Commit Graph

7975 Commits

Author SHA1 Message Date
Felix Arntz
dbfbf5501a Security, Site Health: Make migrating a site to HTTPS a one-click interaction.
Switching a WordPress site from HTTP to HTTPS has historically been a tedious task. While on the surface the Site Address and WordPress Address have to be updated, existing content still remains using HTTP URLs where hard-coded in the database. Furthermore, updating _two_ URLs to migrate to HTTPS is still a fairly unintuitive step which is not clearly explained.

This changeset simplifies migration from HTTP to HTTPS and, where possible, makes it a one-click interaction.

* Automatically replace insecure versions of the Site Address (`home_url()`) with its HTTPS counterpart on the fly if the site has been migrated from HTTP to HTTPS. This is accomplished by introducing a `https_migration_required` option and enabling it when the `home_url()` is accordingly changed.
    * A new `wp_replace_insecure_home_url()` function is hooked into various pieces of content to replace URLs accordingly.
    * The migration only kicks in when the Site Address (`home_url()`) and WordPress Address (`site_url()`) match, which is the widely common case. Configurations where these differ are often maintained by more advanced users, where this migration routine would be less essential - something to potentially iterate on in the future though.
    * The migration does not actually update content in the database. More savvy users that prefer to do that can prevent the migration logic from running by either deleting the `https_migration_required` option or using the new `wp_should_replace_insecure_home_url` filter.
    * For fresh sites that do not have any content yet at the point of changing the URLs to HTTPS, the migration will also be skipped since it would not be relevant.
* Expose a primary action in the Site Health recommendation, if HTTPS is already supported by the environment, built on top of the HTTPS detection mechanism from [49904]. When clicked, the default behavior is to update `home_url()` and `site_url()` in one go to their HTTPS counterpart.
    * A new `wp_update_urls_to_https()` function takes care of the update routine.
    * A new `update_https` meta capability is introduced to control access.
    * If the site's URLs are controlled by constants, this update is not automatically possible, so in these scenarios the user is informed about that in the HTTPS status check in Site Health.
* Allow hosting providers to modify the URLs linked to in the HTTPS status check in Site Health, similar to how that is possible for the URLs around updating the PHP version.
    * A `WP_UPDATE_HTTPS_URL` environment variable or `wp_update_https_url` filter can be used to provide a custom URL with guidance about updating the site to use HTTPS.
    * A `WP_DIRECT_UPDATE_HTTPS_URL` environment variable or `wp_direct_update_https_url` filter can be used to provide a custom URL for the primary CTA to update the site to use HTTPS.

Props flixos90, timothyblynjacobs.
Fixes #51437.

Built from https://develop.svn.wordpress.org/trunk@50131


git-svn-id: http://core.svn.wordpress.org/trunk@49810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-02 00:10:01 +00:00
Adam Silverstein
315b1c185d Users: enable admins to send users a reset password link.
Add a feature so Admins can send users a 'password reset' email. This doesn't change the password or force a password change. It only emails the user the password reset link.

The feature appears in several places:
* A "Send Reset Link" button on user profile screen.
* A "Send password reset" option in the user list bulk action dropdown.
* A "Send password reset" quick action when hovering over a username in the user list.

Props Ipstenu, DrewAPicture, eventualo, wonderboymusic, knutsp, ericlewis, afercia, JoshuaWold, johnbillion, paaljoachim, hedgefield.
Fixes #34281.


Built from https://develop.svn.wordpress.org/trunk@50129


git-svn-id: http://core.svn.wordpress.org/trunk@49808 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 22:13:03 +00:00
Adam Silverstein
68c6e9982b Revisions: Address PHP/JS errors when viewing autosave on imported posts.
Fix an issue where viewing an autosave created on a post without any previous revisions would throw a PHP notice. Also fixes the revision screen which was broken in these cases and showed a console error.

Props iseulde.
Fixes #31249.


Built from https://develop.svn.wordpress.org/trunk@50128


git-svn-id: http://core.svn.wordpress.org/trunk@49807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 22:03:01 +00:00
Sergey Biryukov
38293a6aa4 Upgrade/Install: Display correct message about the current version in the admin footer.
Previously, "You are using a development version" message could be displayed if the user has configured core updates to receive Beta or RC versions, but the update has not happened yet.

This brings some consistency with displaying a similar message in `core_upgrade_preamble()` on WordPress Updates screen.

Follow-up to [49708], [49736].

Props afragen, pbiron, azaozz, audrasjb, SergeyBiryukov.
Fixes #51976.
Built from https://develop.svn.wordpress.org/trunk@50121


git-svn-id: http://core.svn.wordpress.org/trunk@49800 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 14:29:01 +00:00
Sergey Biryukov
81462ca73e Posts, Post Types: Introduce "Filter by date" and "Filter by category" as post type and taxonomy labels, respectively.
This provides a more consistent location for these strings and allows for reusing them in other places without hardcoding them in the markup.

Props nicolalaserra, audrasjb, johnjamesjacoby, SergeyBiryukov.
Fixes #42421.
Built from https://develop.svn.wordpress.org/trunk@50120


git-svn-id: http://core.svn.wordpress.org/trunk@49799 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-02-01 14:13:00 +00:00
Sergey Biryukov
f6191c07df Upgrade/Install: Allow WordPress sites to opt-in to development releases.
The `WP_AUTO_UPDATE_CORE` constant now supports `development` and `branch-development` values.

This makes it possible for sites to opt-in to updating to nightly builds without having to install a plugin.

Follow-up to [49245], [49292].

Props xkon, knutsp, afragen, audrasjb, dd32.
Fixes #51978.
Built from https://develop.svn.wordpress.org/trunk@50082


git-svn-id: http://core.svn.wordpress.org/trunk@49782 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-30 10:34:02 +00:00
Felix Arntz
9d348e26f3 Security, Site Health: Improve accuracy in messaging about HTTPS support.
Following up on [49904], this changeset focuses mainly on improving the guidance about the current state of HTTPS in Site Health.

* Correct the existing copy to indicate that both the Site Address and the WordPress Address need to be changed to fully switch to HTTPS.
* Link to the respective input fields via anchor links rather than to the overall General Settings screen.
* Show different copy if the site is using HTTPS for the WordPress Address (for example to have only the administration panel in HTTPS), but not for the Site Address.
* Inform the user about potential problems even when the site is already using HTTPS, for example if the SSL certificate was no longer valid.
* Always rely on fresh information for determining HTTPS support issues in Site Health, and therefore change the `https_status` test to become asynchronous.
* Rename the new private `wp_is_owned_html_output()` function to a more appropriate `wp_is_local_html_output()`.

Props adamsilverstein, flixos90, johnjamesjacoby, timothyblynjacobs.
See #47577.

Built from https://develop.svn.wordpress.org/trunk@50072


git-svn-id: http://core.svn.wordpress.org/trunk@49773 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 19:10:58 +00:00
Sergey Biryukov
ae40aad4c0 Docs: Switch a comment in WP_Media_List_Table::prepare_items() to multi-line format, per the documentation standards.
Follow-up to [48417].

Props pinkalbeladiya, davidbaumwald.
Fixes #52025.
Built from https://develop.svn.wordpress.org/trunk@50071


git-svn-id: http://core.svn.wordpress.org/trunk@49772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 18:54:01 +00:00
whyisjake
22bb49e4d6 Site Health: Update the language around how PHP should be updated.
Follow-up to [50042].

Props SergeyBiryukov.

See #52327.

Built from https://develop.svn.wordpress.org/trunk@50058


git-svn-id: http://core.svn.wordpress.org/trunk@49759 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 17:23:09 +00:00
Sergey Biryukov
6f2bba08d9 Privacy: Add newlines to the index.php file in wp-personal-data-exports directory, for consistency with other similar files.
Follow-up to [50037].

See #52299.
Built from https://develop.svn.wordpress.org/trunk@50055


git-svn-id: http://core.svn.wordpress.org/trunk@49756 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 12:58:58 +00:00
Sergey Biryukov
38b205e5dc Coding Standards: Simplify a long condition in WP_Site_Health_Auto_Updates::test_wp_version_check_attached() for better readability.
Follow-up to [50035].

See #52135.
Built from https://develop.svn.wordpress.org/trunk@50049


git-svn-id: http://core.svn.wordpress.org/trunk@49750 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 10:35:59 +00:00
whyisjake
d3d95965dd Site Health: Update php update strings to not overpromise performance.
Fixes #52327.

Props chanthaboune, SergeyBiryukov, audrasjb, Clorith, whyisjake.


Built from https://develop.svn.wordpress.org/trunk@50041


git-svn-id: http://core.svn.wordpress.org/trunk@49742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-28 00:17:58 +00:00
whyisjake
5f532382aa Privacy: Ensure that exported user data reports can't be found with directory listings.
By moving from `.html` to `.php` files, we can prevent directory listings, and ensure that WordPress can load.

Fixes #52299.

Props lucasbustamante, xkon, freewebmentor, SergeyBiryukov, whyisjake. 

Built from https://develop.svn.wordpress.org/trunk@50037


git-svn-id: http://core.svn.wordpress.org/trunk@49738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 23:46:58 +00:00
whyisjake
ab6271c0a7 Site Health: Only run the version checks on the main site.
The version checks that are setup in `wp-includes/update.php` do set up the action, but only for the main site.

Fixes #52135.

Props audrasjb, SergeyBiryukov, maxpertici, aaribaud.
 

Built from https://develop.svn.wordpress.org/trunk@50035


git-svn-id: http://core.svn.wordpress.org/trunk@49736 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 23:27:00 +00:00
joedolson
35aaaacc04 Revisions: Generate correct number of columns in wp_text_diff.
The function `wp_text_diff` generated an invalid table structure if the $args parameter contained any values. This patch corrects the structure generated by `wp_text_diff` and related usages so that the column count matches the data generated. Additionally, this patch passes arguments to the Revisions screen so that the screen has column headings that reflect the content in each column. Improves the accessibility and usability of the Revisions table.

Props joedolson, mehulkaklotar, afercia, adamsilverstein, zodiac1978, jeremyfelt
Fixes #25473
Built from https://develop.svn.wordpress.org/trunk@50034


git-svn-id: http://core.svn.wordpress.org/trunk@49735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 21:53:58 +00:00
joedolson
ee751b9779 Administration: Remove italic text to improve readability.
Italicized text can be difficult to read for some people with dyslexia or related forms of reading disorders. This removes italics on a number of larger blocks onpm run grunt rpf text in the admin. This has been a task 5.3; this commit closes the task. Further instances of italicized text should be addressed individually.

Props afercia, xkon, audrasjb
Fixes #47327
Built from https://develop.svn.wordpress.org/trunk@50032


git-svn-id: http://core.svn.wordpress.org/trunk@49733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-27 21:03:57 +00:00
ryelle
fed21a9863 Administration: Standardize colors used in CSS to a single palette.
This is part of a larger project in cleaning up core's admin CSS. This collapses all colors used in the CSS to one of 12 blues, greens, reds, and yellows, 13 grays, pure black, and pure white. The colors are perceptually uniform from light to dark, half of each range has a 4.5 or higher contrast against white, the other half has a 4.5 or higher contrast against black.

Standardizing on this set of colors will help contributors make consistent, accessible design decisions. The full color palette can be seen here: https://codepen.io/ryelle/full/WNGVEjw

Props notlaura, danfarrow, kburgoine, drw158, audrasjb, Joen, hedgefield, ibdz, melchoyce.
See #49999.


Built from https://develop.svn.wordpress.org/trunk@50025


git-svn-id: http://core.svn.wordpress.org/trunk@49726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-26 18:54:59 +00:00
Gary Pendergast
7e93e28784 Export: Create an export-specific filter for post titles.
Since WordPress 2.5 and 2.6, `post_content` and `post_excerpt` have both had export-specific filters: `the_content_export`, and `the_excerpt_export`, respectively. `post_title`, however, has used `the_title_rss`, which behaves differently in two important ways:

- It strips HTML tags from the string.
- It HTML-encodes the title string.

These behaviours are not ideal for exports, since it changes the post title, resulting in data loss in export files, and incorrect post duplicate matching on import. This changes replaces the usage of `the_title_rss` with a new filter, `the_title_export`. The new filter is intended to be used in the same as `the_content_export` and `the_excerpt_export`.

Props jmdodd, audrasjb.
Fixes #52250.


Built from https://develop.svn.wordpress.org/trunk@50011


git-svn-id: http://core.svn.wordpress.org/trunk@49712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-25 00:09:59 +00:00
Sergey Biryukov
2259adf433 Docs: Document globals in dropdown_categories() and dropdown_link_categories().
Props umangvaghela123, pawki07.
Fixes #41504.
Built from https://develop.svn.wordpress.org/trunk@50008


git-svn-id: http://core.svn.wordpress.org/trunk@49709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-24 13:59:58 +00:00
Sergey Biryukov
a45a292777 Docs: Fix typo in WP_Links_List_Table DocBlock.
Props audrasjb.
Fixes #52349.
Built from https://develop.svn.wordpress.org/trunk@50002


git-svn-id: http://core.svn.wordpress.org/trunk@49703 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-23 07:25:02 +00:00
Sergey Biryukov
9f12d7f575 External Libraries: First pass at fixing jQuery deprecations in WordPress core and bundled themes.
To be able to disable jQuery Migrate as step 3 of updating the jQuery version shipped with WordPress, all `JQMIGRATE` warnings in the browser console will have to be addressed.

This includes many minor adjustments to a wide array of core files.

Follow-up to:
* Step 1: Disabling jQuery Migrate 1.4.1 in WordPress 5.5: [48323], [48324]
* Step 2: Updating jQuery to 3.5.1 and adding jQuery Migrate 3.3.x in WordPress 5.6: [49101], [49338], [49615], [49649]

Props Clorith, azaozz.
See #51812.
Built from https://develop.svn.wordpress.org/trunk@50001


git-svn-id: http://core.svn.wordpress.org/trunk@49702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-22 12:32:03 +00:00
Sergey Biryukov
777f752c2d Upgrade/Install: Display version number on the "Re-install now" button on WordPress Updates screen.
This makes the button label more clear and allows for removing unnecessary description.

Props afragen, audrasjb.
Fixes #51774.
Built from https://develop.svn.wordpress.org/trunk@49984


git-svn-id: http://core.svn.wordpress.org/trunk@49685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-19 16:48:07 +00:00
Sergey Biryukov
489e47692a Media: Use consistent method for instantiating an attachment author object in Media Library.
Previously, attachments without an author could cause a PHP fatal error due to calling the `::exists()` method on a `false` value.

Props antpb, carloscastilloadhoc, hellofromTonya, garrett-eclipse.
Fixes #52030.
Built from https://develop.svn.wordpress.org/trunk@49979


git-svn-id: http://core.svn.wordpress.org/trunk@49680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-18 12:55:07 +00:00
Sergey Biryukov
b88116d24f Coding Standards: Improve code layout in wp-admin/includes/class-wp-media-list-table.php.
This allows for better readability and easier understanding of where each section opens and closes.

Props laxman-prajapati, hansjovisyoast, audrasjb.
Fixes #51014.
Built from https://develop.svn.wordpress.org/trunk@49975


git-svn-id: http://core.svn.wordpress.org/trunk@49676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-18 09:50:10 +00:00
Sergey Biryukov
4104f92d7f Privacy: Use more consistent wording for strings related to personal data requests.
This replaces "user privacy" in various error messages with "personal data", for consistency with other existing strings.

Follow-up to [49090].

Props xkon, transl8or.
Fixes #51849.
Built from https://develop.svn.wordpress.org/trunk@49970


git-svn-id: http://core.svn.wordpress.org/trunk@49671 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-17 17:46:06 +00:00
Sergey Biryukov
6f18efba66 Privacy: Clarify the "Contact information" heading in default privacy policy content.
The section is intended to tell how to contact the website owners, and is not about the visitor's contact information.

Props shital-patel, TylerTork, audrasjb.
Fixes #52272.
Built from https://develop.svn.wordpress.org/trunk@49956


git-svn-id: http://core.svn.wordpress.org/trunk@49655 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-11 19:53:14 +00:00
Sergey Biryukov
9b44c28f78 Themes: Add missing <p> tags to error message in WP_Theme_Install_List_Table::prepare_items().
Follow-up to [45909], [49953].

See #52254.
Built from https://develop.svn.wordpress.org/trunk@49954


git-svn-id: http://core.svn.wordpress.org/trunk@49653 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-10 19:37:06 +00:00
John Blackbourn
b364ff86e5 Posts, Post Types: Introduce the wp_list_table_show_post_checkbox filter which allows the visibility of the bulk edit checkbox on the post list table to be controlled separately from the edit_post capability of the current user.
Props coreyw, alexstine

Fixes #51291

Built from https://develop.svn.wordpress.org/trunk@49950


git-svn-id: http://core.svn.wordpress.org/trunk@49649 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-08 17:18:07 +00:00
John Blackbourn
6f3a940e64 Plugins: Replace usage of $this in action and filter parameter docblocks with more appropriate variable names.
See #51800, #52217

Fixes #52243

Built from https://develop.svn.wordpress.org/trunk@49946


git-svn-id: http://core.svn.wordpress.org/trunk@49645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-08 14:30:14 +00:00
John Blackbourn
bc5b34672c Quick/Bulk Edit: By the power vested in me, I hereby declare the top bulk actions and the bottom bulk actions joined forever in MatrimonyScript.
This joyous marriage means that users will no longer find a selected top bulk action on a list table unexpectedly being applied instead of their selected bottom bulk action. The top and bottom controls for changing user roles are equally wedded forever too.

Props clayray, subrataemfluence, garrett-eclipse, pbiron, hareesh-pillai

Fixes #46872

Built from https://develop.svn.wordpress.org/trunk@49944


git-svn-id: http://core.svn.wordpress.org/trunk@49643 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-07 16:23:07 +00:00
John Blackbourn
f0078d043e Docs: Miscellaneous docblock corrections and improvements.
See #51800.
Built from https://develop.svn.wordpress.org/trunk@49942


git-svn-id: http://core.svn.wordpress.org/trunk@49641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-07 14:17:11 +00:00
John Blackbourn
b59c0f307b Docs: Corrections and improvements to types used in various docblocks.
See #51800, #52217

Built from https://develop.svn.wordpress.org/trunk@49936


git-svn-id: http://core.svn.wordpress.org/trunk@49635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-05 17:16:11 +00:00
Sergey Biryukov
7ced0efbf4 Docs: Use more consistent descriptions for void|false return values.
See #51800.
Built from https://develop.svn.wordpress.org/trunk@49935


git-svn-id: http://core.svn.wordpress.org/trunk@49634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-05 16:48:07 +00:00
Sergey Biryukov
37662df05e Docs: In various @return tags, list the expected type first, instead of false or WP_Error.
Follow-up to [46696], [47060], [49926], [49927].

See #51800.
Built from https://develop.svn.wordpress.org/trunk@49929


git-svn-id: http://core.svn.wordpress.org/trunk@49628 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-04 17:18:04 +00:00
John Blackbourn
dfe1f9b322 Docs: Promote many bool types to true or false where only that value is used.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49927


git-svn-id: http://core.svn.wordpress.org/trunk@49626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-03 22:04:04 +00:00
John Blackbourn
53da9208dd Docs: Various docblock corrections particularly relating to boolean types.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49926


git-svn-id: http://core.svn.wordpress.org/trunk@49625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-03 21:57:09 +00:00
TimothyBlynJacobs
33cb202f07 Site Health: Use a front-end URL for loopback tests.
In [49154] the async Site Health tests were changed to use the REST API instead of admin-ajax. An unintended side effect of this change was that the loopback tests which tried to ping the site's `admin_url()` were no longer authenticated because admin-cookies aren't provided to the REST API.

This commit adjusts the loopback test to use the front-end `site_url` which checks that cron will function properly. A follow-up ticket will focus on tests that will cover the file editor checks.

Props Clorith.
Fixes #52097.
See #48105.

Built from https://develop.svn.wordpress.org/trunk@49917


git-svn-id: http://core.svn.wordpress.org/trunk@49616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-02 20:09:08 +00:00
Sergey Biryukov
fa83e92c76 Export: Add post_modified and post_modified_gmt fields to the generated WXR export file.
This allows for more flexibility when determining which version of a post is the latest one, and makes it possible to implement import logic involving updating and adding revisions to existing posts or pages.

Props jmdodd.
Fixes #52180.
Built from https://develop.svn.wordpress.org/trunk@49910


git-svn-id: http://core.svn.wordpress.org/trunk@49609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-28 15:26:08 +00:00
Sergey Biryukov
1fd05dee6e Site Health: Add WP_MEMORY_LIMIT constant to debug info.
This complements the `WP_MAX_MEMORY_LIMIT` constant previously displayed there.

Props sanketchodavadiya, nre, talldanwp, noisysocks.
Fixes #51680.
Built from https://develop.svn.wordpress.org/trunk@49908


git-svn-id: http://core.svn.wordpress.org/trunk@49607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-27 19:27:06 +00:00
Felix Arntz
c81db1f6e6 Security, Site Health: Detect HTTPS support and encourage switching.
This changeset modifies the Site Health panel for HTTPS to provide more accurate recommendations based on whether the environment is already set up for HTTPS.

* Introduces `wp_is_using_https()` to check whether the site is configured to use HTTPS (via its Site Address and WordPress Address).
* Introduces `wp_is_https_supported()` to check whether the environment supports HTTPS. This relies on a cron job which periodically checks support using a loopback request.

Props Clorith, flixos90, miinasikk, westonruter.
Fixes #47577.

Built from https://develop.svn.wordpress.org/trunk@49904


git-svn-id: http://core.svn.wordpress.org/trunk@49603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-23 19:13:04 +00:00
John Blackbourn
e7cc15b321 Upload: Introduce the {$action}_overrides filter that allows the overrides parameter for file uploads and file sideloads to be filtered.
The dynamic portion of the hook name, `$action`, refers to the post action.

Props iandunn, jakub.tyrcha, nacin, wonderboymusic, Mte90, johnbillion

Fixes #16849

Built from https://develop.svn.wordpress.org/trunk@49845


git-svn-id: http://core.svn.wordpress.org/trunk@49564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-20 16:15:03 +00:00
John Blackbourn
7e9060a0e4 Upgrade/Install: Remove a duplicate description for the upgrader_overwrote_package action.
See #51800, #9757

Built from https://develop.svn.wordpress.org/trunk@49788


git-svn-id: http://core.svn.wordpress.org/trunk@49511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-10 23:38:04 +00:00
Helen Hou-Sandí
e516134d10 Update $_old_files for 5.6.
See #39943.

Built from https://develop.svn.wordpress.org/trunk@49774


git-svn-id: http://core.svn.wordpress.org/trunk@49497 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-08 21:50:07 +00:00
TimothyBlynJacobs
efdba220e6 App Passwords: Store the "in use" option in the main network options.
Whether App Passwords are being used is a global featurel, not a per-network feature. This fixes issues on Multi Network installs if App Passwords are used on a different network from where they were created.

Props spacedmonkey.
Fixes #51939.
See [49752].

Built from https://develop.svn.wordpress.org/trunk@49764


git-svn-id: http://core.svn.wordpress.org/trunk@49487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-07 15:59:04 +00:00
TimothyBlynJacobs
aac98aae97 App Passwords: Prevent conflicts when Basic Auth is already used by the site.
Application Passwords uses Basic Authentication to transfer authentication details. If the site is already using Basic Auth, for instance to implement a private staging environment, then the REST API will treat this as an authentication attempt and would end up generating an error for any REST API request.

Now, Application Password authentication will only be attempted if Application Passwords is in use by a site. This is flagged by setting an option whenever an Application Password is created. An upgrade routine is added to set this option if any App Passwords already exist.

Lastly, creating an Application Password will be prevented if the site appears to already be using Basic Authentication.

Props chexwarrior, georgestephanis, adamsilverstein, helen, Clorith, marybaum, TimothyBlynJacobs.
Fixes #51939.


Built from https://develop.svn.wordpress.org/trunk@49752


git-svn-id: http://core.svn.wordpress.org/trunk@49475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-04 21:44:07 +00:00
TimothyBlynJacobs
692c6498e9 App Passwords: Ensure the Created At and Last Used dates are properly translated.
The `date_i18n` function is now used when formatting the dates in PHP instead of `gmdate` which doesn't handle localization properly.

Additionally, we now use a translation to get the date format to use instead of pulling from the `date_format` option which is only supposed to affect the front-end.

Lastly, when passing the date format to the Backbone JS template, we now use `wp_json_encode()` to format the value for JavaScript. This ensures that backslashes are properly preserved which are used by some locales to escape date formatting control characters.

Props pedromendonca, TimothyBlynJacobs, ocean90, hellofromtonya, SergeyBiryukov, antpb.
Fixes #51918.
See [35811].

Built from https://develop.svn.wordpress.org/trunk@49746


git-svn-id: http://core.svn.wordpress.org/trunk@49469 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-03 21:06:08 +00:00
iandunn
4de6175227 Multisite: Cache absolute dirsize paths to avoid PHP 8 fatal.
r49212 greatly improved the performance of `get_dirsize()`, but also changed the structure of the data stored in the `dirsize_cache` transient. It stored relative paths instead of absolute ones, and also removed the unnecessary `size` array.

That difference in data structures led to a fatal error in the following environment:

* PHP 8
* Multisite
* A custom `WP_CONTENT_DIR` which is not a child of WP's `ABSPATH` folder (e.g., [https://roots.io/bedrock/ Bedrock])
* The `upload_space_check_disabled` option set to `0`

After upgrading to WP 5.6, the `dirsize_cache` transient still had data in the old format. When `wp-admin.php/index.php` was visited, `get_space_used()` received an `array` instead of an `int`, and tried to divide it by another `int`. PHP 7 would silently cast the arguments to match data types, but [https://wiki.php.net/rfc/arithmetic_operator_type_checks PHP 8 throws a fatal error]: 

`Uncaught TypeError: Unsupported operand types: array / int`

`recurse_dirsize()` was using `ABSPATH` to convert the absolute paths to relative ones, but some upload locations are not located under `ABSPATH`. In those cases, `$directory` and `$cache_path` were identical, and that triggered the early return of the old `array`, instead of the expected `int`. 

In order to avoid that, this commit restores the absolute paths, but without the `size` array. It also adds a type check when returning cached values. Using absolute paths without `size` has the result of overwriting the old data, so that it matches the new format. The type check and upgrade routine are additional safety measures.

Props peterwilsoncc, janthiel, helen, hellofromtonya, francina, pbiron.
Fixes #51913. See #19879.


Built from https://develop.svn.wordpress.org/trunk@49744


git-svn-id: http://core.svn.wordpress.org/trunk@49467 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-03 20:39:02 +00:00
Sergey Biryukov
be2891ef1a Upgrade/Install: Check $wp_version global for displaying "You are using a development version" message in the admin footer.
This brings some consistency with the same check in `core_upgrade_preamble()` and avoids a PHP warning if `$cur->version` is not set.

Additionally, remove the check for `$cur->url` property, unused since [8595].

Follow-up to [49708], [49709].

Props pbiron, afragen, audrasjb.
Fixes #51892.
Built from https://develop.svn.wordpress.org/trunk@49736


git-svn-id: http://core.svn.wordpress.org/trunk@49459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-03 14:06:04 +00:00
John Blackbourn
00680f2e89 REST API: Pass the previous state of the post as a parameter to the wp_after_insert_post hook.
This enables, for example, the previous post status to be used by this hook without the need to first capture it on an earlier hook.

This also fixes the value of the `$fire_after_hooks` parameter in `get_default_post_to_edit()` so the `wp_after_insert_post` action correctly fires just once on the new post screen.

Props Collizo4sky, peterwilsoncc, hellofromTonya, TimothyBlynJacobs, SergeyBiryukov

Fixes #45114

Built from https://develop.svn.wordpress.org/trunk@49731


git-svn-id: http://core.svn.wordpress.org/trunk@49454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-01 20:47:06 +00:00
Sergey Biryukov
2c1bfb5baf Administration: Make sure row actions for recent comments in Activity dashboard widget stay visible when a single row gets focus.
Follow-up to [49142].

Props sabernhardt, kebbet, hareesh-pillai, pbiron.
Fixes #51886. See #51516, #49715.
Built from https://develop.svn.wordpress.org/trunk@49725


git-svn-id: http://core.svn.wordpress.org/trunk@49448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-01 18:16:07 +00:00
Sergey Biryukov
785cb6cc7d Media: Revert [49567].
This addresses a regression with the pagination section in Media Library no longer taking additional query filtering into account.

Props iCaleb, trepmal, peterwilsoncc.
See #39968.
Built from https://develop.svn.wordpress.org/trunk@49720


git-svn-id: http://core.svn.wordpress.org/trunk@49443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-01 16:33:05 +00:00
Sergey Biryukov
95f28a3fd2 Upgrade/Install: Display "You are using a development version" message in the admin footer for Beta or RC versions.
This ensures that the message is displayed when the `WP_AUTO_UPDATE_CORE` constant is set to `beta` or `rc` and the user is on a development version.

Props afragen.
Fixes #51892.
Built from https://develop.svn.wordpress.org/trunk@49708


git-svn-id: http://core.svn.wordpress.org/trunk@49431 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-29 16:13:06 +00:00
John Blackbourn
780cdb5eb5 Docs: Various docblock corrections relating to parameter types.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49692


git-svn-id: http://core.svn.wordpress.org/trunk@49415 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-24 21:22:04 +00:00
Sergey Biryukov
9150652fed Site Health: Check if $core_updates is an array before iterating on it.
This avoids a PHP warning if `get_core_updates()` returns `false`.

Props paulschreiber.
Fixes #51818.
Built from https://develop.svn.wordpress.org/trunk@49676


git-svn-id: http://core.svn.wordpress.org/trunk@49399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-21 14:39:03 +00:00
Sergey Biryukov
5ab5b3e73b Docs: Add missing @since tags for WP_Upgrader_Skin methods.
See #51800.
Built from https://develop.svn.wordpress.org/trunk@49675


git-svn-id: http://core.svn.wordpress.org/trunk@49398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-21 12:08:05 +00:00
John Blackbourn
6e472178d1 Docs: Add missing @since tags.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49671


git-svn-id: http://core.svn.wordpress.org/trunk@49394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-19 17:54:05 +00:00
Sergey Biryukov
05125ed8bf Site Health: Add missing i18n for the App Passwords documentation link.
Follow-up to [49334].

Props tai.
Fixes #51815.
Built from https://develop.svn.wordpress.org/trunk@49650


git-svn-id: http://core.svn.wordpress.org/trunk@49387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-18 15:04:05 +00:00
Sergey Biryukov
cf75a715c4 App Passwords: Regenerate the .htaccess file to add a new rule.
Application Passwords introduced a new Rewrite Rule to handle the Authorization header on certain systems.

This bumps the database version and updates the file so the change is applied to sites upon upgrading to 5.6.

Follow-up to [49534].

Props pbiron, TimothyBlynJacobs, SergeyBiryukov.
Fixes #51723.
Built from https://develop.svn.wordpress.org/trunk@49632


git-svn-id: http://core.svn.wordpress.org/trunk@49370 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-17 17:24:06 +00:00
Sergey Biryukov
f97647c207 Plugins: Make sure the HTML ID attributes for plugin checkboxes are unique.
Follow-up to [48374].

Props helen, sabernhardt, kishanjasani, mukesh27, hareesh-pillai.
Fixes #51256.
Built from https://develop.svn.wordpress.org/trunk@49631


git-svn-id: http://core.svn.wordpress.org/trunk@49369 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-17 16:48:09 +00:00
Helen Hou-Sandí
aceaf33edd Multisite: More consistency for clean_dirsize_cache().
Props SergeyBiryukov.
Fixes #19879.

Built from https://develop.svn.wordpress.org/trunk@49616


git-svn-id: http://core.svn.wordpress.org/trunk@49354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-16 22:31:06 +00:00
Helen Hou-Sandí
14bd8cc469 Posts, Post Types: Go back to "Auto Draft" for CPTs without title support.
Reverts [49288] due to late point in 5.6 cycle and lack of update in Gutenberg package to account for the string change.
See #45516.

Built from https://develop.svn.wordpress.org/trunk@49614


git-svn-id: http://core.svn.wordpress.org/trunk@49352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-16 19:44:07 +00:00
TimothyBlynJacobs
44125fc590 App Passwords: Include authorization rewrite rule in default multisite .htaccess
This rule was previously added to `WP_Rewrite`, but multisite uses a different .htaccess generation mechanism.

Props pbiron.
Fixes #51772.
See [49109].

Built from https://develop.svn.wordpress.org/trunk@49607


git-svn-id: http://core.svn.wordpress.org/trunk@49345 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-15 17:46:06 +00:00
Sergey Biryukov
df2644a14a Docs: Add missing descriptions for _WP_List_Table_Compat methods.
Props johannadevos, SaeedFard, swissspidy, desrosj, SergeyBiryukov.
Fixes #46842.
Built from https://develop.svn.wordpress.org/trunk@49599


git-svn-id: http://core.svn.wordpress.org/trunk@49337 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-14 16:54:08 +00:00
Sergey Biryukov
185607c417 Docs: Add missing descriptions for Automatic_Upgrader_Skin methods.
Props johannadevos, dilipbheda.
Fixes #44546.
Built from https://develop.svn.wordpress.org/trunk@49596


git-svn-id: http://core.svn.wordpress.org/trunk@49334 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-14 16:23:10 +00:00
Helen Hou-Sandí
582ca50733 Upgrade/Install: Better UI for auto-update settings on update screen.
This adds clearer messages about what your current settings mean for updates, uses a more compact link-based action instead of a checkbox to change the setting, and respects constants and filters.

Props audrasjb, karmatosed, helen, azaozz, hedgefield, marybaum.
Fixes #51742.

Built from https://develop.svn.wordpress.org/trunk@49587


git-svn-id: http://core.svn.wordpress.org/trunk@49325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-12 22:37:10 +00:00
Sergey Biryukov
f2364f163b Administration: Make sure auto-update counts properly update when bulk deleting plugins or themes.
Props pbiron, noisysocks, desrosj, audrasjb, hellofromTonya.
Fixes #50870.
Built from https://develop.svn.wordpress.org/trunk@49582


git-svn-id: http://core.svn.wordpress.org/trunk@49320 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-12 20:42:10 +00:00
Helen Hou-Sandí
d5fd3bd452 Upgrade/Install: Enable all core autoupdates for new installs.
Likely needs more work for multisite installs.

Reference: https://make.wordpress.org/core/2020/11/10/wp5-6-auto-update-implementation-change/

Props audrasjb, azaozz.
See #51743.

Built from https://develop.svn.wordpress.org/trunk@49581


git-svn-id: http://core.svn.wordpress.org/trunk@49319 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-12 20:22:09 +00:00
Sergey Biryukov
d772517fcc Database: Clean up the post_category column removed from DB schema for new installations in WordPress 2.8.
Its presence may conflict with `WP_Post::__get()`, which should generally fill the non-existent `post_category` property, but is not triggered if the column exists in the database.

Follow-up to [10895].

Props leogermani, davidbaumwald, hellofromTonya.
Fixes #51288.
Built from https://develop.svn.wordpress.org/trunk@49572


git-svn-id: http://core.svn.wordpress.org/trunk@49310 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-12 17:55:11 +00:00
antpb
8efbef867c Media: Improve count in Media Library pagination.
Deleting all visible items on the last page of the media library previously left a blank page with no media items available. Using `wp_count_attachements` instead of `found_posts` solves the problem.

Props donsony, karmatosed, desrosj, mista-flo, justinahinon.

Fixes #39968.

Built from https://develop.svn.wordpress.org/trunk@49567


git-svn-id: http://core.svn.wordpress.org/trunk@49305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-12 15:40:09 +00:00
TimothyBlynJacobs
74969e7fbe App Passwords: Further accessibility improvements.
- Add a label to the readonly password input.
- Handle focus loss after revoking app passwords.
- Handle focus loss after dismissing notices.
- Mark app name as `aria-required`.
- Use `aria-label` for detailed revoke button text instead of `title`.
- Use `-1` for `tabindex` instead of `0`.

Props alexstine, afercia, sabernhardt, audrasjb, joedolson, TimothyBlynJacobs.
Fixes #51580.

Built from https://develop.svn.wordpress.org/trunk@49549


git-svn-id: http://core.svn.wordpress.org/trunk@49287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-09 18:05:08 +00:00
John Blackbourn
34765ddb64 Docs: Docblock corrections relating to WP_Post objects.
See #51373, #50768

Built from https://develop.svn.wordpress.org/trunk@49544


git-svn-id: http://core.svn.wordpress.org/trunk@49282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-09 15:15:08 +00:00
Sergey Biryukov
a2d42351c5 Text Changes: Unify various "Back to..." vs. "Return to..." vs. "Go to..." strings.
Standardize on "Go to..." as a more appropriate option for most cases.

Props garrett-eclipse, kharisblank, audrasjb, ramiy, valentinbora.
Fixes #47235.
Built from https://develop.svn.wordpress.org/trunk@49539


git-svn-id: http://core.svn.wordpress.org/trunk@49277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-09 10:53:10 +00:00
Sergey Biryukov
a940c08357 Docs: Document the $linkdata parameter of wp_insert_link() using hash notation.
Props stevenlinx, peterwilsoncc.
Fixes #50853.
Built from https://develop.svn.wordpress.org/trunk@49487


git-svn-id: http://core.svn.wordpress.org/trunk@49246 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-03 03:52:10 +00:00
desrosj
e3a467a55a Upgrade/Install: Prevent removal of additional data from plugin update info.
This switches to using `wp_parse_args()` instead of a combination of `array_merge()` and `array_intersect_key()` when ensuring that all expected default keys are present in the update information for a plugin.

This prevents non-default data returned by 3rd-party plugins from being unintentionally stripped out.

Props peterwilsoncc, chriscct7.
Fixes #51609.
Built from https://develop.svn.wordpress.org/trunk@49477


git-svn-id: http://core.svn.wordpress.org/trunk@49236 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-02 19:13:07 +00:00
desrosj
9c5173ffa6 Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.
Props xknown, zieladam, peterwilsoncc, whyisjake.
Merges [49379] to trunk.
Built from https://develop.svn.wordpress.org/trunk@49388


git-svn-id: http://core.svn.wordpress.org/trunk@49147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-29 18:09:13 +00:00
desrosj
1050613168 Coding standards: Modify escaping functions to avoid potential false positives.
Props xknown, zieladam, peterwilsoncc.
Merges [49375] to trunk.
Built from https://develop.svn.wordpress.org/trunk@49384


git-svn-id: http://core.svn.wordpress.org/trunk@49143 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-29 18:03:11 +00:00
TimothyBlynJacobs
2df94804d4 Site Health, App Passwords: Test if the Authorization header is populated correctly.
App Passwords rely on the Authorization header to transport the Basic Auth credentials. For Apache web servers, WordPress automatically includes a RewriteRule to populate the value for servers running in CGI or FastCGI that wouldn't ordinarily populate the value. 

This tests if the header is being filled with the expected values. For Apache users, we direct the user to visit the Permalinks settings to flush their permalinks. For all other users, we direct them to a help document on developer.wordpress.org.

Props Clorith, marybaum, TimothyBlynJacobs.
Fixes #51638.

Built from https://develop.svn.wordpress.org/trunk@49334


git-svn-id: http://core.svn.wordpress.org/trunk@49095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-27 18:32:07 +00:00
Helen Hou-Sandí
219079f7a3 Privacy: Show failures before successes for all bulk actions.
Props garrett-eclipse.
See #44081, [49331].

Built from https://develop.svn.wordpress.org/trunk@49333


git-svn-id: http://core.svn.wordpress.org/trunk@49094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-27 18:19:06 +00:00
Helen Hou-Sandí
f4f72498c0 Privacy: Show notices for both failed and successful bulk actions.
Props javorszky, garrett-eclipse, hellofromTonya.
Fixes #44081.

Built from https://develop.svn.wordpress.org/trunk@49331


git-svn-id: http://core.svn.wordpress.org/trunk@49092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-27 17:47:08 +00:00
Andrew Ozz
7c32cbf990 Revert the improvenents to arranging of postboxes/metaboxes, [49179]. The current patch fixes about half a dozen problems, but seems more general improvements are needed to how Screen Options work.
See #50699.
Built from https://develop.svn.wordpress.org/trunk@49325


git-svn-id: http://core.svn.wordpress.org/trunk@49086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-27 10:47:12 +00:00
Sergey Biryukov
0fb5ccd4d0 Docs: Add a @global tag for $user_id in WP_Application_Passwords_List_Table::prepare_items().
Props mukesh27.
Fixes #51633.
Built from https://develop.svn.wordpress.org/trunk@49321


git-svn-id: http://core.svn.wordpress.org/trunk@49082 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-27 02:12:06 +00:00
TimothyBlynJacobs
f6d39d1c51 App Passwords: Improve accessibility.
- Make form inputs stacked instead of inline.
- Provide a visible label for the app name.
- Add screen reader text to dismiss button.
- Make "Revoke" button label more descriptive.
- Use aria-disabled instead of disabled to avoid focus loss.
- Display password in a readonly input to assist copy and paste.
- Remove large sections of italic text.
- Use `.form-wrap` and `.form-field` to give consistent form styling.
- Improve labeling and placeholder text.

Props alexstine, georgestephanis, afercia, TimothyBlynJacobs.
Fixes #51580.

Built from https://develop.svn.wordpress.org/trunk@49294


git-svn-id: http://core.svn.wordpress.org/trunk@49056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-24 03:34:06 +00:00
Sergey Biryukov
bb63c1cbd9 Upgrade/Install: Account for new WP_AUTO_UPDATE_CORE values in auto-updates settings form.
This updates `core_auto_updates_settings()` to account for the new `beta` and `rc` values for the `WP_AUTO_UPDATE_CORE` constant.

Additionally, recognize these new values as acceptable in Site Health tests.

Follow-up to [48804], [49245], [49254].

Fixes #51319. See #50907.
Built from https://develop.svn.wordpress.org/trunk@49292


git-svn-id: http://core.svn.wordpress.org/trunk@49054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-24 00:26:05 +00:00
Sergey Biryukov
d9838eed62 Posts, Post Types: Set better default title for custom post types without title support.
The default title is now set to "(no title supported)" instead of "Auto Draft".

Props garrett-eclipse, rajanit2000, bridgetwillard, donmhico, nrqsnchz.
Fixes #45516.
Built from https://develop.svn.wordpress.org/trunk@49288


git-svn-id: http://core.svn.wordpress.org/trunk@49050 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-23 19:09:10 +00:00
Helen Hou-Sandí
e0c12cc818 Administration: Unify search results message on list tables.
This wraps the search string in a `<strong>` tag, which makes easier to parse visually especially when your search string also contains double quotes.

Props Mista-Flo, mapk, sergeybiryukov.
Fixes #37353.

Built from https://develop.svn.wordpress.org/trunk@49284


git-svn-id: http://core.svn.wordpress.org/trunk@49046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-23 16:01:15 +00:00
Helen Hou-Sandí
4847fb4263 Administration: Better targeting for required form field highlighting.
Previously, any `input` or `select` inside of a `.form-invalid` wrapper would get the red border highlighting, including submit buttons which was not visually correct. This now only applies to form elements with a class of `.form-required` inside of the `.form-invalid` wrapper. It also continues to apply the border to elements with both classes (`.form-invalid.form-required`) as that is how some of the admin markup is structured.

Plugin authors may need to do the same sort of class application seen in this commit, i.e. add `.form-required` to certain form elements.

Props sabernhardt, dilipbheda, helen.
Fixes #50686.

Built from https://develop.svn.wordpress.org/trunk@49283


git-svn-id: http://core.svn.wordpress.org/trunk@49045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-23 15:05:09 +00:00
TimothyBlynJacobs
ce34d0ab00 App Passwords: Support an app_id to uniquely identify instances of an app.
Apps may now optionally include an `app_id` parameter when directing the user to the Authorize Application screen. This allows for instances of an application to be identified and potentially revoked or blocked.

Props TimothyBlynJacobs, georgestephanis.
Fixes #51583.

Built from https://develop.svn.wordpress.org/trunk@49276


git-svn-id: http://core.svn.wordpress.org/trunk@49038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-22 15:06:09 +00:00
Sergey Biryukov
ecf8e59918 Docs: Add a @since note about async_direct_test key to the site_status_tests filter.
Follow-up to [49232].

See #51547.
Built from https://develop.svn.wordpress.org/trunk@49266


git-svn-id: http://core.svn.wordpress.org/trunk@49028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-21 14:55:09 +00:00
Sergey Biryukov
fcc04a6a37 Coding Standards: Fix WPCS issues in [49258].
See #46619.
Built from https://develop.svn.wordpress.org/trunk@49259


git-svn-id: http://core.svn.wordpress.org/trunk@49021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 21:20:07 +00:00
Helen Hou-Sandí
e1e6e949ff Privacy: Add "Mark as completed" action.
Props garrett-eclipse, ocean90, joostdevalk, mista-flo, helen.
Fixes #46619.

Built from https://develop.svn.wordpress.org/trunk@49258


git-svn-id: http://core.svn.wordpress.org/trunk@49020 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 21:07:07 +00:00
Helen Hou-Sandí
5b4d643d60 Privacy: Add requester IP to password reset emails.
Props garrett-eclipse, bridgetwillard, isharis, ocean90.
Fixes #43856.

Built from https://develop.svn.wordpress.org/trunk@49255


git-svn-id: http://core.svn.wordpress.org/trunk@49017 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 20:03:08 +00:00
Helen Hou-Sandí
9ab2f1ae3e Upgrade/Install: Add UI for opting in to core auto-updates for major versions.
Props audrasjb, karmatosed, aaroncampbell, paaljoachim, davidbaumwald.
Fixes #50907.

Built from https://develop.svn.wordpress.org/trunk@49254


git-svn-id: http://core.svn.wordpress.org/trunk@49016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 19:35:06 +00:00
Helen Hou-Sandí
874b812ce3 Upgrade/Install: Don't show theme update prompts on subsites.
If you are using `wp_prepare_themes_for_js()` and relying on `updates`/`no_updates` in multisite, you will need to filter that data back in using the `wp_prepare_themes_for_js` hook.

Props pbiron, afragen.
Fixes #49831.

Built from https://develop.svn.wordpress.org/trunk@49253


git-svn-id: http://core.svn.wordpress.org/trunk@49015 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 19:14:09 +00:00
Sergey Biryukov
806cfea146 Coding Standards: Fix WPCS issues in [49242].
See #50774.
Built from https://develop.svn.wordpress.org/trunk@49249


git-svn-id: http://core.svn.wordpress.org/trunk@49011 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 18:31:07 +00:00
Sergey Biryukov
6e71523ead Upgrade/Install: Allow WordPress sites to opt-in to beta & RC releases.
The `WP_AUTO_UPDATE_CORE` constant now supports `beta` and `rc` values.

This makes it possible for sites to opt-in to updating to RC (or beta) releases without having to install a plugin, or run on a development version.

Props dd32, knutsp.
Fixes #51319.
Built from https://develop.svn.wordpress.org/trunk@49245


git-svn-id: http://core.svn.wordpress.org/trunk@49007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 17:56:06 +00:00
Sergey Biryukov
94b088339c Upgrade/Install: Restore casting $filter_payload to an object in WP_MS_Themes_List_Table::prepare_items().
Follow-up to [48750], [49241].

See #50875.
Built from https://develop.svn.wordpress.org/trunk@49243


git-svn-id: http://core.svn.wordpress.org/trunk@49005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 17:44:06 +00:00
Helen Hou-Sandí
c8fbc04276 Upgrade/Install: Include "from" version for plugins/themes in email.
This can help with chasing down any issues that may arise and rolling back if necessary. We hope it's not, but it might be.

Props dkotter, garrett-eclipse, pbiron, audrasjb.
Fixes #50774.

Built from https://develop.svn.wordpress.org/trunk@49242


git-svn-id: http://core.svn.wordpress.org/trunk@49004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 17:41:07 +00:00
Sergey Biryukov
e38c5ca7d4 Upgrade/Install: Introduce a wrapper for the auto_update_{$type} filter checks.
This allows for cleaner checks whether auto-updates are forced for a plugin or theme.

Follow-up to [48750].

Props rebasaurus, garrett-eclipse, SergeyBiryukov.
Fixes #50875.
Built from https://develop.svn.wordpress.org/trunk@49241


git-svn-id: http://core.svn.wordpress.org/trunk@49003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 17:39:07 +00:00
Sergey Biryukov
be5fb561ad Quick/Bulk Edit: Introduce quick_edit_dropdown_authors_args filter.
This allows for customizing the arguments used to generate the Quick Edit authors drop-down.

Additionally, pass the `$bulk` argument to the `quick_edit_dropdown_pages_args` filter, for consistency.

Props Mista-Flo, garrett-eclipse, hellofromTonya.
Fixes #47685.
Built from https://develop.svn.wordpress.org/trunk@49238


git-svn-id: http://core.svn.wordpress.org/trunk@49000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 16:40:05 +00:00
Sergey Biryukov
35681b0e9a Site Health: Introduce the WP_Site_Health::is_development_environment() method.
This allows Site Health tests to check if the current environment type is set to `development` or `local`.

Use the new method:
* In HTTPS tests, instead of a hardcoded check for `localhost`.
* In `WP_DEBUG` and `WP_DEBUG_DISPLAY` tests, to set the status to `recommended` instead of `critical`.

Props dkotter, Clorith, DavidAnderson, joyously, knutsp, afragen, SergeyBiryukov.
Fixes #47058.
Built from https://develop.svn.wordpress.org/trunk@49237


git-svn-id: http://core.svn.wordpress.org/trunk@48999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 16:23:07 +00:00