Commit Graph

37133 Commits

Author SHA1 Message Date
Sergey Biryukov
649eb34d2a Login and Registration: Replace home URL in password reset email with the site name to avoid confusing the user with multiple links.
Props Presskopp, code-monkey.
Fixes #38328.
Built from https://develop.svn.wordpress.org/trunk@41578


git-svn-id: http://core.svn.wordpress.org/trunk@41411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 11:44:46 +00:00
Sergey Biryukov
b844c63db0 Customize: Tweak "New Custom HTML Widget" pointer text to be a bit less informal and more inclusive.
Props birgire, mrasharirfan, danieltj.
Fixes #41798.
Built from https://develop.svn.wordpress.org/trunk@41577


git-svn-id: http://core.svn.wordpress.org/trunk@41410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 11:26:46 +00:00
Sergey Biryukov
c28cc57f3b Quick/Bulk Edit: Remove duplicate inline-edit-{$screen->post_type} CSS class from Quick Edit table rows.
Props ibachal.
Fixes #41906.
Built from https://develop.svn.wordpress.org/trunk@41576


git-svn-id: http://core.svn.wordpress.org/trunk@41409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 11:02:46 +00:00
Sergey Biryukov
77f011704e XML-RPC: Update the string in test_parent_for_nonhierarchical() to match the string added in [41574].
Props netweb.
Fixes #41637.
Built from https://develop.svn.wordpress.org/trunk@41575


git-svn-id: http://core.svn.wordpress.org/trunk@41408 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 08:20:49 +00:00
Sergey Biryukov
b8edb91f43 I18N: Merge two similar "Cannot set parent term" error strings.
Props ramiy.
Fixes #41637.
Built from https://develop.svn.wordpress.org/trunk@41574


git-svn-id: http://core.svn.wordpress.org/trunk@41407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 22:08:46 +00:00
Sergey Biryukov
6fa2cea232 Docs: Add @access private entries for _get_component_from_parsed_url_array() and _wp_translate_php_url_constant_to_key().
Props ajayghaghretiya1.
Fixes #41282.
Built from https://develop.svn.wordpress.org/trunk@41573


git-svn-id: http://core.svn.wordpress.org/trunk@41406 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 22:00:47 +00:00
Sergey Biryukov
bcb126292c I18N: Merge two similar error strings.
Props ramiy.
Fixes #39172.
Built from https://develop.svn.wordpress.org/trunk@41572


git-svn-id: http://core.svn.wordpress.org/trunk@41405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 20:55:45 +00:00
Andrew Ozz
58b769a057 Plupload: also delete plupload.full.min.js when updating.
See #41755.
Built from https://develop.svn.wordpress.org/trunk@41571


git-svn-id: http://core.svn.wordpress.org/trunk@41404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 20:48:46 +00:00
Andrew Ozz
41ad3f294f Plupload: minify and load plupload.js and moxie.js separately to make them easier to debug.
Props gmariani405, azaozz.
Fixes #41755.
Built from https://develop.svn.wordpress.org/trunk@41570


git-svn-id: http://core.svn.wordpress.org/trunk@41403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 20:10:48 +00:00
Sergey Biryukov
b07cffe99a Media: Improve the preview of transparent images in Attachment Details modal by using CSS3 to show a checkered background.
Props powerzilly, stevepuddick.
Fixes #41948.
Built from https://develop.svn.wordpress.org/trunk@41569


git-svn-id: http://core.svn.wordpress.org/trunk@41402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 19:57:47 +00:00
Sergey Biryukov
7c4cdbff27 Admin CSS: Autoprefixer for [41329].
See #39662.
Built from https://develop.svn.wordpress.org/trunk@41568


git-svn-id: http://core.svn.wordpress.org/trunk@41401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 19:51:47 +00:00
Sergey Biryukov
ba67e5f09c Docs: Correct filename references in duplicate hook comments for post_password_required filter.
Props coffee2code.
Fixes #41959.
Built from https://develop.svn.wordpress.org/trunk@41567


git-svn-id: http://core.svn.wordpress.org/trunk@41400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 18:34:45 +00:00
Sergey Biryukov
c2dcfa5278 Help/About: Tweak Help tabs on Users screen for consistency with Posts screen.
Props bnap00, Arena94.
Fixes #40553.
Built from https://develop.svn.wordpress.org/trunk@41566


git-svn-id: http://core.svn.wordpress.org/trunk@41399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 18:31:48 +00:00
Sergey Biryukov
f69b784ec7 Embeds: Introduce embed_thumbnail_id filter for thumbnail image ID in the embed template.
Props ketuchetan, Dency, jontyravi, Ov3rfly.
Fixes #39759.
Built from https://develop.svn.wordpress.org/trunk@41565


git-svn-id: http://core.svn.wordpress.org/trunk@41398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 17:35:48 +00:00
Sergey Biryukov
5046ef73c3 Docs: Correct description for insert_user_meta filter.
Props milana_cap, desrosj.
Fixes #41951.
Built from https://develop.svn.wordpress.org/trunk@41564


git-svn-id: http://core.svn.wordpress.org/trunk@41397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 13:14:45 +00:00
Sergey Biryukov
4db08514ea Taxonomy: Convert tag cloud in Tags meta box to a list (<ul>) for better semantics and accessibility.
An unordered list allows screen reader users to know in advance how many tags are within the list.

Props audrasjb, afercia.
Fixes #40187.
Built from https://develop.svn.wordpress.org/trunk@41563


git-svn-id: http://core.svn.wordpress.org/trunk@41396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 11:28:44 +00:00
Sergey Biryukov
fff6cc8fc8 Docs: Change $args to $r in the DocBlock for http_api_debug filter to match the variable name.
Props bor0, ronakganatra.
Fixes #41379.
Built from https://develop.svn.wordpress.org/trunk@41562


git-svn-id: http://core.svn.wordpress.org/trunk@41395 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 09:33:47 +00:00
Weston Ruter
bf1eb1b505 Plugin Editor: Use include_once instead of include in plugin_sandbox_scrape() to fix unit tests broken with [41560].
See #39766.

Built from https://develop.svn.wordpress.org/trunk@41561


git-svn-id: http://core.svn.wordpress.org/trunk@41394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 02:01:45 +00:00
Weston Ruter
aff467e1cb Plugin Editor: Improve reliability of detecting PHP fatal errors when editing an active plugin.
* Invalidate PHP opcache after file is updated to ensure `include` will ''include'' the written changes.
* Define `WP_ADMIN` when activating plugin in sandbox so plugin code targeting admin will be loaded.
* Do actions that get triggered when loading the admin to ensure plugin code runs that could cause errors on plugin editor screen (and lock out access).
* Fix ability to re-activate a plugin after editing a PHP file other than the main plugin file, and ensure PHP fatal error will be displayed in such cases.
* Consolidate duplicated code into `plugin_sandbox_scrape()` and re-use in `activate_plugin()`.
* Show an error notice instead of a success notice when a file is updated but a plugin was deactivated due to a fatal error.
* Update style of warning when editing an active plugin to be styled as an actual warning notice.

See #12423, #21622.
Fixes #39766.

Built from https://develop.svn.wordpress.org/trunk@41560


git-svn-id: http://core.svn.wordpress.org/trunk@41393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 01:36:48 +00:00
Adam Silverstein
415e9379f9 Revisions: correct a timezone display issue.
When preparing the data for the revisions screen, add ' +0000' to the gmt date string before passing it thru `strtotime`.

Props biranit, nacin, buley.
Fixes #25365.

Built from https://develop.svn.wordpress.org/trunk@41559


git-svn-id: http://core.svn.wordpress.org/trunk@41392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 23:33:44 +00:00
Weston Ruter
f0b5c39bde Customize: Introduce extensible code editor Customizer control for CodeMirror.
* Adds `WP_Customize_Code_Editor_Control` and `wp.customize.CodeEditorControl()`.
* Control respects user preference for syntax highlighting, showing a textarea when user opts out.
* Code editor control takes the ad hoc code for Additional CSS and makes it reusable and extensible, for Additional CSS in core and plugins to use (such as Jetpack).
* Replace `settings` arg in `wp_enqueue_code_editor()` with separate args for `codemirror`, `csslint`, `jshint`, and `htmlhint`.
* Prefix `codemirror` script and style handles with `wp-` to prevent collisions, as also the object is exported as `wp.CodeMirror` in JS.
* Reduce indent size in Customizer code editor instances and Custom HTML widget to use tab size of 2 instead of 4 to save on space.

See #12423, #38707, #35395.
Fixes #41897.

Built from https://develop.svn.wordpress.org/trunk@41558


git-svn-id: http://core.svn.wordpress.org/trunk@41391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 23:04:45 +00:00
Adam Silverstein
43eb51d4a6 Customizer: retain aspect ration when cropping media w/ shift+click/drag.
Enforce a 1:1 ratio when holding the shift key and dragging in the image cropping tool in the customizer context.

Props melchoyce, mikeschroder.
Fixes #40211.

Built from https://develop.svn.wordpress.org/trunk@41557


git-svn-id: http://core.svn.wordpress.org/trunk@41390 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 22:45:44 +00:00
Adam Silverstein
220d5aec74 Login: Password reset - add hide icon & confirm weak password checkbox.
Extends the password features added in 4.3 to the password reset flow.

Props johnbillion, manolis09, umesh.nevase, Nikschavan.


Built from https://develop.svn.wordpress.org/trunk@41556


git-svn-id: http://core.svn.wordpress.org/trunk@41389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 21:29:48 +00:00
Konstantin Obenland
27536e99c5 Widgets: Improved sidebar mapping on theme switch
Builds on efforts brought forward in #17979.

This will send sidebars through three levels of mapping:

1. If both themes have only one sidebar, that gets mapped.
2. If both themes have sidebars with the same slug, they get mapped.
3. Sidebars that (even partially) match slugs from a similar kind of sidebar will get mapped.

Finally, if the theme has previously been active and we have a record of its 
sidebar configuration then, any unmapped sidebar will be restored to its 
previous state.

Props westonruter, obenland, alexvorn2, timmydcrawford.
See #39693.


Built from https://develop.svn.wordpress.org/trunk@41555


git-svn-id: http://core.svn.wordpress.org/trunk@41388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 18:46:46 +00:00
Andrew Ozz
76296ef657 Remove SWFUpload,
- Refactor swfupload.js to output a simple upload form, and handlers.js.
- Delete the SWFUpload plugins directory and swfupload.swf.
- Remove flash cookies "hack" from async-upload.php.

See #41752.
Built from https://develop.svn.wordpress.org/trunk@41554


git-svn-id: http://core.svn.wordpress.org/trunk@41387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 16:35:48 +00:00
Adam Silverstein
639d215300 REST API JS Client: Improve nonce handling, refresh stale nonce on sync.
Keep the nonce used for cookie based authentication fresh by pulling in and using any new nonce supplied in the response headers.

* Enable passing nonce to init so each api/endpoint can use a unique nonce.
* Store nonce for endpoint on endpointModel.
* New model helper `nonce()` retrieves a model's routeModel nonce.
* When a response header contains a nonce that doesn't match the stored nonce, replace it.

Fixes #40422.

Built from https://develop.svn.wordpress.org/trunk@41553


git-svn-id: http://core.svn.wordpress.org/trunk@41386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 12:58:45 +00:00
John Blackbourn
9aeedde6ae Multisite: Correct the docs for maybe_add_existing_user_to_blog().
See #41017

Built from https://develop.svn.wordpress.org/trunk@41552


git-svn-id: http://core.svn.wordpress.org/trunk@41385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 12:28:44 +00:00
Sergey Biryukov
da3e29eeba Docs: Use correct order of arguments in the DocBlock for WP_Hook::has_filter().
Props munyagu.
Fixes #41941.
Built from https://develop.svn.wordpress.org/trunk@41551


git-svn-id: http://core.svn.wordpress.org/trunk@41384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 10:00:48 +00:00
Weston Ruter
800ad7bd04 Customize: Let media control button labels better automatically reflect the specified MIME type.
Props Christian1012, celloexpressions, westonruter.
Fixes #38796.

Built from https://develop.svn.wordpress.org/trunk@41550


git-svn-id: http://core.svn.wordpress.org/trunk@41383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-20 21:24:46 +00:00
Weston Ruter
379e0371dd Widgets: Omit attributes from an Image widget's link when they are empty.
Props subrataemfluence, Nenad Obradovic, westonruter.
See #39993.
Fixes #41919.

Built from https://develop.svn.wordpress.org/trunk@41549


git-svn-id: http://core.svn.wordpress.org/trunk@41382 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-20 19:45:46 +00:00
Sergey Biryukov
6918752529 Twenty Seventeen: Document the type of $item argument in twentyseventeen_dropdown_icon_to_menu_link() more accurately.
Props ndoublehwp.
Fixes #41923.
Built from https://develop.svn.wordpress.org/trunk@41548


git-svn-id: http://core.svn.wordpress.org/trunk@41381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-20 18:15:46 +00:00
Weston Ruter
067970ca82 Widgets: Add Customizer preview support to the Category widget when navigating to a category via dropdown.
Switch to using a `form` that is submitted as opposed to making a direct JavaScript call to change the `window.location`. This ensures the Customizer is able to inject the customized state into the request.

Fixes #41671.

Built from https://develop.svn.wordpress.org/trunk@41547


git-svn-id: http://core.svn.wordpress.org/trunk@41380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-20 03:16:46 +00:00
Dominik Schilling
f2589e222e Taxonomy/Users: Use correct escaping function for URLs.
Built from https://develop.svn.wordpress.org/trunk@41522


git-svn-id: http://core.svn.wordpress.org/trunk@41355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 21:14:47 +00:00
Aaron Campbell
fc930d3dae Database: Hardening to bring wpdb::prepare() inline with documentation.
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.


Built from https://develop.svn.wordpress.org/trunk@41496


git-svn-id: http://core.svn.wordpress.org/trunk@41329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 17:56:45 +00:00
Aaron Campbell
5225e026ef Database: Don’t trigger _doing_it_wrong() for null values in wpdb::prepare().
While `wpdb::prepare()` does not support null values (see #12819) they still appear in the wild like in the WordPress Importer and other plugins.


Built from https://develop.svn.wordpress.org/trunk@41483


git-svn-id: http://core.svn.wordpress.org/trunk@41316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 16:06:45 +00:00
Aaron Campbell
70b2127909 Database: Hardening for wpdb::prepare()
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.


Built from https://develop.svn.wordpress.org/trunk@41470


git-svn-id: http://core.svn.wordpress.org/trunk@41303 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 14:48:47 +00:00
John Blackbourn
69de73224f Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues.
Built from https://develop.svn.wordpress.org/trunk@41457


git-svn-id: http://core.svn.wordpress.org/trunk@41290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 14:36:47 +00:00
Aaron Campbell
1115a36cda oEmbed: Add extra hardening around allowed HTML for improved sandboxing.
Built from https://develop.svn.wordpress.org/trunk@41448


git-svn-id: http://core.svn.wordpress.org/trunk@41281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 13:43:05 +00:00
John Blackbourn
e088205014 General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area.
Props kawauso, Mte90 for initial patches

Fixes #13377

Built from https://develop.svn.wordpress.org/trunk@41399


git-svn-id: http://core.svn.wordpress.org/trunk@41232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 10:11:43 +00:00
Dominik Schilling
9041e7a071 Taxonomy/Users: Provide a fallback for incorrect HTTP referrers.
Built from https://develop.svn.wordpress.org/trunk@41398


git-svn-id: http://core.svn.wordpress.org/trunk@41231 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 09:13:44 +00:00
Dominik Schilling
12694b6b92 Customize: Ensure valid themes in the preview.
Built from https://develop.svn.wordpress.org/trunk@41397


git-svn-id: http://core.svn.wordpress.org/trunk@41230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 08:39:45 +00:00
Dominik Schilling
83853f9fd2 TinyMCE: Improve the previews for shortcodes.
Built from https://develop.svn.wordpress.org/trunk@41395


git-svn-id: http://core.svn.wordpress.org/trunk@41228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 08:19:45 +00:00
Dominik Schilling
c2ead9d046 Editor: Prevent adding javascript: and data: URLs through the inline link dialog.
Built from https://develop.svn.wordpress.org/trunk@41393


git-svn-id: http://core.svn.wordpress.org/trunk@41226 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 08:01:45 +00:00
Weston Ruter
f6a26be345 Customize: Add notifications API to sections and panels.
* Adds a `notifications` property to instances of `wp.customize.Panel` and `wp.customize.Section`.
* Adds a `setupNotifications()` method to `Panel`, `Section`, and `Control`.
* Adds a `getNotificationsContainerElement()` method to the `Panel` and `Section` classes, like `Control` has.
* Replace hard-coded notification in header media section with a notification.
* Limit rendering notifications to panels and sections that are expanded, and to controls that have an expanded section.

See #34893, #35210, #38778.
Fixes #38794.

Built from https://develop.svn.wordpress.org/trunk@41390


git-svn-id: http://core.svn.wordpress.org/trunk@41223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 05:40:44 +00:00
Weston Ruter
d544ac92f0 Customize: Show notification error with "Your homepage displays" control when homepage and posts page are set to be the same (but not empty).
* Show global error notiafication when saving is blocked due to client-side setting invalidity.
* Refactor `wp.customize.Notifications#render()` to ensure a notification re-renders if its `message` or data changes but its `code` does not.

Props MatheusGimenez, sixhours, westonruter, karmatosed, aocean90, zoonini, michelleweber, melchoyce.
See #35210.
Fixes #21492.

Built from https://develop.svn.wordpress.org/trunk@41389


git-svn-id: http://core.svn.wordpress.org/trunk@41222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 00:46:45 +00:00
Weston Ruter
3abea17301 Customize: Add wp_is_uuid() validation function with optional second $version=4 parameter to enforce v4 random UUIDs.
Props jonathanbardo.
Fixes #39778.

Built from https://develop.svn.wordpress.org/trunk@41388


git-svn-id: http://core.svn.wordpress.org/trunk@41221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-18 23:04:44 +00:00
Weston Ruter
19e3d8bc41 Customize: Use input event instead of keyup or propertychange events when listening for changes in wp.customize.Element instances.
Ensures that a control's `Element` is updated in response to pasting into the field. Also fixes issue where inputs using "new" HTML5 types (like `url` and `number`) were not updating in the preview during keystrokes. The use of `input` was previously blocked due to needing to support IE9, but this is no longer a concern since IE<11 is no longer supported.

See #38845, #28477.
Fixes #35832.

Built from https://develop.svn.wordpress.org/trunk@41387


git-svn-id: http://core.svn.wordpress.org/trunk@41220 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-18 19:11:48 +00:00
Peter Wilson
10970701d7 Emoji: Invert value returned by UN test for accuracy.
The JavaScript testing for UN flag support was passing when it failed, and failing when it passes.

This inverts the result to take more traditional approach of returning the correct result.

Unprops Pento.
Fixes #41852.


Built from https://develop.svn.wordpress.org/trunk@41386


git-svn-id: http://core.svn.wordpress.org/trunk@41219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-17 22:52:47 +00:00
Weston Ruter
c8eb741afd Code Editor: Remove scrollIntoView of editor's cursor line upon focus to prevent jumping issues for editor scroll position.
See #41850, #41879.

Built from https://develop.svn.wordpress.org/trunk@41385


git-svn-id: http://core.svn.wordpress.org/trunk@41218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-17 03:58:44 +00:00
Weston Ruter
e5b3921ca4 Code Editor: Scroll the cursor line into view instead of the entire editor when focused.
See #41850.
Fixes #41879.

Built from https://develop.svn.wordpress.org/trunk@41384


git-svn-id: http://core.svn.wordpress.org/trunk@41217 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-17 03:35:47 +00:00