This introduces the singular `edit_term`, `delete_term`, and `assign_term` meta capabilities for terms, and switches the base capability name for tags from `manage_categories` to `manage_post_tags` and the corresponding `edit_post_tags`, `delete_post_tags`, and `assign_post_tags`.
All of these capabilities ultimately map to `manage_categories` so by default there is no change in the behaviour of the capabilities for categories, tags, or custom taxonomies. The `map_meta_cap` filter and the `capabilities` argument when registering a taxonomy now allow for control over editing, deleting, and assigning individual terms, as well as a separation of capabilities for tags from those of categories.
Fixes#35614
Props johnjamesjacoby for feedback
Built from https://develop.svn.wordpress.org/trunk@38698
git-svn-id: http://core.svn.wordpress.org/trunk@38641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.
The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php
We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php
When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.
The future is now.
See #36335.
Built from https://develop.svn.wordpress.org/trunk@38399
git-svn-id: http://core.svn.wordpress.org/trunk@38340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
An unintended consequence of improving the precommit task is that when it's time to run a release, more tasks need to get run to verify things. This adds a prerelease task to help fix that situation. grunt prerelease should include tasks that verify the code base is ready to be released to the wild and find all the tears on the mausoleum floor and help Blood stain the Colosseum doors.
See #35557
Built from https://develop.svn.wordpress.org/trunk@36930
git-svn-id: http://core.svn.wordpress.org/trunk@36898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For the past 6 years, WordPress has operated as an oEmbed consumer, allowing users to easily embed content from other sites. By adding oEmbed provider support, this allows any oEmbed consumer to embed posts from WordPress sites.
In addition to creating an oEmbed provider, WordPress' oEmbed consumer code has been enhanced to work with any site that provides oEmbed data (as long as it matches some strict security rules), and provides a preview from within the post editor.
For security, embeds appear within a sandboxed iframe - the iframe content is a template that can be styled or replaced entirely by the theme on the provider site.
Props swissspidy, pento, melchoyce, netweb, pfefferle, johnbillion, extendwings, davidbinda, danielbachhuber, SergeyBiryukov, afercia
Fixes#32522.
Built from https://develop.svn.wordpress.org/trunk@34903
git-svn-id: http://core.svn.wordpress.org/trunk@34868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If a super admin does not have an active blog assigned to their account, `$wp_admin_bar->user->active_blog` will be set as `null`. We can then fall back to `admin_url()` to generate the My Sites URL.
Props SergeyBiryukov, deconf.
Fixes#31755.
Built from https://develop.svn.wordpress.org/trunk@31981
git-svn-id: http://core.svn.wordpress.org/trunk@31960 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Brings into core the Customizer Theme Switcher feature plugin
* You can now browse, preview, and activate themes right from the Customizer
fixes#31303.
props celloexpressions, afercia, westonruter, folletto, designsimply
Built from https://develop.svn.wordpress.org/trunk@31533
git-svn-id: http://core.svn.wordpress.org/trunk@31514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Switch to the user's primary (or active) site before creating the My Sites URL. This previously linked to the current site's dashboard, even if a user was not a member of that site.
Props simonwheatley for the initial patch.
Fixes#31314.
Built from https://develop.svn.wordpress.org/trunk@31445
git-svn-id: http://core.svn.wordpress.org/trunk@31426 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replace links in admin menu and toolbar to Custom Background/Header screen with deep-links to the Customizer section.
On the Widgets screen display a link to the Customizer widgets panel.
props topher1kenobe, rzen, celloexpressions, westonruter
fixes#25569, #25571, #28032.
Built from https://develop.svn.wordpress.org/trunk@30459
git-svn-id: http://core.svn.wordpress.org/trunk@30450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Makes the admin fully responsive down to 320px wide.
* Adds a touch-optimized main menu that can be opened and closed from the toolbar.
* Size and positioning adjustments to icons, buttons, and text elements for better touch usability.
A few changes since MP6:
* Removed jQuery mobile. This script was used to add swipe controls to open/close the sidebar menu. This feature was apparently buggy and due to the pending demise of jQuery mobile, it was removed.
* Removed use of Backbone.js. Adding Backbone.js to this script would add a dependency of Backbone.js for all of the admin. Additionally, it was used to add a menu item. Instead of doing that, it was added via the admin menu API. This also fixes a bad delay in the item showing in the menu.
* CSS layout is standardized. Comments have also been cleaned up.
* Jetpack and Akismet code is removed.
* RTL CSS is removed.
* JS passes hinting other than one small issue that will likely be removed when parts of the code are reviewed.
A number of areas for improvement remain; we're tracking these issues in the comments of #25858.
Props to tollmanz, tillkruess, helen, dd32, and apeatling.
Built from https://develop.svn.wordpress.org/trunk@26134
git-svn-id: http://core.svn.wordpress.org/trunk@26046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Still to come: more color schemes, a responsive component, and more.
see #25858.
props iammattthomas, tillkruess, EmpireOfLight, melchoyce, ryelle, joen, mitchoyoshitaka, sirbrillig, andypeatling, isaackeyet, Otto42, dd32, matt, helen.
Built from https://develop.svn.wordpress.org/trunk@26072
git-svn-id: http://core.svn.wordpress.org/trunk@25992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Consolidate the logic to avoid appending ellipsis if the entire string is shown.
* Show ellipsis after truncated filenames and post titles.
props solarissmoke, bpetty, SergeyBiryukov. fixes#11446.
git-svn-id: http://core.svn.wordpress.org/trunk@24214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Attachments now go through post.php, edit_post(), the like, and have show_ui set to true.
* Taxonomies attached to the media library now appear in the admin menu (if show_ui).
* Editing, cropping, uploading, etc. is still very rough, but mostly functional.
API-wise:
* New function: get_taxonomies_for_attachments(). Like get_taxonomies(), for taxonomies specifically registered against attachments.
* Brings taxonomy support from the posts list table to the media list table. Expect them to converge soon.
* wp_insert_attachment() now handles taxonomies like wp_insert_post(). Also expect them to converge soon.
* New edit_form_after_title hook.
props helenyhou, ocean90. see #21391.
git-svn-id: http://core.svn.wordpress.org/trunk@21948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Will be replaced with http://wordpress.org/extend/plugins/atom-publishing-protocol/.
* Introduces an action, xmlrpc_rsd_apis, to add APIs to xmlrpc.php?rsd.
* Introduces support for 'error' being 403 and 50x in class-wp.php.
* Removes 'Remote Publishing' from Writing Settings (see [21804]). Keeps the remote_publishing settings section.
DB version is bumped to generate the new wp-app rewrite rule and remove the old enable_app option.
props wonderboymusic.
fixes#21509.
git-svn-id: http://core.svn.wordpress.org/trunk@21818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Make the $post argument to get_post() optional, defaulting to the current post in The Loop.
Props nacin
see #21309
git-svn-id: http://core.svn.wordpress.org/trunk@21735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
wp-includes/admin-bar.php:
* Replace get_admin_url() and get_home_url() with admin_url() and home_url() and place them inside a switch/restore. Likewise replace current_user_can_for_blog() with current_user_can(). This avoids doing multiple switch restores.
wp-includes/ms-blogs.php:
* Deprecate the $validate argument to switch_to_blog(). This avoids a not very necessary call to get_blog_details(), possibly saving a few queries.
* Use $_wp_switched and $_wp_switched_stack instead of $switched and $switched_stack to make it less likely these globals will be stomped.
* Use GLOBALS to access blog_id and other globals. I've preferred this style lately since it makes it obvious a global is being used and avoids global blog_id being stomped by a local variable.
* Lose some is_object() checks. wp_get_current_user() always returns an object, for example.
* Call the new WP_Roles::reinit() method.
wp-includes/class-wp-xmlrpc-server.php:
* Replace current_user_can_for_blog() with current_user_can() and move it inside the switch/restore pair. This eliminates a switch/restore.
wp-includes/capabilities.php:
* Use array_keys() instead of $role => $data since $data is unused. I *think* this is a bit faster.
* Introduce WP_Roles::reinit(). This reinitializes WP_Roles and is used after switch_to_blog() has already update the blog ID in the wpdb object. If a global roles array is being used instead of the db, reinit is skipped.
* current_user_can_for_blog() now does a switch/restore. It didn't before meaning it could be reinitializing the user with the wrong role information for the current blog.
wp-includes/ms-settings.php:
* Define $_wp_switched_stack and $_wp_switched. This way switch_to_blog() and restore_current_blog() can rely on it being set.
wp-settings.php:
* Instantiate the WP_Roles global. This was it is always defined during init. To remove the WP_Roles checks from WP_Role and WP_User this would probably have to move before plugins are loaded, which might not be a good thing.
wp-includes/functions.php:
* Update wp_upload_dir() to reference _wp_switched.
git-svn-id: http://core.svn.wordpress.org/trunk@21485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Removes script queue check for 'customize-loader' from wp_customize_support_script(), because we may want to check for customize-support on a page without the loader.
git-svn-id: http://core.svn.wordpress.org/trunk@20918 1a063a9b-81f0-0310-95a4-ce76da25c4cd