Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-14 14:45:45 +01:00
Code Issues Projects Releases Wiki Activity
36,724 Commits 50 Branches 748 Tags 792 MiB
5f52157d46
Commit Graph

6479 Commits

Author SHA1 Message Date
John Blackbourn
3e77adc619 Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues. 
Merges [41457] to the 4.8 branch.

Built from https://develop.svn.wordpress.org/branches/4.8@41458


git-svn-id: http://core.svn.wordpress.org/branches/4.8@41291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 14:37:33 +00:00
John Blackbourn
846bd22a79 General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area. 
Merges [41399], with additions, to the 4.8 branch.

See #13377

Built from https://develop.svn.wordpress.org/branches/4.8@41412


git-svn-id: http://core.svn.wordpress.org/branches/4.8@41245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-19 10:21:16 +00:00
Sergey Biryukov
e88ec329f7 Accessibility: Avoid a keyboard trap on the permalink custom structure setting. 
Using the `focus` event on the permalink custom structure field made impossible
to navigate through all the form fields using only the keyboard without actually
selecting the custom structure setting. Instead, using click and input preserves
the original functionality when using any kind of pointing or input device.

Also changes `attr()` to `prop()` as recommended for a `checked` property.

Props afercia.
Fixes #40982.

Merges [40897] to the 4.8 branch.
Built from https://develop.svn.wordpress.org/branches/4.8@41024


git-svn-id: http://core.svn.wordpress.org/branches/4.8@40874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-07-10 23:16:32 +00:00
Sergey Biryukov
b59b5b9ab8 Comments: In WP_Comments_List_Table::extra_tablenav(), save the state of ::has_items() to a static variable, so that the value is consistent between top and bottom navigation. 
This prevents "Empty Spam" and "Empty Trash" buttons from disappearing if there's only one page of comments in Spam/Trash.

Fixes #40975.

Merges [41022] to the 4.8 branch.
Built from https://develop.svn.wordpress.org/branches/4.8@41023


git-svn-id: http://core.svn.wordpress.org/branches/4.8@40873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-07-10 23:09:34 +00:00
Dominik Schilling
439478f087 Upgrade: Add wp-includes/js/tinymce/plugins/wpembed to $_old_files. 
Merge of [40879] to the 4.8 branch.

See #39513, #40942.
Built from https://develop.svn.wordpress.org/branches/4.8@40880


git-svn-id: http://core.svn.wordpress.org/branches/4.8@40730 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-06-07 21:36:33 +00:00
Dominik Schilling
55497ccfd1 I18N: Improve translator comments for strings in the community events widget. 
Props dimadin, iandunn.
Fixes #40865.
Built from https://develop.svn.wordpress.org/trunk@40866


git-svn-id: http://core.svn.wordpress.org/trunk@40716 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-06-01 09:49:42 +00:00
Dominik Schilling
0e82284d87 Multisite: Revert indentation of the sample page content added in [40296]. 
Props swissspidy.
Fixes #40895.
Built from https://develop.svn.wordpress.org/trunk@40864


git-svn-id: http://core.svn.wordpress.org/trunk@40714 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-06-01 09:16:40 +00:00
Andrea Fercia
3aabc09e9c Administration: Fix some HTML validation errors. 
Fixes some minor HTML issues in the admin and, most notably, changes the rel
attribute used in the List Tables from `rel="permalink"` to `rel="bookmark"`.

Props mihai2u, pento, arena, topher1kenobe, michalzuber, stubgo.
Fixes #37004.

Built from https://develop.svn.wordpress.org/trunk@40823


git-svn-id: http://core.svn.wordpress.org/trunk@40680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-23 17:58:43 +00:00
Sergey Biryukov
da0a505497 Administration: Update the docs for wp_check_browser_version(). 
Correct `update_url` key name, add missing `platform` key.

Props coffee2code.
Fixes #40839.
Built from https://develop.svn.wordpress.org/trunk@40822


git-svn-id: http://core.svn.wordpress.org/trunk@40679 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-23 00:17:42 +00:00
Sergey Biryukov
2c5e9a34b2 Dashboard: Change the cache key for dashboard RSS widget; remove the unnecessary database upgrade routine. 
Props iandunn, ocean90.
See #40702.
Built from https://develop.svn.wordpress.org/trunk@40803


git-svn-id: http://core.svn.wordpress.org/trunk@40661 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-19 19:14:42 +00:00
Sergey Biryukov
a2788b09d5 Dashboard: Append the current locale to dashboard RSS widget cache key in wp_dashboard_rss_control(), for consistency with the changes to wp_dashboard_cached_rss_widget() in [33183] and [33192]. 
See #32804, #40702.
Built from https://develop.svn.wordpress.org/trunk@40802


git-svn-id: http://core.svn.wordpress.org/trunk@40660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-19 19:00:44 +00:00
Joe McGill
7d43d71800 Media: Ensure WP_Screen sets post type on wp-admin/upload.php. 
The post type property is set to 'attachment' when on the upload screen.

Props postpostmodern.
Fixes #39509.

Built from https://develop.svn.wordpress.org/trunk@40800


git-svn-id: http://core.svn.wordpress.org/trunk@40658 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-19 18:29:42 +00:00
Dominik Schilling
97e98a80f6 Dashboard: Use get_user_locale() for the news feed cache key. 
Since the feed URL can be localized the cache key has to be built with the same locale as the current user is using.

Props iandunn.
Fixes #40417.
Built from https://develop.svn.wordpress.org/trunk@40793


git-svn-id: http://core.svn.wordpress.org/trunk@40651 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-19 14:36:42 +00:00
Andrew Ozz
7a9ce6d03f Dashboard: Improve the handling of locations determined by geolocating the IP address and by entering a city name. Fix couple of edge cases, and some names. 
Props iandunn coreymckrill.
Fixes #40702.
Built from https://develop.svn.wordpress.org/trunk@40790


git-svn-id: http://core.svn.wordpress.org/trunk@40648 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-19 05:48:42 +00:00
Andrew Ozz
daab579a88 Dashboard: 
- Close the form after obtaining a valid location.
- Fix focusing the toggle button after closing the form.
- Fix aria attribute values.
- Fix positions in IE11.
- Some JS and CSS cleanup.

Props afercia, coreymckrill.
Fixes #40735.
Built from https://develop.svn.wordpress.org/trunk@40789


git-svn-id: http://core.svn.wordpress.org/trunk@40647 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-19 04:01:41 +00:00
Konstantin Obenland
8ef02e5ec7 Dashboard: Combine methods to retreive IP 
They're only used in one place, no reason to be so verbose about it.

See #40702.

Built from https://develop.svn.wordpress.org/trunk@40781


git-svn-id: http://core.svn.wordpress.org/trunk@40639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-18 17:34:42 +00:00
Konstantin Obenland
83187e8ea0 Dashboard: Document request proxy for events. 
Documents the reason why the request is proxied through WP, instead of being
made directly to api.wordpress.org.

Props iandunn, michelleweber.
See #40702.


Built from https://develop.svn.wordpress.org/trunk@40777


git-svn-id: http://core.svn.wordpress.org/trunk@40635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-18 14:44:43 +00:00
Konstantin Obenland
9bbbc719d4 Dashboard: Properly localize data for events 
Moves localization to script-loader and removes dependency for two strings.

Props dd32, iandunn.
See #40702.

Built from https://develop.svn.wordpress.org/trunk@40776


git-svn-id: http://core.svn.wordpress.org/trunk@40634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-18 14:34:43 +00:00
Konstantin Obenland
7cae389acc Dashboard: Always pass the IP when getting events 
Allows the API to determine event locations more accurately.

Props iandunn.
See #40702.

Built from https://develop.svn.wordpress.org/trunk@40774


git-svn-id: http://core.svn.wordpress.org/trunk@40632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-18 07:31:43 +00:00
Konstantin Obenland
71adf97a35 Upgrade: Use correct commit no. to trigger upgrade 
Props iandunn.
See [40607], #40702.

Built from https://develop.svn.wordpress.org/trunk@40773


git-svn-id: http://core.svn.wordpress.org/trunk@40631 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-17 22:03:46 +00:00
Aaron Campbell
38347d7c58 Add nonce for updating file system credentials. 
Built from https://develop.svn.wordpress.org/trunk@40723


git-svn-id: http://core.svn.wordpress.org/trunk@40581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-16 14:48:44 +00:00
Konstantin Obenland
68588821c3 Dashboard: Community events formatting improvements 
Props Soean.
See #40702.

Built from https://develop.svn.wordpress.org/trunk@40669


git-svn-id: http://core.svn.wordpress.org/trunk@40532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-15 09:44:43 +00:00
Konstantin Obenland
7328d561b1 Dashboard: Persist location for community events 
Fixes a bug where cached events & location data was not accessible because the
cache key could not be regenerated without latitude and longitude information.

Discovered and fixed during #wcber contributor day.

Props soean, kubik-rubik, obenland.
See #40702.
 

Built from https://develop.svn.wordpress.org/trunk@40651


git-svn-id: http://core.svn.wordpress.org/trunk@40514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-12 15:53:46 +00:00
Andrea Fercia
bab7eb143e Accessibility: Change the "Show details" links in the update core screen to buttons. 
These controls toggle the visibility of the update progress: they perform an action
therefore they should be buttons. Also:
- uses `aria-expanded` to communicate the toggle button state
- removes some inline JavaScript
- when clicking the toggle buttons, the progress details get moved with JavaScript after the button: this helps users of assistive technologies in finding them and makes the UI a bit more intuitive

Props Cheffheid, afercia.
See #26504.
Fixes #40453.

Built from https://develop.svn.wordpress.org/trunk@40646


git-svn-id: http://core.svn.wordpress.org/trunk@40507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-11 23:50:41 +00:00
Andrea Fercia
274596b8ef Accessibility: Add "(opens in a new window)" screen reader text to the "News-Nearby Events" dashboard widget footer links. 
- standardizes similar messages in core to always use `(opens in a new window)`
- adds translators comments
- hides the dashicons with `aria-hidden="true"`, see #40428

Fixes #40733.

Built from https://develop.svn.wordpress.org/trunk@40643


git-svn-id: http://core.svn.wordpress.org/trunk@40504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-11 22:47:41 +00:00
Pascal Birchler
33047ba14e Upgrade/Install: After [40394], rename wp_disallow_file_mods() to wp_is_file_mod_allowed(). 
This makes it more clear what this function is about.

Props Mte90.
Fixes #38673.

Built from https://develop.svn.wordpress.org/trunk@40638


git-svn-id: http://core.svn.wordpress.org/trunk@40499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-11 19:24:41 +00:00
Dominik Schilling
0cd74a6d6e Plugins: Don't strip line breaks and blockquote elements in the plugin information modal. 
Fixes #40679.
Built from https://develop.svn.wordpress.org/trunk@40633


git-svn-id: http://core.svn.wordpress.org/trunk@40494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-11 19:16:42 +00:00
Pascal Birchler
c000e99d6f Mail: Ensure entities are decoded in email change notifications on Multisite. 
Adds new tests to ensure this bug does not pop up again.

Props stephenharris.
Fixes #40015.

Built from https://develop.svn.wordpress.org/trunk@40632


git-svn-id: http://core.svn.wordpress.org/trunk@40493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-11 19:15:44 +00:00
Andrew Ozz
b952bf4eae Dashboard: Update the existing WordPress News dashboard widget to also include upcoming meetup events and WordCamps near the current user’s location. 
Props @afercia, @andreamiddleton, @azaozz, @camikaos, @coreymckrill, @chanthaboune, @courtneypk, @dd32, @iandunn, @iseulde, @mapk, @mayukojpn, @melchoyce, @nao, @obenland, @pento, @samuelsidler, @stephdau, @tellyworth.
See #40702.
Built from https://develop.svn.wordpress.org/trunk@40607


git-svn-id: http://core.svn.wordpress.org/trunk@40477 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-10 20:04:42 +00:00
Mike Schroder
391145df30 Media: Optionally return attachment id from media_sideload_image(). 
Introduces option to `$return` parameter to return the attachment id created after a successful image sideload.

Props slbmeh, kawauso, alexkingorg, SergeyBiryukov, georgestephanis, DrewAPicture, nacin, trepmal, mattheu, kraftbj, whyisjake, dotancohen, MrGregWaugh, danielbachhuber.
Fixes #19629.
Built from https://develop.svn.wordpress.org/trunk@40597


git-svn-id: http://core.svn.wordpress.org/trunk@40467 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-09 23:26:42 +00:00
Andrew Ozz
dd0d110520 TinyMCE: update to 4.6.0. Has many new features and bug fixes, changelog: https://www.tinymce.com/docs/changelog/#version460-may42017. 
Fixes #40690.
Built from https://develop.svn.wordpress.org/trunk@40583


git-svn-id: http://core.svn.wordpress.org/trunk@40453 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-08 05:32:46 +00:00
Andrea Fercia
98402b7c15 Administration: Restore missing spinner when installing a new language. 
Fixes #40478.

Built from https://develop.svn.wordpress.org/trunk@40579


git-svn-id: http://core.svn.wordpress.org/trunk@40449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-07 12:01:42 +00:00
Pascal Birchler
064e62cbea Cron API: Add a new wp_doing_cron() helper function. 
This replaces `DOING_CRON` checks via the constant.

Props tfrommen.
Fixes #39591.

Built from https://develop.svn.wordpress.org/trunk@40575


git-svn-id: http://core.svn.wordpress.org/trunk@40445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-06 14:30:40 +00:00
Andrea Fercia
1ca3b70929 Accessibility: Avoid a keyboard trap on the date and time custom format settings. 
Using the `focus` event on the date and time custom format fields made impossible
to navigate through all the form fields using only the keyboard without actually
selecting the custom format setting. Instead, using `click` and `input` preserves
the original functionality when using any kind of pointing or input device.

Fixes #40515.

Built from https://develop.svn.wordpress.org/trunk@40568


git-svn-id: http://core.svn.wordpress.org/trunk@40436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-02 20:03:42 +00:00
Andrea Fercia
f1be128cde Widgets: Improve the News dashboard widget no-js notice. 
In the rare case this notice was displayed, it was unstyled. Uses the notice 
error style to make it prettier and consistent with other no-js notices.
Also, some CSS clean-up.

Fixes #40529.

Built from https://develop.svn.wordpress.org/trunk@40556


git-svn-id: http://core.svn.wordpress.org/trunk@40425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-25 16:42:44 +00:00
Andrea Fercia
1d739a0925 Accessibility: Make some Widgets buttons real buttons. 
Links used as UI controls that behave like buttons, should be buttons.
- changes the widgets "toggle", "Delete", and "Close" links to buttons
- uses `aria-expanded` to announce the state of the toggle buttons
- increases a bit the clickable area of the toggle
- ensures the "circular focus" doesn't get cut-off in some browsers by centering the toggle arrows
- uses a `<span>` element with an `aria-hidden` attribute to hide CSS generated font icons from assistive technologies
- standardizes on `.toggle-indicator:before` rather than `:after`
- changes two `#f00` reds in `#dc3232`, see #35622

Fixes #31476.

Built from https://develop.svn.wordpress.org/trunk@40480


git-svn-id: http://core.svn.wordpress.org/trunk@40356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-19 21:14:44 +00:00
Andrew Ozz
d0e4448257 Editor: Provide API for the editor to be dynamically instantiated via JS. First run. 
See: #35760
Built from https://develop.svn.wordpress.org/trunk@40476


git-svn-id: http://core.svn.wordpress.org/trunk@40352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-19 02:38:44 +00:00
Sergey Biryukov
9fb2e79b57 Posts, Post Types: In wp_check_post_lock(), check if the user with lock exists and return false otherwise. 
Props arshidkv12, 1naveengiri.
Fixes #39888.
Built from https://develop.svn.wordpress.org/trunk@40424


git-svn-id: http://core.svn.wordpress.org/trunk@40322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-13 23:09:43 +00:00
Sergey Biryukov
bef3ff1377 Posts, Post Types: Improve the docs for wp_check_post_lock() and wp_set_post_lock(). 
See #39888.
Built from https://develop.svn.wordpress.org/trunk@40423


git-svn-id: http://core.svn.wordpress.org/trunk@40321 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-13 23:02:42 +00:00
Sergey Biryukov
902b91400d Administration: Add "(link opens in a new window)" as a screen reader text for "Preview" link on Edit Post screen. 
Props rianrietveld.
Fixes #40185.
Built from https://develop.svn.wordpress.org/trunk@40422


git-svn-id: http://core.svn.wordpress.org/trunk@40320 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-13 22:42:43 +00:00
Felix Arntz
45b64ba2ff Multisite: Replace unnecessary is_super_admin() check when setting up the initial network. 
When using `is_super_admin()` in a non-multisite environment, the function is supposed to check for administrator capabilities. The process of querying all users and filtering them with that function can be optimized by only querying users with the administrator role instead.

Fixes #40406. See #37616.

Built from https://develop.svn.wordpress.org/trunk@40406


git-svn-id: http://core.svn.wordpress.org/trunk@40313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-10 22:00:43 +00:00
Felix Arntz
9354ea683f Multisite: Introduce an upgrade_network capability. 
Prior to this change, a mix of `is_super_admin()` calls and `manage_network` capability checks was used to determine whether the current user could upgrade the network. With this changeset a dedicated capability is introduced that allows more granular handling.

Props dhanendran for the original patch.
Fixes #39205. See #37616.

Built from https://develop.svn.wordpress.org/trunk@40404


git-svn-id: http://core.svn.wordpress.org/trunk@40311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-10 21:11:43 +00:00
Joe McGill
4e1f22bf78 Fix broken audio/video functions when sanitizing ID3 data 
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

Fixes #40075, #40085.

Built from https://develop.svn.wordpress.org/trunk@40400


git-svn-id: http://core.svn.wordpress.org/trunk@40307 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-10 01:28:47 +00:00
Pascal Birchler
8473f9ef66 Upgrade/Install: Introduce wp_disallow_file_mods() helper function. 
This is a wrapper around the checks for the `DISALLOW_FILE_MODS` constant to determine whether file modifications are disallowed.

Props MaximeCulea.
Fixes #38673.

Built from https://develop.svn.wordpress.org/trunk@40394


git-svn-id: http://core.svn.wordpress.org/trunk@40301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-07 14:36:50 +00:00
John Blackbourn
0c2338fab2 Networks and Sites: Align the display of site statuses on the Sites listing screen with those of posts on the Posts listing screen. 
Fixes #40290

Built from https://develop.svn.wordpress.org/trunk@40393


git-svn-id: http://core.svn.wordpress.org/trunk@40300 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-07 13:51:43 +00:00
Sergey Biryukov
f884d7973b Posts, Post Types: Introduce post_date_column_status filter for post status text in list tables' Date column. 
Props pbearne.
Fixes #39545.
Built from https://develop.svn.wordpress.org/trunk@40361


git-svn-id: http://core.svn.wordpress.org/trunk@40268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-01 14:07:44 +00:00
Jeremy Felt
fa3dc867e7 Multisite: Add deleted_blog action after site has been deleted. 
Props pauldewouters, johnjamesjacoby.
Fixes #25584.

Built from https://develop.svn.wordpress.org/trunk@40351


git-svn-id: http://core.svn.wordpress.org/trunk@40258 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-30 04:31:44 +00:00
Sergey Biryukov
633ce094a1 Taxonomy: Fix typo in $aria_checked variable name in Walker_Category_Checklist::start_el(). 
Props dhanendran.
Fixes #40295.
Built from https://develop.svn.wordpress.org/trunk@40348


git-svn-id: http://core.svn.wordpress.org/trunk@40255 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-29 11:22:47 +00:00
John Blackbourn
37a638ae8a Users: Don't push the current user's role to the top of the list in wp_dropdown_roles(). 
This brings consistency to the order in which roles are displayed in the `Roles` dropdown when editing users.

Props bor0

Fixes #40162

Built from https://develop.svn.wordpress.org/trunk@40323


git-svn-id: http://core.svn.wordpress.org/trunk@40230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-24 14:53:46 +00:00
Weston Ruter
84ed6f665f Customize: Prevent links to customize.php from being generated which have query vars from wp_removable_query_args() present. 
Props dlh.
See #23367, #32692.
Fixes #31850.

Built from https://develop.svn.wordpress.org/trunk@40313


git-svn-id: http://core.svn.wordpress.org/trunk@40220 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-03-22 23:04:42 +00:00