Previously a user could remove a protected meta field by using their browser developer tools to alter the form field properties in the Custom Fields meta box, given that they know the ID of the protected meta field. This change prevents this by preventing any change to a protected meta field, including changing its key.
Props ajoah, johnbillion, peterwilsoncc
Fixes#38293
Built from https://develop.svn.wordpress.org/trunk@39062
git-svn-id: http://core.svn.wordpress.org/trunk@39004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allow history to be manipulated before DOM ready by sourcing state params from the current URL instead of from the `wp.customize.settings` object, since they will be the same anyway. This fixes a JS error since `wp.customize.settings` is not defined before DOM ready.
Amends [38810].
See #30937.
Fixes#38592.
Built from https://develop.svn.wordpress.org/trunk@39060
git-svn-id: http://core.svn.wordpress.org/trunk@39002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously Settings only supported "number" which meant it was possible to push floats to things like posts_per_page. This means now developers can also specify `type => ineger` in meta nad settings resgration.
Props flixos90.
Fixes#38393.
Built from https://develop.svn.wordpress.org/trunk@39058
git-svn-id: http://core.svn.wordpress.org/trunk@39000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
By allowing more fine-grained validation and sanitisation of endpoint args, we can ensure the correct data is being passed to endpoints.
This can easily be extended to support new data types, such as CSV fields or objects.
Props joehoyle, rachelbaker, pento.
Fixes#38531.
Built from https://develop.svn.wordpress.org/trunk@39046
git-svn-id: http://core.svn.wordpress.org/trunk@38988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Allow `WP_Customize_Nav_Menus::insert_auto_draft_post()` to take full post array to pass to `wp_insert_post()`, except for `post_status`. Require `post_title`.
* Ensure empty `post_name` gets explicitly set to slugified `post_title`.
* Explicitly allow only `post_type` and `post_title` params in `WP_Customize_Nav_Menus::ajax_insert_auto_draft_post()`.
* Use `wp_update_post()` instead of `wp_publish_post()` to ensure unique slugs are assigned to published auto-draft posts.
* Re-use `WP_Customize_Nav_Menus::insert_auto_draft_post()` when inserting stubs from starter content.
See #38114, #38013, #34923.
Fixes#38539.
Built from https://develop.svn.wordpress.org/trunk@39038
git-svn-id: http://core.svn.wordpress.org/trunk@38980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the Multisite - single site "Add New User" screen, some form fields have more
than one label associated with them. Form controls should have at most one
associated label element. If more than one label element is associated to the
control, assistive technologies may not read the appropriate label.
Additionally, labels can be associated to their related form fields either
explicitly (using a `for` attribute referencing the field ID) or implicitly
(using the label to wrap the field). As a best practice, never do both and
prefer explicitly associated labels when possible.
Props Ankit K Gupta.
Fixes#38459.
Built from https://develop.svn.wordpress.org/trunk@39006
git-svn-id: http://core.svn.wordpress.org/trunk@38948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_load_translations_early()` is used when WordPress isn't fully initialized. Therefore using the `WP_Locale_Switcher` with `get_locale()`/`get_user_locale()` can cause PHP fatal errors.
This reverts [38976] and [38977], and instead removes `WP_Locale_Switcher` from `wp_load_translations_early()`.
See #29783.
Fixes#38535.
Built from https://develop.svn.wordpress.org/trunk@39005
git-svn-id: http://core.svn.wordpress.org/trunk@38947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Hides page numbers visually at smaller screen sizes.
* Reduced padding around `.wrap` class on smaller screens.
* Fixed issue with the page numbers not displaying the underline on `:hover`. This has been updated in the custom colors files, too.
Props laurelfulford, caspie.
Fixes#38394.
Built from https://develop.svn.wordpress.org/trunk@38996
git-svn-id: http://core.svn.wordpress.org/trunk@38938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A theme can opt-in for tailored starter content to apply to the customizer when previewing the theme on a fresh install, when `fresh_site` is at its initial `1` value. Starter content is staged in the customizer and does not go live unless the changes are published. Initial starter content is added to Twenty Seventeen.
* The `fresh_site` flag is cleared when a published post or page is saved, when widgets are modified, or when the customizer state is saved.
* Starter content is registered via `starter-content` theme support, where the argument is an array containing `widgets`, `posts`, `nav_menus`, `options`, and `theme_mods`. Posts/pages in starter content are created with the `auto-draft` status, re-using the page/post stubs feature added to nav menus and the static front page controls.
* A `get_theme_starter_content` filter allows for plugins to extend a theme's starter content.
* Starter content in themes can/should re-use existing starter content items in core by using named placeholders.
* Import theme starter content into customized state when fresh site.
* Prevent original_title differences from causing refreshes if title is present.
* Ensure nav menu item url is set according to object when previewing.
* Make sure initial saved state is false if there are dirty settings without an existing changeset.
* Ensure dirty settings are cleaned upon changeset publishing.
Props helen, westonruter, ocean90.
Fixes#38114, #38533.
Built from https://develop.svn.wordpress.org/trunk@38991
git-svn-id: http://core.svn.wordpress.org/trunk@38934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A background color style that was added to the front page during video header implementation did not get included in the `colors-dark.css`, causing a display issue with the dark color scheme.
Props laurelfulford.
See #38172.
Built from https://develop.svn.wordpress.org/trunk@38987
git-svn-id: http://core.svn.wordpress.org/trunk@38930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Rename customizer JS files to customize-preview.js and customize-controls.js to align with the core file naming and make it clearer where each file runs.
* Only show the colorscheme_hue control when there's a custom color scheme.
* Update preview JS handling for revised front page section handling, see below.
* Remove all references to "Theme Customizer" in code comments. It hasn't been called that since before 4.0.
* Clarify the purpose of the JS files by updated the code comments in the file headers.
* Improve code readability.
* Make the arbitrary number of front page sections filterable, for UI registration and output.
* Rename twentyseventeen_sanitize_layout to twentyseventeen_sanitize_page_layout to be clearer about what it sanitizes in case child themes or plugins consider reusing it.
* Rename page_options setting/control to page_layout as that's more reflective of what that option does; and again, helps for potential extensions.
* Make the page layout option contextual to pages and the sidebar being inactive, as the option only applies when there is no sidebar (per its description).
* Condense options into a single section.
* Add selective refresh for front page sections.
* Locate active_callback functions within customizer.php so that they're easier to find when editing customizer registrations, similarly to sanitize callbacks.
* Adjust the styling for placeholders for panels that aren't active.
* Ensure that the new visible edit shortcuts don't have any issues.
Props celloexpressions.
Fixes#38426.
Built from https://develop.svn.wordpress.org/trunk@38986
git-svn-id: http://core.svn.wordpress.org/trunk@38929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds the ability for themes to add support for videos in custom headers
by passing `'video' => true` as an argument when adding theme support for
custom headers.
Custom video headers are managed through the “Header Visuals” (i.e. “Header Image”)
panel in the Customizer where you can select a video from the media library or set a
URL to an external video (YouTube for now) for use in custom headers.
This introduces several new functions:
`has_header_video()` – Check whether a header video is set or not.
`get_header_video_url()` – Retrieve header video URL for custom header.
`the_header_video_url()` – Display header video URL.
`get_header_video_settings()` – Retrieve header video settings.
`has_custom_header()` – Check whether a custom header is set or not.
`get_custom_header_markup()` – Retrieve the markup for a custom header.
`the_custom_header_markup()` – Print the markup for a custom header.
And a new file, `wp-includes/js/wp-custom-header.js` that handles loading videos
in custom headers.
This also enables video headers in the Twenty Seventeen and Twenty Fourteen themes.
Props davidakennedy, celloexpressions, bradyvercher, laurelfulford, joemcgill.
Fixes#38172.
Built from https://develop.svn.wordpress.org/trunk@38985
git-svn-id: http://core.svn.wordpress.org/trunk@38928 1a063a9b-81f0-0310-95a4-ce76da25c4cd
CSS generated content is going to be rendered for speech output more and more in
the next future. When it's not intended to be available for speech output, for
example with font icons, then special care should be used to hide it from
assistive technologies. At the moment, the only reliable way to do this is making
use of a wrapper element and set `aria-hidden="true"` on it.
Fixes#37513.
Built from https://develop.svn.wordpress.org/trunk@38984
git-svn-id: http://core.svn.wordpress.org/trunk@38927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A `null` value is returned in the response for any option that has a non-scalar value.
To protect clients from accidentally including the `null` values from a response object in a request, we do not allow options with non-scalar values to be updated to `null`. Without this added protection a client could mistakenly delete all options that have non-scalar values from the database.
Props joehoyle, rachelbaker.
Fixes#38527.
Built from https://develop.svn.wordpress.org/trunk@38982
git-svn-id: http://core.svn.wordpress.org/trunk@38925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- adds hidden text to the pagination links
- slightly increases the links clickable area
- fixes a JS error when clicking on the current page number
- avoids to generate nested `<div>` elements at each click
Props xavortm, cwpnolen, afercia.
Fixes#35577.
Built from https://develop.svn.wordpress.org/trunk@38981
git-svn-id: http://core.svn.wordpress.org/trunk@38924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As sparrows' tears shed steadily
Make widest rivers filled,
`setUp()` routines run prodig'ly
Add minutes to a build.
So cull ye fixtures profligate!
Direct thine frugal gaze!
Our savings here - a half-minute -
When multiplied: Amaze!
See #30017.
Built from https://develop.svn.wordpress.org/trunk@38975
git-svn-id: http://core.svn.wordpress.org/trunk@38918 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The WP-API plugin originally used a custom method for fetching object
terms in a way that supported the object cache and also accepted all
parameters for `get_terms()`. In [38667], the internals of
`wp_get_object_terms()` were modified to use `WP_Term_Query`, thus
delivering in a native fashion the features that the API had
previously achieved bespokely.
Fixes#38504.
Built from https://develop.svn.wordpress.org/trunk@38974
git-svn-id: http://core.svn.wordpress.org/trunk@38917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Hiding WP_Query params under the filter key (instead of allowing them to be top-level params) was one of our biggest complaints from users of v1 of our REST API. This walks back the re-introduction of the `filter` param during Beta 15, which introduced an "inconsistent mess" and "exposing WP_Query through filter has and will continue to be difficult to support." See https://github.com/WP-API/WP-API/issues/2799.
Props websupporter, rachelbaker.
Fixes#38378.
Built from https://develop.svn.wordpress.org/trunk@38968
git-svn-id: http://core.svn.wordpress.org/trunk@38911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Edit shortcuts show initially for a moment and then fade away so as to not get in the way of the preview.
* Visibility of edit shortcuts is toggled by clicking/touching anywhere inert in the document.
* Implements UI for mobile and touch devices which do not support shift-click.
* Adds `editShortcutVisibility` state.
* Adds new methods to `wp.customize.selectiveRefresh.Partial` for managing edit shortcuts.
Incorporates aspects of the Customize Direct Manipulation feature plugin.
Props sirbrillig, mattwiebe, celloexpressions, melchoyce, westonruter, afercia.
Fixes#27403.
Built from https://develop.svn.wordpress.org/trunk@38967
git-svn-id: http://core.svn.wordpress.org/trunk@38910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Removes the left padding on the first cell in a row, and the right padding on the last cell in each row - the padding is still there between cells, so the contents don't meet.
* Does the opposite for RTL, and fixes some spacing issues.
* Updates the editor styles to match.
Props laurelfulford, snacking.
Fixes#38447.
Built from https://develop.svn.wordpress.org/trunk@38963
git-svn-id: http://core.svn.wordpress.org/trunk@38906 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Fixes the display issues with the header. The header doesn't look exactly like it does in newer browsers, but it's closer.
* Gets the font sizes a bit more consistent with how it looks like other browsers.
* IE8 doesn't support SVGs, so it's using the fallback styles for some of the icons. The fallbacks are limited to the absolutely necessary icons - so there is one for the submenu dropdown toggle icon, but not for the little 'hamburger' and X that sit in front of the 'menu' button.
Props laurelfulford.
Fixes#38472.
Built from https://develop.svn.wordpress.org/trunk@38962
git-svn-id: http://core.svn.wordpress.org/trunk@38905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With the introduction of user-specific languages in [38705] it's necessary to be able to switch translations on the fly. For example emails should be sent in the language of the recipient and not the one of the current user.
This introduces a new `WP_Locale_Switcher` class which is used for switching locales and translations. It holds the stack of locales whenever `switch_to_locale( $locale )` is called. With `restore_previous_locale()` you can restore the previous locale. `restore_current_locale()` empties the stack and sets the locale back to the initial value.
`switch_to_locale()` is added to most of core's email functions, either with the value of `get_locale()` (site language) or `get_user_locale()` (user language with fallback to site language).
Props yoavf, tfrommen, swissspidy, pbearne, ocean90.
See #29783.
Fixes#26511.
Built from https://develop.svn.wordpress.org/trunk@38961
git-svn-id: http://core.svn.wordpress.org/trunk@38904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress has supported custom page templates for over 12 years, allowing developers to create various layouts for specific pages.
While this feature is very helpful, it has always been limited to the 'page' post type and not was not available to other post types.
By opening up the page template functionality to all post types, we continue to improve the template hierarchy's flexibility.
In addition to the `Template Name` file header, the post types supported by a template can be specified using `Template Post Type: post, foo, bar`.
When at least one template exists for a post type, the 'Post Attributes' meta box will be displayed in the back end, without the need to add post type support for `'page-attributes'`. 'Post Attributes' can be customized per post type using the `'attributes'` label when registering a post type.
Props johnbillion, Mte90, dipesh.kakadiya, swissspidy.
Fixes#18375.
Built from https://develop.svn.wordpress.org/trunk@38951
git-svn-id: http://core.svn.wordpress.org/trunk@38894 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When support for PDFs is available, on upload,
render 'Thumbnail', 'Medium', 'Large', and 'Full' sizes of
the first page, and save them in attachment meta.
Use these renders within Add Media, Media Gallery and List views,
Attachment Details, Post/Attachment Edit screens, and Attachment pages.
Support available by default via Imagick -> ImageMagick -> Ghostscript,
but can be provided by any `WP_Image_Editor` that supports PDFs.
Props adamsilverstein, azaozz, celloexpressions, desrosj, dglingren, ericlewis, ipstenu, joemcgill, joyously, markoheijnen, melchoyce, mikeschroder, tomauger.
Fixes#31050.
Built from https://develop.svn.wordpress.org/trunk@38949
git-svn-id: http://core.svn.wordpress.org/trunk@38892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces new control for managing the background position. Adds control for setting the `background-size`.
Props cdog, celloexpressions, grapplerulrich, MikeHansenMe, FolioVision, afercia, helen, melchoyce, karmatosed, westonruter, Kelderic, sebastian.pisula.
Fixes#22058.
Built from https://develop.svn.wordpress.org/trunk@38948
git-svn-id: http://core.svn.wordpress.org/trunk@38891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Like its predecessor (`sanitize_text_field()`), `sanitize_textarea_field()` is a helper function to sanitise user input. As the name suggests, this function is for sanitising input from `textarea` fields - it strips tags and invalid UTF-8 characters, like `sanitize_text_field()`, but retains newlines and extra inline whitespace.
Props ottok, nbachiyski, chriscct7, pento.
Fixes#32257.
Built from https://develop.svn.wordpress.org/trunk@38944
git-svn-id: http://core.svn.wordpress.org/trunk@38887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When a site is using a static front page, and that page is in a menu, it isn't given the CSS class `menu-item-home`, contrary to the developer documentation.
An incorrect solution was originally added in [35272], and is now gone. Let us never speak of it again.
Props mdgl, adamsilverstein, welcher, pento.
Fixes#35272.
Built from https://develop.svn.wordpress.org/trunk@38940
git-svn-id: http://core.svn.wordpress.org/trunk@38883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`get_site()` has replaced `get_blog_details()` throughout core and is the recommended way to retrieve a current or single site object.
The `blog_details` filter is applied when full details are requested from `get_blog_details()`.
To ensure backwards compatibility in the switch to `get_site()`, this `blog_details` filter is now applied in `WP_Site::get_details()` and marked as deprecated with a note to rely instead on the `site_details` filter introduced in 4.6.
Props flixos90.
See #37102.
Fixes#38491.
Built from https://develop.svn.wordpress.org/trunk@38936
git-svn-id: http://core.svn.wordpress.org/trunk@38879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The color control in the customizer can use the new mode by supplying the `mode` param with `hue` (as opposed to the new default `full` value). New control replaces the `range` control in Twenty Seventeen for `colorscheme_hue`. The `wpColorPicker` can opt for hue-only mode via supplying `hue` as the `type` option. Iris Color Picker is updated from v1.0.7 to v1.1.0-beta.
Props mattwiebe, celloexpressions.
Fixes#38263.
Built from https://develop.svn.wordpress.org/trunk@38931
git-svn-id: http://core.svn.wordpress.org/trunk@38874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In addition to `wp_list_filter()` for filtering a list of objects, and `wp_list_pluck()` for plucking a certain field out of each object in a list, this new function can be used for sorting a list of objects by specific fields. These functions are now all contained within the new `WP_List_Util()` class and `wp_list_sort()` is used in various parts of core for sorting lists.
This was previously committed in [38859] but got reverted in [38862] and [38863]. To fix the previous issues, `wp_list_sort()` supports now an additional argument to preserve array keys via `uasort()`.
Props flixos90, DrewAPicture, jorbin.
Fixes#37128.
Built from https://develop.svn.wordpress.org/trunk@38928
git-svn-id: http://core.svn.wordpress.org/trunk@38871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes bug where an invalid Last-Modified value would be returned in feed requests for sites that had 0 items to return. Comment or post feeds will now return the current timestamp as the Last-Modified header value. Example: a request for the comments feed for a site without any comments.
Replaced use of the local static variable `$cache_lastcommentmodified` to store the modified date in `get_lastcommentmodified()` with the Object Cache API. The `get_lastcommentmodified()` function returns early if there is a cached value and returns `false` if there where no comments found. Introduced `_clear_modified_cache_on_transition_comment_status()` to flush the `lastcommentmodified` cache key when a comment enters or leaves approval status. In `get_lastpostmodified()` return early if there is a cached value and return `false` if there are no posts found.
Props swissspidy, rachelbaker, dllh, leobaiano.
Fixes#38027.
Built from https://develop.svn.wordpress.org/trunk@38925
git-svn-id: http://core.svn.wordpress.org/trunk@38868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This brings the custom colors CSS in line with the stylesheet. Some selectors were missing since many changes occurred in `style.css` a few days before the original merge to Core.
Props celloexpressions, laurelfulford.
Fixes#38389.
Built from https://develop.svn.wordpress.org/trunk@38918
git-svn-id: http://core.svn.wordpress.org/trunk@38861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, if an invalid post status was assigned to a media object, the object would be returned with an unchanged status. After [38911], an error response is returned.
The assertion in test_get_items_invalid_status_param_is_discarded() needs to be updated to account for the expected error response. The test name has been changed to `test_get_items_invalid_status_param_is_error_response()`.
Fixes#38417.
Built from https://develop.svn.wordpress.org/trunk@38917
git-svn-id: http://core.svn.wordpress.org/trunk@38860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Pass `false` as the `$passed_default` value when the `default_option_{$option}` filter is applied in `update_option` as no default is ever passed.
This resolves an error in tests where the 3rd parameter is not available to `filter_default_option()`.
Fixes#38176.
Built from https://develop.svn.wordpress.org/trunk@38916
git-svn-id: http://core.svn.wordpress.org/trunk@38859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a `default` argument to `register_setting` that will be used an the default option value viet `get_option()` in the event of no other option being specified. This means (if chosen) developers can define their default once via `register_option` and not have to duplicate the value every time they make a call to `get_option()`.
Props rmccue, jorbin, jtsternberg.
Fixes#38176.
Built from https://develop.svn.wordpress.org/trunk@38910
git-svn-id: http://core.svn.wordpress.org/trunk@38853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_DEFAULT_THEME` was being defined in the wrong location.
Also, if WordPress has the original "default" theme installed, ensure that our test theme overrides it.
Props swissspidy for daring to dive into Themes of WordPress Past.
See #31550, #38457.
Built from https://develop.svn.wordpress.org/trunk@38908
git-svn-id: http://core.svn.wordpress.org/trunk@38851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This functionality was originally added in [38858], using `symlink()` to put a link to the theme in WordPress' `themes` directory. Unfortunately, not all installs have write access to the `themes` directory, causing unit tests to fail.
The new method is to add the test theme directory to `$wp_theme_directories`, and fix the handful of tests that don't expect `$wp_theme_directories` to have multiple entries.
The test install/bootstrap routines now also check that `WP_DEFAULT_THEME` is defined, in case the tests are being run on a system that hasn't upgraded its' `wp-tests-config.php`.
See #31550.
Fixes#38457.
Built from https://develop.svn.wordpress.org/trunk@38907
git-svn-id: http://core.svn.wordpress.org/trunk@38850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ability was previously added to nav menus via the available page items panel. The "Add New Page" button only appears when the `allow_addition` control param is supplied as `true`. Code is adapted from the Customize Posts feature plugin.
Props celloexpressions, westonruter.
See #38013, #34923.
Fixes#38164.
Built from https://develop.svn.wordpress.org/trunk@38906
git-svn-id: http://core.svn.wordpress.org/trunk@38849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
An empty string causes some browsers to use the current URL as the `href`. When using `history.replaceState()` Chrome will re-fetch the favicon with each call, meaning that `customize.php` gets hit with wasted requests which tax the server.
Fixes#38377.
Built from https://develop.svn.wordpress.org/trunk@38901
git-svn-id: http://core.svn.wordpress.org/trunk@38844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously we ensured that the entry points to WordPress were parsable by PHP4 in order to display a friendly not-supported-php error message.
However, for the last two years the main entry points have not actually parsed, and we've only added extra parse errors since it last worked in 3.9, so it's time we just remove this 'feature'.
The PHP version checks are still there for PHP 5.0/5.1, and so it's inplace when we eventually drop PHP 5.2 support.
See #29489.
Built from https://develop.svn.wordpress.org/trunk@38899
git-svn-id: http://core.svn.wordpress.org/trunk@38842 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are a handful of places where we don't check that the XML functions exist before we use them. Ubuntu's PHP 7 packages don't include PHP-XML by default, increasing the chance of this causing issues.
Props kraftbj, markoheijnen.
Fixes#37122.
Built from https://develop.svn.wordpress.org/trunk@38883
git-svn-id: http://core.svn.wordpress.org/trunk@38826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the Header Image section, the previously uploaded images disappeared off-screen
when using the keyboard to navigate and the remove "X" button got keyboard focus.
Changing the off-screen CSS technique used for the "X" buttons fixes it.
- improves the focus style on the previously uploaded and suggested images
- removes a `tabindex="0"` attribute from the current header image
Fixes#38156.
Built from https://develop.svn.wordpress.org/trunk@38881
git-svn-id: http://core.svn.wordpress.org/trunk@38824 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- changes the "X" links in buttons, improves their color contrast ratio and focus style
- adds screen reader text "Remove item: + tagname"
- uses `wp.a11y.speak()` to give screen reader users feedback when adding/removing tags
- makes the `tagcloud-link` toggle a button, with an `aria-expanded` attribute to indicate the tag cloud collapsed/expanded state
- changes colors for the autocomplete highlighted option in order to have a better color contrast ratio
- reduces the font size for the autocomplete on Press This
- removes CSS related to the old `suggest.js` from Press This
Props joedolson, cgrymala, azaozz, afercia.
Fixes#27555.
Built from https://develop.svn.wordpress.org/trunk@38880
git-svn-id: http://core.svn.wordpress.org/trunk@38823 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improve performance of Emoji tests and loading of the polyfill.
Reduces the number of tests to determine browser support for emoji to those most likely to fail. Adds the defer flag to the loaded scripts for browsers lacking support.
Props superpoincare for perf testing, peterwilsoncc.
Fixes#37817.
Built from https://develop.svn.wordpress.org/trunk@38869
git-svn-id: http://core.svn.wordpress.org/trunk@38812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This improves UX, since an image added will be displayed on front end as opposed to not at all. This fix added the front page's featured image above the front page content, similar to how it's handled in the other panels. Also it removed code that was setting the front page's featured image as a fallback to the custom header, and updated the conditions that add the `has-header-image` to remove reference to the front page's featured image.
Props laurelfulford.
Fixes#38402.
Built from https://develop.svn.wordpress.org/trunk@38868
git-svn-id: http://core.svn.wordpress.org/trunk@38811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Currently, it's hard to output an SVG in the comment function without a lot of extra effort. So this adds a simple border to the author avatar and removes previous code related to SVGs and/or Genericons.
Props laurelfulford.
Fixes#38403.
Built from https://develop.svn.wordpress.org/trunk@38865
git-svn-id: http://core.svn.wordpress.org/trunk@38808 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As of WordPress 4.3 the `wp_new_comment()` function has been updated to allow the comment_agent value to be set when a comment is created. The comments API endpoint now allows the comment author's user agent to be set when creating a comment.
Also, the `readonly` property on the `author_user_agent` parameter in the schema was removed.
Props rabmalin for the initial patch.
Fixes#38425.
Built from https://develop.svn.wordpress.org/trunk@38864
git-svn-id: http://core.svn.wordpress.org/trunk@38807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In addition to `wp_list_filter()` for filtering a list of objects, and `wp_list_pluck()` for plucking a certain field out of each object in a list, this new function can be used for sorting a list of objects by specific fields. These functions are now all contained within the new `WP_List_Util()` class and `wp_list_sort()` is used in various parts of core for sorting lists.
Props flixos90, DrewAPicture, jorbin.
Fixes#37128.
Built from https://develop.svn.wordpress.org/trunk@38859
git-svn-id: http://core.svn.wordpress.org/trunk@38802 1a063a9b-81f0-0310-95a4-ce76da25c4cd
New default themes require workarounds being added to several unit tests, as they often alter default WordPress behaviour. To avoid ongoing maintenance issues, this change switches to a minimal theme when running tests.
This change also removes the old workarounds for default themes.
Fixes#31550.
Built from https://develop.svn.wordpress.org/trunk@38858
git-svn-id: http://core.svn.wordpress.org/trunk@38801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This was previously fixed in [38837], but it wasn't really the correct answer, to fix it in the theme. So, [38837] is reverted in this commit, and the Twenty Seventeen actions causing problems are unhooked before tests are run.
See #38372.
Built from https://develop.svn.wordpress.org/trunk@38850
git-svn-id: http://core.svn.wordpress.org/trunk@38793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
One thing fairly common to the cache groups is a block of code to look to see when the cache was last changed, and if there isn't one, to set it for the current microtime(). It appears in 8 different places in core. This adds a new helper `wp_cache_get_last_changed` to DRY things up a bit.
Since `wp-includes/cache.php` isn't guaranteed to be loaded, this new function is in `wp-includes/functions.php`
Props spacedmonkey, desrosj.
Fixes#37464.
Built from https://develop.svn.wordpress.org/trunk@38849
git-svn-id: http://core.svn.wordpress.org/trunk@38792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Builds can hang or get very slow on copy when you have alot of files. Alot of files can suddenly appear when you are developing new themes or plugins. Often, it's nice to have a minimal build, especially if you are preparing a commit.
This adds a new flag `--minimal-copy` that can be added to any task which does a copy. These tasks include build, test, and copy. This flag will cause no plugins to be copied and only the twenty series of default themes to be copied. Everything else remains the same.
Fixes#38423.
Built from https://develop.svn.wordpress.org/trunk@38848
git-svn-id: http://core.svn.wordpress.org/trunk@38791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[38792] allowed `WP_Query`'s hyphen-as-exclusion-prefix feature to be
disabled via filter. A more general solution is to allow the prefix to
be filtered; returning an empty value from a filter callback works to
disable the feature.
Props dlh.
Fixes#38099.
Built from https://develop.svn.wordpress.org/trunk@38844
git-svn-id: http://core.svn.wordpress.org/trunk@38787 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This reverts [38454] along with its follow-up commits, [38512], [38514], and [38692]. These tests are currently not pass
ing, and maybe they never will. The tests are in a group which does not run by default without a flag, making them quest
ionably useful.
We can re-visit this at a later date.
See #32360
Built from https://develop.svn.wordpress.org/trunk@38840
git-svn-id: http://core.svn.wordpress.org/trunk@38783 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Fix leak in setup_notify_comment() test help by removing the comment_flood_filter.
- Correct uses of $term_taxonomy_id -> $term_id in Category and Tags routing.
- Temporarily remove the metadata tests for canola.jpg as that file does not have an exifdata. Will need to update the test.
Props jorbin, rmccue, nacin
See #38373.
Built from https://develop.svn.wordpress.org/trunk@38834
git-svn-id: http://core.svn.wordpress.org/trunk@38777 1a063a9b-81f0-0310-95a4-ce76da25c4cd
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.
Love your REST API, WordPress! The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"
Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes#38373.
Built from https://develop.svn.wordpress.org/trunk@38832
git-svn-id: http://core.svn.wordpress.org/trunk@38775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Custom CSS is associated with a given theme and is displayed in an inline `style` element at the `wp_head` hook after the `wp_print_styles` is called so that it overrides any enqueued stylesheets.
* A `wp_get_custom_css()` function is used for accessing the CSS associated with the current theme (or another theme) and a `wp_get_custom_css` filter for manipulating it.
* CSS is managed in customizer via a new "Additional CSS" section with a single `textarea` control.
* `WP_Customize_Section::$description_hidden` is introduced for hiding extended descriptions in customizer sections behind a help toggle as done with panels.
* CSS is stored in a `custom_css` post type with the theme (stylesheet) slug as the `post_name`.
* `WP_Customize_Custom_CSS_Setting` is introduced to handle validation of CSS, previewing, and persisting the CSS to the `custom_css` post type.
* The `custom_css` setting is tied to a new `unfiltered_css` capability which maps to `unfiltered_html` by default.
* Escaping the message in the notification template is removed to allow markup (`code` tags) to be rendered.
See https://make.wordpress.org/core/2016/10/11/feature-proposal-better-theme-customizations-via-custom-css-with-live-previews/
Props johnregan3, celloexpressions, folletto, westonruter.
Fixes#35395.
Built from https://develop.svn.wordpress.org/trunk@38829
git-svn-id: http://core.svn.wordpress.org/trunk@38772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[37920] introduced resource hints that allow browsers to prefetch specific pages or render them in the background. With this change, the `as`, `crossorigin`, `pr`, and `type` attributes can be passed in addition to the URLs/hosts.
Props peterwilsoncc, swissspidy.
Fixes#38121.
Built from https://develop.svn.wordpress.org/trunk@38826
git-svn-id: http://core.svn.wordpress.org/trunk@38769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`get_network()` falls back to the current network when called without any arguments. Between this and `get_current_network_id()`, we can replace almost all instances of the global `$current_site` and all instances of `get_current_site()`.
This effectively deprecates `get_current_site()`, something that we'll do in a future ticket.
Props flixos90.
Fixes#37414.
Built from https://develop.svn.wordpress.org/trunk@38814
git-svn-id: http://core.svn.wordpress.org/trunk@38757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the fallbacks in `wp_get_attachment_image()` and in
`wp.media.string.props` which attempt to generate an `alt` value
from the image caption or title if an `alt` attribute isn't explicitly
set.
This allows for image HTML to be generated that contains an empty `alt`
value, i.e., `alt=""` which is much preferable for screen readers than
reading redundant content in the case of a caption, or when reading the
image title, which is often generated from the filename and not helpful
as `alt` text.
Props odie2, joedolson, rianrietveld, afercia, iamjolly, joemcgill.
Fixes#34635.
Built from https://develop.svn.wordpress.org/trunk@38812
git-svn-id: http://core.svn.wordpress.org/trunk@38755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Remove the calls to getBookmark() and moveToBookmark() in IE. This is handled automatically when blurring and focusing the editor.
- When inserting a link, move it out of the caret position element. If not, it may be removed with that element on clean-up before save.
Fixes#38335.
Built from https://develop.svn.wordpress.org/trunk@38808
git-svn-id: http://core.svn.wordpress.org/trunk@38751 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- When editing pages, add body class with the page template, or `page-template-default`.
- Change the page template class when the users select another template, similarly to changing the post type class for posts.
Props webmandesign.
Fixes#37599.
Built from https://develop.svn.wordpress.org/trunk@38803
git-svn-id: http://core.svn.wordpress.org/trunk@38746 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the Menus screen, events that trigger the posts-categories search need to be
delegated. This "boxes" may get dynamically rebuilt so events directly attached
to the search input field need to be delegated.
Fixes#38324.
Built from https://develop.svn.wordpress.org/trunk@38799
git-svn-id: http://core.svn.wordpress.org/trunk@38742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Replace suggest.js with UI Autocomplete.
- Use the same settings like in the editor link toolbar.
- Abstract it and add in a new file, tags-suggest.js. Then make it a dependency for the Tags postbox(es) and Quick and Bulk Edit.
- Add `data-wp-taxonomy` on all input elements to improve handling in the UI for custom taxonomies.
Props afercia, azaozz.
See #33902.
Built from https://develop.svn.wordpress.org/trunk@38797
git-svn-id: http://core.svn.wordpress.org/trunk@38740 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes the Add Themes toolbar padding. Standardizes the placeholders to no title
case and three trailing dots. Expands the Media search placeholder in
"Search media items..." for consistency with the Plugins and Themes toolbars.
Props mikeviele, jamesacero, mattking5000, koenschipper, dungengronovius.
Fixes#38010.
Built from https://develop.svn.wordpress.org/trunk@38795
git-svn-id: http://core.svn.wordpress.org/trunk@38738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress 4.4 introduced "hyphen exclusion" for search terms, so that
"foo -bar" would return posts containing "foo" AND not containing "bar".
The new filter 'wp_query_use_hyphen_for_exclusion' allows developers
to disable this feature when it's known that their content will contain
semantically important leading hyphens.
Props chriseverson, choongsavvii.
Fixes#38099.
Built from https://develop.svn.wordpress.org/trunk@38792
git-svn-id: http://core.svn.wordpress.org/trunk@38735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This function was originally introduced to fix an XSS attack in Netscape 4, which never affected any other browsers, or later versions of Netscape.
I'm willing to go out on a limb, and say that we've officially dropped security support for Netscape 4.
Props dmsnell, desrosj.
Fixes#33848.
Built from https://develop.svn.wordpress.org/trunk@38785
git-svn-id: http://core.svn.wordpress.org/trunk@38728 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[38776] introduced a call to `get_term()` using only the term ID. This
causes problems in cases where shared terms have not been split. Since
we have the taxonomy available, there's no harm in passing it along to
`get_term()`.
Props dd32.
See #37291.
Built from https://develop.svn.wordpress.org/trunk@38779
git-svn-id: http://core.svn.wordpress.org/trunk@38722 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since 4.4, comment submission has been mostly abstracted into a function,
rather than being processed inline in wp-comments-post.php. This change
made it easier to write automated tests against the bulk of the comment
submission process. `wp_allow_comment()` remained untestable, however:
when a comment failed one of its checks (flooding, duplicates, etc),
`die()` or `wp_die()` would be called directly. This shortcoming posed
problems for any application attempting to use WP's comment verification
functions in an abstract way - from PHPUnit to the REST API.
The current changeset introduces a new parameter, `$avoid_die`, to the
`wp_new_comment()` stack. When set to `true`, `wp_new_comment()` and
`wp_allow_comment()` will return `WP_Error` objects when a comment check
fails. When set to `false` - the default, for backward compatibility -
a failed check will result in a `die()` or `wp_die()`, as appropriate.
Prior to this changeset, default comment flood checks took place in the
function `check_comment_flood_db()`, which was hooked to the
'check_comment_flood' action. This design allowed the default comment
flood routine to be bypassed or replaced using `remove_action()`.
In order to maintain backward compatibility with this usage, while
simultaneously converting the comment flood logic into something that
returns a value rather than calling `die()` directly,
`check_comment_flood_db()` has been changed into a wrapper function for
a call to `add_filter()`; this, in turn, adds the *actual* comment flood
check to a new filter, 'wp_is_comment_flood'. Note that direct calls
to `check_comment_flood_db()` will no longer do anything in isolation.
Props websupporter, rachelbaker.
Fixes#36901.
Built from https://develop.svn.wordpress.org/trunk@38778
git-svn-id: http://core.svn.wordpress.org/trunk@38721 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since [37573], `get_object_term_cache()` has expected term IDs to be
stored in the taxonomy relationship cache. The function would then
reach directly into the 'terms' cache to fetch the data corresponding
to a given term, before returning a `WP_Term` object. This caused
problems when, for one reason or another, term data was cached
inconsistently:
* If the 'terms' cache is empty for a given term ID, despite the earlier call to `_prime_term_caches()`, `get_term()` would return an error object.
* If the array of cached term IDs contains an invalid ID, `get_term()` would return an error object.
We avoid these errors by no longer touching the 'terms' cache directly,
but running term IDs through `get_term()` and allowing that function to
reference the cache (and database, as needed). If `get_term()` returns
an error object for any of the cached term IDs, `get_object_term_cache()`
will return that error object alone. This change ensures that upstream
functions, like `get_the_terms()`, return `WP_Error` objects in a
predictable fashion.
Props dd32, michalzuber.
Fixes#37291.
Built from https://develop.svn.wordpress.org/trunk@38776
git-svn-id: http://core.svn.wordpress.org/trunk@38719 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the Menus screen, the links to move menu items behave like buttons: they
perform an action so they should be real buttons to be correctly reported to
assistive technologies. Since they're logically grouped controls, they should
also be wrapped in a `<fieldset>` element for better semantics and accessibility.
Props Cheffheid.
Fixes#35578.
Built from https://develop.svn.wordpress.org/trunk@38770
git-svn-id: http://core.svn.wordpress.org/trunk@38713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Although unlikely, clashes in randomly generated strings could cause unexpected failures. In addition, most randomness is entirely unnecessary, is bad practice, and increases test time (however small it may be).
See #37371
Built from https://develop.svn.wordpress.org/trunk@38762
git-svn-id: http://core.svn.wordpress.org/trunk@38705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The position of this template within the hierarchy is of so little use that zero themes in the WordPress.org theme directory make use of it. It's second only to `index.php` in the hierarchy, meaning that any archive template such as `category.php` or `archive.php` will be chosen before it.
Fixes#38162
Props ryankienstra for initial patch
Built from https://develop.svn.wordpress.org/trunk@38755
git-svn-id: http://core.svn.wordpress.org/trunk@38698 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If a plugin attempts to change the rewrite rules to early, other plugins may have their rules inadvertently discarded. Additionally, some function such as `url_to_post_id` cause a rewrite rule lookup that could cause this accidental flushing. This forces the flushing to only occur once `wp_loaded` has been fired.
Fixes#37892.
Props Chouby.
Built from https://develop.svn.wordpress.org/trunk@38751
git-svn-id: http://core.svn.wordpress.org/trunk@38694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Removes special handling for `edit-tags.php` which is no longer required because of `term.php`. Related: [34202] and [36308].
* Sets `$referer` to `$_SERVER['REQUEST_URI']` because `wp_get_referer()` returns false if `$_SERVER['REQUEST_URI'] === $_REQUEST['_wp_http_referer']`.
* Sets `paged` always to `$pagenum` which is the value of `$wp_list_table->get_pagenum();`. This avoids an additional redirect when you delete an item which was previously on the last page.
Fixes#38194.
Built from https://develop.svn.wordpress.org/trunk@38750
git-svn-id: http://core.svn.wordpress.org/trunk@38693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changes the global `$wp_taxonomies` to an array of `WP_Taxonomy ` objects. `WP_Taxonomy ` includes methods to handle rewrite rules and hooks.
Each taxonomy argument becomes a property of `WP_Taxonomy`. Introducing such a class makes further improvements in the future much more feasible.
Props boonebgorges for review.
Fixes#36224. See #36217.
Built from https://develop.svn.wordpress.org/trunk@38747
git-svn-id: http://core.svn.wordpress.org/trunk@38690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When editing a plugin file, show the correct plugin as being edited in the dropdown with the correct activation status.
Props aniketpant, dd32, DrewAPicture, jayarjo, MattyRob, mt8.biz, solarissmoke, swissspidy, WraithKenny.
Fixes#24122, #17552.
Built from https://develop.svn.wordpress.org/trunk@38745
git-svn-id: http://core.svn.wordpress.org/trunk@38688 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Trashed posts cannot be accessed by site visitors and thus should not be visible on the front end. By marking menu items of trashed posts as invalid, they are excluded from the output.
Props solarissmoke, swissspidy.
Fixes#19038.
Built from https://develop.svn.wordpress.org/trunk@38744
git-svn-id: http://core.svn.wordpress.org/trunk@38687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use the value of the `comment_order` setting to determine the date_query key to pass to `WP_Comment_Query`.
Fixes a bug where sites that had comments ordered "newest" first would have the incorrect page number returned.
Props tyxla, boonebgorges.
Fixes#31101.
Built from https://develop.svn.wordpress.org/trunk@38740
git-svn-id: http://core.svn.wordpress.org/trunk@38683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Making behavior changes based on some broad definition of what mobile is rarely, if ever, makes sense. Each bit of functionality should be more clearly targeted, whether that's for screen size, performance, or some kind of touch capability.
props akibjorklund.
see #33704.
Built from https://develop.svn.wordpress.org/trunk@38739
git-svn-id: http://core.svn.wordpress.org/trunk@38682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the 'comment_whitelist' option is enabled and the commenter is an authenticated user, query for the existence of an approved comment with a matching `user_id`. This allows authenticated users that have changed their email address to bypass having their comment held for moderation.
Props voldemortensen, rachelbaker.
Fixes#28603.
Built from https://develop.svn.wordpress.org/trunk@38738
git-svn-id: http://core.svn.wordpress.org/trunk@38681 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Following [38625], any media searches that already included JOINs,
e.g., `tax_queries`, would get trampled when we joined the post meta
table to search for filenames. This preserves existing JOINs and
also only applies the `_filter_query_attachment_filenames()` filter
when a search query is being performed.
Props flixos90, joemcgill.
Fixes#22744.
Built from https://develop.svn.wordpress.org/trunk@38733
git-svn-id: http://core.svn.wordpress.org/trunk@38676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes#38070, #37733 by reverting part of [38429] and using the fix in Requests.
Fixes#37992 allowing for connecting to SSL resources on ports other than 443.
Fixes#37991 by not sending default ports in the `Host:` header.
Fixes#37839 to match and decode Chunked responses correctly.
Fixes#38232 allowing a SSL connection to ignore the hostname of the certificate when verification is disabled.
Built from https://develop.svn.wordpress.org/trunk@38727
git-svn-id: http://core.svn.wordpress.org/trunk@38670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[38694] revealed some URL formats were been parsed incorrectly, including those used by Google Fonts. This change simplifies the function to use placeholder values which cause PHP's parsing to behave consistently.
Props jrf, peterwilsoncc.
Fixes#36356.
Built from https://develop.svn.wordpress.org/trunk@38726
git-svn-id: http://core.svn.wordpress.org/trunk@38669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
New parameters are: `login`, `login__in`, `login__not_in`, `nicename`,
`nicename__in`, `nicename__not_in`.
`login__in` and `nicename__in` are also now valid values for the
'orderby' parameter.
Props ryanplas.
Fixes#36624.
Built from https://develop.svn.wordpress.org/trunk@38715
git-svn-id: http://core.svn.wordpress.org/trunk@38658 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The addition of the `pre_do_shortcode_tag` in [38506] allows plugins to short-circuit the shortcode execution process, which is particularly helpful for caching expensive shortcodes.
The `do_shortcode_tag` is the corresponding part of that system - when a shortcode hasn't been executed previously, there needs to be a clean method of populating the cache.
Props flixos90.
Fixes#32790.
Built from https://develop.svn.wordpress.org/trunk@38713
git-svn-id: http://core.svn.wordpress.org/trunk@38656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes a bug where the UI wasn't updated after deleting/updating a theme.
Also introduces unit tests for theme management ajax handlers. For now they're
focused on `wp_ajax_update_theme()` but they can include tests for other
handlers as well.
Props chrisjean for initial patch.
Fixes#37924.
Built from https://develop.svn.wordpress.org/trunk@38710
git-svn-id: http://core.svn.wordpress.org/trunk@38653 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- adds a "search" icon into the search fields
- adds a hidden description for the widget search field, targeted by `aria-describedby`
- adds the "clear-results" button to the widgets search
- removes the `change` and `search` events bound on the widget search, for these "live searches" WordPress should standardize on `input` (+ `keyup` when needed)
- adds property and function to keep track and update the number of the widgets search results
- the widgets search results are now announced via `wp.a11y.speak()`
- adds a visible and audible message when there are no widgets search results
- moves some CSS to `customize-controls.css`
Props ryankienstra, melchoyce, afercia.
Fixes#36908.
Built from https://develop.svn.wordpress.org/trunk@38709
git-svn-id: http://core.svn.wordpress.org/trunk@38652 1a063a9b-81f0-0310-95a4-ce76da25c4cd
After [38634], this adjusts the behaviour to remove redundancy by not displaying the link if the latest posts are shown on the front page. In that scenario, the 'Visit Site' link already points to the latest posts.
Fixes#34113.
Built from https://develop.svn.wordpress.org/trunk@38708
git-svn-id: http://core.svn.wordpress.org/trunk@38651 1a063a9b-81f0-0310-95a4-ce76da25c4cd
By enabling the user to select their preferred locale when editing the profile, we allow for greater personalization of the WordPress admin and therefore a better user experience.
The back end will be displayed in the user's individual locale while the locale used on the front end equals the one set for the whole site. If the user didn't specify a locale, the site's locale will be used as a fallback. The new `locale` property of the `WP_User` class can be used to retrieve the user's locale setting.
Props ocean90, ipm-frommen, swissspidy.
Fixes#29783.
Built from https://develop.svn.wordpress.org/trunk@38705
git-svn-id: http://core.svn.wordpress.org/trunk@38648 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This introduces the singular `edit_term`, `delete_term`, and `assign_term` meta capabilities for terms, and switches the base capability name for tags from `manage_categories` to `manage_post_tags` and the corresponding `edit_post_tags`, `delete_post_tags`, and `assign_post_tags`.
All of these capabilities ultimately map to `manage_categories` so by default there is no change in the behaviour of the capabilities for categories, tags, or custom taxonomies. The `map_meta_cap` filter and the `capabilities` argument when registering a taxonomy now allow for control over editing, deleting, and assigning individual terms, as well as a separation of capabilities for tags from those of categories.
Fixes#35614
Props johnjamesjacoby for feedback
Built from https://develop.svn.wordpress.org/trunk@38698
git-svn-id: http://core.svn.wordpress.org/trunk@38641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduce two new filters: `rest_request_before_callbacks` and `rest_request_after_callbacks` to
assist REST API middleware plugins to perform pre-callback and cleanup hooks such as `switch_to_blog()`
or caching implementations.
Props jnylen0.
Fixes#35590.
Built from https://develop.svn.wordpress.org/trunk@38689
git-svn-id: http://core.svn.wordpress.org/trunk@38632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also includes a new prefixed value.
Changes:
6.5 “Einigkeit und Recht und Freiheit”
- Add defaults keyword to browsers requirements.
- Fix CSS Grid Layout support.
- Fix align-self cleaning.
6.4.1
- Fix node cloning after some PostCSS plugins.
6.4 “Hic et ubique terrarum”
- Add :any-link selector support.
- Add text-decoration-skip support.
- Add transition: duration property support.
- Fix -webkit- prefix for backface-visibility.
- Fix rad unit support in gradients (by 刘祺).
- Fix transition support in Opera 12.
- Removed Safari TP Grid prefixes support.
6.3.7
- Fix rare Cannot read property 'constructor' of null issue.
6.3.6
- Add Safari TP prefix support for Grid Layout.
6.3.5
- Fix duplicate prefixes for -ms-interpolation-mode.
6.3.4
- Show users coverage for selected browsers in info().
28.0
- Happy Birthday @nacin
See #38199
Built from https://develop.svn.wordpress.org/trunk@38688
git-svn-id: http://core.svn.wordpress.org/trunk@38631 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, we looped through all of the site IDs found via user meta and ran `get_blog_details()` for each site. Now, we can pass all of the site IDs at once to `get_sites()` and receive full `WP_Site` objects.
To avoid possible issues with return type, sites are still processed into a standard object that also has a `userblog_id` property attached. Nothing is changed for non-multisite configurations.
Props flixos90.
Fixes#37061.
Built from https://develop.svn.wordpress.org/trunk@38682
git-svn-id: http://core.svn.wordpress.org/trunk@38625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It is possible to short circuit `get_site_by_path()` using the `pre_get_site_by_path` filter. When this happens and a standard site object is provided, we can make sure it is upgraded to a proper `WP_Site` object before passing it on.
Props flixos90.
Fixes#37053.
Built from https://develop.svn.wordpress.org/trunk@38681
git-svn-id: http://core.svn.wordpress.org/trunk@38624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_Term_Query` already supports querying terms by 'slug', 'name', and 'term_taxonomy_id'. Its additional arguments allow us to generate nearly the same SQL queries as before.
This change has one yuge benefit: the term queries are now cached.
Add tests to increase coverage of `get_term_by()`.
Props spacedmonkey, boonebgorges, johnjamesjacoby, pento, ocean90.
Fixes#21760.
Built from https://develop.svn.wordpress.org/trunk@38677
git-svn-id: http://core.svn.wordpress.org/trunk@38620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [38294], `pathinfo()` was used with the `PATHINFO_BASENAME` constant to
get the basename of the file to be used as an attachment title, which depends
on PHP locale and can cause issues with UTF-8 characters. This uses
`wp_basename()` instead, which is a more i18n-friendly version of `basename()`.
Props SergeyBiryukov.
Fixes#37608, #37989.
Built from https://develop.svn.wordpress.org/trunk@38673
git-svn-id: http://core.svn.wordpress.org/trunk@38616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces some consistency in the usage of the button CSS classes, fixes the
focus style for accessibility and responsiveness of the buttons.
- Adds the `button` class to all primary buttons make them responsive
- Removes all `secondary-button` classes and replaces it with button when needed. `button-secondary` shouldn't be used and exists just for backward compatibility reasons
- Replaces classes inside `submit_button()` with a shorthand for some buttons, and use an empty string for the default `button` class. Passing `button` is unnecessary
- Adjusts `get_submit_button()` to remove empty items
Props iseulde, dimchik, chris_d2d, mhowell, afercia.
Fixes#27314, #37138, #37448.
Built from https://develop.svn.wordpress.org/trunk@38672
git-svn-id: http://core.svn.wordpress.org/trunk@38615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It is possible to delegate pingback processing to a service function outside of WordPress itself. All other calls in default themes (and likely other themes) uses `bloginfo` which automatically adds the filter argument of "display". This adds consistency.
Props dshanske.
Fixes#34633.
Built from https://develop.svn.wordpress.org/trunk@38671
git-svn-id: http://core.svn.wordpress.org/trunk@38614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new 'object_ids' parameter for `WP_Term_Query` allows queries for
terms that "belong to" a given object. This change makes it possible
to use `WP_Term_Query` inside of `wp_get_object_terms()`, rather than
assembling a SQL query.
The refactor has a couple of benefits:
* Less redundancy.
* Better consistency in accepted arguments between the term query functions. See #31105.
* Less redundancy.
* Object term queries are now cached. The `get_object_term_cache()` cache remains, and will be a somewhat less fragile secondary cache in front of the query cache (which is subject to frequent invalidation).
* Less redundancy.
A small breaking change: Previously, if a non-hierarchical taxonomy had
terms that had a non-zero 'parent' (perhaps because of a direct SQL
query), `wp_get_object_terms()` would respect the 'parent' argument.
This is in contrast to `WP_Term_Query` and `get_terms()`, which have
always rejected 'parent' queries for non-hierarchical taxonomies. For
consistency, the behavior of `get_terms()` is being applied across the
board: passing 'parent' for a non-hierarchical taxonomy will result in
an empty result set (since the cached taxonomy hierarchy will be empty).
Props flixos90, boonebgorges.
See #37198.
Built from https://develop.svn.wordpress.org/trunk@38667
git-svn-id: http://core.svn.wordpress.org/trunk@38610 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, if a network's domain started with `www.` in a subdomain configuration, a slug lookup with `get_id_from_blogname()` would not match an existing site. A similar lookup in a subdirectory configuration would work fine.
This strips `www.` from the network's domain in a subdomain configuration during the lookup and returns the site as expected.
Adds tests which would previously fail in a subdomain configuration, but now pass in both configurations.
Props igmoweb, flixos90.
Fixes#34450.
Built from https://develop.svn.wordpress.org/trunk@38658
git-svn-id: http://core.svn.wordpress.org/trunk@38601 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp-admin/network/admin.php` is required by all of the individual network templates and begins with an `is_multisite()` check of its own. Because of this, we can remove the 26 other checks in the individual templates.
Props flixos90.
Fixes#37447.
Built from https://develop.svn.wordpress.org/trunk@38657
git-svn-id: http://core.svn.wordpress.org/trunk@38600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Removes contents for sections and panels from being logically nested (in the DOM) in order to eliminate many issues related to using `margin-top` hacks. The element containing the link to expand the content element for panels and sections is now a sibling element to its content element: the content is removed from being nested at initialization. The content element is now available in a `contentContainer` property whereas the head element (containing the link to open the construct) is in a `headContainer` property. The existing `container` property is now a jQuery collection that contains both of these elements. Since the head element is no longer in an ancestor element to the `content` element, the `aria-owns` property is now used to maintain the relationship between the `headContainer` and the `contentContainer`. These changes are also accompanied by an improvement to the animation performance for the sliding panes.
Props delawski, celloexpressions.
Fixes#34391.
Fixes#34344.
Fixes#35947.
Built from https://develop.svn.wordpress.org/trunk@38648
git-svn-id: http://core.svn.wordpress.org/trunk@38591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Bulk action filtering was introduced in 3.1, but only to remove default bulk actions, not add new ones.
Bulk actions can now be registered for all admin list table dropdowns via the `bulk_actions-{get_current_screen()->id}` filter. Handling custom bulk actions can be performed in the corresponding and newly introduced `handle_bulk_actions-${get_current_screen()->id}` filter.
Props scribu, flixos90, Veraxus.
See #16031.
Built from https://develop.svn.wordpress.org/trunk@38647
git-svn-id: http://core.svn.wordpress.org/trunk@38590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In rare circumstances, for example buttons with icons and no visible text,
`user-select: none;` may trigger a bug that happens only when using Safari and
VoiceOver and doesn't allow focusable elements to receive focus correctly.
Worth reminding `user-select: none;` is a non-standard property and should be
used with care especially now that `::selection` is almost universally supported.
Fixes#37589.
Built from https://develop.svn.wordpress.org/trunk@38642
git-svn-id: http://core.svn.wordpress.org/trunk@38585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- adds "Apply Filters" and "Clear" at the end of the form
- changes the "Feature Filter", "Apply Filters", "Clear", and "Edit" links in `<button>` elements
- removes a leftover from [27963]
- clarifies one button text and adds an `aria-label` attribute
- adds a `wp.a11y.speak()` message when clicking on "Apply Filters" and no features are selected
Fixes#38086.
Built from https://develop.svn.wordpress.org/trunk@38640
git-svn-id: http://core.svn.wordpress.org/trunk@38583 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`register_setting` can now be passed an array arguments to specify meta-data about the setting,
much like using the `register_meta` API. Of note, it will now accept a `show_in_rest` arg to
hint the inclusion of the setting in the REST API. `get_registered_settings()` is available
as a utility to get all registered settings.
Props rmccue, aaroncampbell.
Fixes#37885.
Built from https://develop.svn.wordpress.org/trunk@38635
git-svn-id: http://core.svn.wordpress.org/trunk@38578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, `compact()` provided a non existent `$join` and could cause confusion for anyone attempting to extend `WP_Site_Query` with their own tables. This aligns with the current behavior in `WP_Network_Query`.
Props johnjamesjacoby.
Fixes#37922.
Built from https://develop.svn.wordpress.org/trunk@38631
git-svn-id: http://core.svn.wordpress.org/trunk@38574 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This applies a new private function, `_filter_query_attachment_filenames()`,
to the `post_clauses` filter hook during `wp_ajax_query_attachments()` and
`wp_edit_attachments_query_vars()` to include `_wp_attached_file` post meta
in search queries performed from the media library or in a `WP_Media_List_Table`.
Props wonderboymusic, DrewAPicture, joemcgill, swissspidy.
Fixes#22744.
Built from https://develop.svn.wordpress.org/trunk@38625
git-svn-id: http://core.svn.wordpress.org/trunk@38568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If there are no pages when the customizer is opened, the `static_front_page` section will be hidden. As soon as a page is created in the customizer session, the `static_front_page` section will be revealed. Previously the section would not be registered if there were no pages. Page stubs created via nav menus will appear in the `dropdown-pages` controls for `page_for_posts` and `page_on_front`, and such page stubs will thus cause the `static_front_page` section to appear. Plugins that facilitate page creation in the customizer by filtering `get_pages` will also cause the section to appear.
See #34923.
Fixes#38013.
Built from https://develop.svn.wordpress.org/trunk@38624
git-svn-id: http://core.svn.wordpress.org/trunk@38567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change means that after entering their site's settings upon installation, users are immediately logged in and redirected to the admin dashboard, instead of being presented with the 'Success!' screen and then being asked to log in. This reduces friction and reduces the number of steps for installation.
Fixes#34084
Built from https://develop.svn.wordpress.org/trunk@38619
git-svn-id: http://core.svn.wordpress.org/trunk@38562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `submitdelete` CSS class is used in various places across the admin for some
"red" action links. It is worth simplifying this rule for further improvements
related to color contrast.
- simplifies a non-standard styling for the "Remove/Cancel" links in the Menus screen
- underlines all the "Move to trash/Delete" red links in all the Publish meta boxes
- fixes CSS classes usage for all the Publish meta boxes primary buttons
- fixes broken layout for the old Link Manager publish meta box
Props karmatosed, hugobaeta, monikarao, afercia.
Fixes#37969, #37018. See #37448, #37138, #27314.
Built from https://develop.svn.wordpress.org/trunk@38616
git-svn-id: http://core.svn.wordpress.org/trunk@38559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
