Includes removing redundant `@covers` tags. There is already an existing annotation for the whole test class, following the [https://docs.phpunit.de/en/9.6/annotations.html#covers PHPUnit recommendation]:
> This annotation can be added to the docblock of the test class or the individual test methods. The recommended way is to add the annotation to the docblock of the test class, not to the docblock of the test methods.
Follow-up to [56560].
See #58682.
Built from https://develop.svn.wordpress.org/trunk@56561
git-svn-id: http://core.svn.wordpress.org/trunk@56073 1a063a9b-81f0-0310-95a4-ce76da25c4cd
All blocks relevant for the excerpt are already being parsed in `excerpt_remove_blocks()`. Therefore running `do_blocks()` on the post content only to create the excerpt is unnecessary and wasteful from a performance perspective.
Props thekt12, spacedmonkey, mukesh27, joemcgill.
Fixes#58682.
Built from https://develop.svn.wordpress.org/trunk@56560
git-svn-id: http://core.svn.wordpress.org/trunk@56072 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When saving the settings via the admin UI, the default value for any options not passed in the current `$_POST` request is set to `null` in `wp-admin/options.php`. Some options, e.g. `blog_public`, then rely on `null` being passed to `update_option()` to determine whether the value was changed or not.
This commit resolves a PHP 8.1 deprecation notice when saving the `gmt_offset` option without any changes:
{{{
Deprecated: preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
}}}
Includes a similar fix for the `blog_charset` option.
Follow-up to [4112], [4329], [5541], [21849].
Props adi3890, dhrupo, hrdelwar, hasanmisbah, oglekler, mukesh27, SergeyBiryukov.
Fixes#57728.
Built from https://develop.svn.wordpress.org/trunk@56132
git-svn-id: http://core.svn.wordpress.org/trunk@55644 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [55988], [56021].
See #58206.
Built from https://develop.svn.wordpress.org/trunk@56031
git-svn-id: http://core.svn.wordpress.org/trunk@55543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [55988].
Props spacedmonkey.
See #58220.
Built from https://develop.svn.wordpress.org/trunk@56021
git-svn-id: http://core.svn.wordpress.org/trunk@55533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_starts_with()` and `str_ends_with()` were introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins or ends with the given substring (needle).
WordPress core includes a polyfill for these functions on PHP < 8.0 as of WordPress 5.9.
This commit uses `str_starts_with()` and `str_ends_with()` in core files where appropriate:
* `$needle === substr( $string, 0, $length )`, where `$length` is the length of `$needle`, is replaced with `str_starts_with( $haystack, $needle )`.
* `$needle === substr( $string, $offset )`, where `$offset` is negative and the absolute value of `$offset` is the length of `$needle`, is replaced with `str_ends_with( $haystack, $needle )`.
This aims to make the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [52039], [52040], [52326], [55703], [55710], [55987], [55988].
Props Soean, spacedmonkey, Clorith, ocean90, azaozz, sabernhardt, SergeyBiryukov.
Fixes#58220.
Built from https://develop.svn.wordpress.org/trunk@55990
git-svn-id: http://core.svn.wordpress.org/trunk@55502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].
Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes#58206.
Built from https://develop.svn.wordpress.org/trunk@55988
git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `sprintf()` is not being passed any values, and there is no placeholder to replace.
This originated in r52132 in which I erroneously included this `sprintf()` in
two places. I fixed one of the cases in r52151 but I missed the other.
Follow-up to [52132], [52151].
Fixes#58436.
See #44632.
Built from https://develop.svn.wordpress.org/trunk@55875
git-svn-id: http://core.svn.wordpress.org/trunk@55387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds support for schwa character. Ə (U+018F) and ə (U+0259) are part of Latin Extended-B and used in
several languages like Azerbaijani or also in gender neutral Italian.
Props suleymankenar, audrasjb, przemekhernik.
Fixes#57609.
Built from https://develop.svn.wordpress.org/trunk@55858
git-svn-id: http://core.svn.wordpress.org/trunk@55370 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `wp_filter_content_tags()` function, which modifies image tags for example to optimize performance, is hooked into the `the_content` filter by default. When rendering an excerpt for a post that doesn't have a manually provided excerpt, the post content is used to generate the excerpt, handled by the `wp_trim_excerpt()` function.
Prior to this changeset, this led to `wp_filter_content_tags()` being called on the content when generating the excerpt, which is wasteful as all tags are stripped from the excerpt, and it furthermore could result in a lazy-loading bug when the post content contained images, as those images were being counted even though they would never be rendered as part of the excerpt.
This changeset fixes the bug and slightly improves performance for generating an excerpt by temporarily unhooking the `wp_filter_content_tags()` function from the `the_content` filter when using it to generate the excerpt.
Props costdev, flixos90, joemcgill, mukesh27, salvoaranzulla, spacedmonkey, thekt12, westonruter.
Fixes#56588.
Built from https://develop.svn.wordpress.org/trunk@55850
git-svn-id: http://core.svn.wordpress.org/trunk@55362 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This resolves a WPCS warning:
{{{
Variable "$myHTML" is not in valid snake_case format, try "$my_h_t_m_l"
}}}
It also matches other formatting functions with the `$text` parameter, e.g. `esc_html()`, `ent2ncr()`, etc.
Follow-up to [1727], [3717], [8662], [8743], [54927].
Props victoranto, audrasjb, jrf.
Fixes#58129.
Built from https://develop.svn.wordpress.org/trunk@55651
git-svn-id: http://core.svn.wordpress.org/trunk@55163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Includes documenting data provider values using hash notation in the tests for:
* `convert_smilies()`
* `get_url_in_content()`
* `links_add_target()`
* `normalize_whitespace()`
Follow-up to [26191], [26327], [26328], [26972], [55562].
See #57841.
Built from https://develop.svn.wordpress.org/trunk@55563
git-svn-id: http://core.svn.wordpress.org/trunk@55075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
After the introduction of `_make_clickable_rel_attr()` in an earlier commit, the function ended up returning link markup with a mix of single and double quotes.
This commit ensures that `_make_web_ftp_clickable_cb()` always returns double quotes, restoring consistency with other similar callback functions used by `make_clickable()`:
* `_make_url_clickable_cb()`
* `_make_email_clickable_cb()`
Follow-up to [55289].
See #53290, #56444.
Built from https://develop.svn.wordpress.org/trunk@55495
git-svn-id: http://core.svn.wordpress.org/trunk@55028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to clarify a few inline comments related to removing percent-encoded characters and HTML entities.
Affected functions:
* `sanitize_user()`
* `sanitize_title_with_dashes()`
* `sanitize_html_class()`
* `_sanitize_text_fields()`
* `get_comments_number_text()`
Follow-up to [465], [3454], [11433], [12503], [37987].
Props ace100, tanjimtc71, codemonksuvro, SergeyBiryukov.
Fixes#57712.
Built from https://develop.svn.wordpress.org/trunk@55346
git-svn-id: http://core.svn.wordpress.org/trunk@54879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Internal links should be followed and it should be easier to modify other rel attributes on comments. This adds a helper function for determining if a URL is internal and also adds some new filters to make it easy to modify rel attributes in comments.
Props thomasplevy, desrosj, sabernhardt, benish74, samiamnot, galbaras, jorbin.
Fixes#53290, #56444.
Built from https://develop.svn.wordpress.org/trunk@55289
git-svn-id: http://core.svn.wordpress.org/trunk@54822 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changesets adds a `word_count_type` property, so that it does not need to be translated separately across multiple projects.
List of changes:
- New property: `WP_Locale::word_count_type`.
- New method: `WP_Locale::get_word_count_type()`.
- New function: `wp_get_word_count_type()` as a wrapper for `WP_Locale::get_word_count_type()`.
- All `_x( 'words', 'Word count type. Do not translate!' )` strings have been replaced with a call to `wp_get_word_count_type()`.
Props pedromendonca, desrosj, costdev, mukesh27, johnbillion.
Fixes#56698.
Built from https://develop.svn.wordpress.org/trunk@55279
git-svn-id: http://core.svn.wordpress.org/trunk@54812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `math` element can be displayed either as a block or inline element. If `wpautop` only treats it as an inline element, it will break multiline elements by inserting `br` elements. Treating the element as a block element means that the editor won't break common normative usages of the `math` element.
Prevent `math` elements from having internal elements split up with `br` elements, disrupting formatting.
Props nicholaswilson, wojtek.szkutnik, hakre, conner_bw, ericlewis, hughie.molloy, SteelWagstaff, ryokuhi, joedolson, bgoewert, adamsilverstein, joedolson.
Fixes#13340.
Built from https://develop.svn.wordpress.org/trunk@55272
git-svn-id: http://core.svn.wordpress.org/trunk@54805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Check the input of `wp_strip_all_tags()` before passing it to `strip_tags()`. This protects against fatal errors introduced in PHP 8, retaining the `E_USER_WARNING` from PHP 7, and prevents a PHP 8.1 deprecation notice when passing null.
Props chocofc1, costdev, jrf, dd32, audrasjb, peterwilsoncc.
Fixes#56434.
Built from https://develop.svn.wordpress.org/trunk@55245
git-svn-id: http://core.svn.wordpress.org/trunk@54778 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On some servers, consecutive periods in a filename can cause a 403 Forbidden response.
This changeset replaces consecutive periods with a single period, and adds related unit tests.
Props ArtZ91, costdev, SergeyBiryukov, arthurshlain, mukesh27.
Fixes#57242.
Built from https://develop.svn.wordpress.org/trunk@55209
git-svn-id: http://core.svn.wordpress.org/trunk@54742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.
This commit renames the `$class` parameter to `$classname` in `sanitize_html_class()`.
Follow-up to [54927].
See also: [search:?q=code+modernization+rename+parameters+that+use+reserved+keywords&changeset=on equivalent commits for other files].
Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
Built from https://develop.svn.wordpress.org/trunk@55162
git-svn-id: http://core.svn.wordpress.org/trunk@54695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.
This commit:
* Renames the `$echo` parameter to `$display` in:
* `wp_nonce_field()`
* `wp_referer_field()`
* `wp_original_referer_field()`
* Renames the `$string` parameter to `$input_string` in
* `_wp_json_convert_string()`
* `_wp_to_kebab_case()`
* Renames the `$list` parameter to `$input_list` in:
* `wp_parse_list()`
* `wp_parse_id_list()`
* `wp_parse_slug_list()`
* `wp_filter_object_list()`
* `wp_list_filter()`
* `wp_list_pluck()`
* `wp_list_sort()`
* Renames the `$array` parameter to `$input_array` in:
* `add_magic_quotes()`
* `wp_array_slice_assoc()`
* `_wp_array_get()`
* `_wp_array_set()`
* Renames the `$function` parameter to `$function_name` in:
* `_deprecated_function()`
* `_deprecated_argument()`
* `_doing_it_wrong()`
* Renames the `$class` parameter to `$class_name` in `_deprecated_constructor()`.
* Renames the `$default` parameter to `$default_value` in `apache_mod_loaded()`.
* Renames the `$var` parameter to `$value` in `wp_validate_boolean()`.
* Amends the `$input` parameter in `wp_parse_str()` for consistency.
Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242], [53243], [53245], [53246], [53257], [53269], [53270], [53271], [53272], [53273], [53274], [53275], [53276], [53277], [53281], [53283], [53284], [53285], [53287], [53364], [53365], [54927].
Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
Built from https://develop.svn.wordpress.org/trunk@54929
git-svn-id: http://core.svn.wordpress.org/trunk@54481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.
This commit:
* Renames the `$string` parameter to `$text` in:
* `_wp_specialchars()`
* `wp_specialchars_decode()`
* `wp_check_invalid_utf8()`
* `remove_accents()`
* `_split_str_by_whitespace()`
* `wp_strip_all_tags()`
* Renames the `$string` parameter to `$value` in:
* `backslashit()`
* `trailingslashit()`
* `untrailingslashit()`
* Renames the `$string` parameter to `$subject` in `wp_iso_descrambler()`.
* Renames the `$match` parameter to `$matches` in `_wp_iso_convert()`.
* Renames the `$string` parameter to `$date_string` in:
* `get_gmt_from_date()`
* `get_date_from_gmt()`
* Renames the `$string` parameter to`$input` in `wp_parse_str()`.
* Renames the `$string` parameter to `$content` in `wp_pre_kses_block_attributes()`.
* Amends the `$text` parameter in `wp_pre_kses_less_than()` for consistency.
Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242], [53243], [53245], [53246], [53257], [53269], [53270], [53271], [53272], [53273], [53274], [53275], [53276], [53277], [53281], [53283], [53284], [53285], [53287], [53364], [53365].
Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
Built from https://develop.svn.wordpress.org/trunk@54927
git-svn-id: http://core.svn.wordpress.org/trunk@54479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This applies to:
* `normalizer_is_normalized()`
* `normalizer_normalize()`
Includes removing the `Normalizer::FORM_C` constant as a parameter, since it is the default value for both functions and does not need to be explicitly passed. This avoids a fatal error if a plugin includes polyfill for any of the functions but the `Normalizer` class has a different namespace, for example when using the Symfony polyfill.
Follow-up to [53754].
Props hellofromTonya, costdev, desrosj, mukesh27, zodiac1978, jchambo, gisgeo, SergeyBiryukov.
Fixes#56980.
Built from https://develop.svn.wordpress.org/trunk@54813
git-svn-id: http://core.svn.wordpress.org/trunk@54365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes a potential fatal error, for example when "Max upload file size" setting is set to an empty value. It also adds unit tests for `upload_size_limit_filter`.
Props mjkhajeh, bhrugesh12, SergeyBiryukov, kebbet, audrasjb, felipeelia.
Fixes#55926.
Built from https://develop.svn.wordpress.org/trunk@54482
git-svn-id: http://core.svn.wordpress.org/trunk@54041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset prevents object replacement characters – UTF-8 `%ef%bf%bc`, used as a placeholder in text for an otherwise unspecified object – from being added to slugs.
Props cantuaria, costdev, audrasjb, SergeyBiryukov, archon810, maciejmackowiak, BaneD, markparnell, ironprogrammer, dmsnell, nikkigagency, webprom.
Fixes#55117.
Built from https://develop.svn.wordpress.org/trunk@54474
git-svn-id: http://core.svn.wordpress.org/trunk@54033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The current coding standards note that the name of the class files should be based on the class name with `class-` prepended, and the underscores replaced by hyphens (see the [https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/#naming-conventions Naming Conventions] section in the handbook), except for the three legacy files: `class.wp-dependencies.php`, `class.wp-scripts.php`, `class.wp-styles.php`.
To bring more consistency to the codebase and make it easier to implement autoloading in the future, this commit renames those three legacy files to conform to the coding standards:
* `wp-includes/class.wp-dependencies.php` → `wp-includes/class-wp-dependencies.php`
* `wp-includes/class.wp-scripts.php` → `wp-includes/class-wp-scripts.php`
* `wp-includes/class.wp-styles.php` → `wp-includes/class-wp-styles.php`
Includes:
* Loading the new files from the old ones, for anyone that may have been including the files directly.
* Replacing references to the old filenames with the new filenames.
Follow-up to [7970], [45654], [45662], [45663], [45678], [47197], [52026], [53749].
Props afragen, schlessera, swissspidy, dingo_d, hellofromTonya, SergeyBiryukov.
Fixes#37861. See #55647.
Built from https://develop.svn.wordpress.org/trunk@54254
git-svn-id: http://core.svn.wordpress.org/trunk@53813 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes a bug where if the `timezone_string` is set to a timezone name which has since been deprecated, the option value would be “lost” when saving the value again, as the comparison being done to verify whether it is a valid timezone name would only take “current” timezone names into account and would invalidate deprecated timezone names.
By passing the `DateTimeZone::ALL_WITH_BC` constant as the `$timezoneGroup` parameter to the PHP native `timezone_identifiers_list()` function, a timezone name list is retrieved containing both current and deprecated timezone names, preventing the invalidation of the option value.
See the extensive write-up about this in ticket #56468.
Also see: [https://www.php.net/manual/en/datetimezone.listidentifiers.php PHP Manual: timezone_identifiers_list()].
Includes adding a dedicated test to the data provider used in the `Tests_Option_SanitizeOption` test class.
Note: The new data set is ''named'', even though the other data sets are unnamed, to make sure it is clear what this data set is testing. Adding test names for the original data sets in this data provider would be a great future improvement, but is outside of the scope of this commit.
Follow-up to [18323], [33119], [54207], [54217], [54227].
Props jrf, costdev.
See #56468.
Built from https://develop.svn.wordpress.org/trunk@54229
git-svn-id: http://core.svn.wordpress.org/trunk@53788 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Usage of `get_magic_quotes_gpc()` was removed from `addslashes_gpc()` in [46105] / #47783.
- A similar description fragment was removed from `wp_parse_str()` in that changeset, but this one was missed.
- The `get_magic_quotes_gpc()` function itself was deprecated in PHP 7.4 and removed in PHP 8.0.
Props mitweka, audrasjb, SergeyBiryukov.
Fixes#56233.
See #55646.
Built from https://develop.svn.wordpress.org/trunk@53776
git-svn-id: http://core.svn.wordpress.org/trunk@53335 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds Unicode sequence normalization from NFD to NFC, via the `normalizer_normalize()` PHP function which is available with the recommended `intl` PHP extension.
This fixes an issue where NFD characters were not properly sanitized. It also provides a unit test for NFD sequences (alternate Unicode representations of the same characters).
Props NumidWasNotAvailable, targz, nacin, nunomorgadinho, p_enrique, gitlost, SergeyBiryukov, markoheijnen, mikeschroder, ocean90, pento, helen, rodrigosevero, zodiac1978, ironprogrammer, audrasjb, azaozz, laboiteare, nuryko, virgar, dxd5001, onnimonni, johnbillion.
Fixes#24661, #47763, #35951.
See #30130, #52654.
Built from https://develop.svn.wordpress.org/trunk@53754
git-svn-id: http://core.svn.wordpress.org/trunk@53313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.
Follow-up to [11383], [13096], [51597], [53452].
Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes#55852.
Built from https://develop.svn.wordpress.org/trunk@53455
git-svn-id: http://core.svn.wordpress.org/trunk@53044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A general security rule is "Sanitize when you save, escape when you echo".
In WordPress 5.9, `sanitize_url()` was un-deprecated in order to better align with the naming of other sanitizing functions, while still being an alias for `esc_url_raw()`.
This commit reverses the order and turns `esc_url_raw()` into a wrapper for `sanitize_url()`, making the latter the canonical function call and aiming to improve performance by reducing the number of function calls required when using the recommended technique.
Follow-up to [11383], [13096], [51597].
Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
See #55852.
Built from https://develop.svn.wordpress.org/trunk@53452
git-svn-id: http://core.svn.wordpress.org/trunk@53041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change improves the `esc_xml()` function by replacing two `empty()` checks with `isset()` to cover values that are not equal to `''` but still returning `true` when checked with `empty()`, like `'0'`, `0` or `false`. It also updates the related unit tests accordingly.
Props rumpel2116, pbiron.
Fixes#55399.
Built from https://develop.svn.wordpress.org/trunk@53144
git-svn-id: http://core.svn.wordpress.org/trunk@52733 1a063a9b-81f0-0310-95a4-ce76da25c4cd