes #40422.

Built from https://develop.svn.wordpress.org/trunk@41553


git-svn-id: http://core.svn.wordpress.org/trunk@41386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 12:58:45 +00:00
John Blackbourn
9aeedde6ae Multisite: Correct the docs for maybe_add_existing_user_to_blog().
See #41017

Built from https://develop.svn.wordpress.org/trunk@41552


git-svn-id: http://core.svn.wordpress.org/trunk@41385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 12:28:44 +00:00
Sergey Biryukov
da3e29eeba Docs: Use correct order of arguments in the DocBlock for WP_Hook::has_filter().
Props munyagu.
Fixes #41941.
Built from https://develop.svn.wordpress.org/trunk@41551


git-svn-id: http://core.svn.wordpress.org/trunk@41384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 10:00:48 +00:00
Weston Ruter
800ad7bd04 Customize: Let media control button labels better automatically reflect the specified MIME type.
Props Christian1012, celloexpressions, westonruter.
Fixes #38796.

Built from https://develop.svn.wordpress.org/trunk@41550


git-svn-id: http://core.svn.wordpress.org/trunk@41383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-20 21:24:46 +00:00
Weston Ruter
379e0371dd Widgets: Omit attributes from an Image widget's link when they are empty.
Props subrataemfluence, Nenad Obradovic, westonruter.
See #39993.
Fixes #41919.

Built from https://develop.svn.wordpress.org/trunk@41549


git-svn-id: http://core.svn.wordpress.org/trunk@41382 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-20 19:45:46 +00:00
Sergey Biryukov
6918752529 Twenty Seventeen: Document the type of $item argument in twentyseventeen_dropdown_icon_to_menu_link() more accurately.
Props ndoublehwp.
Fixes #41923.
Built from https://develop.svn.wordpress.org/trunk@41548


git-svn-id: http://core.svn.wordpress.org/trunk@41381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-20 18:15:46 +00:00
Weston Ruter
067970ca82 Widgets: Add Customizer preview support to the Category widget when navigating to a category via dropdown.
Switch to using a `form` that is submitted as opposed to making a direct JavaScript call to change the `window.location`. This ensures the Customizer is able to inject the customized state into the request.

Fixes #41671.

Built from https://develop.svn.wordpress.org/trunk@41547


git-svn-id: http://core.svn.wordpress.org/trunk@41380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-20 03:16:46 +00:00
Dominik Schilling
f2589e222e Taxonomy/Users: Use correct escaping function for URLs.
Built from https://develop.svn.wordpress.org/trunk@41522


git-svn-id: http://core.svn.wordpress.org/trunk@41355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 21:14:47 +00:00
Aaron Campbell
fc930d3dae Database: Hardening to bring wpdb::prepare() inline with documentation.
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.


Built from https://develop.svn.wordpress.org/trunk@41496


git-svn-id: http://core.svn.wordpress.org/trunk@41329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 17:56:45 +00:00
Aaron Campbell
5225e026ef Database: Don’t trigger _doing_it_wrong() for null values in wpdb::prepare().
While `wpdb::prepare()` does not support null values (see #12819) they still appear in the wild like in the WordPress Importer and other plugins.


Built from https://develop.svn.wordpress.org/trunk@41483


git-svn-id: http://core.svn.wordpress.org/trunk@41316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 16:06:45 +00:00
Aaron Campbell
70b2127909 Database: Hardening for wpdb::prepare()
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.


Built from https://develop.svn.wordpress.org/trunk@41470


git-svn-id: http://core.svn.wordpress.org/trunk@41303 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 14:48:47 +00:00
John Blackbourn
69de73224f Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues.
Built from https://develop.svn.wordpress.org/trunk@41457


git-svn-id: http://core.svn.wordpress.org/trunk@41290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 14:36:47 +00:00
Aaron Campbell
1115a36cda oEmbed: Add extra hardening around allowed HTML for improved sandboxing.
Built from https://develop.svn.wordpress.org/trunk@41448


git-svn-id: http://core.svn.wordpress.org/trunk@41281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 13:43:05 +00:00
John Blackbourn
e088205014 General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area.
Props kawauso, Mte90 for initial patches

Fixes #13377

Built from https://develop.svn.wordpress.org/trunk@41399


git-svn-id: http://core.svn.wordpress.org/trunk@41232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 10:11:43 +00:00
Dominik Schilling
9041e7a071 Taxonomy/Users: Provide a fallback for incorrect HTTP referrers.
Built from https://develop.svn.wordpress.org/trunk@41398


git-svn-id: http://core.svn.wordpress.org/trunk@41231 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 09:13:44 +00:00
Dominik Schilling
12694b6b92 Customize: Ensure valid themes in the preview.
Built from https://develop.svn.wordpress.org/trunk@41397


git-svn-id: http://core.svn.wordpress.org/trunk@41230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 08:39:45 +00:00
Dominik Schilling
83853f9fd2 TinyMCE: Improve the previews for shortcodes.
Built from https://develop.svn.wordpress.org/trunk@41395


git-svn-id: http://core.svn.wordpress.org/trunk@41228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 08:19:45 +00:00
Dominik Schilling
c2ead9d046 Editor: Prevent adding javascript: and data: URLs through the inline link dialog.
Built from https://develop.svn.wordpress.org/trunk@41393


git-svn-id: http://core.svn.wordpress.org/trunk@41226 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 08:01:45 +00:00