This removes the fallbacks in `wp_get_attachment_image()` and in
`wp.media.string.props` which attempt to generate an `alt` value
from the image caption or title if an `alt` attribute isn't explicitly
set.
This allows for image HTML to be generated that contains an empty `alt`
value, i.e., `alt=""` which is much preferable for screen readers than
reading redundant content in the case of a caption, or when reading the
image title, which is often generated from the filename and not helpful
as `alt` text.
Props odie2, joedolson, rianrietveld, afercia, iamjolly, joemcgill.
Fixes#34635.
Built from https://develop.svn.wordpress.org/trunk@38812
git-svn-id: http://core.svn.wordpress.org/trunk@38755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Remove the calls to getBookmark() and moveToBookmark() in IE. This is handled automatically when blurring and focusing the editor.
- When inserting a link, move it out of the caret position element. If not, it may be removed with that element on clean-up before save.
Fixes#38335.
Built from https://develop.svn.wordpress.org/trunk@38808
git-svn-id: http://core.svn.wordpress.org/trunk@38751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- When editing pages, add body class with the page template, or `page-template-default`.
- Change the page template class when the users select another template, similarly to changing the post type class for posts.
Props webmandesign.
Fixes#37599.
Built from https://develop.svn.wordpress.org/trunk@38803
git-svn-id: http://core.svn.wordpress.org/trunk@38746 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the Menus screen, events that trigger the posts-categories search need to be
delegated. This "boxes" may get dynamically rebuilt so events directly attached
to the search input field need to be delegated.
Fixes#38324.
Built from https://develop.svn.wordpress.org/trunk@38799
git-svn-id: http://core.svn.wordpress.org/trunk@38742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Replace suggest.js with UI Autocomplete.
- Use the same settings like in the editor link toolbar.
- Abstract it and add in a new file, tags-suggest.js. Then make it a dependency for the Tags postbox(es) and Quick and Bulk Edit.
- Add `data-wp-taxonomy` on all input elements to improve handling in the UI for custom taxonomies.
Props afercia, azaozz.
See #33902.
Built from https://develop.svn.wordpress.org/trunk@38797
git-svn-id: http://core.svn.wordpress.org/trunk@38740 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes the Add Themes toolbar padding. Standardizes the placeholders to no title
case and three trailing dots. Expands the Media search placeholder in
"Search media items..." for consistency with the Plugins and Themes toolbars.
Props mikeviele, jamesacero, mattking5000, koenschipper, dungengronovius.
Fixes#38010.
Built from https://develop.svn.wordpress.org/trunk@38795
git-svn-id: http://core.svn.wordpress.org/trunk@38738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress 4.4 introduced "hyphen exclusion" for search terms, so that
"foo -bar" would return posts containing "foo" AND not containing "bar".
The new filter 'wp_query_use_hyphen_for_exclusion' allows developers
to disable this feature when it's known that their content will contain
semantically important leading hyphens.
Props chriseverson, choongsavvii.
Fixes#38099.
Built from https://develop.svn.wordpress.org/trunk@38792
git-svn-id: http://core.svn.wordpress.org/trunk@38735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This function was originally introduced to fix an XSS attack in Netscape 4, which never affected any other browsers, or later versions of Netscape.
I'm willing to go out on a limb, and say that we've officially dropped security support for Netscape 4.
Props dmsnell, desrosj.
Fixes#33848.
Built from https://develop.svn.wordpress.org/trunk@38785
git-svn-id: http://core.svn.wordpress.org/trunk@38728 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[38776] introduced a call to `get_term()` using only the term ID. This
causes problems in cases where shared terms have not been split. Since
we have the taxonomy available, there's no harm in passing it along to
`get_term()`.
Props dd32.
See #37291.
Built from https://develop.svn.wordpress.org/trunk@38779
git-svn-id: http://core.svn.wordpress.org/trunk@38722 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since 4.4, comment submission has been mostly abstracted into a function,
rather than being processed inline in wp-comments-post.php. This change
made it easier to write automated tests against the bulk of the comment
submission process. `wp_allow_comment()` remained untestable, however:
when a comment failed one of its checks (flooding, duplicates, etc),
`die()` or `wp_die()` would be called directly. This shortcoming posed
problems for any application attempting to use WP's comment verification
functions in an abstract way - from PHPUnit to the REST API.
The current changeset introduces a new parameter, `$avoid_die`, to the
`wp_new_comment()` stack. When set to `true`, `wp_new_comment()` and
`wp_allow_comment()` will return `WP_Error` objects when a comment check
fails. When set to `false` - the default, for backward compatibility -
a failed check will result in a `die()` or `wp_die()`, as appropriate.
Prior to this changeset, default comment flood checks took place in the
function `check_comment_flood_db()`, which was hooked to the
'check_comment_flood' action. This design allowed the default comment
flood routine to be bypassed or replaced using `remove_action()`.
In order to maintain backward compatibility with this usage, while
simultaneously converting the comment flood logic into something that
returns a value rather than calling `die()` directly,
`check_comment_flood_db()` has been changed into a wrapper function for
a call to `add_filter()`; this, in turn, adds the *actual* comment flood
check to a new filter, 'wp_is_comment_flood'. Note that direct calls
to `check_comment_flood_db()` will no longer do anything in isolation.
Props websupporter, rachelbaker.
Fixes#36901.
Built from https://develop.svn.wordpress.org/trunk@38778
git-svn-id: http://core.svn.wordpress.org/trunk@38721 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since [37573], `get_object_term_cache()` has expected term IDs to be
stored in the taxonomy relationship cache. The function would then
reach directly into the 'terms' cache to fetch the data corresponding
to a given term, before returning a `WP_Term` object. This caused
problems when, for one reason or another, term data was cached
inconsistently:
* If the 'terms' cache is empty for a given term ID, despite the earlier call to `_prime_term_caches()`, `get_term()` would return an error object.
* If the array of cached term IDs contains an invalid ID, `get_term()` would return an error object.
We avoid these errors by no longer touching the 'terms' cache directly,
but running term IDs through `get_term()` and allowing that function to
reference the cache (and database, as needed). If `get_term()` returns
an error object for any of the cached term IDs, `get_object_term_cache()`
will return that error object alone. This change ensures that upstream
functions, like `get_the_terms()`, return `WP_Error` objects in a
predictable fashion.
Props dd32, michalzuber.
Fixes#37291.
Built from https://develop.svn.wordpress.org/trunk@38776
git-svn-id: http://core.svn.wordpress.org/trunk@38719 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the Menus screen, the links to move menu items behave like buttons: they
perform an action so they should be real buttons to be correctly reported to
assistive technologies. Since they're logically grouped controls, they should
also be wrapped in a `<fieldset>` element for better semantics and accessibility.
Props Cheffheid.
Fixes#35578.
Built from https://develop.svn.wordpress.org/trunk@38770
git-svn-id: http://core.svn.wordpress.org/trunk@38713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Although unlikely, clashes in randomly generated strings could cause unexpected failures. In addition, most randomness is entirely unnecessary, is bad practice, and increases test time (however small it may be).
See #37371
Built from https://develop.svn.wordpress.org/trunk@38762
git-svn-id: http://core.svn.wordpress.org/trunk@38705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The position of this template within the hierarchy is of so little use that zero themes in the WordPress.org theme directory make use of it. It's second only to `index.php` in the hierarchy, meaning that any archive template such as `category.php` or `archive.php` will be chosen before it.
Fixes#38162
Props ryankienstra for initial patch
Built from https://develop.svn.wordpress.org/trunk@38755
git-svn-id: http://core.svn.wordpress.org/trunk@38698 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If a plugin attempts to change the rewrite rules to early, other plugins may have their rules inadvertently discarded. Additionally, some function such as `url_to_post_id` cause a rewrite rule lookup that could cause this accidental flushing. This forces the flushing to only occur once `wp_loaded` has been fired.
Fixes#37892.
Props Chouby.
Built from https://develop.svn.wordpress.org/trunk@38751
git-svn-id: http://core.svn.wordpress.org/trunk@38694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Removes special handling for `edit-tags.php` which is no longer required because of `term.php`. Related: [34202] and [36308].
* Sets `$referer` to `$_SERVER['REQUEST_URI']` because `wp_get_referer()` returns false if `$_SERVER['REQUEST_URI'] === $_REQUEST['_wp_http_referer']`.
* Sets `paged` always to `$pagenum` which is the value of `$wp_list_table->get_pagenum();`. This avoids an additional redirect when you delete an item which was previously on the last page.
Fixes#38194.
Built from https://develop.svn.wordpress.org/trunk@38750
git-svn-id: http://core.svn.wordpress.org/trunk@38693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changes the global `$wp_taxonomies` to an array of `WP_Taxonomy ` objects. `WP_Taxonomy ` includes methods to handle rewrite rules and hooks.
Each taxonomy argument becomes a property of `WP_Taxonomy`. Introducing such a class makes further improvements in the future much more feasible.
Props boonebgorges for review.
Fixes#36224. See #36217.
Built from https://develop.svn.wordpress.org/trunk@38747
git-svn-id: http://core.svn.wordpress.org/trunk@38690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When editing a plugin file, show the correct plugin as being edited in the dropdown with the correct activation status.
Props aniketpant, dd32, DrewAPicture, jayarjo, MattyRob, mt8.biz, solarissmoke, swissspidy, WraithKenny.
Fixes#24122, #17552.
Built from https://develop.svn.wordpress.org/trunk@38745
git-svn-id: http://core.svn.wordpress.org/trunk@38688 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Trashed posts cannot be accessed by site visitors and thus should not be visible on the front end. By marking menu items of trashed posts as invalid, they are excluded from the output.
Props solarissmoke, swissspidy.
Fixes#19038.
Built from https://develop.svn.wordpress.org/trunk@38744
git-svn-id: http://core.svn.wordpress.org/trunk@38687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use the value of the `comment_order` setting to determine the date_query key to pass to `WP_Comment_Query`.
Fixes a bug where sites that had comments ordered "newest" first would have the incorrect page number returned.
Props tyxla, boonebgorges.
Fixes#31101.
Built from https://develop.svn.wordpress.org/trunk@38740
git-svn-id: http://core.svn.wordpress.org/trunk@38683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Making behavior changes based on some broad definition of what mobile is rarely, if ever, makes sense. Each bit of functionality should be more clearly targeted, whether that's for screen size, performance, or some kind of touch capability.
props akibjorklund.
see #33704.
Built from https://develop.svn.wordpress.org/trunk@38739
git-svn-id: http://core.svn.wordpress.org/trunk@38682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the 'comment_whitelist' option is enabled and the commenter is an authenticated user, query for the existence of an approved comment with a matching `user_id`. This allows authenticated users that have changed their email address to bypass having their comment held for moderation.
Props voldemortensen, rachelbaker.
Fixes#28603.
Built from https://develop.svn.wordpress.org/trunk@38738
git-svn-id: http://core.svn.wordpress.org/trunk@38681 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Following [38625], any media searches that already included JOINs,
e.g., `tax_queries`, would get trampled when we joined the post meta
table to search for filenames. This preserves existing JOINs and
also only applies the `_filter_query_attachment_filenames()` filter
when a search query is being performed.
Props flixos90, joemcgill.
Fixes#22744.
Built from https://develop.svn.wordpress.org/trunk@38733
git-svn-id: http://core.svn.wordpress.org/trunk@38676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes#38070, #37733 by reverting part of [38429] and using the fix in Requests.
Fixes#37992 allowing for connecting to SSL resources on ports other than 443.
Fixes#37991 by not sending default ports in the `Host:` header.
Fixes#37839 to match and decode Chunked responses correctly.
Fixes#38232 allowing a SSL connection to ignore the hostname of the certificate when verification is disabled.
Built from https://develop.svn.wordpress.org/trunk@38727
git-svn-id: http://core.svn.wordpress.org/trunk@38670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[38694] revealed some URL formats were been parsed incorrectly, including those used by Google Fonts. This change simplifies the function to use placeholder values which cause PHP's parsing to behave consistently.
Props jrf, peterwilsoncc.
Fixes#36356.
Built from https://develop.svn.wordpress.org/trunk@38726
git-svn-id: http://core.svn.wordpress.org/trunk@38669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
New parameters are: `login`, `login__in`, `login__not_in`, `nicename`,
`nicename__in`, `nicename__not_in`.
`login__in` and `nicename__in` are also now valid values for the
'orderby' parameter.
Props ryanplas.
Fixes#36624.
Built from https://develop.svn.wordpress.org/trunk@38715
git-svn-id: http://core.svn.wordpress.org/trunk@38658 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The addition of the `pre_do_shortcode_tag` in [38506] allows plugins to short-circuit the shortcode execution process, which is particularly helpful for caching expensive shortcodes.
The `do_shortcode_tag` is the corresponding part of that system - when a shortcode hasn't been executed previously, there needs to be a clean method of populating the cache.
Props flixos90.
Fixes#32790.
Built from https://develop.svn.wordpress.org/trunk@38713
git-svn-id: http://core.svn.wordpress.org/trunk@38656 1a063a9b-81f0-0310-95a4-ce76da25c4cd