Avoid a PHP Error when attempting to embed the parent post of an attachment, when the parent post ID is invalid. Instead check if the parent post object exists before checking the read permission for the parent post.
Props GhostToast.
Fixes#39881.
Built from https://develop.svn.wordpress.org/trunk@40306
git-svn-id: http://core.svn.wordpress.org/trunk@40213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously `update_blog_option()` would trigger an invalidation of that site's entire cache although these changes did not affect the content of these caches. Furthermore changes to the special options `blogname`, `siteurl` and `post_count` should not invalidate the entire cache of that site, but only their respective site details cache. The option `home` now has the same behavior as it also belongs to the site details, but did not invalidate the cache at all previously.
Several new unit tests confirm these changes work as expected.
Fixes#40063.
Built from https://develop.svn.wordpress.org/trunk@40305
git-svn-id: http://core.svn.wordpress.org/trunk@40212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Exclude 'node_modules' directories from paths searched in `WP_Theme::scandir()`. Introduces the `theme_scandir_exclusions` filter to allow sites to exclude any other paths like `bower_components` or `vendor` from being searched for template files.
Props lukasbesch, dd32, swisspidy, rachelbaker.
Fixes#38292.
Built from https://develop.svn.wordpress.org/trunk@40301
git-svn-id: http://core.svn.wordpress.org/trunk@40208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This prevents an additional 301 redirect when clicking on the nav menu item, and it also prevents a scenario where the auth cookie may not be passed and cause an authentication error when navigating in the customizer.
Props dlh, swissspidy.
Fixes#40112.
Built from https://develop.svn.wordpress.org/trunk@40300
git-svn-id: http://core.svn.wordpress.org/trunk@40207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It is sometimes desirable to support shorter site names than 4 characters, therefore that restriction should be removed. It is still possible to manually enforce it by using the `wpmu_validate_blog_signup` filter.
As a result of this change, another `is_super_admin()` call gets removed which affects the ongoing efforts of working on a network-wide role system.
Props milindmore22.
Fixes#39676. See #37616.
Built from https://develop.svn.wordpress.org/trunk@40295
git-svn-id: http://core.svn.wordpress.org/trunk@40202 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to [38677], `get_term_by()` would always return false if
an empty string were passed as the queried 'name' or 'slug'. The
refactor to use `get_terms()` broke this behavior; inappropriately
imprecise `empty()` checks caused the 'name' or 'slug' clause to be
discarded altogether when fetching terms, resulting in an incorrect
term being returned from the function.
We fix the regression by special-casing truly empty values passed
to `get_term_by()`, and ensuring that `WP_Term_Query` is properly
able to handle `0` and `'0'` term queries.
Props sstoqnov.
Fixes#21760.
Built from https://develop.svn.wordpress.org/trunk@40293
git-svn-id: http://core.svn.wordpress.org/trunk@40200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The time chosen for `test_empty_post_date_gmt_shimmed_using_post_date` falls within US daylight savings time. This may cause the test to fail depending on whether the current locale has DST.
The fix is to specify a numeric `gmt_offset` rather than a `timezone_string`.
Unprops jnylen0.
Fixes#40136.
Built from https://develop.svn.wordpress.org/trunk@40284
git-svn-id: http://core.svn.wordpress.org/trunk@40196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Historically, it has been possible to call `get_term_by()` within
a 'get_terms' filter callback. Since `get_term_by()` was refactored
to use `get_terms()` internally [38677], callbacks of this nature
have resulted in infinite loops.
As a workaround, we introduce a 'suppress_filter' option to `get_terms()`,
and use it when calling the function from within `get_term_by()`.
Props ocean90.
See #21760.
Built from https://develop.svn.wordpress.org/trunk@40275
git-svn-id: http://core.svn.wordpress.org/trunk@40192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change moves to specifying the PHPUnit version for all PHP versions, and fixes an issue where the Composer global bin directory is not at `~/.composer/vendor/bin` on the boxes that are used for HHVM builds.
See #40100
Built from https://develop.svn.wordpress.org/trunk@40269
git-svn-id: http://core.svn.wordpress.org/trunk@40188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Overriding pluggable functions in the test suite is asking for trouble in the future. In addition, it means the test suite can't be guaranteed to behave the same as core.
This instead introduces a `send_auth_cookies` filter which can be hooked in during the test suite to prevent these functions from attempting to send cookie headers to the client.
Fixes#39367
Built from https://develop.svn.wordpress.org/trunk@40263
git-svn-id: http://core.svn.wordpress.org/trunk@40183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The site's current timezone offset is an important piece of information for any REST API client that needs to manipulate dates. It has not been previously available.
Expose both the `gmt_offset` (the site's current offset from UTC in hours) and `timezone_string` (which also provides information about daylight savings time) via the "site info" endpoint (the base `/wp-json` response).
Also update the `wp-api-generated.js` fixture file with the changes to the default API responses.
Props sagarkbhatt.
Fixes#39854.
Built from https://develop.svn.wordpress.org/trunk@40238
git-svn-id: http://core.svn.wordpress.org/trunk@40168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit adds some missing test cases for combinations of `orderby` and other parameters (`post_parent__in` and `post_name__in`).
Followup to [40056] for `orderby` and `post__in`.
The interaction of these parameters is perhaps counterintuitive because `orderby` does not affect the returned results. This is overall probably the best design, and it's now better tested and documented.
Props fibonaccina.
See #39055.
Built from https://develop.svn.wordpress.org/trunk@40237
git-svn-id: http://core.svn.wordpress.org/trunk@40167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Terms with duplicate names are not allowed at the same level of a
taxonomy hierarchy. The name lookup introduced in [34809] did not
properly account for the 'parent' parameter, with the result that
the duplicate-name restriction was tighter than intended (terms
with duplicate names could not be created at different levels of
a single hierarchy).
Props mikejolley.
Fixes#39984.
Built from https://develop.svn.wordpress.org/trunk@40145
git-svn-id: http://core.svn.wordpress.org/trunk@40084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_insert_term()` does not allow for terms with the same name to exist
at the same hierarchy level, unless the second term has a unique slug.
When this logic was refactored in [31792] and [34809], a bug was
introduced whereby it was possible to bypass the no-same-named-sibling
check in cases where the first term had a non-auto-generated slug
(ie, where the name was 'Foo' but the slug something other than 'foo',
such that the second term would get the non-matching slug 'foo').
This changeset fixes this issue by ensuring that the duplicate name
check runs both in cases where there's an actual slug clash *and* in
cases where no explicit `slug` has been provided to `wp_insert_term()`.
The result is a more reliable error condition:
`wp_insert_term( 'Foo' ... )` will always fail if there's a sibling
'Foo', regardless of the sibling's slug.
Props mikejolley.
See #39984.
Built from https://develop.svn.wordpress.org/trunk@40144
git-svn-id: http://core.svn.wordpress.org/trunk@40083 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since support for PDF previews were added in [38949], it's possible
that the generated image file could overwrite an existing image file
with the same name. This uses `wp_unique_filename()` to avoid this
issue and adds a '-pdf' identifier on the end of filenames.
Props gitlost, derosj, mikeschroder, joemcgill.
Fixes#39875. See #31050.
Built from https://develop.svn.wordpress.org/trunk@40130
git-svn-id: http://core.svn.wordpress.org/trunk@40067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [40123], `WP_Image_Editor_Imagick` started using
`Imagick::setImageOrientation` and `Imagick::ORIENTATION_TOPLEFT`,
but had no equivalent feature check.
While they were introduced more than 9 years ago, it's important
to double-check everything is available before using with Imagick.
Fixes#37140.
Built from https://develop.svn.wordpress.org/trunk@40129
git-svn-id: http://core.svn.wordpress.org/trunk@40066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A few of the multisite tests were failing after [40124] because
multisite filters `upload_mimes` with the `check_upload_mimes()`
function to reduce the set of allowed MIME types. This fixes those
errors by skipping the tests for adding additional MIME types and
only tests file types assumed to be allowed.
See #39550.
Built from https://develop.svn.wordpress.org/trunk@40125
git-svn-id: http://core.svn.wordpress.org/trunk@40062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[39831] introduced more strict MIME type checking for uploads, which
resulted in unintetionally blocking several filetypes that were
previously valid. This change uses a more targeted approach to MIME
validation to restore previous behavior for most types.
Props blobfolio, iandunn, ipstenu, markoheijnen, xknown, joemcgill.
Fixes#39550, #39552.
Built from https://develop.svn.wordpress.org/trunk@40124
git-svn-id: http://core.svn.wordpress.org/trunk@40061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Due to inconsistencies in the way browsers handle Exif orientation data,
if a user manually rotates an image within WordPress, set the Exif orientation to
the default (1) so that the image displays with the same rotation/flip in every browser.
Props sanchothefat, triplejumper12, joemcgill, azaozz, markoheijnen, mikeschroder.
See #14459.
Fixes#37140.
Built from https://develop.svn.wordpress.org/trunk@40123
git-svn-id: http://core.svn.wordpress.org/trunk@40060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, when getting posts from the API with `sticky=true`, if there were no sticky posts set, the query would return all posts as if the `sticky` argument was not set. In this situation, the query should return an empty array instead.
A `sticky=true` query that should return an empty array (in the previous situation, or with `include` and no intersecting post IDs) was also broken in that it would query the post with ID 1.
Finally, this commit significantly improves test coverage for the `sticky` filter argument, including direct testing of the `WHERE` clauses generated by `WP_Query`.
Props ryelle.
Fixes#39947.
Built from https://develop.svn.wordpress.org/trunk@40122
git-svn-id: http://core.svn.wordpress.org/trunk@40059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A `post_format` not used by the current theme, but supported by core is not a wrong/broken piece of information. It's just not used at this point in time. Therefore we should allow setting and retrieving any of the standard post formats supported in core, even if the current theme doesn't use them.
After this commit, a post's `format` value can survive a round trip through the API, which is a good general design principle for an API.
Props JPry, iseulde, davidakennedy, Drivingralle.
Fixes#39232.
Built from https://develop.svn.wordpress.org/trunk@40120
git-svn-id: http://core.svn.wordpress.org/trunk@40057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add QUnit tests for the parsing of custom namespace routes. Add a custom schema fixture based on the `wp-js-widgets` plugin. Test that the client can parse the widget namespace in the schema and correctly construct the expected group of models and collections. Also includes a small unrelated QUnit fix to ensure nav-menu test passes when it is loaded without its tests executing as well as a small jshint fix, adding a missing semicolon since [40107].
Props jnylen0.
Fixes#39561.
Built from https://develop.svn.wordpress.org/trunk@40109
git-svn-id: http://core.svn.wordpress.org/trunk@40046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Internally, WordPress uses a special `post_date_gmt` value of `0000-00-00 00:00:00` to indicate that a draft's date is "floating" and should be updated whenever the post is saved. This makes it much more difficult for API clients to know the correct date of a draft post.
This commit provides a best guess at a `date_gmt` value for draft posts in this situation using the `date` field and the site's current timezone offset.
Props joehoyle.
Fixes#38883.
Built from https://develop.svn.wordpress.org/trunk@40108
git-svn-id: http://core.svn.wordpress.org/trunk@40045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Enable history support for the new theme screen, including navigating theme details and closing the details modal. Theme selection is now also bookmark-able, so linking to a URL like `/wp-admin/theme-install.php?theme=twentyseventeen` correctly opens the theme preview.
Props dd32.
Fixes#36613.
Built from https://develop.svn.wordpress.org/trunk@40107
git-svn-id: http://core.svn.wordpress.org/trunk@40044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It has been unintendedly possible to both view and edit users from a different site than the current site in multisite environments. Moreover, when passing roles to a user in an update request, that user would implicitly be added to the current site.
This changeset removes the incorrect behavior for now in order to be able to provide a proper REST API workflow for managing multisite users in the near future. Related unit tests have been adjusted as well.
Props jnylen0, jeremyfelt, johnjamesjacoby.
Fixes#39701.
Built from https://develop.svn.wordpress.org/trunk@40106
git-svn-id: http://core.svn.wordpress.org/trunk@40043 1a063a9b-81f0-0310-95a4-ce76da25c4cd
DELETE was inadvertently omitted from the list of non-POST HTTP methods that should be able to accept body parameters. Parameters passed to DELETE requests as JSON are already parsed correctly; this commit fixes `application/x-www-form-urlencoded` parameters as well.
Props mnelson4.
Fixes#39933.
Built from https://develop.svn.wordpress.org/trunk@40105
git-svn-id: http://core.svn.wordpress.org/trunk@40042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit modifies the `rest_get_date_with_gmt` function to correctly parse local and UTC timestamps with or without timezone information.
It also ensures that the REST API can edit the dates of draft posts by setting the `edit_date` flag to `wp_update_post`.
Overall this commit ensures that post and comment dates can be set and updated as expected.
Fixes#39256.
Built from https://develop.svn.wordpress.org/trunk@40101
git-svn-id: http://core.svn.wordpress.org/trunk@40038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously the status for a Post (or other post_types) was only exposed under the `edit` context, which doesn't really make much sense considering we support querying by post status without authentication. Originally introduced in v2.0 beta 1: 69f617d749 without any explanation in the commit message.
Props dhanendran, jnylen0, rachelbaker.
Fixes#39466.
Built from https://develop.svn.wordpress.org/trunk@40080
git-svn-id: http://core.svn.wordpress.org/trunk@40017 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are a couple of changes to the generated API schemas between single-site and multisite mode - for example, the `url` and `email` settings are not present in the settings endpoint (see #39005).
To avoid unexpected changes to the `wp-api-generated.js` fixture file, skip generating the client test fixtures when running the test suite in multisite mode.
See #39264.
Built from https://develop.svn.wordpress.org/trunk@40077
git-svn-id: http://core.svn.wordpress.org/trunk@40014 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix parsing of custom namespace routes. Transform class names, removing dashes and capitalizing each word/route part so a route path of `widgets/recent-posts` becomes a collection with the name `WidgetsRecentPosts`. Correct parent route part when routes are longer than expected, reversing parse direction.
Props westonruter, jazbek.
Fixes#39561.
Built from https://develop.svn.wordpress.org/trunk@40074
git-svn-id: http://core.svn.wordpress.org/trunk@40011 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Follow-up to [40065] - `JSON_*` constants are differently unsupported in PHP 5.2 and 5.3, which caused other, more different failures.
Also bring back `JSON_UNESCAPED_SLASHES` because the generated output looks nicer this way.
Fixes#39264.
Built from https://develop.svn.wordpress.org/trunk@40066
git-svn-id: http://core.svn.wordpress.org/trunk@40003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Remove `JSON_UNESCAPED_SLASHES` from the `wp_json_encode` call - this constant is not supported in PHP < 5.4, and we don't polyfill it either.
Also make the PHPUnit test suite correctly exit with a non-zero exit code when `wp-tests-config.php` is not present. This was causing `grunt restapi-jsclient` to incorrectly proceed to its second step even when the first step failed with this error.
Props ocean90.
Fixes#39264.
Built from https://develop.svn.wordpress.org/trunk@40065
git-svn-id: http://core.svn.wordpress.org/trunk@40002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `post_author` field is a string internally, but we need to cast it to an integer in the REST API. This was already done for posts, but not for revisions. The field is already declared as an integer in both controllers.
Fixes#39871.
Built from https://develop.svn.wordpress.org/trunk@40063
git-svn-id: http://core.svn.wordpress.org/trunk@40000 1a063a9b-81f0-0310-95a4-ce76da25c4cd