Commit Graph

603 Commits

Author SHA1 Message Date
John Blackbourn
dd53775247 Comments: Revert the introduction of the opt-in comment approval notification feature.
This reverts the following commits: [50113], [50112], [50109].

See #33717

Built from https://develop.svn.wordpress.org/trunk@50375


git-svn-id: http://core.svn.wordpress.org/trunk@49986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-17 13:08:05 +00:00
John Blackbourn
3e801fdb5d Comments: Extend the duration of the window within which unapproved comments are visible by their author.
This extension is necessary because the comment approval notification opt-in form introduced in [47887] uses the same mechanism, and the previous limit of one minute meant that users on a slow connection, using assistive technology, with limited motor skills, or who are generally indecisive may not complete the opt-in action within one minute, and therefore not see the confirmation message.

Props joedolson, imath, hellofromTonya, peterwilsoncc, alexstine, davidbaumwald 

Fixes #52406

Built from https://develop.svn.wordpress.org/trunk@50271


git-svn-id: http://core.svn.wordpress.org/trunk@49916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-09 16:57:04 +00:00
Sergey Biryukov
68705af715 I18N: Correct placeholders in translator comments in wp_new_comment_notify_comment_author().
Follow-up to [42827], [45932], [50109].

See #33717.
Built from https://develop.svn.wordpress.org/trunk@50112


git-svn-id: http://core.svn.wordpress.org/trunk@49791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-31 17:36:57 +00:00
John Blackbourn
dad34fe877 Comments: Introduce a method for commenters to opt-in to receiving an email notification when their moderated comment gets approved.
The opt-in form is shown after the comment is submitted and held for moderation.

Sorry this took five years.

Props jeffr0, swissspidy, mrahmadawais, wonderboymusic, jdgrimes, obenland, Monika, imath, garrett-eclipse, johnbillion

Fixes #33717

Built from https://develop.svn.wordpress.org/trunk@50109


git-svn-id: http://core.svn.wordpress.org/trunk@49788 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-31 12:50:01 +00:00
John Blackbourn
b59c0f307b Docs: Corrections and improvements to types used in various docblocks.
See #51800, #52217

Built from https://develop.svn.wordpress.org/trunk@49936


git-svn-id: http://core.svn.wordpress.org/trunk@49635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-05 17:16:11 +00:00
Sergey Biryukov
43bc55f38d Docs: Fix typo in wp_set_comment_status filter DocBlock.
Follow-up to [49926].

See #51800.
Built from https://develop.svn.wordpress.org/trunk@49934


git-svn-id: http://core.svn.wordpress.org/trunk@49633 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-05 16:46:10 +00:00
John Blackbourn
dfe1f9b322 Docs: Promote many bool types to true or false where only that value is used.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49927


git-svn-id: http://core.svn.wordpress.org/trunk@49626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-03 22:04:04 +00:00
John Blackbourn
53da9208dd Docs: Various docblock corrections particularly relating to boolean types.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49926


git-svn-id: http://core.svn.wordpress.org/trunk@49625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-03 21:57:09 +00:00
Sergey Biryukov
651f426b3a General: Remove noreferrer from wp_targeted_link_rel() and other uses.
When `noopener noreferrer` was originally added in #37941 and related tickets, the `noreferrer` bit was specifically included due to Firefox not supporting `noopener` at the time.

Since `noopener` has been supported by all major browsers for a while, it should now be safe to remove the `noreferrer` attribute from core.

Props Mista-Flo, audrasjb, joostdevalk, jonoaldersonwp, peterwilsoncc, elgameel.
Fixes #49558.
Built from https://develop.svn.wordpress.org/trunk@49215


git-svn-id: http://core.svn.wordpress.org/trunk@48977 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-19 23:39:04 +00:00
Sergey Biryukov
1c1aadbe54 Pings/Trackbacks: Split do_all_pings() into several functions:
* `do_all_pingbacks()`
* `do_all_enclosures()`
* `do_all_trackbacks()`

This allows for the specific removal/replacement of one of more services.

Props dshanske, garrett-eclipse, Mista-Flo, azaozz, hellofromTonya.
Fixes #36576.
Built from https://develop.svn.wordpress.org/trunk@49211


git-svn-id: http://core.svn.wordpress.org/trunk@48973 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-19 21:16:02 +00:00
Sergey Biryukov
0e3147c40e Coding Standards: Replace alias PHP functions with the canonical names.
Using the canonical function name for PHP functions is strongly recommended, as aliases may be deprecated or removed without (much) warning.

This replaces all uses of the following:
* `join()` with `implode()`
* `sizeof()` with `count()`
* `is_writeable()` with `is_writable()`
* `doubleval()` with a `(float)` cast

In part, this is a follow-up to #47746.

Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49193


git-svn-id: http://core.svn.wordpress.org/trunk@48955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-18 17:27:06 +00:00
Sergey Biryukov
4419f9b889 Docs: Correct description for wp_set_comment_status hook.
The action fires immediately after transitioning a comment's status from one to another in the database and removing the comment from the object cache, but prior to all status transition hooks.

Props davidbaumwald, henry.wright.
Fixes #51481.
Built from https://develop.svn.wordpress.org/trunk@49111


git-svn-id: http://core.svn.wordpress.org/trunk@48873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-09 01:28:04 +00:00
Sergey Biryukov
897f004a9c General: Replace older-style PHP type conversion functions with type casts.
This improves performance, readability, and consistency throughout core.

* `intval()` → `(int)`
* `strval()` → `(string)`
* `floatval()` → `(float)`

Props ayeshrajans.
Fixes #42918.
Built from https://develop.svn.wordpress.org/trunk@49108


git-svn-id: http://core.svn.wordpress.org/trunk@48870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-08 21:15:13 +00:00
Sergey Biryukov
649348cf5b Code Modernization: Remove unnecessary reference sign from get_comment() definition.
This fixes a PHP 8 "argument must be passed by reference, value given" error when using `array_map( 'get_comment', ... )`.

Object variables in PHP 5+ contain a reference to the object, and it's the reference that's passed around.

Note: This reverts [48838], which is now redundant.

Follow-up to a similar change for `get_post()` in [21572].

See #50913.
Built from https://develop.svn.wordpress.org/trunk@48961


git-svn-id: http://core.svn.wordpress.org/trunk@48723 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-09 03:55:07 +00:00
Sergey Biryukov
3e16f7510a Comments: Make sure the comment data passed to the preprocess_comment filter includes the comment_agent and comment_author_IP values.
Props zodiac1978, SergeyBiryukov.
Fixes #51044.
Built from https://develop.svn.wordpress.org/trunk@48822


git-svn-id: http://core.svn.wordpress.org/trunk@48584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-19 01:57:08 +00:00
Sergey Biryukov
c64297ce61 Comments: Update comment cache in the upgrade routine for changing the comment_type DB field value in comments table.
This ensures that comment object cache is cleared after changing the comment type to `comment` instead of an empty string.

Add a unit test for `_wp_batch_update_comment_type()`.

Follow-up to [47597], [47626], [48225], [48227].

Props imath, westonruter.
Fixes #49236.
Built from https://develop.svn.wordpress.org/trunk@48748


git-svn-id: http://core.svn.wordpress.org/trunk@48510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-07 14:29:02 +00:00
Sergey Biryukov
5f6d6a79e8 Docs: Document that various metadata functions return false for an invalid ID.
Props salcode.
See #40519.
Built from https://develop.svn.wordpress.org/trunk@48658


git-svn-id: http://core.svn.wordpress.org/trunk@48420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-28 10:15:04 +00:00
Sergey Biryukov
d936f2c959 Docs: Miscellaneous DocBlock corrections.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48591


git-svn-id: http://core.svn.wordpress.org/trunk@48353 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 21:55:04 +00:00
John Blackbourn
9bc7d0a776 Docs: Another pass at some inline docs fixes mostly made by PHPCBF.
See #49572, #50744
Built from https://develop.svn.wordpress.org/trunk@48590


git-svn-id: http://core.svn.wordpress.org/trunk@48352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 21:11:05 +00:00
John Blackbourn
124972f2c6 Docs: Further corrections and improvements to various inline docblocks.
See #49572
Built from https://develop.svn.wordpress.org/trunk@48576


git-svn-id: http://core.svn.wordpress.org/trunk@48338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 07:39:02 +00:00
Aaron Jorbin
6cab8cce22 General: Update code for readability and inclusion
There are two pieces in here:

1) The update to change blacklist to blocklist is moved to disallowed_list. "Block" has a meaning in our code, and there could be ambiguity between this code and code related to blocks.

2) This improves backwards compatibility for code that was accessing the now deprecated code.

Previously: [48477], [48405], [48400], [48121], [48122], [48124], [48142], [48566]

Props: desrosj, SergeyBiryukov, johnjamesjacoby
Fixes: #50413


Built from https://develop.svn.wordpress.org/trunk@48575


git-svn-id: http://core.svn.wordpress.org/trunk@48337 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 03:14:06 +00:00
John Blackbourn
0bf9b04c53 Docs: Various formatting improvements to inline docblocks.
See #49572
Built from https://develop.svn.wordpress.org/trunk@48574


git-svn-id: http://core.svn.wordpress.org/trunk@48336 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 00:52:05 +00:00
Sergey Biryukov
bf222a442b Comments: Make wp_update_comment() return false instead of 0 for an invalid comment or post ID.
This addresses an inconsistency where 0 could mean one of the three scenarios:

* Invalid comment ID.
* Invalid comment post ID.
* No DB rows updated. This is not an error and should not be treated as one.

With this change, `wp_update_comment()` always returns either `false` or a `WP_Error` object on failure, depending on the value of the `$wp_error` parameter.

Follow-up to [48154], [48215], [48216], [48218], [48230].

Props dd32, jnylen0, enrico.sorcinelli.
Fixes #39732. See #38700, #39735.
Built from https://develop.svn.wordpress.org/trunk@48235


git-svn-id: http://core.svn.wordpress.org/trunk@48004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-30 14:12:04 +00:00
Sergey Biryukov
8ac810e460 Comments: Add a @since note to the wp_update_comment_data filter about returning a WP_Error value.
Remove the ability to short-circuit comment update by returning `false` from the filter for now.

This was inconsistent with the `pre_comment_approved` filter, and should not be necessary if a more descriptive reason can be given by always using `WP_Error`.

See #39732.
Built from https://develop.svn.wordpress.org/trunk@48230


git-svn-id: http://core.svn.wordpress.org/trunk@47999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-30 12:03:04 +00:00
Sergey Biryukov
4532d5a30a Comments: Correct $wpdb->prepare() usage in _wp_batch_update_comment_type().
Follow-up to [47597], [48225].

See #50513, #49236.
Built from https://develop.svn.wordpress.org/trunk@48227


git-svn-id: http://core.svn.wordpress.org/trunk@47996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-30 11:30:02 +00:00
Sergey Biryukov
18c5348b2f Comments: Introduce wp_update_comment_type_batch_size filter for the comment batch size in _wp_batch_update_comment_type().
Follow-up to [47597].

Props dchymko.
Fixes #50513. See #49236.
Built from https://develop.svn.wordpress.org/trunk@48225


git-svn-id: http://core.svn.wordpress.org/trunk@47994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-30 11:06:02 +00:00
Sergey Biryukov
f5942603c0 Comments: Make wp_update_comment() return a WP_Error object for a canceled update, if $wp_error parameter is true.
Remove redundant checks for `wp_update_comment()` results being `false`, as the function always returns a `WP_Error` object now if `$wp_error` is true.

Follow-up to [48154], [48215], [48216].

See #39732.
Built from https://develop.svn.wordpress.org/trunk@48218


git-svn-id: http://core.svn.wordpress.org/trunk@47987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-29 23:42:03 +00:00
Sergey Biryukov
e2936bd7e5 Comments: Make wp_update_comment() return a WP_Error object on database error, if $wp_error parameter is true.
Follow-up to [48154], [48215].

See #39732.
Built from https://develop.svn.wordpress.org/trunk@48216


git-svn-id: http://core.svn.wordpress.org/trunk@47985 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-29 23:06:04 +00:00
Sergey Biryukov
d8a08ecada Comments: Minor adjustments to wp_update_comment():
* Revert the logic of `$wp_error` checks to avoid negation.
* Clarify the return value, restore the edits from [47017].
* Update `wp_update_comment_data` filter check to allow `false` to prevent the update.

Follow-up to [48154].

See #39732.
Built from https://develop.svn.wordpress.org/trunk@48215


git-svn-id: http://core.svn.wordpress.org/trunk@47984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-29 22:44:03 +00:00
Sergey Biryukov
347e831768 Docs: Improve documentation for the $prev_value parameter and return result of various metadata update functions.
Props stevenlinx.
Fixes #50502. See #49572.
Built from https://develop.svn.wordpress.org/trunk@48214


git-svn-id: http://core.svn.wordpress.org/trunk@47983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-29 21:22:09 +00:00
Sergey Biryukov
570b6e0866 Comments: Rename the $avoid_die parameter of wp_allow_comment() and wp_new_comment() to $wp_error.
This makes the function signatures more consistent with `wp_update_comment()` and `wp_set_comment_status()`.

`wp_check_comment_flood()` is left as the only function with the `$avoid_die` parameter for now, as it does not return a `WP_Error` object.

Follow-up to [48154], [48207].

See #39732.
Built from https://develop.svn.wordpress.org/trunk@48208


git-svn-id: http://core.svn.wordpress.org/trunk@47977 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-28 22:10:06 +00:00
Sergey Biryukov
8c721c9c34 Docs: Correct description for the $avoid_die parameter of wp_check_comment_flood().
The function always return a boolean value, never a `WP_Error` object.

See #49572, #39732.
Built from https://develop.svn.wordpress.org/trunk@48207


git-svn-id: http://core.svn.wordpress.org/trunk@47976 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-28 21:42:03 +00:00
Sergey Biryukov
3336009e34 Docs: Replace "html" and "xhtml" instances in DocBlocks and comments with "HTML" and "XHTML".
This ensures consistent capitalization where appropriate.

Props navidos, desrosj.
Fixes #50473.
Built from https://develop.svn.wordpress.org/trunk@48199


git-svn-id: http://core.svn.wordpress.org/trunk@47968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-28 14:02:06 +00:00
Sergey Biryukov
40c389c95e Docs: Standardize on "Returning a value from the filter" vs. "Passing a value to the filter".
The filter is the callback function added with `add_filter()`, therefore the hook passes a value to the filter, and the filter returns a value to change its behaviour.

The documentation is referring to the latter.

Props johnbillion.
See #49572, #16557.
Built from https://develop.svn.wordpress.org/trunk@48185


git-svn-id: http://core.svn.wordpress.org/trunk@47954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 18:49:09 +00:00
Sergey Biryukov
d38a32bfac Coding Standards: Reformat some long apply_filters_deprecated() and do_action_deprecated() calls for better readability.
See #49542.
Built from https://develop.svn.wordpress.org/trunk@48167


git-svn-id: http://core.svn.wordpress.org/trunk@47936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-25 12:06:07 +00:00
whyisjake
bb7601f6d0 Comments: Allow wp_update_comment() to return WP_Error().
The `wp_update_comment_data` filter introduced in 4.7 allows comment data to be filtered before it is updated in the database.

The patch aims to handle `WP_Error` as the filter above return value in a similar manner as is done for `wp_new_comment()`.


Fixes #39732.

Props: enricosorcinelli, swissspidy, gkloveweb, jnylen0, jbpaul17, afercia, SergeyBiryukov, audrasjb, imath, davidbaumwald.

Built from https://develop.svn.wordpress.org/trunk@48154


git-svn-id: http://core.svn.wordpress.org/trunk@47923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-24 00:05:12 +00:00
Sergey Biryukov
803a05946b Comments: Remove wp_get_include_unapproved_comments_argument() for now.
The function seems too specific and low-level for an abstraction, is only used in two places, and does not provide a significant benefit in terms of reducing code duplication.

Follow-up to [48133].

See #8973.
Built from https://develop.svn.wordpress.org/trunk@48140


git-svn-id: http://core.svn.wordpress.org/trunk@47909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-23 13:53:08 +00:00
whyisjake
0c91c23277 Comments: Ensure the proper comment count and pages for unapproved comments.
Previiously, unapproved comments can alter the comment count, returning incorrect page numbers.

Fixes #8973.

Props GregMulhauser, dd32, ryan, mrmist, hakre, solarissmoke, billerickson, ericlewis, SergeyBiryukov, chriscct7, dossy, lukecavanagh, renggo888, jdorner, matjack1, pento, audrasjb, imath, davidbaumwald, whyisjake.  


Built from https://develop.svn.wordpress.org/trunk@48133


git-svn-id: http://core.svn.wordpress.org/trunk@47902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-23 05:24:10 +00:00
desrosj
4b60af1a6a General: Remove “whitelist” and “blacklist” in favor of more clear and inclusive language.
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”

With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).

Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.

Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.

Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes #50413.
Built from https://develop.svn.wordpress.org/trunk@48121


git-svn-id: http://core.svn.wordpress.org/trunk@47890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-22 17:26:13 +00:00
Andrea Fercia
ae447adaf4 I18N: Restore the "Error:" prefix for error messages.
Partially reverts [48059] as there's no full consensus on the removal of the text prefix. Further actions should be taken to improve consistency and accessibility of the admin notices. Keeps some improvements to the translatable strings from [48059].

Fixes #47656.

Built from https://develop.svn.wordpress.org/trunk@48115


git-svn-id: http://core.svn.wordpress.org/trunk@47884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-21 14:00:09 +00:00
Sergey Biryukov
be16bb9fba Docs: Remove extra spaces from @param tags.
Per the documentation standards, `@param` tags should be aligned with each other, but not with the `@return` tag.

See #49572.
Built from https://develop.svn.wordpress.org/trunk@48110


git-svn-id: http://core.svn.wordpress.org/trunk@47879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 12:58:10 +00:00
Sergey Biryukov
b16368c268 Docs: Remove @staticvar tags from core.
The tag was supported in phpDocumentor 1.x, but is no longer supported in 2.x and 3.x.

Usage of static variables is considered an internal implementation detail and has no information value for someone reading the docs.

Props alishanvr, jrf.
Fixes #50426.
Built from https://develop.svn.wordpress.org/trunk@48109


git-svn-id: http://core.svn.wordpress.org/trunk@47878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 12:40:12 +00:00
Sergey Biryukov
e13c363b17 Docs: Capitalize "ID", when referring to a post ID, term ID, etc. in a more consistent way.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48104


git-svn-id: http://core.svn.wordpress.org/trunk@47873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 12:02:12 +00:00
John Blackbourn
1a77bb81d8 Docs: Remove unnecessary variables names from @return tags.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48100


git-svn-id: http://core.svn.wordpress.org/trunk@47869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-19 22:55:12 +00:00
Sergey Biryukov
de59ad23a4 Docs: Consistently include an empty line between @since tag and @see, @link, or @global, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48067


git-svn-id: http://core.svn.wordpress.org/trunk@47834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 21:07:14 +00:00
Andrea Fercia
f83c504b88 I18N: Remove the "Error:" prefix from error messages.
For a number of years, most of the WordPress error messages have been prefixed with "Error:". However, these messages appear in a context where it's already clear an error occurred. Whether it's an error, a warning, or any other classification, that's not so relevant for users. The content of the message is the relevant part. The "Error:" prefix doesn't add great value while it does add unnecessary complexity for the message readability.

Also, revises some of these messages to improve clarity and removes HTML from translatable strings.

Props garrett-eclipse, ramiy, SergeyBiryukov, afercia, sabernhardt, quadthemes, audrasjb. 
See #47003, #43037, #42945, #15887.
Fixes #47656.

Built from https://develop.svn.wordpress.org/trunk@48059


git-svn-id: http://core.svn.wordpress.org/trunk@47826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 15:35:13 +00:00
Sergey Biryukov
18a9359c06 Posts, Post Types: Display a more specific error message when an attachment could not be inserted into the database.
Props shital-patel, Presskopp, ocean90.
Fixes #50325.
Built from https://develop.svn.wordpress.org/trunk@47922


git-svn-id: http://core.svn.wordpress.org/trunk@47696 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-07 09:24:11 +00:00
whyisjake
9f86174e08 Comments: Ensure that unmoderated comments won't be search indexed.
After a comment is submitted, only allow a brief window where the comment is live on the site. 

Fixes #49956.
Props: jonkolbert, ayeshrajans, Asif2BD, peterwilsoncc, imath, audrasjb, jonoaldersonwp, whyisjake.

Built from https://develop.svn.wordpress.org/trunk@47887


git-svn-id: http://core.svn.wordpress.org/trunk@47661 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-02 20:12:07 +00:00
Sergey Biryukov
7932193708 Coding Standards: Use strict comparison where static strings are involved.
This reduces the number of `WordPress.PHP.StrictComparisons.LooseComparison` issues in half, from 1897 to 890.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47808


git-svn-id: http://core.svn.wordpress.org/trunk@47584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-16 18:42:12 +00:00
Sergey Biryukov
e55ca10ddc Comments: Ensure that inserting a comment with an empty type results in correct comment type.
Add unit tests for `wp_handle_comment_submission()` and `wp_insert_comment()` receiving an empty type.

Follow-up to [47597].

Props ocean90, imath.
Fixes #49236.
Built from https://develop.svn.wordpress.org/trunk@47626


git-svn-id: http://core.svn.wordpress.org/trunk@47401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-26 13:44:07 +00:00
Sergey Biryukov
ced8fb20a1 Code Modernization: Remove error suppression from parse_url() calls.
Previously, the `@` operator was used to prevent possible warnings emitted by `parse_url()` in PHP < 5.3.3 when URL parsing failed.

Now that the minimum version of PHP required by WordPress is 5.6.20, this is no longer needed.

Props netpassprodsr, Howdy_McGee.
Fixes #49980. See #24780.
Built from https://develop.svn.wordpress.org/trunk@47617


git-svn-id: http://core.svn.wordpress.org/trunk@47392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-24 07:28:10 +00:00
Sergey Biryukov
427405535f Docs: Synchronize parameter documentation for various metadata functions, update per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@47611


git-svn-id: http://core.svn.wordpress.org/trunk@47386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-22 10:31:09 +00:00
Sergey Biryukov
9aa0fff80e Docs: Document the default value of $single and $prev_value parameters in various metadata functions.
Props denisco.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@47610


git-svn-id: http://core.svn.wordpress.org/trunk@47385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-22 09:40:10 +00:00
Sergey Biryukov
61a2f62ffd Comments: Use comment instead of an empty string for the comment_type DB field value in comments table.
This is the first step to bring support for custom comment types into WordPress.

Add a scheduled upgrade routine to update the type value for existing comments, in batches of 100 at a time.

Props imath, aaroncampbell, jeremyfelt, dshanske.
Fixes #49236.
Built from https://develop.svn.wordpress.org/trunk@47597


git-svn-id: http://core.svn.wordpress.org/trunk@47372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-17 19:35:06 +00:00
Sergey Biryukov
38676936ba Coding Standards: Use strict type check for in_array() and array_search() where strings are involved.
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47550


git-svn-id: http://core.svn.wordpress.org/trunk@47325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-05 03:02:11 +00:00
John Blackbourn
8f1eddef11 Comments: Ensure all elements in the array returned by get_comment_count() are integers.
Previously elements would be a mixture of strings and integers depending on their numeric value.

Props progremzion, m.usama.masood

Fixes #48093
Built from https://develop.svn.wordpress.org/trunk@47526


git-svn-id: http://core.svn.wordpress.org/trunk@47301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-28 20:44:09 +00:00
John Blackbourn
056dad9c2c Docs: Use more specific types in parameter descriptions in place of mixed.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47397


git-svn-id: http://core.svn.wordpress.org/trunk@47184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-01 10:38:07 +00:00
Sergey Biryukov
c15cd5f5c4 Docs: Add missing quote to {@see 'comment_$old_status_to_$new_status'} hook reference in wp_transition_comment_status() DocBlock.
Props coffee2code.
Fixes #49474.
Built from https://develop.svn.wordpress.org/trunk@47324


git-svn-id: http://core.svn.wordpress.org/trunk@47118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-19 13:45:07 +00:00
Sergey Biryukov
f7338b347d Docs: Update @return tag for wp_allow_comment() with trash as a possible return value.
Props oakesjosh, jeremyfelt.
Fixes #49206.
Built from https://develop.svn.wordpress.org/trunk@47286


git-svn-id: http://core.svn.wordpress.org/trunk@47086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-13 17:50:05 +00:00
Sergey Biryukov
a6949956d1 Administration: Capitalize Trash consistently in various messages and comments.
When used as a noun referring to the "virtual" place, `Trash` should be capitalized.

Props garrett-eclipse, aandrewdixon, Presskopp.
Fixes #45317.
Built from https://develop.svn.wordpress.org/trunk@47233


git-svn-id: http://core.svn.wordpress.org/trunk@47033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-10 04:12:07 +00:00
Sergey Biryukov
641c632b0c Coding Standards: Use Yoda conditions where appropriate.
See #49222.
Built from https://develop.svn.wordpress.org/trunk@47219


git-svn-id: http://core.svn.wordpress.org/trunk@47019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-09 16:55:09 +00:00
Sergey Biryukov
47ed56f38f Code Modernization: Replace dirname( __FILE__ ) calls with __DIR__ magic constant.
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.

This commit also includes:

* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
 * `wp-admin/admin-header.php`
 * `wp-admin/admin-footer.php`
 * `wp-includes/version.php`

Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes #48082.
Built from https://develop.svn.wordpress.org/trunk@47198


git-svn-id: http://core.svn.wordpress.org/trunk@46998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-06 06:33:11 +00:00
Sergey Biryukov
deb1886078 Accessibility: Text Changes: Use sentence case for the word Error in various error messages, instead of all caps.
Using all caps should be avoided for better readability and because screen readers may pronounce all-caps words as abbreviations.

Props afercia, ryokuhi, sabernhardt, garrett-eclipse.
See #47656, #43037, #42945.
Built from https://develop.svn.wordpress.org/trunk@47156


git-svn-id: http://core.svn.wordpress.org/trunk@46956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-01 21:38:04 +00:00
Sergey Biryukov
2fe7c95153 Text Changes: Capitalize error messages consistently.
Props Presskopp.
Fixes #42945.
Built from https://develop.svn.wordpress.org/trunk@47154


git-svn-id: http://core.svn.wordpress.org/trunk@46954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-01 20:55:05 +00:00
Sergey Biryukov
001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov
dd4d98a368 Docs: In various @return tags, list the expected type first, instead of false.
Follow-up to [46696].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47060


git-svn-id: http://core.svn.wordpress.org/trunk@46860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-11 18:32:05 +00:00
Sergey Biryukov
c546aa36ec Docs: Improve @return description for wp_update_comment() and WP_UnitTest_Factory_For_Comment::update_object().
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47017


git-svn-id: http://core.svn.wordpress.org/trunk@46817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-27 00:30:02 +00:00
John Blackbourn
f93ee2ca76 Docs: Increase the specificity of various docblock parameter types and return types.
See #48303
Built from https://develop.svn.wordpress.org/trunk@46823


git-svn-id: http://core.svn.wordpress.org/trunk@46623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-06 22:43:04 +00:00
John Blackbourn
f545bb3f63 Docs: Improve documentation of known return types, plus other docs fixes.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46660


git-svn-id: http://core.svn.wordpress.org/trunk@46460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-05 21:23:02 +00:00
John Blackbourn
b3d6acd6a4 Docs: Fix some incorrect return tags in docblocks.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46644


git-svn-id: http://core.svn.wordpress.org/trunk@46444 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-03 22:23:01 +00:00
John Blackbourn
c8f91f77ac Docs: Correct invalid hook docblocks.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46603


git-svn-id: http://core.svn.wordpress.org/trunk@46400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-27 19:11:02 +00:00
John Blackbourn
883bb53d06 Pings/Trackbacks: Fix processing of posts with pending enclosures.
Introduced in [46175].

Fixes #36824

Built from https://develop.svn.wordpress.org/trunk@46427


git-svn-id: http://core.svn.wordpress.org/trunk@46225 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-07 21:37:03 +00:00
Sergey Biryukov
d2a48496d2 Docs: Add missing description for $comment global.
Props immeet94, mukesh27.
Fixes #46928. See #47110.
Built from https://develop.svn.wordpress.org/trunk@46391


git-svn-id: http://core.svn.wordpress.org/trunk@46190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-04 22:19:57 +00:00
Sergey Biryukov
547be72c3b Pings/Trackbacks: Use correct variable in a foreach() loop in do_all_pings().
Props itowhid06.
Fixes #48094. See #36824.
Built from https://develop.svn.wordpress.org/trunk@46292


git-svn-id: http://core.svn.wordpress.org/trunk@46104 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-25 15:50:58 +00:00
John Blackbourn
e36d1bcbd8 Docs: Docblock corrections and improvements, mostly related to various pre_* filters.
See #47110

Built from https://develop.svn.wordpress.org/trunk@46232


git-svn-id: http://core.svn.wordpress.org/trunk@46044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-21 17:41:57 +00:00
Sergey Biryukov
31fca440bd Coding Standards: Add missing break for the default case in get_default_comment_status(().
Props itowhid06.
Fixes #48095.
Built from https://develop.svn.wordpress.org/trunk@46227


git-svn-id: http://core.svn.wordpress.org/trunk@46039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-21 13:50:58 +00:00
John Blackbourn
63c77a7826 Docs: Improve the docs for comment counting related functions.
See #47110, #48093

Built from https://develop.svn.wordpress.org/trunk@46223


git-svn-id: http://core.svn.wordpress.org/trunk@46035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-21 10:02:59 +00:00
Boone Gorges
da8a602ad6 Improve performance of trackback query in do_all_pings().
Previously, the direct SQL query used to identify trackbacks in
`do_all_pings()` performed poorly, due to an unindexed query against the
`to_ping` column. We improve performance in two ways. First, we switch
to using a postmeta flag for posts that require trackbacks to be sent;
queries joining against the postmeta table that check only the `meta_key`
are generally quite fast. Second, we switch to the use of `WP_Query`,
making the query cacheable and filterable using standard methods.

Props dshanske, spacedmonkey, janw.oostendorp, mrmadhat, birgire.
Fixes #36824.
Built from https://develop.svn.wordpress.org/trunk@46178


git-svn-id: http://core.svn.wordpress.org/trunk@45990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-19 02:06:56 +00:00
Boone Gorges
aa7d063af2 Use WP_Query when sending pingbacks.
Props dshanske, spacedmonkey, janw.oostendorp, mrmadhat, birgire.
See #36824.
Built from https://develop.svn.wordpress.org/trunk@46177


git-svn-id: http://core.svn.wordpress.org/trunk@45989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-19 02:00:55 +00:00
Boone Gorges
7c56b972cc Improve do_enclose() logic on post publish.
Removing the direct SQL query in `do_all_pings()` improves filterability.

As part of this change, the signature of `do_enclose()` is changed so that
a null `$content` parameter can be passed, with the `$content` then inferred
from the `$post` passed in the second parameter. In addition, the second
parameter was modified so that a post ID or a `WP_Post` object can be
provided. These changes make it possible to trigger enclosure checks with
a post ID alone (as in `do_all_pings()`) and also brings the function
signature in line with `do_trackbacks()` and `pingback()`.

Props dshanske, spacedmonkey, janw.oostendorp, mrmadhat, birgire.
See #36824.
Built from https://develop.svn.wordpress.org/trunk@46175


git-svn-id: http://core.svn.wordpress.org/trunk@45987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-19 01:49:56 +00:00
Sergey Biryukov
e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation.
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
Sergey Biryukov
d9954ed4cb Privacy: Add descriptions for sections in a personal data export file.
Props garrett-eclipse, Venutius, karmatosed.
Fixes #45491.
Built from https://develop.svn.wordpress.org/trunk@45825


git-svn-id: http://core.svn.wordpress.org/trunk@45636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-18 02:07:57 +00:00
Sergey Biryukov
7f7480cb2a Docs: Add missing description for $wp_query and $wp_the_query globals.
Props mukesh27.
See #45604, #47110.
Built from https://develop.svn.wordpress.org/trunk@45739


git-svn-id: http://core.svn.wordpress.org/trunk@45550 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-04 01:59:56 +00:00
Sergey Biryukov
8e85299a00 General: First pass at replacing Codex URLs with a corresponding HelpHub or DevHub article.
Props ianbelanger, tobifjellner, SergeyBiryukov.
See #47771.
Built from https://develop.svn.wordpress.org/trunk@45674


git-svn-id: http://core.svn.wordpress.org/trunk@45485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-25 22:45:57 +00:00
Sergey Biryukov
18bd01985b Coding Standards: Rename $r variable used with wp_parse_args() to $parsed_args for clarity.
Props freewebmentor.
Fixes #45059.
Built from https://develop.svn.wordpress.org/trunk@45667


git-svn-id: http://core.svn.wordpress.org/trunk@45478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-25 00:48:58 +00:00
Gary Pendergast
abcbee954f Coding Standards: Fix instances of WordPress.PHP.NoSilencedErrors.Discouraged.
Noteable changes:
- The `magic_quotes_runtime` and `magic_quotes_sybase` settings were removed in PHP 5.4, so no longer need to be set.
- Some functions that use external libraries can generate errors that can't be tested for, so are globally allowed to silence errors.
- Quite a few functions would cause errors if `safe_mode` was set. This setting was removed in PHP 5.4.
- Only a handful of `header()` calls needed corresponding `headers_sent()` checks for unit tests to pass, but more may need to be added as the nightlies builds are tested.

See #46732.

Built from https://develop.svn.wordpress.org/trunk@45611


git-svn-id: http://core.svn.wordpress.org/trunk@45422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-09 05:45:58 +00:00
Gary Pendergast
4803fc405e Coding Standards: Fix the Squiz.PHP.DisallowMultipleAssignments violations in wp-includes.
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45590


git-svn-id: http://core.svn.wordpress.org/trunk@45401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-02 23:42:58 +00:00
Sergey Biryukov
c77e771c84 Date/Time: Replace all instances of date() with gmdate().
Use of `date()` in core depends on PHP timezone set to UTC and not changed by third party code (which cannot be guaranteed).

`gmdate()` is functionally equivalent, but is not affected by PHP timezone setting: it's always UTC, which is the exact behavior the core needs.

Props nielsdeblaauw, Rarst.
Fixes #46438. See #44491.
Built from https://develop.svn.wordpress.org/trunk@45424


git-svn-id: http://core.svn.wordpress.org/trunk@45235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-26 00:12:54 +00:00
Sergey Biryukov
1e925a5ae3 PHPCS: Remove extra tabs added in [44970].
See #44237.
Built from https://develop.svn.wordpress.org/trunk@44972


git-svn-id: http://core.svn.wordpress.org/trunk@44803 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 21:36:51 +00:00
Sergey Biryukov
3de93dbc99 Comments: Introduce comment_flood_message and comment_duplicate_message filters for comment flood and duplicate comment error messages.
Props odminstudios, Katyatina, mukesh27.
Fixes #44237.
Built from https://develop.svn.wordpress.org/trunk@44970


git-svn-id: http://core.svn.wordpress.org/trunk@44801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 21:10:51 +00:00
Sergey Biryukov
0292de60ec Comments: Improve comment content filtering.
Built from https://develop.svn.wordpress.org/trunk@44842


git-svn-id: http://core.svn.wordpress.org/trunk@44674 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-12 22:30:50 +00:00
Gary Pendergast
4c425c87fa Comments: Show the "awaiting moderation" message when comment cookies are disabled.
The "Your comment is awaiting moderation." message relied upon the comment author cookie being set. However, since it's now possible to opt-out of that cookie, submitting a comment won't show the comment preview when the comment is placed in moderation.

To avoid this issue, we now include a hash in the redirect URL, allowing the site to identify that a preview of the moderated comment should be displayed.

Props imath, tomdxw, birgire, lakenh, azaozz, pento.
Fixes #43857.


Built from https://develop.svn.wordpress.org/trunk@44659


git-svn-id: http://core.svn.wordpress.org/trunk@44490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-21 01:34:51 +00:00
Boone Gorges
c9a275c4a9 Update since annotation on allow_empty_comment hook.
Originally introduced in [42661].

Fixes #16979.
Built from https://develop.svn.wordpress.org/trunk@44364


git-svn-id: http://core.svn.wordpress.org/trunk@44194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-28 13:42:50 +00:00
desrosj
268402cf53 PHP7.3 compatibility: Fix compact throwing notices.
In PHP 7.3, the `compact()` function has been changed to issue an `E_NOTICE` level error if a passed string refers to an unset variable. In previous versions of PHP, this notice was silently skipped. The full RFC can be viewed here: https://wiki.php.net/rfc/compact.

Props jorbin, desrosj.

Merges [43819] and [43832] to trunk.

Fixes #44416.
Built from https://develop.svn.wordpress.org/trunk@44166


git-svn-id: http://core.svn.wordpress.org/trunk@43996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 05:13:52 +00:00
Jeremy Felt
2dce718157 REST API: Move object type-specific metadata integrations from the wrapper functions to the low-level Meta API functions.
Object type-specific actions that should happen before or after modification of metadata have so far been part of the respective wrapper functions. By using action and filter hooks, this changeset ensures they are always executed, even when calling the lower-level Meta API functions directly, which the REST API does as a prime example.

Merges [43729] to trunk.

Props flixos90, spacedmonkey.
Fixes #44467.

Built from https://develop.svn.wordpress.org/trunk@43982


git-svn-id: http://core.svn.wordpress.org/trunk@43814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-12 03:02:24 +00:00
Gary Pendergast
56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Sergey Biryukov
9c084c6968 Posts, Post Types: Introduce edit_post_{$post->post_type} hook.
The hook fires before the general `edit_post` hook and has the same parameters.

It also complements the `save_post_{$post->post_type}` hook added in [25050].

Props Mte90, garrett-eclipse.
Fixes #34706.
Built from https://develop.svn.wordpress.org/trunk@43535


git-svn-id: http://core.svn.wordpress.org/trunk@43364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-25 20:57:25 +00:00
Andrew Ozz
cc1bfb1e55 Privacy: Don't replace comment author URL and email with anything.
Props TZ-Media, desrosj, birgire.
Fixes #44141.
Built from https://develop.svn.wordpress.org/trunk@43467


git-svn-id: http://core.svn.wordpress.org/trunk@43294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 09:00:25 +00:00
iandunn
fc800115a7 Privacy: Escape comment URLs in personal export file to prevent XSS.
There doesn't appear to be any way for an attacker to introduce malicious input into the URL, unless a plugin is filtering the URL to add it, but it's better to be safe than sorry.

Props birgire.
Fixes #44054.

Built from https://develop.svn.wordpress.org/trunk@43245


git-svn-id: http://core.svn.wordpress.org/trunk@43074 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-12 15:56:21 +00:00
iandunn
3d4c461e50 Privacy: Store plugin callbacks in associative array for flexibility.
The personal data export and erasure tools allow plugins to register their own callbacks, in order to add additional data to the export and erasure processes. Previously, these were registered without specifying a constant identifier in the array of callbacks. Using mutable integers makes it difficult for plugins to modify the callbacks of other plugins, though.

Using associative array keys instead provides a covenient and reliable way to identify and interact with another plugin's callbacks.

Props desrosj, allendav, ocean90.
Fixes #43931.

Built from https://develop.svn.wordpress.org/trunk@43154


git-svn-id: http://core.svn.wordpress.org/trunk@42983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 19:28:21 +00:00