While messages passed to `wp.speak.a11y()` should preferably be meaningful,
short, and carefully crafted case by case, this will ensure any HTML tags will
be stripped out from the message string.
Props adamsilverstein.
Fixes#37382.
Built from https://develop.svn.wordpress.org/trunk@38115
git-svn-id: http://core.svn.wordpress.org/trunk@38056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `IMAGE_EDIT_OVERWRITE` is set to true, edited image files are
supposed to be deleted when an image is restored to the original.
However, when an image was edited more than once, and then restored,
files created during previous edits were left behind.
Fixes this behavior by updating `wp_save_image()` to clean up
leftover images after each edit when `IMAGE_EDIT_OVERWRITE` is true.
Props bradt, chriscct7, joemcgill.
Fixes#32171.
Built from https://develop.svn.wordpress.org/trunk@38113
git-svn-id: http://core.svn.wordpress.org/trunk@38054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Externally hosted script and style dependencies trigger `dns-prefetch` hinting only when enqueued. This removed a bug in which hinting was added on registration.
Renames the function `wp_resource_hints_scripts_styles` to `wp_dependencies_unique_hosts` as the function provides the hosts, not the hinting.
Props swissspidy.
Fixes#37385.
Built from https://develop.svn.wordpress.org/trunk@38100
git-svn-id: http://core.svn.wordpress.org/trunk@38041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to the introduction of `WP_Term_Query`, the 'orderby' clause
passed to the 'terms_clauses' filter was prefixed by `ORDER BY`. After
`WP_Term_Query`, this was not the case; `ORDER BY` was added after the
filter. As such, plugins filtering 'terms_clauses' and returning an
'orderby' clause beginning with `ORDER BY` resulted in invalid syntax
when `WP_Term_Query` prepended a second `ORDER BY` keyword to
the clause.
This changeset rearranges the way the 'orderby' clause is built so that
it will be passed to 'terms_clauses' in the previous format.
Fixes#37378.
Built from https://develop.svn.wordpress.org/trunk@38099
git-svn-id: http://core.svn.wordpress.org/trunk@38040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Registration is now based solely on object type, which allows the code around this to be simplified significantly.
In the process of making this adjustment:
* `register_meta()`, `unregister_meta_key()`, `get_registered_metadata()`, and `registered_meta_key_exists()` no longer return `WP_Error` objects.
* The recently introduced `wp_object_type_exists()` function and the restriction on object type has been removed.
Note: No guarantee of uniqueness is made across object subtypes. Registered meta keys should be uniquely prefixed to avoid conflict.
Fixes#35658.
Built from https://develop.svn.wordpress.org/trunk@38095
git-svn-id: http://core.svn.wordpress.org/trunk@38036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Both list tables provide different actions based on where they are loaded, regular admin or network admin. Since there is only one Ajax handler for both screens we have to set the current screen before using the list tables.
Props swissspidy, ocean90.
Fixes#37373.
Built from https://develop.svn.wordpress.org/trunk@38091
git-svn-id: http://core.svn.wordpress.org/trunk@38032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This includes a new test in the emoji loader, to see if the browser supports rendering Unicode 9.0 emoji, as well as an update to `twemoji.js`, to load Unicode 9.0 twemoji images.
The default CDN location for loading Twemoji images has changed, moving to a versioned subdirectory. This allows updates without needing to purge the CDN.
Fixes#37361.
Built from https://develop.svn.wordpress.org/trunk@38087
git-svn-id: http://core.svn.wordpress.org/trunk@38028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `$size` is passed to `image_get_intermediate_size()` as an array of width
and height values and an exact image size matching those values isn't available,
the function loops through the available attachment sizes and returns the
smallest image larger than the requested dimensions with the same aspect ratio.
The aspect ratio check is skipped for the 'thumbnail' size to provide a fallback
for small sizes when no other image option is available. This resulted in a poor
selection when the size requested was smaller than the 'thumbnail' dimensions
but a larger size matching the requested ratio existed.
This refactors the internals of `image_get_intermediate_size()` to ensure the
'thumbnail' size is only returned as a fallback to small sizes once all other
options have been considered, and makes the control flow easier to follow.
This also introduces a new helper function, `wp_image_matches_ratio()` for
testing whether the aspect ratios of two sets of dimensions match. This function
is also now used in `wp_calculate_image_srcset()` during the selection process.
Props flixos, joemcgill.
Fixes#34384, #34980.
Built from https://develop.svn.wordpress.org/trunk@38086
git-svn-id: http://core.svn.wordpress.org/trunk@38027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improves the `containFocus()` function to always get the correct first and last
focusable elements, even when the theme browser shows the active theme details.
Also, when on the first and last theme, adds a `disabled` attribute on the
previous and next navigation buttons to make them not focusable.
Fixes#37383.
Built from https://develop.svn.wordpress.org/trunk@38084
git-svn-id: http://core.svn.wordpress.org/trunk@38025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Remove title attributes.
* Show "Install Now" and "Details" links if the importer isn't installed yet.
* Show a "Run Importer" link if the importer is installed. It also handles activation if the plugin isn't activated.
* Add `aria-label` attributes to each link.
* Unify the importer descriptions to make them independent from the plugin state. The API was changed in [meta3690].
* Adjust JavaScript callbacks for ajaxified importer installs.
Props afercia, swissspidy, ocean90.
See #24766.
Fixes#35191.
Built from https://develop.svn.wordpress.org/trunk@38075
git-svn-id: http://core.svn.wordpress.org/trunk@38016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36874] changed the `get_term()` call so that no `$taxonomy` parameter
was passed, as 4.4 made the parameter optional. This change made it
impossible to access a shared term that has not yet been splitr, since
passing an ambiguous `$term_id` to `get_term()` results in an error.
Restoring the `$taxonomy` parameter fixes the regression.
Props alleynoah, dlh.
Fixes#37205.
Built from https://develop.svn.wordpress.org/trunk@38069
git-svn-id: http://core.svn.wordpress.org/trunk@38010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, when inserting an image from a URL, leaving the `alt`
field blank in the media modal would result in an image being
inserted into the editor without an `alt` attribute, rather than
an empty `alt`. This happened because the `props.type` would not
get set in `wp.media.string.props()` — because `attachment` is
undefined in this case — causing the image fallbacks to get
skipped.
This fixes the issue by explicitly setting `props.type` to 'image'
in `wp.media.string.image()` before filling out the rest of the
properties.
Props ambrosey, dabnpits.
Fixes#36735.
Built from https://develop.svn.wordpress.org/trunk@38065
git-svn-id: http://core.svn.wordpress.org/trunk@38006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, `wp_mail()` implemented Reply-To as a generic header, using
PHPMailer's `addCustomHeader()`. As such, the email address portion of
the header was being incorrectly encoded when the name portion
contained UTF-8 characters. Switching to PHPMailer's more specific
`addReplyTo()` method fixes the issue.
For greater readability, the handling of all address-related headers
(To, CC, BCC, Reply-To) has been standardized.
Props szepe.viktor, iandunn, bpetty, stephenharris.
Fixes#21659.
Built from https://develop.svn.wordpress.org/trunk@38058
git-svn-id: http://core.svn.wordpress.org/trunk@37999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_HTTP_Proxy()` is used directly in `WP_Http_Curl()` and `WP_Http_Streams()`. Since `WP_Http::request()` doesn't use them anymore we have to move the proxy handling into `WP_Http::request()` so the proxy data can be passed to `Requests::request()`.
Props rmccue.
See #33055.
Fixes#37107.
Built from https://develop.svn.wordpress.org/trunk@38054
git-svn-id: http://core.svn.wordpress.org/trunk@37995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In some cases, images in the media library may contain spaces in
their filenames. This results in an invalid `srcset` attribute,
causing broken images on the front end. This change fixes the issue
by replacing spaces in URLs with URL encoded '%20' characters before
returning the `srcset` string.
Props underdude, joemcgill.
Fixes#36549.
Built from https://develop.svn.wordpress.org/trunk@38052
git-svn-id: http://core.svn.wordpress.org/trunk@37993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use `wp_kses()` to clean comment_content for preg_match against the blacklist_keys. Also includes some initial unit tests for `wp_blacklist_check()`.
Previously, if a blacklisted key was used in comment_content split by an html tag the regex in `wp_blacklist_check()` would not find a match. Example: Where "springfield" was a blacklisted word, if the content of a comment included `spring<i>field</i>" `wp_blacklist_check()` would not return true.
Props cfinke.
Fixes#37208.
Built from https://develop.svn.wordpress.org/trunk@38047
git-svn-id: http://core.svn.wordpress.org/trunk@37988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When using `register_meta()` with the function signature from 4.5 and earlier, the `auth_{$type}_meta_{$key}` and `sanitize_{$type}_meta_{$key}` filters are used. Any calls to `register_meta()` expecting this behavior should continue to work. The new filters, which take advantage of object subtypes, should not be added unless the proper `$args` array is passed.
See #35658.
Built from https://develop.svn.wordpress.org/trunk@38041
git-svn-id: http://core.svn.wordpress.org/trunk@37982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If auth and/or sanitize callbacks are specified in the arguments for
`register_meta()`, filters are added to handle these callbacks. These
should be removed when calling `unregister_meta_key()` to avoid
unintentional filtering.
See #35658.
Built from https://develop.svn.wordpress.org/trunk@38040
git-svn-id: http://core.svn.wordpress.org/trunk@37981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Don't lower memory limit if the current limit is greater than `WP_MAX_MEMORY_LIMIT`.
* Set `WP_MEMORY_LIMIT` and `WP_MAX_MEMORY_LIMIT` to current limit if the `memory_limit` setting can't be changed at runtime.
* Use `wp_convert_hr_to_bytes()` when parsing the value of the `memory_limit` setting because it can be a shorthand or an integer value.
* Introduce `wp_raise_memory_limit( $context )` to raise the PHP memory limit for memory intensive processes. This DRYs up some logic and includes the existing `admin_memory_limit` and `image_memory_limit` filters. The function can also be used for custom contexts, the `{$context}_memory_limit` filter allows to customize the limit.
* Introduce `wp_is_ini_value_changeable( $setting )` to determine whether a PHP ini value is changeable at runtime.
* Remove a `function_exists( 'memory_get_usage' )` check. Since PHP 5.2.1 support for memory limit is always enabled.
Related commits: [38011-38013]
Props jrf, A5hleyRich, swissspidy, ocean90.
Fixes#32075.
Built from https://develop.svn.wordpress.org/trunk@38015
git-svn-id: http://core.svn.wordpress.org/trunk@37956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_convert_hr_to_bytes()` was previously defined in wp-includes/media.php because it's only used by `wp_max_upload_size()` in the same file.
Moving this function to load.php allows us to improve core's memory limit handling.
See #32075.
Built from https://develop.svn.wordpress.org/trunk@38012
git-svn-id: http://core.svn.wordpress.org/trunk@37953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, if a user was added with the checkbox for no confirmation selected and an error was then encountered in `wpmu_activate_signup()`, a fatal error would trigger because `$new_user` was a `WP_Error` object rather than a user.
Fixes#37223.
Built from https://develop.svn.wordpress.org/trunk@38007
git-svn-id: http://core.svn.wordpress.org/trunk@37948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When comment IDs are fetched from the cache rather than the database,
the subsequent `SELECT FOUND_ROWS()` query will not return the correct value.
To avoid unnecessary queries, we cache the results of the `found_comments`
query alongside the comment IDs.
Props spacedmonkey.
Fixes#37184.
Built from https://develop.svn.wordpress.org/trunk@38001
git-svn-id: http://core.svn.wordpress.org/trunk@37942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In doing this, non-core object types are no longer forcibly blocked and are instead checked against `wp_object_type_exists()` which has a filterable return value. Still, filter that at your own risk.
props Faison for the initial patch.
see 35658.
Built from https://develop.svn.wordpress.org/trunk@37991
git-svn-id: http://core.svn.wordpress.org/trunk@37932 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The array-compatibility object we started returning in r37428 unfortunately isn't enough like an array. In particular, `is_array()` checks fail, despite the object implementing ArrayAccess. Mea culpa.
This moves the WP_HTTP_Response object to a new http_response key in the array, and changes the value back to an actual array.
Fixes#37097.
See #33055.
Built from https://develop.svn.wordpress.org/trunk@37989
git-svn-id: http://core.svn.wordpress.org/trunk@37930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When enabled, the switch would override the theme's pseudo-plural `'% Comments'` string with a correct form of `_n( '%s Comment', '%s Comments', $number )`.
Historically, `comments_popup_link()` and `get_comments_number_text()` did not support plural forms and used a pseudo-plural style instead, so some locales were forced to come up with workarounds to display the number of comments in their language correctly.
This change should make those functions more i18n-friendly.
Fixes#13651.
Built from https://develop.svn.wordpress.org/trunk@37987
git-svn-id: http://core.svn.wordpress.org/trunk@37928 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `wp_calculate_image_srcset()` we get an array of image sizes
associated with an attachment and then add the original image's
information to the array before processing the `srcset`. In doing
so, we set the original data to a `$image_sizes['full']` key, which
could stomp on any custom image sizes using `full` as a size name.
This avoid the issues by adding the original data without a named
key, which is never referenced anyway.
Props jaspermdegroot.
Fixes#36345.
Built from https://develop.svn.wordpress.org/trunk@37986
git-svn-id: http://core.svn.wordpress.org/trunk@37927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_plugin_update_rows()` and `wp_theme_update_rows()` are using the site transients `update_plugins` and `update_themes` which are set by `wp_update_plugins()` and `wp_update_themes()`. Both functions are hooked into `load-plugins.php` and `load-themes.php`. Therefore the update rows need to be registered after the transients were populated.
See #13071.
Built from https://develop.svn.wordpress.org/trunk@37978
git-svn-id: http://core.svn.wordpress.org/trunk@37919 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The plugin details modal has been greatly improved in [37714]. However, Shiny Updates aren't yet implemented on the Dashboard. Therefore, we need to fall back to The Bleak Screen of Sadness. Otherwise nothing happens when trying to install an update from inside the modal.
Fixes#37131. See #37126.
Built from https://develop.svn.wordpress.org/trunk@37974
git-svn-id: http://core.svn.wordpress.org/trunk@37915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The plugin details modal has been greatly improved in [37714]. However, Shiny Updates aren't yet implemented on the WordPress Updates screen. Therefore, we need to fall back to The Bleak Screen of Sadness. Otherwise nothing happens when trying to install an update from inside the modal.
Props Nikschavan.
Fixes#37126.
Built from https://develop.svn.wordpress.org/trunk@37973
git-svn-id: http://core.svn.wordpress.org/trunk@37914 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The HTML for the toggle gets appended to the widget name which is later used for the widget title and the screen reader text of the toggle button. Storing the original widget name in the arguments allows us to use the name without the HTML for the screen reader text and doesn't require further changes by plugin developers.
Props nicholas_io, swissspidy.
Fixes#35021.
Built from https://develop.svn.wordpress.org/trunk@37972
git-svn-id: http://core.svn.wordpress.org/trunk@37913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Use the same check for a numeric value used on the crop fields on all the other fields: don't display "NaN", just empty the field.
* Remove the inline script that runs the initialization of the image editor and call it after the editor UI is fully ready.
Props afercia.
Fixes#36316.
Built from https://develop.svn.wordpress.org/trunk@37966
git-svn-id: http://core.svn.wordpress.org/trunk@37907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`register_uninstall_hook()` is designed to be given a function callback (or a static class variable), not an array/object instance. This got blocked in [16339] but the option itself was never cleaned up.
Props polevaultweb.
Fixes#31625.
Built from https://develop.svn.wordpress.org/trunk@37965
git-svn-id: http://core.svn.wordpress.org/trunk@37906 1a063a9b-81f0-0310-95a4-ce76da25c4cd