ZipArchive can fail to validate ZIP files correctly and report valid files as invalid. This introduces a fallback to PclZip to check validity of files if ZipArchive fails them.
This introduces the new function wp_zip_file_is_valid() to validate archives.
Follow up to [57388].
Reviewed by jorbin.
Merges [57537] to the 6.4 branch.
Props audunmb, azaozz, britner, cdevroe, colorful-tones, costdev, courane01, endymion00, feastdesignco, halounsbury, jeffpaul, johnbillion, jorbin, jsandtro, karinclimber, kevincoleman, koesper, maartenbelmans, mathewemoore, melcarthus, mujuonly, nerdpressteam, olegfuture, otto42, peterwilsoncc, room34, sayful, schutzsmith, stephencronin, svitlana41319, swissspidy, tnolte, tobiasbg, vikram6, welaunchio.
Fixes#60398.
Built from https://develop.svn.wordpress.org/branches/6.4@57929
git-svn-id: http://core.svn.wordpress.org/branches/6.4@57430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The values of start and end are not fully supported by Opera Mini which has 1.01% usage. There is no material change in functionality with this change.
Reviewed by hellofromTonya.
Merges [57151] to 6.4 branch.
Props kebbet, NekoJonez, luminuu, hellofromTonya.
Fixes#59819.
Built from https://develop.svn.wordpress.org/branches/6.4@57160
git-svn-id: http://core.svn.wordpress.org/branches/6.4@56671 1a063a9b-81f0-0310-95a4-ce76da25c4cd
During a bulk edit of posts with different categories, the categories for the edited posts would be reset to the default category: uncategorized by default.
This reverts [56712] to resolve the issue.
Merges [57093] to the 6.4 branch.
Props peterwilsoncc, hellofromtonya, jorbin.
Fixes#59837.
See #11302.
Built from https://develop.svn.wordpress.org/branches/6.4@57094
git-svn-id: http://core.svn.wordpress.org/branches/6.4@56605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Merges [57018] to 6.4 branch.
Tweaks the 6.4 about pages in a couple of ways:
- Decouples the background from the 6.4 logo so the logo can move for RTL.
- Updates a color to improve color contrast.
- Help prevent overlap of long text strings with 6.4 logo.
- Ensure background isn't dark when no background is used on mobile.
Props nudge, jorbin, afercia, sumitsingh, sabernhardt.
See #59289, #59664.
Backport reviewed by hellofromTonya and joedolson.
Built from https://develop.svn.wordpress.org/branches/6.4@57025
git-svn-id: http://core.svn.wordpress.org/branches/6.4@56536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a conditional to prevent the `prefers-reduced-motion` `ajaxComplete` listener from observing events not occurring in the plugin installation screen. Improve handling of settings data test.
The listener observing `ajaxComplete` in [56541] was intercepting all `ajaxComplete` events, creating potential for unexpected errors in unrelated functions.
Props bplv, afercia, rudlinkon, hellofromTonya, huzaifaalmesbah, joedolson, jorbin.
Reviewed by jorbin.
Merges [57022] to the 6.4 branch.
Fixes#59689.
Built from https://develop.svn.wordpress.org/branches/6.4@57024
git-svn-id: http://core.svn.wordpress.org/branches/6.4@56535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also includes updates to the contribute, credits, freedom and privacy pages.
Props luminuu, rmartinezduque, estelaris, jorbin, mukesh27, cbringmann, richtabor, annezazu, nudge, ohia, acirujano, elmastudio, cathibosco1, sereedmedia, markoserb, joen. (Also someone named Allison who I am going to guess is Taylor Alison Swift but has no avatar so I will never know)
Built from https://develop.svn.wordpress.org/trunk@56950
git-svn-id: http://core.svn.wordpress.org/trunk@56461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevent the saving of invalid timezone string in to the database on the options pages. If an invalid timezone is submitted it is ignored and the setting remains unchanged.
This prevents a warning or fatal (depending on the PHP version) from being thrown by an invalid timezone setting on the Settings > General page.
Props ankit-k-gupta, costdev, huzaifaalmesbah, mrinal013, nicolefurlan, oglekler.
Fixes#58814.
Built from https://develop.svn.wordpress.org/trunk@56949
git-svn-id: http://core.svn.wordpress.org/trunk@56460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When an admin sends a password reset link to a user (from the Users UI screen), the "finished" UI message:
>Password reset link sent.
is displayed on "finished" and no longer displayed on error.
**What is the change?**
Previously, the conditional (for incrementing the reset counter) checked for a truthy return from `retrieve_password()`. But `retrieve_password()` always returns a truthy state: `true` (meaning "finished") or an instance of `WP_Error`. Thus, checking for a truthy meant the "finished" message was sent on both "finished" and error/failed.
This fix checks for `retrieve_password()` returning `true` to indicate "finished".
**What is displayed on error?**
If `retrieve_password()` returns an instance of `WP_Error`, the following UI message is shown:
>Password reset links sent to 0 users.
The UI messages were not modified by this changeset.
Follow-up to [50129].
Props letraceursnork, prashantbhivsane, audrasjb, costdev, dilipbheda, hareesh-pillai, hellofromTonya, ironprogrammer, huzaifaalmesbah, marybaum, nicolefurlan, oglekler, petitphp, SergeyBiryukov.
Fixes#58407.
Built from https://develop.svn.wordpress.org/trunk@56937
git-svn-id: http://core.svn.wordpress.org/trunk@56448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The filter was initially introduced for file replication purposes. Since the returned value is not always used directly, some instances were later converted to an action as part of removing unused variables, and the hook was documented as an action while still being called as a filter in other instances.
This commit aims to correct the discrepancy between the code and the documentation.
Follow-up to [4673], [4817], [4818], [6363], [6551], [13041], [25821], [33154], [33280].
Props Howdy_McGee, nicolefurlan, johnbillion, mhshujon, SergeyBiryukov.
Fixes#57775.
Built from https://develop.svn.wordpress.org/trunk@56929
git-svn-id: http://core.svn.wordpress.org/trunk@56440 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [56599], a `sprintf()` call was modified which resulted in an insufficient number of arguments.
This caused a Fatal Error when an incompatible plugin notice was displayed.
This fixes the `sprintf()` call.
Follow-up to [56599].
Props petitphp, TobiasBg, sabernhardt, mukesh27.
Fixes#59590. See #57791.
Built from https://develop.svn.wordpress.org/trunk@56824
git-svn-id: http://core.svn.wordpress.org/trunk@56336 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit changes the Gutenberg minimum compatible version number from 14.1 (introduced in [54790]) to 16.5. For versions older than 16.5, the plugin will deactivate when upgrading WordPress to 6.4-beta3 or newer.
Changes are done within Core's `_upgrade_core_deactivate_incompatible_plugins()` which is invoked during WordPress' upgrade process.
Follow-up to [54790].
Props hellofromTonya, spacedmonkey.
Fixes#59584.
Built from https://develop.svn.wordpress.org/trunk@56820
git-svn-id: http://core.svn.wordpress.org/trunk@56332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replace the `focusout` event handler added in [55326] with a combination of `blur` and `keyup` handler. This change handles Safari not setting focus on clicked elements.
Props afercia, joedolson, travel_girl, oglekler, rajinsharwar, marybaum, rcorrales, binsaifullah, shubhamsedani, ashikur698.
Fixes#58912.
Built from https://develop.svn.wordpress.org/trunk@56810
git-svn-id: http://core.svn.wordpress.org/trunk@56322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use `pagehide` event instead of `unload` in the following cases:
* For classic editor to release the post lock.
* In Text widget to rebuild editor after dragging widget to new location in classic widgets interface.
* To clear out the `window.name` when navigating away from a post preview.
* To suspend heartbeat, while also using `pageshow` event to resume as if it had been a focused tab in case page restored from bfcache.
Also:
* Remove obsolete mobile cleanup code in `js/_enqueues/lib/gallery.js` (introduced in [9894]). Do same for `src/js/_enqueues/wp/media/models.js` (introduced in [22872]). See #22552.
* Remove obsolete Firefox-specific workaround in `js/_enqueues/wp/mce-view.js` from [39282]. See #38511.
Fixes#55491.
Props spenserhale, westonruter, adamsilverstein, azaozz, shawfactor, peterwilsoncc, swissspidy.
Built from https://develop.svn.wordpress.org/trunk@56809
git-svn-id: http://core.svn.wordpress.org/trunk@56321 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Follow up to [56022] to fix inability to set a date/time in quick editing. Allow a user to set a quick/edit date while preventing accidental date assignments per the original intent.
Props tristanleboss, ivanzhuck, tibbsa, sabernhardt, sergeybiryukov, oandregal, khokansardar, joedolson, shailu25.
Fixes#59125. See #19907.
Built from https://develop.svn.wordpress.org/trunk@56802
git-svn-id: http://core.svn.wordpress.org/trunk@56314 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to better align the navigation fallback implementation with core architecture and best practices.
The function that updates the `wp_navigation` post response schema is now a public method of the `WP_Navigation_Fallback` class, so an extra file previously used for that specific function is no longer necessary.
Follow-up to [56052].
Props ramonopoly, scruffian, isabel_brison, mukesh27, swissspidy, rajinsharwar, afercia, audrasjb, mikeschroder, JeffPaul, johnjamesjacoby, TimothyBlynJacobs, oglekler, SergeyBiryukov.
Fixes#58910.
Built from https://develop.svn.wordpress.org/trunk@56793
git-svn-id: http://core.svn.wordpress.org/trunk@56305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `_register_theme_block_patterns` function imposed a significant resource overhead. This issue primarily stems from themes, such as TT4, that register a substantial number of block patterns. These patterns necessitate numerous file operations, including file lookups, file reading into memory, and related processes. To provide an overview, the _register_theme_block_patterns function performed the following file operations:
- is_dir
- is_readable
- file_exists
- glob
- file_get_contents (utilized via get_file_data)
To address these issues, caching using a transient has been added to a new function call `_wp_get_block_patterns`. If theme development mode is disabled and theme exists, the block patterns are saved in a transient cache. This cache is used all requests after that, saving file lookups and reading files into memory. Cache invalidation is done, when themes are switched, deleted or updated. Meaning that block patterns are not stored in the cache incorrectly.
Props flixos90, joemcgill, peterwilsoncc, costdev, swissspidy, aristath, westonruter, spacedmonkey.
Fixes#59490
Built from https://develop.svn.wordpress.org/trunk@56765
git-svn-id: http://core.svn.wordpress.org/trunk@56277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In cases where `WP_Comment_Query` or `get_comments` is employed with the 'count' parameter set to true, specify 'order by' as 'none'. Since these queries serve solely to determine the count of comments matching specific query parameters, the 'order by' clause becomes redundant and places unnecessary strain on the database server, resulting in slower query execution. Given that count queries are executed on every admin request to retrieve comment counts, this change enhances the performance of the wp-admin interface.
Props guss77, davidbaumwald, SergeyBiryukov, westonruter, peterwilsoncc, foliovision, hareesh-pillai, spacedmonkey.
Fixes#58368
Built from https://develop.svn.wordpress.org/trunk@56747
git-svn-id: http://core.svn.wordpress.org/trunk@56259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes ignore annotations which are unnecessary due to the configuration in the `phpcs.xml.dist` ruleset already taking care of this.
Follow-up to [45611], [50146], [50148], [50586], [50822], [56738].
Props jrf.
See #59161.
Built from https://develop.svn.wordpress.org/trunk@56743
git-svn-id: http://core.svn.wordpress.org/trunk@56255 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Enable the storing of post meta in revisions including autosaves and previews:
Add a new argument `revisions_enabled` to the `register_meta` function which enables storing meta in revisions.
Add a new `wp_post_revision_meta_keys` filter which developers can use to control which meta is revisioned - it passes an array of the meta keys with revisions enabled as well as the post type.
Meta keys with revisions enabled are also stored for autosaves, and are restored when a revision or autosave is restored. In addition, meta values are now stored with the autosave revision used for previews. Changes to meta can now be previewed correctly without overwriting the published meta (see #20299) or passing data as a query variable, as the editor currently does to preview changes to the featured image.
Changes to meta with revisions enabled are considered when determining if a new revision should be created. A new revision is created if the meta value has changed since the last revision.
Revisions are now saved on the `wp_after_insert_post` hook instead of `post_updated`. The `wp_after_insert_post` action is fired after post meta has been saved by the REST API which enables attaching meta to the revision. To ensure backwards compatibility with existing action uses, `wp_save_post_revision_on_insert` function exits early if plugins have removed the previous `do_action( 'post_updated', 'wp_save_post_revision' )` call.
Props: alexkingorg, johnbillion, markjaquith, WraithKenny, kovshenin, azaozz, tv-productions, p51labs, mattheu, mikeschroder, Mamaduka, ellatrix, timothyblynjacobs, jakemgold, bookwyrm, ryanduff, mintindeed, wonderboymusic, sanchothefat, westonruter, spacedmonkey, hellofromTonya, drewapicture, adamsilverstein, swisspiddy.
Fixes#20564, #20299.
Built from https://develop.svn.wordpress.org/trunk@56714
git-svn-id: http://core.svn.wordpress.org/trunk@56226 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This pre-fills category fields in the Quick/Bulk Edit form with their current status.
When bulk editing, if only some of the selected items are in a given category, the category's checkbox will display a line to indicate an indeterminate status.
Props pavelevap, scribu, chasedsiedu, helen, joshcanhelp, ubernaut, Cyberchicken, laumindproductscomau, SergeyBiryukov, Marcoevich, tomybyte, thinkluke, virtality-marketing-solutions, Michalooki, dmsnell, itecrs, pannelars, WHSajid, samba45, Mte90, johnbillion, tomluckies, soulseekah, francina, oglekler, ajmcfadyen, mukesh27, costdev.
Fixes#11302.
Built from https://develop.svn.wordpress.org/trunk@56712
git-svn-id: http://core.svn.wordpress.org/trunk@56224 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add the event type (WordCamp, Meetup, etc) to the nearby events listing within the Dashboard's Events and News widget.
Props renyot, audrasjb, ankit-k-gupta, oglekler, devmuhib, dhruvishah2203, JeffPaul, anveshika, sarahwilliams889, ajakaroth.
Fixes#58947.
Built from https://develop.svn.wordpress.org/trunk@56697
git-svn-id: http://core.svn.wordpress.org/trunk@56209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is an important release which makes significant changes to improve the accuracy, performance, stability and maintainability of all sniffs, as well as making WordPressCS much better at handling modern PHP.
WordPressCS 3.0.0 contains breaking changes, both for people using ignore annotations, people maintaining custom rulesets, as well as for sniff developers who maintain a custom PHPCS standard based on WordPressCS.
If you are an end-user or maintain a custom WordPressCS based ruleset, please start by reading the [https://github.com/WordPress/WordPress-Coding-Standards/wiki/Upgrade-Guide-to-WordPressCS-3.0.0-for-ruleset-maintainers Upgrade Guide to WordPressCS 3.0.0 for ruleset maintainers] which lists the most important changes and contains a step by step guide for upgrading.
If you are a maintainer of an external standard based on WordPressCS and any of your custom sniffs are based on or extend WordPressCS sniffs, please read the [https://github.com/WordPress/WordPress-Coding-Standards/wiki/Upgrade-Guide-to-WordPressCS-3.0.0-for-Developers-of-external-standards Upgrade Guide to WordPressCS 3.0.0 for Developers].
In all cases, please read the complete changelog carefully before you upgrade.
This commit:
* Updates the Composer dependencies to use the new version, including updating the underlying PHP_CodeSniffer dependency to the new minimum supported version for WPCS.[[BR]] Note: the Composer PHPCS installer plugin is no longer explicitly required as it is now a dependency of WPCS, so the dependency is inherited automatically.
* Updates the ruleset for WPCS 3.0.0. This includes:
* Raising the memory limit to be on the safe side as WPCS 3.0.0 contains a lot more sniffs.
* Removing explicit inclusions of extra rules, which have now been added to the `WordPress-Core` ruleset..
* Updating property names for select sniffs.
* Updating one exclusion — the `WordPress.CodeAnalysis.AssignmentInCondition` sniff has been (partially) replaced by the `Generic.CodeAnalysis.AssignmentInCondition` sniff.
* Adding one new exclusion.
* Downgrades one new error to a warning.[[BR]] The `Generic.Files.OneObjectStructurePerFile` sniff enforces that there is only one OO structure declaration per file. At this time, this sniff would yield 29 errors. By downgrading the sniff to a ''warning'', the build can pass and the issues can be fixed in due time. For now, the test directory will be excluded until the issues are fixed (as the test directory CS run does not allow for warnings).
* Updates ignore annotations for WPCS 3.0.0.
Reference: [https://github.com/WordPress/WordPress-Coding-Standards/releases/tag/3.0.0 WPCS 3.0.0 release notes].
Follow-up to [43571], [44574], [45600], [47927].
Props jrf, jorbin, desrosj.
See #59161.
Built from https://develop.svn.wordpress.org/trunk@56695
git-svn-id: http://core.svn.wordpress.org/trunk@56207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This introduces the following new filters which wrap the process of unzipping an archive:
- `pre_unzip_file` - Filters archive unzipping to allow an override with a custom process.
- `unzip_file` - Filters the result of unzipping an archive.
Both filters pass the following:
- `string $file` - Full path and filename of ZIP archive.
- `string $to` - Full path on the filesystem to extract archive to.
- `string[] $needed_dirs` - A full list of required folders that need to be created.
- `float|false $required_space` - The space required to unzip the file and copy its contents, with a 10% buffer.
Props dfavor, azaozz, oglekler, afragen, costdev.
Fixes#37719.
Built from https://develop.svn.wordpress.org/trunk@56689
git-svn-id: http://core.svn.wordpress.org/trunk@56201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In this commit, enhancements have been made by replacing manually constructed style tags with calls to `wp_add_inline_style`. Previously, numerous style tags were generated and output directly in the header, resulting in redundant code and bypassing the core's style enqueueing system. This approach made it challenging for third-party developers to manage and control the output of these style tags.
To ensure backward compatibility, the following functions have been deprecated and replaced:
- print_embed_styles
- print_emoji_styles
- wp_admin_bar_header
- _admin_bar_bump_cb
Backward compatibility shims have also been added, ensuring that if these functions were previously unhooked from there actions, they will continue to not output a style tag.
However, for the following functions, conversion to use inline styles was not feasible due to the potential disruption it might cause by changing the style tag IDs, potentially breaking JavaScript functionality for a number of plugins in the repository:
- custom-background
- wp-custom
These changes improve code maintainability and enhance the flexibility and control available to developers when managing style outputs within WordPress core.
Props spacedmonkey, hlunter, westonruter, flixos90.
Fixes#58775.
Built from https://develop.svn.wordpress.org/trunk@56682
git-svn-id: http://core.svn.wordpress.org/trunk@56194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
John Blackbourn
Aaron Jorbin
Joe McGill
Peter Wilson
hellofromTonya
joedolson
desrosj
Sergey Biryukov
audrasjb
costdev
Weston Ruter
spacedmonkey
Tammie Lister
Adam Silverstein