In [5983], a call to `clean_term_cache()` was removed from `wp_set_object_terms()`. Since then, the `$term_ids` array that had been populated inside one of the `foreach` loops before being passed to the removed `clean_term_cache()` call has not been used.
This change removes the unused `$term_ids` variable.
Follow-up to [5983].
Props dlh, mukesh27.
Fixes#61456.
Built from https://develop.svn.wordpress.org/trunk@58427
git-svn-id: http://core.svn.wordpress.org/trunk@57876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When saving options from the Settings page, include the `'ping_sites'` option in the allowed "writing" options list only when the `'blog_public'` option is `'1'`.
Fixes a PHP 8.1 and above "null to non-nullable" deprecation notice in `sanitize_option()` ([https://core.trac.wordpress.org/browser/trunk/src/wp-includes/formatting.php?annotate=blame#L4952 which happens when here] as part of [22255]):
{{{
Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in .../wp-includes/formatting.php
}}}
**Explanation**
[https://developer.wordpress.org/apis/options/#writing Per the documentation], the `ping_sites` option requires the `'blog_public'` option to have a value of `'1'` and must be a `string` data type. `null` is not valid for this option.
The relationship between the 2 options shows itself in the `options-writing.php` code ([https://core.trac.wordpress.org/browser/tags/6.5.4/src/wp-admin/options-writing.php#L233 shown here] and in [4326]), as the `textarea#ping_sites` only renders when `'1' === get_option( 'blog_public' )`.
**What happens if `'blog_public'` is not `'1'`?**
The `'ping_sites'` option will not be a field on the page. Upon saving:
* HTTP POST (`$_POST`) does not include `'ping_sites'`.
* Before this commit:
* The [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/options.php#L333 option's value was set to] `null` before being passed to `update_option()`.
* `update_option()` invokes `sanitize_option()`.
* A `null` value for the `'ping_sites'` case was passed to `explode()`, which threw a deprecation notice on PHP 8.1 and above.
* With this commit, the `'ping_sites'` option is no longer included in the allow list and thus will not be passed to `update_options()` > `sanitize_option()` > `explode()`.
Follow-up to [22255], [12825], [4326], [949].
Props kitchin, SergeyBiryukov, swissspidy, devmuhib, rajinsharwar, hellofromTonya.
Fixes#59818.
Built from https://develop.svn.wordpress.org/trunk@58425
git-svn-id: http://core.svn.wordpress.org/trunk@57874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [58418] a test was added without the `test_` prefix in its function
name, and because of that, it wasn't run in the test suite.
The prefix has been added to ensure that it runs.
In the original patch, due to a logical bug, a recursive loop to
transform the inside contents of the bogus comments was never run
more than once. This has been fixed.
This patch also includes one more case where `kses` wasn't
properly detecting the bogus comment state, and adds a test case
to cover this. It limits itself to some but not all constructions
of invalid markup declaration so that it doesn't conflict with
existing behaviors around those and other kinds of invalid comments.
Props ellatrix, dmsnell.
See #61009.
Follow-up to [58418].
Built from https://develop.svn.wordpress.org/trunk@58424
git-svn-id: http://core.svn.wordpress.org/trunk@57873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `wp_kses_split` processes a document it attempts to leave HTML comments
alone. It makes minor adjustments, but leaves the comments in the document in
its output. Unfortunately it only recognizes one kind of HTML comment and
rejects many others.
This patch makes a minor adjustment to the algorithm in `wp_kses_split` to
recognize and preserve an additional kind of HTML comment: closing tags with
an invalid tag name, e.g. `</%dolly>`.
These invalid closing tags must be interpreted as comments by a browser.
This bug fix aligns the implementation of `wp_kses_split()` more closely
with its stated goal of leaving HTML comments as comments.
It doesn't attempt to fully fix the mis-parsed comments, but it does propose a
minor fix that hopefully won't break any existing code or projects.
Developed in https://github.com/WordPress/wordpress-develop/pull/6395
Discussed in https://core.trac.wordpress.org/ticket/61009
Props ellatrix, dmsnell, joemcgill, jorbin, westonruter, zieladam.
See #61009.
Built from https://develop.svn.wordpress.org/trunk@58418
git-svn-id: http://core.svn.wordpress.org/trunk@57867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is a clean revert of r58415 as tests seem to now be failing with this change. Likely the test needs an update as well to accomodate the new successful version check.
Follow-up to [60798].
Props jorbin, hellofromTonya.
See #60798.
Built from https://develop.svn.wordpress.org/trunk@58417
git-svn-id: http://core.svn.wordpress.org/trunk@57866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes some autoload values that were updated in [58105] that used the database values of `"on"` and `"off"` instead of the boolean values `true` and `false` when being passed to `add|update_option()`.
Props joemcgill, desrosj, rajinsharwar.
Fixes#61045. See #42441.
Built from https://develop.svn.wordpress.org/trunk@58416
git-svn-id: http://core.svn.wordpress.org/trunk@57865 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously `remove_pdf_alpha_channel()` used `Imagick::getVersion()` to validate the environment is capable of handling alpha. This was the incorrect function to use to check the module version as it will only provide the ImageMagick API version. This patch adjusts to instead use `phpversion()` as this is the correct method to get the Imagick version needed to determine alpha compatibility. This fixes a number of host tests that have been correctly failing on subsets of environments. Serendipidously, sometimes the API version was high enough to avoid shining light on this problem.
Props swissspidy, joedolson, antpb.
Fixes#60798.
Built from https://develop.svn.wordpress.org/trunk@58415
git-svn-id: http://core.svn.wordpress.org/trunk@57864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replaces `trigger_error()` with `wp_trigger_error()`.
The usage of `wp_trigger_error()` avoids generating `E_USER` family errors unless `WP_DEBUG` is on. In doing so, users should not see these messages in normal production.
Notes:
* Removes `E_USER_NOTICE` when passed as an argumnent, as it's the default error level.
* An empty string is passed for the function name when its name is already in the error message or does not add value to the error message.
* Externally maintained libraries are not included.
Follow-up to [55204], [25956], [29630], [38883], [52062], [52049], [54272], [38883], [55245], [51599], [14452], [38883], [24976].
Props prasadkarmalkar, rajinsharwar, thelovekesh, hellofromTonya, swissspidy.
Fixes#59652.
Built from https://develop.svn.wordpress.org/trunk@58409
git-svn-id: http://core.svn.wordpress.org/trunk@57858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix issue where the attachment thumbnail would be rendered as the site logo on attachment single templates if no site logo is set. Avoid calling `wp_attachment_is_image()` with no value, since that function will fallback to the global `$post` variable. Follow up to [58213]. See #60922.
Props greenshady, krupajnanda, hmbashar, rajinsharwar, joedolson.
Fixes#61408.
Built from https://develop.svn.wordpress.org/trunk@58407
git-svn-id: http://core.svn.wordpress.org/trunk@57856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This prevents the display of an inaccurate message when the `wp_insert_post_data` filter is used to change the status of a post while saving. This bug was only present when using the Classic Editor.
The previous code incorrectly assumed that a filter would never change a post’s status to `draft`, resulting in a “Post published.” message instead of “Post draft updated.”.
Props freibergergarcia, sirzooro, hakre, blepoxp, scribu, kawauso.
Fixes#11207.
Built from https://develop.svn.wordpress.org/trunk@58406
git-svn-id: http://core.svn.wordpress.org/trunk@57855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Finish task to replace placeholders used for labels with visible label elements. Add label elements in theme browser and theme installation screen. Change position of search input to match other user interfaces in WordPress.
Also crediting all contributors to ticket #61389, which this also closes.
Props joedolson, rcreators, sabernhardt, balub, rejaulalomkhan, syamraj24, nazmul111, krupajnanda, huzaifaalmesbah, hmbashar, mdnesarmridha, colorful-tones, printsachen1.
Fixes#40331, #61389.
Built from https://develop.svn.wordpress.org/trunk@58405
git-svn-id: http://core.svn.wordpress.org/trunk@57854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Removes an unassigned `sprintf` that was accidentally included as part of [57545] in the `wp_get_plugin_action_button()`. A copy/paste whoopsie.
The actual used code is assigned a wee bit lower in the function within the `install` case.
Follow-up to [57545].
Props hellofromTonya, costdev, rajinsharwar.
Fixes#61420.
Built from https://develop.svn.wordpress.org/trunk@58402
git-svn-id: http://core.svn.wordpress.org/trunk@57851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensure new multisite installs are up to date with the current mime types supported in core.
Note that this will only affect newly created networks, since this is only used to populate the schema for new networks, not change the allowed mime types for existing networks
Props spacedmonkey, costdev, pavanpatil1, joemcgill, rajinsharwar, tb1909.
Fixes#53167.
Built from https://develop.svn.wordpress.org/trunk@58400
git-svn-id: http://core.svn.wordpress.org/trunk@57849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset reverts part of the changes made in [58298] to avoid using regex that can cause potential bugs. It is indeed safer to revert these changes for now and do the refactoring once the HTML API supports CSS selectors and provides a way to set inner content.
It also adds a unit test to cover the regression experienced in https://github.com/WordPress/gutenberg/issues/62347.
Follow-up to [58298].
Props santosguillamot, gziolo.
Fixes#61385.
See #61351.
Built from https://develop.svn.wordpress.org/trunk@58398
git-svn-id: http://core.svn.wordpress.org/trunk@57847 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[57545] introduced `wp_get_plugin_action_button()`. This function is documented to return a `string`. However, if the user does not have the appropriate capabilities, it returned `void`, which is unexpected.
Resolves the issue by moving the `return $button` to the bottom of the function to ensure it always returns a `string` type. On success, the button's HTML string is returned; else, an empty string is returned.
Unit tests are included.
Follow-up to [57545].
Props costdev, rajinsharwar, hellofromTonya.
Fixes#61400.
Built from https://develop.svn.wordpress.org/trunk@58396
git-svn-id: http://core.svn.wordpress.org/trunk@57845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Scalar values passed to `esc_attr()` are already converted internally to a string via both `wp_check_invalid_utf8()` and `_wp_specialchars()`.
Includes adding `@covers` tags for unit tests.
Follow-up to [58379].
See #58379.
Built from https://develop.svn.wordpress.org/trunk@58389
git-svn-id: http://core.svn.wordpress.org/trunk@57838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These attributes are needed to indicate that both fields are required. This changeset doesn't add the attribute by default but allows extenders to enable it by passing `true` to the `$required_username` and `$required_password` to `wp_login_form()` arguments array.
Props alesflex, sabernhardt, joedolson, rcreators, rajinsharwar.
Fixes#60062.
Built from https://develop.svn.wordpress.org/trunk@58382
git-svn-id: http://core.svn.wordpress.org/trunk@57831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Lowers the priority at which `wp_filter_default_autoload_value_via_option_size()` is registered to run on the `wp_default_autoload_value()` filter. The default filter now runs at priority 5.
This is to allow third party developers to modify whether an option is autoloaded using the default priority, 10, rather than require they register their code to run at a higher priority.
Follow up to [57920].
Props peterwilsoncc, joemcgill.
Fixes#42441.
Built from https://develop.svn.wordpress.org/trunk@58381
git-svn-id: http://core.svn.wordpress.org/trunk@57830 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Escapes the return value of `wp_autoload_values_to_autoload()` for use in the database query loading 'all options'. This is a hardening fix to protect against future changes to the options API which may allow developers to further customize the return value of the `wp_autoload_values_to_autoload` filter.
Follow up to [57920].
Props peterwilsoncc, joemcgill.
Fixes#42441.
Built from https://develop.svn.wordpress.org/trunk@58380
git-svn-id: http://core.svn.wordpress.org/trunk@57829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevent `WP_List_Table::search_box()` from throwing an array to string conversion notice when post list tables are loaded with an array of orderby parameters in the URL, eg: `/wp-admin/edit.php?post_type=page&orderby[menu_order]=ASC&orderby[title]=ASC`.
Follow up to [29027].
Props leonidasmilossis, rajinsharwar, swissspidy, NomNom99, pls78, SergeyBiryukov.
Fixes#59494.
See #17065.
Built from https://develop.svn.wordpress.org/trunk@58379
git-svn-id: http://core.svn.wordpress.org/trunk@57828 1a063a9b-81f0-0310-95a4-ce76da25c4cd