This change introduces a new Composer script, `compat` that will scan the codebase for (detectable) potential PHP compatibility issues using the `PHP_CodeSniffer` and a custom ruleset based off of the `PHPCompayibilityWP` ruleset (`phpcompat.xml.dist`).
The command will be run as a separate job within each Travis build. While many compatibility issues and false positives have already been corrected in this commit and other Trac tickets, there are still some remaining. For that reason, the job is allowed to fail while the remainder of the potential compatibility issues are investigated and addressed. After those are resolved, the job should be set as required to pass to help prevent new compatibility issues from being introduced.
Props desrosj, jrf, all PHPCompatibilityWP and PHPCompatibility contributors.
Fixes#46152.
Built from https://develop.svn.wordpress.org/trunk@46290
git-svn-id: http://core.svn.wordpress.org/trunk@46102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Rather than relying `func_get_args()` to retrieve arbitrary function arguments, we can now use the spread operator to assign them directly to a variable.
While these functions are deprecated, they can still get a minor performance boost in case they are being called.
Props jrf.
See #47678.
Built from https://develop.svn.wordpress.org/trunk@46129
git-svn-id: http://core.svn.wordpress.org/trunk@45941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Noteable changes:
- The `magic_quotes_runtime` and `magic_quotes_sybase` settings were removed in PHP 5.4, so no longer need to be set.
- Some functions that use external libraries can generate errors that can't be tested for, so are globally allowed to silence errors.
- Quite a few functions would cause errors if `safe_mode` was set. This setting was removed in PHP 5.4.
- Only a handful of `header()` calls needed corresponding `headers_sent()` checks for unit tests to pass, but more may need to be added as the nightlies builds are tested.
See #46732.
Built from https://develop.svn.wordpress.org/trunk@45611
git-svn-id: http://core.svn.wordpress.org/trunk@45422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use of `date()` in core depends on PHP timezone set to UTC and not changed by third party code (which cannot be guaranteed).
`gmdate()` is functionally equivalent, but is not affected by PHP timezone setting: it's always UTC, which is the exact behavior the core needs.
Props nielsdeblaauw, Rarst.
Fixes#46438. See #44491.
Built from https://develop.svn.wordpress.org/trunk@45424
git-svn-id: http://core.svn.wordpress.org/trunk@45235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
"Install" is not a noun, and while it might be acceptable to use the verb as a noun, it is not correct. Using the correct
noun, "installation", increases clarity, especially for non-native English speakers.
This change fixes the usage in user-facing text and in developer documentation.
Fixes#41620
Built from https://develop.svn.wordpress.org/trunk@41289
git-svn-id: http://core.svn.wordpress.org/trunk@41129 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In addition to `wp_list_filter()` for filtering a list of objects, and `wp_list_pluck()` for plucking a certain field out of each object in a list, this new function can be used for sorting a list of objects by specific fields. These functions are now all contained within the new `WP_List_Util()` class and `wp_list_sort()` is used in various parts of core for sorting lists.
This was previously committed in [38859] but got reverted in [38862] and [38863]. To fix the previous issues, `wp_list_sort()` supports now an additional argument to preserve array keys via `uasort()`.
Props flixos90, DrewAPicture, jorbin.
Fixes#37128.
Built from https://develop.svn.wordpress.org/trunk@38928
git-svn-id: http://core.svn.wordpress.org/trunk@38871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In addition to `wp_list_filter()` for filtering a list of objects, and `wp_list_pluck()` for plucking a certain field out of each object in a list, this new function can be used for sorting a list of objects by specific fields. These functions are now all contained within the new `WP_List_Util()` class and `wp_list_sort()` is used in various parts of core for sorting lists.
Props flixos90, DrewAPicture, jorbin.
Fixes#37128.
Built from https://develop.svn.wordpress.org/trunk@38859
git-svn-id: http://core.svn.wordpress.org/trunk@38802 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This function was originally introduced to fix an XSS attack in Netscape 4, which never affected any other browsers, or later versions of Netscape.
I'm willing to go out on a limb, and say that we've officially dropped security support for Netscape 4.
Props dmsnell, desrosj.
Fixes#33848.
Built from https://develop.svn.wordpress.org/trunk@38785
git-svn-id: http://core.svn.wordpress.org/trunk@38728 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The position of this template within the hierarchy is of so little use that zero themes in the WordPress.org theme directory make use of it. It's second only to `index.php` in the hierarchy, meaning that any archive template such as `category.php` or `archive.php` will be chosen before it.
Fixes#38162
Props ryankienstra for initial patch
Built from https://develop.svn.wordpress.org/trunk@38755
git-svn-id: http://core.svn.wordpress.org/trunk@38698 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Don't lower memory limit if the current limit is greater than `WP_MAX_MEMORY_LIMIT`.
* Set `WP_MEMORY_LIMIT` and `WP_MAX_MEMORY_LIMIT` to current limit if the `memory_limit` setting can't be changed at runtime.
* Use `wp_convert_hr_to_bytes()` when parsing the value of the `memory_limit` setting because it can be a shorthand or an integer value.
* Introduce `wp_raise_memory_limit( $context )` to raise the PHP memory limit for memory intensive processes. This DRYs up some logic and includes the existing `admin_memory_limit` and `image_memory_limit` filters. The function can also be used for custom contexts, the `{$context}_memory_limit` filter allows to customize the limit.
* Introduce `wp_is_ini_value_changeable( $setting )` to determine whether a PHP ini value is changeable at runtime.
* Remove a `function_exists( 'memory_get_usage' )` check. Since PHP 5.2.1 support for memory limit is always enabled.
Related commits: [38011-38013]
Props jrf, A5hleyRich, swissspidy, ocean90.
Fixes#32075.
Built from https://develop.svn.wordpress.org/trunk@38015
git-svn-id: http://core.svn.wordpress.org/trunk@37956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`_wp_upload_dir_baseurl()` is a private function introduced in 4.4
as part of the "responsive images" feature. It was for runtime
caching of the URL to the uploads directory. It is deprecated in
4.5 with the introduction of `wp_get_upload_dir()`.
Outside core, it's only used as part of a back-compat shim in the
original feature plugin for responsive images (ricg-responsive-images),
which includes its own version of the function definition, so it's
safe to remove from core.
Fixes#36375.
Built from https://develop.svn.wordpress.org/trunk@37676
git-svn-id: http://core.svn.wordpress.org/trunk@37642 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also use 'back-compat' in some inline comments where backward compatibility is the subject and shorthand feels more natural.
Note: 'backwards compatibility/compatibile' can also be considered correct, though it's primary seen in regular use in British English.
Props ocean90.
Fixes#36835.
Built from https://develop.svn.wordpress.org/trunk@37431
git-svn-id: http://core.svn.wordpress.org/trunk@37397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Multisite functions use the term "blog" to refer to what we now call a "site," e.g. `get_current_blog_id()`. These functions are here to stay because of our commitment to backwards compatibility. What we can do is set the documentation straight.
See #35417.
Built from https://develop.svn.wordpress.org/trunk@36416
git-svn-id: http://core.svn.wordpress.org/trunk@36383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Twelve years later, after no fewer than three themes have intentionally implemented popup comments in their functionality, before being abandoned for at least the last six years, we've reached a time where we can put this era behind us. A time when we can remove comment popup functionality from WordPress.
If this breaks the internet, I'll eat my hat.
Fixes#28617
Built from https://develop.svn.wordpress.org/trunk@35848
git-svn-id: http://core.svn.wordpress.org/trunk@35812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces more flexibility in filtering all parts of the document title,the
separator, and a way to short-circuit title generation. Plugins can now also
check for theme support and reliably filter the entire output. See #18548.
Deprecates `wp_title()`.
Fixes#31078.
Built from https://develop.svn.wordpress.org/trunk@35294
git-svn-id: http://core.svn.wordpress.org/trunk@35260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The pre-3.4 theme previewer doesn't work when using a static front page.
We kept the old theme preview for no-JS and some browsers that were less capable. But since browsers are doing a better job today we don't need to continue fixing/shipping this legacy code. Bye!
fixes#33178.
Built from https://develop.svn.wordpress.org/trunk@33492
git-svn-id: http://core.svn.wordpress.org/trunk@33459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Replace `wp_htmledit_pre()` and `wp_richedit_pre()` with `format_for_editor()`.
- Replace the `'htmledit_pre'` and `'richedit_pre'` filters with `'format_for_editor'`.
- Do not run the post content through `wpautop()` in PHP when the visual editor is default. Run the textarea content through the JS wpautop on initializing TinyMCE.
- Simplify both editors initialization.
- Improve setting of `wpActiveEditor` in Quicktags.
- Improve editor.js, use `tinymce.$` when possible.
See #32425.
Built from https://develop.svn.wordpress.org/trunk@32899
git-svn-id: http://core.svn.wordpress.org/trunk@32870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In PHP 5.3.0, `is_a()` is no longer deprecated, and will therefore no longer throw `E_STRICT` warnings.
To avoid warnings in PHP < 5.3.0, convert all `is_a()` calls to `$var instanceof WP_Class` calls.
`instanceof` does not throw any error if the variable being tested is not an object, it simply returns `false`.
Props markoheijnen, wonderboymusic.
Fixes#25672.
Built from https://develop.svn.wordpress.org/trunk@31188
git-svn-id: http://core.svn.wordpress.org/trunk@31169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Affects DocBlocks for the following core elements:
* Remove HTML tag from parameter description in `comment_form()`
* Remove HTML tag from a summary for the `comment_form_top` hook
* Markdown-indent a code snippet in the description for `get_linkobjectsbyname()`
* Markdown-indent a code snippet and format an unordered list in the description for `get_linkobjects()`
* Backtick-escape some inline code in the description for `clean_pre()`
* Remove HTML tag from the summary for the `rss_tag_pre` hook
* Various formatting fixes in the descriptions for `get_filesystem_method()` and `request_filesystem_credentials()`
Props rarst for the initial patch.
See #30473.
Built from https://develop.svn.wordpress.org/trunk@30538
git-svn-id: http://core.svn.wordpress.org/trunk@30527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Per our inline documentation standards, no further use of the `@uses` tag is recommended as used and used-by relationships can be derived through other means. This removes most uses of the tag in core documentation, with remaining tags to be converted to `@global` or `@see` as they apply.
Fixes#30191.
Built from https://develop.svn.wordpress.org/trunk@30105
git-svn-id: http://core.svn.wordpress.org/trunk@30105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Deprecate `like_escape()`
* Add a method to `$wpdb`, `->esc_like()`, and add unit tests
`$wpdb::esc_like()` is not used yet. As such, many unit tests will throw `Unexpected deprecated notice for like_escape`. Subsequent commits will alleviate this.
Props miqrogroove.
See #10041.
Built from https://develop.svn.wordpress.org/trunk@28711
git-svn-id: http://core.svn.wordpress.org/trunk@28527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The ordering logic is as follows:
* Full sentence matches in post titles.
* All search terms in post titles.
* Any search terms in post titles.
* Full sentence matches in post content.
Each section and any remaining posts are then sorted by date.
Introduces some filters:
* wp_search_stopwords, to filter stop words ignored in WHERE.
* posts_search_orderby, to filter the ORDER BY when ordering search results.
props azaozz, wonderboymusic.
fixes#7394.
Built from https://develop.svn.wordpress.org/trunk@25632
git-svn-id: http://core.svn.wordpress.org/trunk@25549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Make required arguments optional in confirm_blog_signup().
Mark arguments as required in _future_post_hook(), the walker method display_element(), get_author_link() (deprecated), and the WP_Widget constructor.
props rlerdorf.
see #24210.
git-svn-id: http://core.svn.wordpress.org/trunk@24126 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.
Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.
Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.
Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.
Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.
Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.
Plugins should use wp_unslash() on data being passed to core API.
Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.
Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.
Remove many no longer necessary calls to $wpdb->escape() and esc_sql().
In wp_get_referer() and wp_get_original_referer(), return unslashed data.
Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.
Switch several queries over to prepare().
Expect something to break.
Props alexkingorg
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Have wp_get_image_editor() rather than WP_Image_Editor::get_instance(). Having static factory methods would be less confusing if there weren't also static methods tied to individual editor implementations.
* Lazy-load the WP_Image_Editor base class and editor implementations.
* Have WP_Image_Editor_GD::supports_mime_type() actually check which types it supports.
* Deprecate gd_edit_image_support() in favor of wp_image_editor_supports().
props DH-Shredder, scribu, markoheijnen. fixes#22356. see #6821.
git-svn-id: http://core.svn.wordpress.org/trunk@22817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Make the $post argument to get_post() optional, defaulting to the current post in The Loop.
Props nacin
see #21309
git-svn-id: http://core.svn.wordpress.org/trunk@21735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Return WP_Post from get_default_post_to_edit()
Replace all calls to get_page() with get_post()
see #21309
git-svn-id: http://core.svn.wordpress.org/trunk@21597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The post_type can then be accessed to properly clean the taxonomy relationships cache.
The full object is useful in situations when an ID might reference a post that has been
removed from the database (e.g. wp_delete_post()).
git-svn-id: http://svn.automattic.com/wordpress/trunk@20569 1a063a9b-81f0-0310-95a4-ce76da25c4cd