Commit Graph

1471 Commits

Author SHA1 Message Date
Rachel Baker
e4a7c0a397 REST API: Introduce the Content API endpoints.
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.

Love your REST API, WordPress!  The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"

Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes #38373.
Built from https://develop.svn.wordpress.org/trunk@38832


git-svn-id: http://core.svn.wordpress.org/trunk@38775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-20 02:55:32 +00:00
Jeremy Felt
1560fbcbc5 Multisite: Use get_network() and get_current_network_id() for current network data.
`get_network()` falls back to the current network when called without any arguments. Between this and `get_current_network_id()`, we can replace almost all instances of the global `$current_site` and all instances of `get_current_site()`.

This effectively deprecates `get_current_site()`, something that we'll do in a future ticket.

Props flixos90.
Fixes #37414.

Built from https://develop.svn.wordpress.org/trunk@38814


git-svn-id: http://core.svn.wordpress.org/trunk@38757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-19 04:47:30 +00:00
Weston Ruter
f1ba1918c9 Customize: Implement customized state persistence with changesets.
Includes infrastructure developed in the Customize Snapshots feature plugin.

See https://make.wordpress.org/core/2016/10/12/customize-changesets-technical-design-decisions/

Props westonruter, valendesigns, utkarshpatel, stubgo, lgedeon, ocean90, ryankienstra, mihai2u, dlh, aaroncampbell, jonathanbardo, jorbin.
See #28721.
See #31089.
Fixes #30937.
Fixes #31517.
Fixes #30028.
Fixes #23225.
Fixes #34142.
Fixes #36485.

Built from https://develop.svn.wordpress.org/trunk@38810


git-svn-id: http://core.svn.wordpress.org/trunk@38753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-18 20:05:31 +00:00
Gary Pendergast
f6d85de626 Charset: Allow _canonical_charset() to handle mixed-case strings.
Add improved unit tests, and collect existing unit tests together.

Props pbearne.
Fixes #38337.


Built from https://develop.svn.wordpress.org/trunk@38809


git-svn-id: http://core.svn.wordpress.org/trunk@38752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-17 23:54:30 +00:00
Pascal Birchler
ffdef38f5b Date/Time: Remove some legacy logic in date_i18n().
Since there's no difference between using `date()` and `gmdate()` in WordPress, we can simply use the former in `date_i18n()` to reduce its complexity.

Adds tests.

Props jdgrimes for initial patch.
Fixes #37910.
Built from https://develop.svn.wordpress.org/trunk@38804


git-svn-id: http://core.svn.wordpress.org/trunk@38747 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-17 08:10:30 +00:00
Dominik Schilling
30573dc7b2 Add 'urn' to the list of URI protocols whitelisted by default.
Props geekysoft, jorbin.
Fixes #37300.
Built from https://develop.svn.wordpress.org/trunk@38686


git-svn-id: http://core.svn.wordpress.org/trunk@38629 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-30 13:15:28 +00:00
Pascal Birchler
cfa32db674 Docs: Improve parameter description for wp_parse_args().
Props dimadin for initial patch.
Fixes #38167.
Built from https://develop.svn.wordpress.org/trunk@38670


git-svn-id: http://core.svn.wordpress.org/trunk@38613 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-28 08:41:29 +00:00
Jeremy Felt
58f107fa95 Multisite: Revert [38388].
Restore `get_current_site()` to a multisite only function. Providing this in single site may be a possibility in the future, but should have a dedicated ticket and discussion.

See #37699.

Built from https://develop.svn.wordpress.org/trunk@38636


git-svn-id: http://core.svn.wordpress.org/trunk@38579 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-20 21:39:29 +00:00
Jeremy Felt
63664c1282 Multisite: Use get_networks() in get_main_network_id().
The manual query for the main network ID can now be replaced with a cached `get_networks()` query. This allows us to eliminate the `primary_network_id` cache key entirely.

Props spacedmonkey.
Fixes #37218.

Built from https://develop.svn.wordpress.org/trunk@38632


git-svn-id: http://core.svn.wordpress.org/trunk@38575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-20 18:47:27 +00:00
Sergey Biryukov
9c6da56cc7 Docs: Use a third-person singular verb for smilies filter added in [38504].
See #35905.
Built from https://develop.svn.wordpress.org/trunk@38608


git-svn-id: http://core.svn.wordpress.org/trunk@38551 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-14 21:53:29 +00:00
John Blackbourn
3afaf2147c Formatting: Don't send an HTTP status code in wp_send_json() by default. This avoids clobbering an HTTP status code that may have been set prior to calling this function.
Props westonruter
See #35666

Built from https://develop.svn.wordpress.org/trunk@38576


git-svn-id: http://core.svn.wordpress.org/trunk@38519 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-08 13:45:34 +00:00
Drew Jaynes
f0bb2bc3c0 Docs: Update the $message parameter for _default_wp_die_handler() to notate that it can also accept a WP_Error object.
Additionally, update the `$message` parameter description in the DocBlock for `wp_die()` to make it explicitly clear messages derived from a passed `WP_Error` object will only be evaluated if not performing an Ajax or XML-RPC request (as both default handlers completely ignore `WP_Error` object messages).

See #37770.

Built from https://develop.svn.wordpress.org/trunk@38518


git-svn-id: http://core.svn.wordpress.org/trunk@38459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-04 03:41:31 +00:00
Sergey Biryukov
8682603166 Docs: Correct @since entry for the smilies filter added in [38504].
See #35905.
Built from https://develop.svn.wordpress.org/trunk@38505


git-svn-id: http://core.svn.wordpress.org/trunk@38446 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-02 00:08:30 +00:00
Gary Pendergast
cce2ffaed5 Smilies: Add the smilies filter.
This new filter allows the smilies array to be modified with a filter, instead of having to directly access the global.

Props mte90, jorbin.
Fixes #35905.


Built from https://develop.svn.wordpress.org/trunk@38504


git-svn-id: http://core.svn.wordpress.org/trunk@38445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-02 00:00:30 +00:00
Scott Taylor
a3ffebce30 Bootstrap: do not go gentle into that good night r38411, r38412, and parts of r38389.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38470


git-svn-id: http://core.svn.wordpress.org/trunk@38411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 16:31:29 +00:00
Scott Taylor
7e8d7f8a81 General: revert [38386], functions.php was probably too tempting for some people to not load by itself.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38469


git-svn-id: http://core.svn.wordpress.org/trunk@38410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 15:24:29 +00:00
John Blackbourn
348c50b2a8 Formatting: Add a parameter to wp_send_json_error(), wp_send_json_success(), and wp_send_json() for specifying the HTTP response code.
Defaults to `200` in all cases, but can be used, for example, to return a `403` when using `wp_send_json_error()`.

Fixes #35666
Props stephenharris

Built from https://develop.svn.wordpress.org/trunk@38422


git-svn-id: http://core.svn.wordpress.org/trunk@38363 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-28 17:42:28 +00:00
John Blackbourn
a1d61a95e1 Security: Return a 403 instead of a 200 HTTP status when check_ajax_referer() fails.
This is, unfortunately, untestable in the current test suite, even in the AJAX tests.

Fixes #36362

Built from https://develop.svn.wordpress.org/trunk@38421


git-svn-id: http://core.svn.wordpress.org/trunk@38362 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-28 17:31:30 +00:00
Scott Taylor
390ceba6c7 Bootstrap: after r38409 and r38410, revert r38402 which reverted r38399.
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38411


git-svn-id: http://core.svn.wordpress.org/trunk@38352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 22:32:37 +00:00
Dion Hulse
0e31a46161 Bootstrap: Revert [38399] as it's broken /build/ and subsequently core.svn.wordpress.org.
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.

See #36335

Built from https://develop.svn.wordpress.org/trunk@38402


git-svn-id: http://core.svn.wordpress.org/trunk@38343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 14:37:32 +00:00
Scott Taylor
6a529648cf Bootstrap: Autoload classes using a Composer-generated PHP 5.2-compatible Autoloader.
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.

The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php

We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php

When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.

The future is now.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38399


git-svn-id: http://core.svn.wordpress.org/trunk@38340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 09:15:29 +00:00
Scott Taylor
08233c6aff Multisite: move get_current_site() to load.php so that it can be used in more places, instead of importing global $current_site.
See #37699.

Built from https://develop.svn.wordpress.org/trunk@38388


git-svn-id: http://core.svn.wordpress.org/trunk@38329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 21:35:30 +00:00
Scott Taylor
b9f516e55e Bootstrap: load option.php in wp-settings.php, not in functions.php.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38386


git-svn-id: http://core.svn.wordpress.org/trunk@38327 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 21:11:29 +00:00
Andrew Ozz
15edc78f6f TinyMCE: fix toolbars alignment in RTL.
Fixes #37760 for trunk.
Built from https://develop.svn.wordpress.org/trunk@38349


git-svn-id: http://core.svn.wordpress.org/trunk@38290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-25 01:20:30 +00:00
Sergey Biryukov
d64e4beb67 I18N: Add translator comments for strings in wp-includes/functions.php.
Props ramiy.
Fixes #37802.
Built from https://develop.svn.wordpress.org/trunk@38344


git-svn-id: http://core.svn.wordpress.org/trunk@38285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-23 23:48:28 +00:00
Scott Taylor
b7812bd416 AJAX: add a new function, wp_doing_ajax(), which can replace... (wait for it...) DOING_AJAX checks via the constant.
Props Mte90, sebastian.pisula, swissspidy.
Fixes #25669.

Built from https://develop.svn.wordpress.org/trunk@38334


git-svn-id: http://core.svn.wordpress.org/trunk@38275 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-23 14:33:30 +00:00
Scott Taylor
7b30193bb7 General: remove variable set needlessly in wp_check_jsonp_callback().
See #37771.

Built from https://develop.svn.wordpress.org/trunk@38308


git-svn-id: http://core.svn.wordpress.org/trunk@38249 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-22 20:51:30 +00:00
Scott Taylor
7ac88c02fa Media: when calling pathinfo(), also pass a PATHINFO_* constant to avoid array notices for unset keys.
Props JaworskiMatt.
Fixes #37608.

Built from https://develop.svn.wordpress.org/trunk@38294


git-svn-id: http://core.svn.wordpress.org/trunk@38235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-20 23:36:28 +00:00
Helen Hou-Sandí
6d28c85bc7 System fonts: Don't quote single-word font names, per our coding standards.
props ocean90, netweb.
see #36753.

Built from https://develop.svn.wordpress.org/trunk@38152


git-svn-id: http://core.svn.wordpress.org/trunk@38093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-26 16:39:30 +00:00
Drew Jaynes
6cc13f0c54 Docs: Fix formatting, tense, verb conjugation, and other syntax for wp-includes/* elements introduced or changed in 4.6.
Part 1/2.

See #37318.

Built from https://develop.svn.wordpress.org/trunk@38121


git-svn-id: http://core.svn.wordpress.org/trunk@38062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-20 16:57:32 +00:00
Jeremy Felt
30851d1186 Meta: Remove object subtype handling from register_meta().
Registration is now based solely on object type, which allows the code around this to be simplified significantly.

In the process of making this adjustment:

* `register_meta()`, `unregister_meta_key()`, `get_registered_metadata()`, and `registered_meta_key_exists()` no longer return `WP_Error` objects.
* The recently introduced `wp_object_type_exists()` function and the restriction on object type has been removed.

Note: No guarantee of uniqueness is made across object subtypes. Registered meta keys should be uniquely prefixed to avoid conflict.

Fixes #35658.

Built from https://develop.svn.wordpress.org/trunk@38095


git-svn-id: http://core.svn.wordpress.org/trunk@38036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-18 21:16:29 +00:00
John Blackbourn
3a7137a7a5 Meta: Add a missing @since param for wp_object_type_exists().
See #35658

Built from https://develop.svn.wordpress.org/trunk@38038


git-svn-id: http://core.svn.wordpress.org/trunk@37979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-12 13:21:29 +00:00
Drew Jaynes
6c7148943b Docs: Standardize capitalization of Ajax throughout core documentation per the core spelling guide.
Ajax, while considered an acronym for Asynchronous JavaScript and XML, is most commonly capitalized only in the first character.

Part props ocean90.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@38028


git-svn-id: http://core.svn.wordpress.org/trunk@37969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-10 00:51:30 +00:00
Dominik Schilling
aa561e67a1 Bootstrap: Enhance core's memory limit handling.
* Don't lower memory limit if the current limit is greater than `WP_MAX_MEMORY_LIMIT`.
* Set `WP_MEMORY_LIMIT` and `WP_MAX_MEMORY_LIMIT` to current limit if the `memory_limit` setting can't be changed at runtime.
* Use `wp_convert_hr_to_bytes()` when parsing the value of the `memory_limit` setting because it can be a shorthand or an integer value.
* Introduce `wp_raise_memory_limit( $context )` to raise the PHP memory limit for memory intensive processes. This DRYs up some logic and includes the existing `admin_memory_limit` and `image_memory_limit` filters. The function can also be used for custom contexts, the `{$context}_memory_limit` filter allows to customize the limit.
* Introduce `wp_is_ini_value_changeable( $setting )` to determine whether a PHP ini value is changeable at runtime.
* Remove a `function_exists( 'memory_get_usage' )` check. Since PHP 5.2.1 support for memory limit is always enabled.

Related commits: [38011-38013]

Props jrf, A5hleyRich, swissspidy, ocean90.
Fixes #32075.
Built from https://develop.svn.wordpress.org/trunk@38015


git-svn-id: http://core.svn.wordpress.org/trunk@37956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-08 14:37:30 +00:00
Helen Hou-Sandí
5a2ffe61f6 Meta: Make registration error conditions return consistently.
In doing this, non-core object types are no longer forcibly blocked and are instead checked against `wp_object_type_exists()` which has a filterable return value. Still, filter that at your own risk.

props Faison for the initial patch.
see 35658.

Built from https://develop.svn.wordpress.org/trunk@37991


git-svn-id: http://core.svn.wordpress.org/trunk@37932 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-06 18:09:32 +00:00
Sergey Biryukov
139387b7e5 Docs: Use 3-digit, x.x.x-style semantic versioning for _doing_it_wrong(), _deprecated_function(), _deprecated_argument(), and _deprecated_file() throughout core.
Props metodiew.
Fixes #36495.
Built from https://develop.svn.wordpress.org/trunk@37985


git-svn-id: http://core.svn.wordpress.org/trunk@37926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-06 12:40:29 +00:00
Sergey Biryukov
de1fab0b66 I18N: Adjust the regex in wp_maybe_decline_date() to avoid \w and \b, as they don't work with Unicode characters correctly in PHP 5.3.3 and earlier versions.
See [37975] for unit tests.

See #36790.
Built from https://develop.svn.wordpress.org/trunk@37979


git-svn-id: http://core.svn.wordpress.org/trunk@37920 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-05 21:43:30 +00:00
Dominik Schilling
9b893cd558 General: Return "O B" when passing 0 to size_format().
Props swissspidy.
Fixes #36635.
Built from https://develop.svn.wordpress.org/trunk@37962


git-svn-id: http://core.svn.wordpress.org/trunk@37903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-05 10:36:30 +00:00
Gary Pendergast
2d6b9ca91b General: Remove the Pragma header from responses.
`Pragma` is supposed to be a request header, but we've been including it in responses since the beginning of time.

This is a relic dating all the way back to b2, probably originally added because Internet Explorer version 5 and earlier didn't understand the `Cache-Control` header in responses, but they did (incorrectly) obey the `Pragma` header.

Internet Explorer 6 and 7 will obey the `Pragma` response header only if no other cache-related response headers are present (in our case, they are always present), and all other browsers ignore the `Pragma` response header.

Props geekysoft.
Fixes #37250.


Built from https://develop.svn.wordpress.org/trunk@37944


git-svn-id: http://core.svn.wordpress.org/trunk@37885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-04 04:02:31 +00:00
Jeremy Felt
858fb83f57 Docs: Remove duplicate text for is_main_site() parameter.
Props Kenshino.
Fixes #37241.

Built from https://develop.svn.wordpress.org/trunk@37932


git-svn-id: http://core.svn.wordpress.org/trunk@37873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-30 17:17:28 +00:00
Jeremy Felt
6f3f00ea97 Multisite: Change WP_Network id property to an integer.
For consistency and developer sanity.

Props flixos90.
Fixes #37050.

Built from https://develop.svn.wordpress.org/trunk@37870


git-svn-id: http://core.svn.wordpress.org/trunk@37811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-26 14:26:29 +00:00
Sergey Biryukov
b0bb179da7 I18N: Adjust the regex in wp_maybe_decline_date() to handle word boundaries correctly.
Props semil.
Fixes #36790.
Built from https://develop.svn.wordpress.org/trunk@37717


git-svn-id: http://core.svn.wordpress.org/trunk@37683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-15 17:45:30 +00:00
Sergey Biryukov
70984aeb6f In size_format() and wp_convert_bytes_to_hr(), replace kB with KB for consistency with other units.
Props Presskopp, dashaluna.
Fixes #37037.
Built from https://develop.svn.wordpress.org/trunk@37702


git-svn-id: http://core.svn.wordpress.org/trunk@37668 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-14 21:41:28 +00:00
Jeremy Felt
2cd62a2c97 Login: Fire wp_no_robots() in wp_die() only if function exists.
This covers cases where `wp_die()` is used before `general-template.php` is loaded.

Fixes #34401.

Built from https://develop.svn.wordpress.org/trunk@37689


git-svn-id: http://core.svn.wordpress.org/trunk@37655 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-12 00:34:29 +00:00
Drew Jaynes
2600c28169 Boostrap: Move is_ssl() to wp-includes/load.php.
Moving to load.php introduces parity with other commonly evaluated `is_*()` functions such as `is_admin()` or `is_multisite()`.  It also makes `is_ssl()` available much earlier in the loading process, such as for use in drop-ins like advanced-cache.php.

Props johnjamesjacoby.
Fixes #35844.

Built from https://develop.svn.wordpress.org/trunk@37677


git-svn-id: http://core.svn.wordpress.org/trunk@37643 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-10 18:56:31 +00:00
Peter Wilson
47d26cd9fb DOCS: Replace HTTP links with HTTPS.
Replaces unsecure links in documentation and translator comments with their secure versions.

Props johnpgreen, netweb

Fixes #36993

Built from https://develop.svn.wordpress.org/trunk@37674


git-svn-id: http://core.svn.wordpress.org/trunk@37640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-10 04:50:33 +00:00
Jeremy Felt
c63c4d9345 Multisite: Introduce get_current_network_id()
Similar to `get_current_blog_id`, this can be used to get the ID of the `$current_site` global. If not available, it will fallback to the main network ID. In single site, this will return 1.

Props spacedmonkey, flixos90.
Fixes #33900.

Built from https://develop.svn.wordpress.org/trunk@37670


git-svn-id: http://core.svn.wordpress.org/trunk@37636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-09 20:34:28 +00:00
Rachel Baker
445b9b6d94 Users: Stop WP_List_Table notices from persisting on pagination navigation.
Adds the keyboard navigation query vars to `wp_removable_query_args()` and passes the results of said function to remove_query_var() inside the WP_List_Table pagination method.

Props EFAREM for the initial patch.
Fixes #35620.
Built from https://develop.svn.wordpress.org/trunk@37663


git-svn-id: http://core.svn.wordpress.org/trunk@37629 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-09 01:56:27 +00:00
Rachel Baker
99cca27041 REST API: Create the general wp_check_jsonp_callback() function for validating JSONP callback functions.
Move the REST API JSONP callback validation check into a separate function named `wp_check_jsonp_callback()`. This allows plugins to use the built-in validation when handling JSONP callbacks.
Extremely Important Note: If you send JSONP in your custom response, make sure you prefix the response with `/**/`. This will mitigate the Rosetta Flash exploit. You should also send the `X-Content-Type-Options:nosniff` header, or even better, use the REST API infrastructure.

Props rmccue.
Fixes #28523.
Built from https://develop.svn.wordpress.org/trunk@37646


git-svn-id: http://core.svn.wordpress.org/trunk@37612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-06 21:34:28 +00:00
Drew Jaynes
d28f1a08ef Docs: Apply inline @see tags to hooks referenced in DocBlocks in a variety of wp-includes/* files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.

See #36921.

Built from https://develop.svn.wordpress.org/trunk@37543


git-svn-id: http://core.svn.wordpress.org/trunk@37511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 19:01:27 +00:00