Commit Graph

307 Commits

Author SHA1 Message Date
Gary Pendergast
798c2581b1 Blocks: Parse blocks when displaying posts.
Posts containing blocks are now correctly handled when displaying on the front end, including dynamic blocks and nested blocks.

See #45109.


Built from https://develop.svn.wordpress.org/branches/5.0@43752


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-18 11:54:26 +00:00
atimmer
07ea394b44 Script loader: Adjust JS packages registration.
Adjusts the packages registration after [43723]:

* Combine the different registration functions into one
`wp_default_packages` function. To reach this goal move the prefix
logic into a function so it can be called from different locations.
Use a `static` variable there to prevent duplicate inclusion of
`version.php`.
* Call this function from the `wp_default_scripts` action by
registering it as a default filter.
* Combine some of the logic in `_WP_Editors::print_tinymce_scripts`
into `wp_register_tinymce_scripts`. The logic to force an uncompressed
TinyMCE script file stays in `_WP_Editors::force_uncompressed_tinymce`
because that logic is very specific to the classic editor.
* The script handle `wp-tinymce` is now a dependency of the `editor`
script handle. In combination with the previous item, this makes the
classic editor work.
* Adjust the syntax of the script paths to be more consistent with
other WordPress code.
* Always use `"production"` mode for the media files to prevent people
from inadvertently committing development files.

Props pento, omarreiss.
Fixes #45065.

Built from https://develop.svn.wordpress.org/branches/5.0@43738


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-17 15:29:26 +00:00
Peter Wilson
bf672769c2 Formatting: Add pre-save content filter to make target=_blank always secure.
Props notnownikki, iseulde, azaozz.
Merges [42770] to the 5.0 branch.
Fixes #43187.

Built from https://develop.svn.wordpress.org/branches/5.0@43732


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-16 04:13:30 +00:00
Felix Arntz
0dde03e3f0 REST API: Move object type-specific metadata integrations from the wrapper functions to the low-level Meta API functions.
Object type-specific actions that should happen before or after modification of metadata have so far been part of the respective wrapper functions. By using action and filter hooks, this changeset ensures they are always executed, even when calling the lower-level Meta API functions directly, which the REST API does as a prime example.

Props flixos90, spacedmonkey.
Fixes #44467.

Built from https://develop.svn.wordpress.org/branches/5.0@43729


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-15 11:46:25 +00:00
Gary Pendergast
bf820c9036 Dashboard: Introduce the "Try Gutenberg" callout.
To encourage folks to prepare for Gutenberg, this new Dashboard box allows site users to easily install and try the Gutenberg plugin now, or to install the Classic Editor plugin before WordPress 5.0 is released.

Props pento, melchoyce, joen, karmatosed, joemcgill, SergeyBiryukov, jorbin, bph, Clorith, afercia, chanthaboune, chrislema, kjellr, matveb, michelleweber.
Fixes #41316.


Built from https://develop.svn.wordpress.org/branches/4.9@43502


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-18 06:42:26 +00:00
Sergey Biryukov
faf5abc16e Privacy: Update request confirmation notice text for clarity.
Props desrosj, melchoyce, garrett-eclipse.
Merges [43232] to the 4.9 branch.
Fixes #43970.
Built from https://develop.svn.wordpress.org/branches/4.9@43233


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 21:05:26 +00:00
Andrew Ozz
f149d8fabc Privacy: Replace intrusive policy update notice with menu bubbles.
Previously, when a plugin updated its suggested privacy policy text, an admin notice was shown on all screens in the Administration Panels. That was done in order to make sure that administrators were aware of it, so that they could update their policy if needed. That was a very heavy-handed and intrusive approach, though, which leads to a poor user experience, and notice fatigue.

An alternative approach is to use bubble notifications in the menu, similar to when plugins have updates that need to be installed. That still makes it obvious that something needs the administrator's attention, but is not as distracting as a notice.

The notice will still appear on the Privacy page, though, since it is relevant to that screen, and provides an explanation of why the bubble is appearing.

Props azaozz, xkon, iandunn.
Merges [43223] to the 4.9 branch.
Fixes #43954. See #43953.
Built from https://develop.svn.wordpress.org/branches/4.9@43225


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 20:08:26 +00:00
Sergey Biryukov
b9bda541d4 Privacy: Notify admin via email when a request is confirmed.
Previously the admin didn't have any way to know if a pending request was ready to be processed, aside from manually checking the Export/Erase pages. Sending them an email is a much more convenient option.

Props garrett-eclipse, desrosj, iandunn.
Merges [43211] to the 4.9 branch.
See #43967.
Built from https://develop.svn.wordpress.org/branches/4.9@43215


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 15:56:25 +00:00
Andrew Ozz
0827e54cc0 Privacy: increase filter priority of the User group in Personal Data Exports.
Props allendav desrosj.
Merges [43195] to the 4.9 branch.
Fixes #43966.
Built from https://develop.svn.wordpress.org/branches/4.9@43196


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 17:13:26 +00:00
Sergey Biryukov
26fdba2c5b Add a checkbox to the comment form so logged out users can opt-out of commenter cookies.
Props lakenh, xkon, birgire, azaozz, johnbillion.
Merges [42772] and [43042] to the 4.9 branch.
See #43436.
Built from https://develop.svn.wordpress.org/branches/4.9@43127


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 22:11:25 +00:00
Sergey Biryukov
a2be0cd32b Privacy: add user information to the personal data export file.
Props TZ-Media, desrosj.
Merges [43055] and [43116] to the 4.9 branch.
See #43547.
Built from https://develop.svn.wordpress.org/branches/4.9@43117


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42946 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 04:21:25 +00:00
Sergey Biryukov
8114ac92ef Privacy: add attachments to the personal data export file.
Props allendav.
Merges [43054] to the 4.9 branch.
See #43883.
Built from https://develop.svn.wordpress.org/branches/4.9@43108


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 03:34:25 +00:00
Sergey Biryukov
c7ac8db6e4 Privacy: add a postbox that is shown when editing the privacy policy page, and where plugins and core will output suggested content and additional privacy info. First run.
Props melchoyce, azaozz.
Merges [42980] to the 4.9 branch.
See #43620.
Built from https://develop.svn.wordpress.org/branches/4.9@43101


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 02:59:25 +00:00
Sergey Biryukov
06dd3449e9 Privacy: Add cron to delete expired export files to protect privacy.
The primary means of protecting the files is the CSPRN appended to the filename, but there is no reason to keep the files after the data subject has downloaded them, so deleting them provides an additional layer of protection. Previously this was done from `wp_privacy_generate_personal_data_export_file()`, but that does not guarantee that it will be run regularly, and on smaller sites that could result in export files being exposed for much longer than necessary.

`wp_privacy_delete_old_export_files()` was moved to a front end file, so that it can be called from `cron.php`.

This introduces the `wp_privacy_export_expiration` filter, which allows plugins to customize how long the exports are kept before being deleted.

`index.html` was added to the `$exclusions` parameter of `list_files()` to make sure that it isn't deleted. If it were, then poorly-configured servers would allow the directory to be traversed, exposing all of the exported files.

Props iandunn, desrosj.
Merges [43046] to the 4.9 branch.
See #43546.
Built from https://develop.svn.wordpress.org/branches/4.9@43095


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 02:33:26 +00:00
Sergey Biryukov
e5b5b15b88 Privacy: update the method to confirm user requests by email. Use a single CPT to store the requests and to allow logging/audit trail.
Props mikejolley.
Merges [43008] to the 4.9 branch.
See #43443.
Built from https://develop.svn.wordpress.org/branches/4.9@43083


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 01:01:25 +00:00
Sergey Biryukov
bcb3a839d1 Privacy: add functionality to anonymize commenters.
Props xkon, fclaussen, allendav, birgire, azaozz.
Merges [42994] to the 4.9 branch.
See #43442.
Built from https://develop.svn.wordpress.org/branches/4.9@43080


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 00:21:25 +00:00
Sergey Biryukov
2f6f41170a Privacy: add functionality for exporting personal data from comments.
Props allendav, xkon.
Merges [42888] to the 4.9 branch.
See #43440.
Built from https://develop.svn.wordpress.org/branches/4.9@43076


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 00:11:24 +00:00
Gary Pendergast
bac5694e88 Dashboard: Remove the "Try Gutenberg" callout.
As eager as we all are to see Gutenberg put before a wider audience, there are still a handful of issues that need to be fixed, which won't be done before the 4.9.5 release.

Reverts [42869].
See #41316.


Built from https://develop.svn.wordpress.org/branches/4.9@42883


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-28 00:18:43 +00:00
Gary Pendergast
61be857c95 Dashboard: Introduce a "Try Gutenberg" callout.
To encourage more people to try Gutenberg, this new Dashboard box allows site users to easily install and try out Gutenberg.

Props pento, melchoyce, joen, karmatosed, joemcgill, SergeyBiryukov, jorbin.

Fixes #41316.


Built from https://develop.svn.wordpress.org/branches/4.9@42869


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-22 00:59:44 +00:00
Gary Pendergast
3cc1a69391 Canonical URLs: Redirect to the correct URL when the post date changes.
When a post slug is changed, we store a copy of the old slug, so that we can redirect visitors visiting the old URL to the new URL.

In the same way, this stores a copy of the old date, when the post date changes, so we can redirect visitors to the new URL.

Merge of [42401,42587,42588] to the 4.9 branch.

Props nickmomrik, frank-klein.
Fixes #15397.


Built from https://develop.svn.wordpress.org/branches/4.9@42589


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-01-24 07:12:39 +00:00
Dion Hulse
3c9f3effb0 Formatting: Do not run formatting and texturization on author bios.
Removes the formatting and texturization added to author bios in #40040 due to back-compatibility concerns.

Reverts [41172], [41173].

Props 0x6f0, rabmalin for review, peterwilsoncc.
Merges [42441] to the 4.9 branch.
Fixes #42578.

Built from https://develop.svn.wordpress.org/branches/4.9@42445


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42275 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-01-15 00:10:42 +00:00
Aaron Jorbin
b8fc8cb59c Dashboard: Remove "Try Gutenberg" callout.
Reverting this for 4.9. It will be added back in a future version of WordPress. This doesn't mean that you shouldn't be trying Gutenberg, just that it isn't ready for a call out to a larger audience. But if you are the type to read commit messages, https://github.com/WordPress/gutenberg could use your pull requests and comments on issues.

Reverts [41931] [41900] [41896] [41895]
See #41316


Built from https://develop.svn.wordpress.org/trunk@41978


git-svn-id: http://core.svn.wordpress.org/trunk@41812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-23 20:48:47 +00:00
Dion Hulse
26f9c6b909 Transients: Clear expired transients from the database in a daily cron task.
Fixes #41699

Built from https://develop.svn.wordpress.org/trunk@41963


git-svn-id: http://core.svn.wordpress.org/trunk@41797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-21 13:22:49 +00:00
Gary Pendergast
3981736cd6 Dashboard: Introduce a "Try Gutenberg" callout.
To encourage more people to try Gutenberg, this new Dashboard box allows site users to easily install and try out Gutenberg.

Props pento, melchoyce, joen, karmatosed.
Fixes #41316.


Built from https://develop.svn.wordpress.org/trunk@41895


git-svn-id: http://core.svn.wordpress.org/trunk@41729 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-18 10:04:47 +00:00
John Blackbourn
50948669eb Users: Revert [41613], [41614], and [41623] as this feature needs some more work.
See #38741

Built from https://develop.svn.wordpress.org/trunk@41753


git-svn-id: http://core.svn.wordpress.org/trunk@41587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 22:17:46 +00:00
John Blackbourn
807bc5a6c9 Users: Introduce the concept of a large site in order to speed up the Users screen when there are many users.
Calling the `count_users()` function is expensive, regardless of the counting strategy that's used, and it gets
slower the more users there are on a site. In order to speed up the Users screen in the admin area, calling
`count_users()` can be avoided entirely while still displaying the total count for users.

This introduces some new functions:

* `wp_is_large_user_count()`
* `wp_get_active_user_count()`
* `wp_update_active_user_count()`

A corresponding `wp_is_large_user_count` filter is also introduced.

Props tharsheblows, johnbillion

Fixes #38741

Built from https://develop.svn.wordpress.org/trunk@41613


git-svn-id: http://core.svn.wordpress.org/trunk@41448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 13:04:47 +00:00
Weston Ruter
84d2c51153 Widgets: Add shortcode support inside Text widgets.
* Used now in core to facilitate displaying inserted media. See #40854.
* The `[embed]` shortcode is not supported because there is no post context for caching oEmbed responses. This depends on #34115.
* Add `do_shortcode()` to the `widget_text_content` filter in the same way it is added for `the_content` at priority 11, with `shortcode_unautop()` called at priority 10 after `wpautop()`.
* For Text widget in legacy mode, manually apply `do_shortcode()` (and `shortcode_unautop()` if auto-paragraph checked) if the core-added `widget_text_content` filter remains, unless a plugin added `do_shortcode()` to `widget_text` to prevent applying shortcodes twice.
* Ensure that global `$post` is `null` while filters apply in the Text widget so shortcode handlers won't run with unexpected contexts.

Props westonruter, nacin, aaroncampbell.
See #40854, #34115.
Fixes #10457.

Built from https://develop.svn.wordpress.org/trunk@41361


git-svn-id: http://core.svn.wordpress.org/trunk@41194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-10 06:33:44 +00:00
Felix Arntz
f6ebc1a80c Role/Capability: Introduce capabilities dedicated to installing and updating language files.
The new meta capabilities are called `install_languages` and `update_languages`. Prior to this change, there were no proper capability checks applied. Instead only the filesystem and related constants were checked, and for actual permissions a rather vague fallback was used where a user needed to have at least one of the other updating capabilities. In addition to being generally more verbose, the new capabilities make it possible for example to allow a user to update languages, but nothing else. By default they fall back to the original way of how they were handled.

Props johnbillion, flixos90.
Fixes #39677.

Built from https://develop.svn.wordpress.org/trunk@41268


git-svn-id: http://core.svn.wordpress.org/trunk@41108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-18 18:31:44 +00:00
Konstantin Obenland
e183d59acb Map nav menu locations on theme switch
This will send nav menu locations through three levels of mapping:
1. If both themes have only one location, that gets mapped.
2. If both themes have locations with the same slug, they get mapped.
3. Locations that (even partially) match slugs from a similar kind of menu location will get mapped.

Menu locations are mapped for Live Previews in the Customizer and during theme switches.

Props westonruter, obenland, welcher, melchoyce.
Fixes #39692.


Built from https://develop.svn.wordpress.org/trunk@41237


git-svn-id: http://core.svn.wordpress.org/trunk@41077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-09 21:04:47 +00:00
John Blackbourn
41f71598f7 Formatting: Introduce get_the_post_type_description() to allow post type archive descriptions to be formatted the same as author and term archives.
Props henry.wright

Fixes #40040

Built from https://develop.svn.wordpress.org/trunk@41232


git-svn-id: http://core.svn.wordpress.org/trunk@41072 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-04 23:01:44 +00:00
John Blackbourn
01e64d9ed0 Formatting: Add formatting and texturization to author descriptions so they match the formatting of term descriptions.
Props henry.wright

Fixes #40040

Built from https://develop.svn.wordpress.org/trunk@41172


git-svn-id: http://core.svn.wordpress.org/trunk@41012 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 15:10:42 +00:00
Weston Ruter
1a005d853f Widgets: Replace adding balanceTags on widget_custom_html_content filter in favor of just applying widget_text filters in the Custom HTML widget.
Ensures that users who copy HTML from the Text widget in legacy mode over to the Custom HTML widget will continue to get all of the same filters applied, including tag balancing and shortcodes, if a plugin added support. Plugins still have the `widget_text_content` and `widget_custom_html_content` filters they can use to target the specific widget types.

Amends [40893].
See #40951.
Fixes #40907 for trunk.

Built from https://develop.svn.wordpress.org/trunk@41086


git-svn-id: http://core.svn.wordpress.org/trunk@40926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-18 22:11:44 +00:00
Weston Ruter
a46d94efeb Widgets: Rename "HTML Code" widget to "Custom HTML" widget.
Correspondingly renames files, ID base from `html_code` to `custom_html`, and the filter from `widget_html_code_content` to `widget_custom_html_content`.

See #40907.

Built from https://develop.svn.wordpress.org/trunk@40926


git-svn-id: http://core.svn.wordpress.org/trunk@40776 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-24 00:00:45 +00:00
Weston Ruter
38db73cff8 Widgets: Add widget dedicated for HTML Code, taking over this role of the Text widget.
Props westonruter, timmydcrawford.
See #40951, #35243.
Fixes #40907.

Built from https://develop.svn.wordpress.org/trunk@40893


git-svn-id: http://core.svn.wordpress.org/trunk@40743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-09 23:54:42 +00:00
Konstantin Obenland
9bbbc719d4 Dashboard: Properly localize data for events
Moves localization to script-loader and removes dependency for two strings.

Props dd32, iandunn.
See #40702.

Built from https://develop.svn.wordpress.org/trunk@40776


git-svn-id: http://core.svn.wordpress.org/trunk@40634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-18 14:34:43 +00:00
Weston Ruter
d8f94986b2 Customize: Keep alive auto-drafts created for page/post stubs when parent changeset is updated, and delete when changeset is garbage-collected.
Props utkarshpatel, westonruter.
See #31089.
Fixes #39715.

Built from https://develop.svn.wordpress.org/trunk@40676


git-svn-id: http://core.svn.wordpress.org/trunk@40539 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 05:37:44 +00:00
Weston Ruter
40ebb188cd Widgets: Extend the Text widget with TinyMCE.
Introduces rich text formatting: bold, italic, lists, links.

Props westonruter, azaozz, timmydcrawford, obenland, melchoyce.
See #35760.
Fixes #35243.

Built from https://develop.svn.wordpress.org/trunk@40631


git-svn-id: http://core.svn.wordpress.org/trunk@40492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-11 18:55:43 +00:00
Weston Ruter
7349c22b73 Customize: Fix clearing of fresh_site option flag when editing sidebars on widgets admin screen.
Amends [38991].
See #38114, #38533.
Fixes #40722.

Built from https://develop.svn.wordpress.org/trunk@40608


git-svn-id: http://core.svn.wordpress.org/trunk@40478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-10 21:25:41 +00:00
Sergey Biryukov
2b48ca580e Embeds: Change the embed_autourls option filter from default_option_* to pre_option_* to avoid a DB query.
The option was removed from core in [21998], but still might be used by plugins.

Props dlh.
Fixes #38924.
Built from https://develop.svn.wordpress.org/trunk@40360


git-svn-id: http://core.svn.wordpress.org/trunk@40267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-01 13:56:43 +00:00
Weston Ruter
15ddaa269e Customize: Bump wp_custom_css_cb from running at wp_head priority 11 to 101 to ensure Custom CSS overrides other CSS.
Aligns `wp_head` action priority with Jetpack's Custom CSS.

Amends [38829].
See #35395, #38672.
Fixes #39270.

Built from https://develop.svn.wordpress.org/trunk@39616


git-svn-id: http://core.svn.wordpress.org/trunk@39556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-16 07:29:42 +00:00
Weston Ruter
e35ac97641 Customize: Remove premature (and verbose) check of fresh_site option due to database not being ready on multisite.
Fixes regression in [38991].
See #38114.

Built from https://develop.svn.wordpress.org/trunk@38994


git-svn-id: http://core.svn.wordpress.org/trunk@38936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-28 03:43:30 +00:00
Weston Ruter
75535c596b Customize: Introduce starter content and site freshness state.
A theme can opt-in for tailored starter content to apply to the customizer when previewing the theme on a fresh install, when `fresh_site` is at its initial `1` value. Starter content is staged in the customizer and does not go live unless the changes are published. Initial starter content is added to Twenty Seventeen.

* The `fresh_site` flag is cleared when a published post or page is saved, when widgets are modified, or when the customizer state is saved.
* Starter content is registered via `starter-content` theme support, where the argument is an array containing `widgets`, `posts`, `nav_menus`, `options`, and `theme_mods`. Posts/pages in starter content are created with the `auto-draft` status, re-using the page/post stubs feature added to nav menus and the static front page controls.
* A `get_theme_starter_content` filter allows for plugins to extend a theme's starter content.
* Starter content in themes can/should re-use existing starter content items in core by using named placeholders.
* Import theme starter content into customized state when fresh site.
* Prevent original_title differences from causing refreshes if title is present.
* Ensure nav menu item url is set according to object when previewing.
* Make sure initial saved state is false if there are dirty settings without an existing changeset.
* Ensure dirty settings are cleaned upon changeset publishing.

Props helen, westonruter, ocean90.
Fixes #38114, #38533.

Built from https://develop.svn.wordpress.org/trunk@38991


git-svn-id: http://core.svn.wordpress.org/trunk@38934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-28 02:57:35 +00:00
Dominik Schilling
7819e2b4ba I18N: Introduce a locale-switching function.
With the introduction of user-specific languages in [38705] it's necessary to be able to switch translations on the fly. For example emails should be sent in the language of the recipient and not the one of the current user.

This introduces a new `WP_Locale_Switcher` class which is used for switching locales and translations. It holds the stack of locales whenever `switch_to_locale( $locale )` is called. With `restore_previous_locale()` you can restore the previous locale. `restore_current_locale()` empties the stack and sets the locale back to the initial value.

`switch_to_locale()` is added to most of core's email functions, either with the value of `get_locale()` (site language) or `get_user_locale()` (user language with fallback to site language).

Props yoavf, tfrommen, swissspidy, pbearne, ocean90.
See #29783.
Fixes #26511.
Built from https://develop.svn.wordpress.org/trunk@38961


git-svn-id: http://core.svn.wordpress.org/trunk@38904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 15:36:31 +00:00
Rachel Baker
2f263fce99 Feeds: Always return a valid timestamp for the Last-Modified header of comment or post feeds.
Fixes bug where an invalid Last-Modified value would be returned in feed requests for sites that had 0 items to return. Comment or post feeds will now return the current timestamp as the Last-Modified header value.  Example: a request for the comments feed for a site without any comments.

Replaced use of the local static variable `$cache_lastcommentmodified` to store the modified date in `get_lastcommentmodified()` with the Object Cache API.  The `get_lastcommentmodified()` function returns early if there is a cached value and returns `false` if there where no comments found. Introduced `_clear_modified_cache_on_transition_comment_status()` to flush the `lastcommentmodified` cache key when a comment enters or leaves approval status. In `get_lastpostmodified()` return early if there is a cached value and return `false` if there are no posts found.

Props swissspidy, rachelbaker, dllh, leobaiano.
Fixes #38027.
Built from https://develop.svn.wordpress.org/trunk@38925


git-svn-id: http://core.svn.wordpress.org/trunk@38868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-25 20:48:29 +00:00
Rachel Baker
e4a7c0a397 REST API: Introduce the Content API endpoints.
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.

Love your REST API, WordPress!  The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"

Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes #38373.
Built from https://develop.svn.wordpress.org/trunk@38832


git-svn-id: http://core.svn.wordpress.org/trunk@38775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-20 02:55:32 +00:00
Weston Ruter
1ccd9e7a6c Customize: Introduce custom CSS for extending theme styles.
* Custom CSS is associated with a given theme and is displayed in an inline `style` element at the `wp_head` hook after the `wp_print_styles` is called so that it overrides any enqueued stylesheets.
* A `wp_get_custom_css()` function is used for accessing the CSS associated with the current theme (or another theme) and a `wp_get_custom_css` filter for manipulating it.
* CSS is managed in customizer via a new "Additional CSS" section with a single `textarea` control. 
* `WP_Customize_Section::$description_hidden` is introduced for hiding extended descriptions in customizer sections behind a help toggle as done with panels.
* CSS is stored in a `custom_css` post type with the theme (stylesheet) slug as the `post_name`.
* `WP_Customize_Custom_CSS_Setting` is introduced to handle validation of CSS, previewing, and persisting the CSS to the `custom_css` post type.
* The `custom_css` setting is tied to a new `unfiltered_css` capability which maps to `unfiltered_html` by default.
* Escaping the message in the notification template is removed to allow markup (`code` tags) to be rendered.

See https://make.wordpress.org/core/2016/10/11/feature-proposal-better-theme-customizations-via-custom-css-with-live-previews/

Props johnregan3, celloexpressions, folletto, westonruter.
Fixes #35395.

Built from https://develop.svn.wordpress.org/trunk@38829


git-svn-id: http://core.svn.wordpress.org/trunk@38772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-19 18:15:31 +00:00
Weston Ruter
f1ba1918c9 Customize: Implement customized state persistence with changesets.
Includes infrastructure developed in the Customize Snapshots feature plugin.

See https://make.wordpress.org/core/2016/10/12/customize-changesets-technical-design-decisions/

Props westonruter, valendesigns, utkarshpatel, stubgo, lgedeon, ocean90, ryankienstra, mihai2u, dlh, aaroncampbell, jonathanbardo, jorbin.
See #28721.
See #31089.
Fixes #30937.
Fixes #31517.
Fixes #30028.
Fixes #23225.
Fixes #34142.
Fixes #36485.

Built from https://develop.svn.wordpress.org/trunk@38810


git-svn-id: http://core.svn.wordpress.org/trunk@38753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-18 20:05:31 +00:00
Boone Gorges
0bdfa2ab1e Comments: Abstract die() calls from comment submission routine.
Since 4.4, comment submission has been mostly abstracted into a function,
rather than being processed inline in wp-comments-post.php. This change
made it easier to write automated tests against the bulk of the comment
submission process. `wp_allow_comment()` remained untestable, however:
when a comment failed one of its checks (flooding, duplicates, etc),
`die()` or `wp_die()` would be called directly. This shortcoming posed
problems for any application attempting to use WP's comment verification
functions in an abstract way - from PHPUnit to the REST API.

The current changeset introduces a new parameter, `$avoid_die`, to the
`wp_new_comment()` stack. When set to `true`, `wp_new_comment()` and
`wp_allow_comment()` will return `WP_Error` objects when a comment check
fails. When set to `false` - the default, for backward compatibility -
a failed check will result in a `die()` or `wp_die()`, as appropriate.

Prior to this changeset, default comment flood checks took place in the
function `check_comment_flood_db()`, which was hooked to the
'check_comment_flood' action. This design allowed the default comment
flood routine to be bypassed or replaced using `remove_action()`.
In order to maintain backward compatibility with this usage, while
simultaneously converting the comment flood logic into something that
returns a value rather than calling `die()` directly,
`check_comment_flood_db()` has been changed into a wrapper function for
a call to `add_filter()`; this, in turn, adds the *actual* comment flood
check to a new filter, 'wp_is_comment_flood'. Note that direct calls
to `check_comment_flood_db()` will no longer do anything in isolation.

Props websupporter, rachelbaker.
Fixes #36901.
Built from https://develop.svn.wordpress.org/trunk@38778


git-svn-id: http://core.svn.wordpress.org/trunk@38721 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-11 03:43:28 +00:00
Dominik Schilling
c73c23c423 Resource Hints: Increase priority of wp_resource_hints() so hints get printed before scripts and styles.
Also run `wp_resource_hints()` on the login screen and in the customizer. 

Props swissspidy.
Fixes #37317.
Built from https://develop.svn.wordpress.org/trunk@38046


git-svn-id: http://core.svn.wordpress.org/trunk@37987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-13 12:54:28 +00:00
Peter Wilson
b9b69676d8 Embeds: Include locale stylesheets after default styles.
Fire `locale_stylesheet` action after the `wp_print_styles` action in the embeds header to match the order in `wp_head`.

Props swissspidy.
Fixes #36839.

Built from https://develop.svn.wordpress.org/trunk@38010


git-svn-id: http://core.svn.wordpress.org/trunk@37951 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-08 06:07:33 +00:00