Add callback validation to HTML tag attributes for increased flexibility over an array of values only.
In `object` tags, validate the `data` attribute via a callback to ensure it is a PDF and matches the `type` attribute. This prevents mime type mismatches in browsers.
Follow up to [51963].
Props Pento, dd32, swissspidy, xknown, peterwilsoncc.
Fixes#54261.
Built from https://develop.svn.wordpress.org/trunk@52304
git-svn-id: http://core.svn.wordpress.org/trunk@51896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
To prevent potential false negatives, set `$error` to `null` initially, so we can better tell if it was ever changed during the sanitization and be able to better react if an empty string is added to it.
Additionally, and mainly for the sake of the Settings API at this point, add error messages to some `WP_Error` objects returned from `wpdb` methods that were previously causing the issues here.
Follow-up to [32791].
Props iCaleb, audrasjb, hellofromTonya, SergeyBiryukov.
Fixes#53986.
Built from https://develop.svn.wordpress.org/trunk@52294
git-svn-id: http://core.svn.wordpress.org/trunk@51886 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`sanitize_key()` expects a string type for the given `key`. Passing any other data type to `strtolower()` can result in `E_WARNING: strtolower() expects parameter 1 to be string, array given`.
A check is added that if the key is not a string, the key is set to an empty string. For performance, the additional string processing is skipped if the key is an empty string.
This change maintains backwards-compatibility for valid string keys while fixing the bug of non-string keys.
Props costdev, dd32.
Fixes#54160.
Built from https://develop.svn.wordpress.org/trunk@52292
git-svn-id: http://core.svn.wordpress.org/trunk@51884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Check for direct PHP flle access and only use `rename()` if true.
* Check whether the destination directory was successfully created.
* Clear the working directory so there is internal parity within the function between the results of a successful `rename()` and a fallback to `copy_dir()`.
* Use `move_dir()` in `WP_Upgrader::move_to_temp_backup_dir()` and `::restore_temp_backup()`.
Follow-up to [51815], [51898], [51899], [51902], [52192], [52284].
Props afragen, peterwilsoncc, dd32, SergeyBiryukov.
See #54166, #51857.
Built from https://develop.svn.wordpress.org/trunk@52289
git-svn-id: http://core.svn.wordpress.org/trunk@51881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Follow-up to [52287] which added an undefined variable. The variable should have been the global `wp.media.view.settings.infiniteScrolling`. This commit brings that global setting into each of the functions and renames the variable using camelCase to comply with JS coding standards.
Follow-up to [52287].
Props SergeyBiryukov.
Fixes#53765.
Built from https://develop.svn.wordpress.org/trunk@52288
git-svn-id: http://core.svn.wordpress.org/trunk@51880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Follow-up to [52167], which partially fixed a bug introduced in [50829] that caused media modal to only load the selected image.
This commit adds additional checks to ensure infinite scroll is disabled.
Follow-up to [50829], [52167].
Props dariak, joedolson, szaqal21.
Fixes#53765.
Built from https://develop.svn.wordpress.org/trunk@52287
git-svn-id: http://core.svn.wordpress.org/trunk@51879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a REST API to export site templates and template part as html files. When the REST API is requested, it responds by downloading a single ZIP file and exits early, without completing full request. To create the exported zip, the ZipArchive class is required. If this class is not present then the export will gracefully fail, returning a `WP_Error` object and 500 status error code.
Props spacedmonkey, youknowriad, Mamaduka, walbo, peterwilsoncc.
Fixes#54448 .
Built from https://develop.svn.wordpress.org/trunk@52286
git-svn-id: http://core.svn.wordpress.org/trunk@51878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Trying to schedule cron jobs before WordPress is installed results in DB errors, which is suboptimal.
This addresses a `Table 'wp_options' doesn't exist` error when running the installation with `WP_DEBUG` enabled.
Follow-up to [51815], [51898], [51899], [51902], [52192].
Props dlh, pbiron.
See #51857.
Built from https://develop.svn.wordpress.org/trunk@52284
git-svn-id: http://core.svn.wordpress.org/trunk@51876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit syncs minor changes for the default theme from its active development repository to core.
This is a follow up to [52081], [52107], [52164], and [52222]. It includes changes to template part markup, theme.json appearance flags, navigation block markup, and text domains. For a full set of changes, visit 742df6cb2b...1a121e0224.
Props poena, kjellr, onemaggie, hellofromtonya.
See #54318.
Built from https://develop.svn.wordpress.org/trunk@52283
git-svn-id: http://core.svn.wordpress.org/trunk@51875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[51962] and [51964] introduced two new functions: `rest_get_route_for_post_type_items()` and `rest_get_route_for_taxonomy_items()`. These functions replaced hardcoded references in all parts of core that reference taxonomy and post type rest controller endpoints. However, several instances were missed in the `wp-admin/site-editor.php` file.
This commit replaces those remaining hardcoded instances.
Follow-up to [51962], [51964], [52232].
Props spacedmonkey.
Fixes#54536.
Built from https://develop.svn.wordpress.org/trunk@52281
git-svn-id: http://core.svn.wordpress.org/trunk@51873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change removes the internationalization of the "Custom Styles" specific posts as the post title being hardcoded is consistent with `wp_template_part` and `wp_template` post types, and is not publicly visible, except in the database. Moreover, using consistent "Custom Styles" post title may make is easier to retrieve the related posts in the database.
Props antonvlasenko, audrasjb, desrosj, hellofromTonya.
Fixes#54518.
Built from https://develop.svn.wordpress.org/trunk@52280
git-svn-id: http://core.svn.wordpress.org/trunk@51872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For block themes (like Twenty Twenty-Two), Customizer menu item is removed and replaced with the Site Editor menu item. However, other links exist in the Dashboard's welcome panel "Customize Your Site" button and the "Customize" button in each theme listed in the Appearance > Themes interface.
This commit changes each of those remaining links to link to the Site Editor interface instead of the Customizer.
To help identify block vs non-block themes, two method methods are introduced in `WP_Theme`:
* `WP_Theme:: is_block_based()` which identifies if the theme is a block theme or not.
* `WP_Theme::get_file_path()` which is similar to `get_theme_file_path()` but uses the directories within the theme object.
Both of these new methods include test coverage including the addition of a parent and child block theme in test data.
Follow-up to [18749], [35483], [42013], [42169].
Props antonvlasenko, jameskoster, hellofromTonya, matveb, noisysocks, poena, sergeybiryukov.
Fixes#54460.
Built from https://develop.svn.wordpress.org/trunk@52279
git-svn-id: http://core.svn.wordpress.org/trunk@51871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update packages to include these bug fixes from Gutenberg:
- Include cascading properties in Navigation deprecation
- Reorganize e2e tests folders and file
- Border panel: Update to display multiple palette origins
- Add CSS fix for 33580
- Add: Uneditable duotone palette on the palette gradient panel
- Site Editor: Allow editing custom template title
- Writing Flow: Double escape unselects all blocks
- Fix icon scaling.
- [Block Library - Query Pagination Next/Previous]: Remove text and link color support
- Add: Border indication to global styles colors.
- Color Picker: Improve border, padding, and box shadow styles.
- theme.json: sort keys alphabetically
- Remove navigationArea context.
See #54487.
Built from https://develop.svn.wordpress.org/trunk@52277
git-svn-id: http://core.svn.wordpress.org/trunk@51869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the new menu items, global items and template controllers manually call the function `wp_after_insert_post()` to manually fire the action of the same name after all potential data is updated.
This accounts for the use case in which a theme or plugin developer has modified the endpoints use of either taxonomy or meta data.
The new parameter `$fire_after_hooks` is added to `wp_update_nav_menu_item()` to control whether the `wp_after_insert_post` action is fired when it in turn calls `wp_insert_post()`.
Props spacedmonkey, peterwilsoncc, zieladam.
Fixes#54536.
Built from https://develop.svn.wordpress.org/trunk@52276
git-svn-id: http://core.svn.wordpress.org/trunk@51868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update packages to include these bug fixes from Gutenberg:
- Update Pattern block category and add documentation
- Fix non existent menu handling in nav block
- Make Reusable blocks available in the Site Editor
- Add caching to WP_Theme_JSON_Resolver_Gutenberg::get_user_data_from_custom_post_type()
- theme.json: add appearanceTools flag to opt-in into appearance UI controls
- Update the block theme folders to templates and parts
- Remove reference to gutenberg_, swap with wp_
- Use table layout in templates list screen
- Update featured image placeholder graphic.
- [Inserter]: Adjust order of theme blocks and reorder inserter items
- Implement suitable fallback for Nav block on front end of site when no menu selected
- Toggle Group Control: add tooltip
- Use first non-empty Nav post as primary fallback for Nav block
- Change .nvmrc and documentation for Node.js version (LTS to 14.18.1)
- Update: Migrate global styles user database data on the rest endpoint
- Update global styles public API
- Update: Rename user preset origin to custom
- Try always generating navigation post title
- Show all templates and template parts on the site editor list screens
- Highlight "Site" in the navigation panel
- Fix template part slug generation when creating through the block placeholder
- [Block Library - Post Title]: Fix render error when setting Page to homepage
- Add 'Clear customizations' button to template list page
- Gallery v1: Allow clicks within replace media placeholder state
- Site Editor: Set the <title> on the list page to be same as the CPT name
- Gallery: Fix stuck image size options loader
- Cover: Fix undo trap
- Add success and error snackbars to the templates list page
- Fix: theme colors cannot override defaults
- Fix: Color palette is not being stored
- Add elements support to the typography panel in global styles
- Make links plural in global styles
- Add: Gradient palette editor
- Update some small style regressions in the template list
- Add: Transparency support on global styles colors
- Fix: apply by slug on all origins
- Render empty Nav block if no fallback block can be utilised
- Allow filtering of Nav block fallback
- Fix Nav block fallback DB query to match on full block grammar start tag
- Remove unstable max pages attribute from Nav block
- DateTimePicker: set PM hours correctly
- Update delete template button
- Site Editor: Template list add rename action
- Fix Nav block editing wrong entity on creation of new Menu
- [REST] Restore the missing double slash in the ID received by /templates
- Add icons to navigation sidebar items
- Update function names for the public global styles API functions
- Templates Controller: Add missing 'is_custom' prop
- Rename gutenberg_ to wp_ for some functions that land in WordPress 5.9
- [Block Library - Template Part]:Remove support for conversion to Reusable block
- Global Styles: Call "palettes" and not "color palettes" on panel label
- Add button text when no colors found
- Update: Global Styes: Count all color palette origins on the palette counter
- Rename navigationMenuId to ref
- Offset the parent iframe when computing Popover position
- Fix: Failing PHPUnit test
- Show theme, plugin or author in Added By column with appropriate icon or avatar
- Add origin and author to template rest api
See #54487.
Props talldanwp, mamaduka, oandregal.
Built from https://develop.svn.wordpress.org/trunk@52275
git-svn-id: http://core.svn.wordpress.org/trunk@51867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
r52272 erroneously modified `src/wp-includes/blocks/navigation.php`. This file
is copied from `@wordpress/block-library` and so must be updated via npm. This
commit restores the file by running `grunt build --dev`.
Follows [52272].
See #54506.
Built from https://develop.svn.wordpress.org/trunk@52273
git-svn-id: http://core.svn.wordpress.org/trunk@51865 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Navigation area were merged as part of full site editing and the new navigation block. This functionality is experimental and not currently used in WordPress core, so should be removed.
Props noisysocks, spacedmonkey, get_dave, zieladam.
Fixes#54506.
Built from https://develop.svn.wordpress.org/trunk@52272
git-svn-id: http://core.svn.wordpress.org/trunk@51864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For certain images, `wp_exif_frac2dec()` unexpectedly returned a string instead of `int` or `float`. This can occur when an image is missing meta and calls the function with `'0/0'`. For those images, a fatal error was thrown on PHP 8.0+:
{{{
TypeError: round(): Argument #1 ($num) must be of type int|float, string given
}}}
Upon deeper review, inconsistent and unexpected results were returned from different types of input values passed to the function.
Changes are:
* Maintains backwards-compatibility for valid input values.
* Fixes handling of invalid input values by bailing out to return the documented type of `int|float` by returning `0`.
* Improves the fractional conditional check.
* Improves the calculated fraction handling to ensure (a) the numerator and denominator are both numeric and (b) the denominator is not equal to zero.
* Safeguards the behavior via tests for all possible ways code could flow through the function.
* Safeguards the backwards-compatibility of the `wp_read_image_metadata()` by adding some defensive coding around the calls to the `wp_exif_frac2dec()` function.
These changes fix the fatal error and make the function more secure, stable, and predictable while maintaining backwards-compatibility for valid input values.
Follow-up to [6313], [9119], [22319], [28367], [45611], [47287].
Props adamsilverstein, jrf, peterwilsoncc, praem90, stevegs, tobiasbg.
Fixes#54385.
Built from https://develop.svn.wordpress.org/trunk@52269
git-svn-id: http://core.svn.wordpress.org/trunk@51861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that not only the return values match the expected results, but also that their type is the same.
Going forward, stricter type checking by using `assertSame()`, `assertSameSets()`, or `assertSameSetsWithIndex()` should generally be preferred, to make the tests more reliable.
Follow-up to [51003], [51079], [52062], [52265].
See #53364, #53363, #54335.
Built from https://develop.svn.wordpress.org/trunk@52266
git-svn-id: http://core.svn.wordpress.org/trunk@51858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Before this change, block stylesheets were enqueued although the corresponding blocks were not used in the current post, even if the `should_load_separate_core_block_assets` filter was set to `true`.
Props shimotomoki, devutpol, audrasjb.
Fixes#54457.
Built from https://develop.svn.wordpress.org/trunk@52262
git-svn-id: http://core.svn.wordpress.org/trunk@51854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change adds a check to ensure there is no spaces in block style variation names before generating the class. Returns `false` and a `_doing_it_wrong()` message if a space is detected.
Props amustaque97, costdev, hellofromtonya, pbiron, SergeyBiryukov, afragen.
Fixes#54296.
Built from https://develop.svn.wordpress.org/trunk@52261
git-svn-id: http://core.svn.wordpress.org/trunk@51853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As PHP 7.4 moved from active support to security support until 28 Nov 2022, and no discussions or decisions have been made yet on bumping the recommended version to PHP 8.0, this commit disables the failing assertion for now.
This should be revisited once WordPress achieves PHP 8.0 compatibility and the recommended PHP version in `readme.html` can be bumped, or another decision is made about this.
Follow-up to [26166], [33937], [33944], [33946], [35172], [39582], [39583], [40241], [46682], [46996], [46998].
Props costdev, audrasjb.
Fixes#54528.
Built from https://develop.svn.wordpress.org/trunk@52260
git-svn-id: http://core.svn.wordpress.org/trunk@51852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Instead of ignoring the output and catching it later with `getActualOutput()`, we can use `expectOutputRegex()` directly, which evaluates the output after the rest of the test code has run, if no unexpected errors were encountered.
Follow-up to [52173], [52253].
Props jrf.
See #53635, #53363.
Built from https://develop.svn.wordpress.org/trunk@52259
git-svn-id: http://core.svn.wordpress.org/trunk@51851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change performs the type safety check on `$term` before it is used to retrieve the taxonomy in `get_term_feed_link()`. It also updates the related DocBlock after [52255].
Follow up to [52255].
Props dlh.
Fixes#50225.
Built from https://develop.svn.wordpress.org/trunk@52258
git-svn-id: http://core.svn.wordpress.org/trunk@51850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change applies the alternative text assigned to the custom header image, if available. Otherwise, it leaves it empty. It fixes an issue where the alternative text was always the site title, which is not relevant in most use cases.
Props webmandesign, mukesh27, afercia, anevins, mikeschroder, nrqsnchz, audrasjb, sabernhardt, joedolson, Boniu91.
Fixes#46124.
Built from https://develop.svn.wordpress.org/trunk@52256
git-svn-id: http://core.svn.wordpress.org/trunk@51848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change fixes a backward compatibility issue introduced in [52180] where `get_term_feed_link()` did not honor the `$taxonomy` parameter anymore. Rather than using the default `category` taxonomy when passing a term ID in `get_term_feed_link()`, use the `WP_Term` object to get the taxonomy.
Follow-up to [52180].
Props hugod.
Fixes#50225.
Built from https://develop.svn.wordpress.org/trunk@52255
git-svn-id: http://core.svn.wordpress.org/trunk@51847 1a063a9b-81f0-0310-95a4-ce76da25c4cd