Commit Graph

44733 Commits

Author SHA1 Message Date
hellofromTonya
78e5b8481c Application Passwords: Add end-to-end (e2e) tests.
Adds end-to-end (e2e) tests for the following test scenarios:
* Create a new application password.
* Create an application password with an existing name.
* Revoke a single application password.
* Bulk revoke applications passwords.

Follow-up to [49109], [49276], [49562], [50001], [50367], [51463].

Props justinahinon, swissspidy, juhise, kevin940726, isabel_brison.
Fixes #54241.
Built from https://develop.svn.wordpress.org/trunk@51966


git-svn-id: http://core.svn.wordpress.org/trunk@51555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 21:42:00 +00:00
Sergey Biryukov
b855ffec3f Docs: Add a @since note for the rest_namespace argument of register_post_type() and register_taxonomy().
Use 3-digit, x.x.x-style semantic versioning for `@since` tags of the `$rest_namespace` property in `WP_Post_Type` and `WP_Taxonomy`.

Add a `@since` note to `WP_REST_Taxonomies_Controller::get_item_schema()` for the `visibility` and `rest_namespace` properties.

The `rest_base` property was also added after the method was initially introduced, but that happened during the same release cycle, so it doesn't need a separate `@since` note.

Follow-up to [38832], [39191], [42729], [51959], [51961], [51962], [51964].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51965


git-svn-id: http://core.svn.wordpress.org/trunk@51554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 14:31:00 +00:00
TimothyBlynJacobs
c0995319f4 REST API: Support custom namespaces for taxonomies.
While a taxonomy can define a custom route by using the rest_base argument, a namespace of wp/v2 was assumed. This commit introduces support for a rest_namespace argument.

A new rest_get_route_for_taxonomy_items function has been introduced and the rest_get_route_for_term function updated to facilitate getting the correct route for taxonomies.

For maximum compatibility sticking with the default wp/v2 namespace is recommended until the API functions see wider use.

Props spacedmonkey.
Fixes #54267.
See [51962].

Built from https://develop.svn.wordpress.org/trunk@51964


git-svn-id: http://core.svn.wordpress.org/trunk@51553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 03:27:55 +00:00
Gary Pendergast
2c3205bb84 KSES: Add options for restricting tags based upon their attributes.
This change adds two now attribute-related config options to KSES:
- An array of allowed values can be defined for attributes. If the attribute value doesn't fall into the list, the attribute will be removed from the tag.
- Attributes can be marked as required. If a required attribute is not present, KSES will remove all attributes from the tag. As KSES doesn't match opening and closing tags, it's not possible to safely remove the tag itself, the safest fallback is to strip all attributes from the tag, instead.

Included with this change is an implementation of these options, allowing the `<object>` tag to be stored in posts, but only when it has a `type` attribute set to `application/pdf`.

Props pento, swissspidy, peterwilsoncc, dd32, jorbin.
Fixes #54261.


Built from https://develop.svn.wordpress.org/trunk@51963


git-svn-id: http://core.svn.wordpress.org/trunk@51552 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 02:13:56 +00:00
TimothyBlynJacobs
bac6e41c85 REST API: Support custom namespaces for custom post types.
While a custom post type can define a custom route by using the `rest_base` argument, a namespace of `wp/v2` was assumed. This commit introduces support for a `rest_namespace` argument. 

A new `rest_get_route_for_post_type_items` function has been introduced and the `rest_get_route_for_post` function updated to facilitate getting the correct route for custom post types.

While the WordPress Core Block Editor bootstrap code has been updated to use these API functions, for maximum compatibility sticking with the default `wp/v2` namespace is recommended until the API functions see wider use.

Props spacedmonkey, swissspidy.
Fixes #53656.

Built from https://develop.svn.wordpress.org/trunk@51962


git-svn-id: http://core.svn.wordpress.org/trunk@51551 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 23:16:58 +00:00
Sergey Biryukov
c60a9d92e2 Docs: Add a @since note to WP_REST_Post_Types_Controller::get_item_schema() for the supports and visibility properties.
The `taxonomies` and `rest_base` properties were also added after the method was initially introduced, but that happened during the same release cycle, so they don't need a separate `@since` note.

Follow-up to [38832], [39097], [39191], [39647], [51959].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51961


git-svn-id: http://core.svn.wordpress.org/trunk@51550 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 20:28:01 +00:00
TimothyBlynJacobs
af212ad9b3 REST API: Send a 500 status code when JSON encoding fails.
Previously, a 200 status code would be sent despite the 500 status code present in the response body.

Props hermpheus, lalitjalandhar.
Fixes #53056.

Built from https://develop.svn.wordpress.org/trunk@51960


git-svn-id: http://core.svn.wordpress.org/trunk@51549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 06:07:56 +00:00
TimothyBlynJacobs
f76071026b REST API: Add visibility information to the Post Types controller.
Props spacedmonkey, peterwilsoncc.
Fixes #54055.

Built from https://develop.svn.wordpress.org/trunk@51959


git-svn-id: http://core.svn.wordpress.org/trunk@51548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-31 05:19:01 +00:00
John Blackbourn
3d86f8af55 Application Passwords: Various docblock improvements.
See #53399, #42790

Built from https://develop.svn.wordpress.org/trunk@51958


git-svn-id: http://core.svn.wordpress.org/trunk@51547 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 20:26:59 +00:00
John Blackbourn
c274d3c520 Docs: Miscellaneous docblock improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51957


git-svn-id: http://core.svn.wordpress.org/trunk@51546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 20:17:01 +00:00
Sergey Biryukov
4459eaf392 Docs: Further update the debug_information filter description per the documentation standards.
Specifically, this ensures that the DocBlock follows the line wrapping recommendations.

Follow-up to [44986], [45156], [45259], [51949].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51956


git-svn-id: http://core.svn.wordpress.org/trunk@51545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 13:41:02 +00:00
John Blackbourn
6babc3833b Docs: Miscellaneous docblock improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51955


git-svn-id: http://core.svn.wordpress.org/trunk@51544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 23:13:05 +00:00
desrosj
4a0480a67d Build/Test Tools: Use correct URL for a GitHub Action workflow run.
Follow up to [51921], [51937], [51953].
Unprops desrosj.
See #53363.
Built from https://develop.svn.wordpress.org/trunk@51954


git-svn-id: http://core.svn.wordpress.org/trunk@51543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 20:34:58 +00:00
desrosj
ab1786d059 Build/Test Tools: Adjust Slack notifications for scheduled and workflow_dispatch events.
This makes the needed adjustments to fix Slack notifications for `scheduled` and `workflow_dispatch` events. The data needed to send notifications for these events are stored in different locations, or need to be accessed through API requests.

Follow up to [51921], [51937].
See #53363.
Built from https://develop.svn.wordpress.org/trunk@51953


git-svn-id: http://core.svn.wordpress.org/trunk@51542 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 20:00:58 +00:00
desrosj
deb3eca81a Build/Test Tools: Escape $ within commit messages for `$variables.
This ensures the variables are preserved in the Slack message.

Props ocean90, desrosj.
See #53363.
Built from https://develop.svn.wordpress.org/trunk@51952


git-svn-id: http://core.svn.wordpress.org/trunk@51541 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 19:41:56 +00:00
Sergey Biryukov
0e2f9ad5b6 Coding Standards: Correct alignment in WP_Site_Health::get_test_update_temp_backup_writable().
This fixes an `Equals sign not aligned with surrounding assignments; expected 1 space but found 6 spaces` WPCS warning.

Follow-up to [51815].

See #51857, #53359.
Built from https://develop.svn.wordpress.org/trunk@51951


git-svn-id: http://core.svn.wordpress.org/trunk@51540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 16:52:57 +00:00
John Blackbourn
0775153e27 Date/Time: Improve the docblocks for various date and time related functions.
See #53399, #28992, #40653

Built from https://develop.svn.wordpress.org/trunk@51950


git-svn-id: http://core.svn.wordpress.org/trunk@51539 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 16:51:56 +00:00
John Blackbourn
a0d8a60547 Site Health: Correct and improve the documentation for the debug_information hook.
This corrects the structure of the documentation so it accurately reflects the array elements contained within.

See #53399.

Built from https://develop.svn.wordpress.org/trunk@51949


git-svn-id: http://core.svn.wordpress.org/trunk@51538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 15:35:00 +00:00
joedolson
2f3b779563 Media: Remove deprecated click function in media uploader.
Replace the call to jQuery's deprecated click handler.

Props kapilpaul.
Fixes #53261.
Built from https://develop.svn.wordpress.org/trunk@51947


git-svn-id: http://core.svn.wordpress.org/trunk@51536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 17:50:58 +00:00
joedolson
d71ae9a7e3 Administration: Hide mobile menu on focusout.
Closes the admin menu on mobile devices when keyboard focus moves outside of the menu or menu toggle elements. Improves the usability of the menu on mobile by allowing closure anywhere outside the menu rather than only on the toggle. 

Props kaneva, costdev, sabernhardt
Fixes #53587.
Built from https://develop.svn.wordpress.org/trunk@51946


git-svn-id: http://core.svn.wordpress.org/trunk@51535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 17:28:56 +00:00
joedolson
acabcf82ff Media: Close attachment details modal with esc key.
The event that fired closing the attachment details modal also removed the keydown event listener, so subsequent modals could not be closed with the escape key.

Props vondelphia, sourovroy, sabernhardt
Fixes #53924.
Built from https://develop.svn.wordpress.org/trunk@51945


git-svn-id: http://core.svn.wordpress.org/trunk@51534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 16:07:59 +00:00
Sergey Biryukov
a5926f8ece Coding Standards: Correct alignment in wp_enqueue_global_styles().
This fixes an `Equals sign not aligned with surrounding assignments; expected 5 spaces but found 1 space` WPCS warning.

Follow-up to [50973], [51819].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51944


git-svn-id: http://core.svn.wordpress.org/trunk@51533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-28 14:10:59 +00:00
Pascal Birchler
a225165010 Role/Capability: Add support for capability queries in WP_User_Query.
Similar to the existing `role`/`role__in`/`role__not_in` query arguments, this adds support for three new query arguments in `WP_User_Query`:

* `capability` 
* `capability__in`
* `capability__not_in`

These can be used to fetch users with (or without) a specific set of capabilities, for example to get all users
with the capability to edit a certain post type.

Under the hood, this will check all existing roles on the site and perform a `LIKE` query against the `capabilities` user meta field to find:

* all users with a role that has this capability
* all users with the capability being assigned directly

Note: In WordPress, not all capabilities are stored in the database. Capabilities can also be modified using filters like `map_meta_cap`. These new query arguments do NOT work for such capabilities.

The prime use case for capability queries is to get all "authors", i.e. users with the capability to edit a certain post type.

Until now, `'who' => 'authors'` was used for this, which relies on user levels. However, user levels were deprecated a long time ago and thus never added to custom roles. This led to constant frustration due to users with custom roles missing from places like author dropdowns.

This updates any usage of `'who' => 'authors'` in core to use capability queries instead.

Subsequently, `'who' => 'authors'` queries are being **deprecated** in favor of these new query arguments.

Also adds a new `capabilities` parameter (mapping to `capability__in` in `WP_User_Query`) to the REST API users controller.

Also updates `twentyfourteen_list_authors()` in Twenty Fourteen to make use of this new functionality, adding a new `twentyfourteen_list_authors_query_args` filter to make it easier to override this behavior.

Props scribu, lgladdly, boonebgorges, spacedmonkey, peterwilsoncc, SergeyBiryukov, swissspidy.
Fixes #16841.

Built from https://develop.svn.wordpress.org/trunk@51943


git-svn-id: http://core.svn.wordpress.org/trunk@51532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 18:43:57 +00:00
Sergey Biryukov
311cf99866 Docs: Document the usage of some globals in wp-includes/script-loader.php.
Follow-up to [44114], [44262], [49080], [50761], [51471].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51942


git-svn-id: http://core.svn.wordpress.org/trunk@51531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 18:21:58 +00:00
Sergey Biryukov
6a5a0062ff Script Loader: Correct the number of arguments passed to the closure in enqueue_block_styles_assets().
This avoids an `Uncaught ArgumentCountError: Too few arguments to function {closure}(), 1 passed` PHP fatal error when registering a block style with the `should_load_separate_core_block_assets` filter enabled.

Follow-up to [51471].

Props aristath, shimon246, jrf, gziolo.
Fixes #54323.
Built from https://develop.svn.wordpress.org/trunk@51941


git-svn-id: http://core.svn.wordpress.org/trunk@51530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 17:10:01 +00:00
Sergey Biryukov
156a453ed9 Coding Standards: Rename the $process variable to $processed_response for clarity in WP_Http_Streams::request().
Includes minor code layout fixes for better readability.

Follow-up to [8516], [51826], [51929], [51931].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51940


git-svn-id: http://core.svn.wordpress.org/trunk@51529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 15:03:58 +00:00
johnjamesjacoby
7a0a07d691 Admin/HTTP API: add suggested filename support to download_url().
This change allows for external clients to supply a suggested filename via a `Content-Disposition` response header. This filename is processed through `sanitize_file_name()` to ensure it is allowable (on the server, MIME's, etc...) and `validate_file()` to prevent directory traversal.

If the suggested filename fails the above processing/checks, that suggestion is discarded and the standard temporary filename (generated by WordPress) is used.

If no `Content-Disposition` header is found in the response headers, the standard temporary filename continues to be used as per normal.

Included in this change are 6 additional PHPUnit tests with 9 assertions. These tests confirm that valid filename values are correctly saved, and invalid filename values are correctly rejected.

Props cklosows, costdev, dd32, johnjamesjacoby, ocean90, psrpinto.

Fixes #38231.
Built from https://develop.svn.wordpress.org/trunk@51939


git-svn-id: http://core.svn.wordpress.org/trunk@51528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 15:00:01 +00:00
Sergey Biryukov
b8e6a3c334 Tests: Some test improvements for clean_dirsize_cache() tests:
* Move the directory being tested to the `data` directory, for consistency with other test data.
* Set the `svn:eol-style` property to `native`, for consistency with other files.
* Correct the test class name in `dummy.txt`.

Follow-up to [51246], [51910], [51911].

See #52241, #53363.
Built from https://develop.svn.wordpress.org/trunk@51938


git-svn-id: http://core.svn.wordpress.org/trunk@51527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-26 02:03:58 +00:00
desrosj
3867e66520 Build/Test Tools: Use the correct workflow name in notifications on workflow_run.
When a workflow is triggered through a `workflow_run` event, the context is not the original workflow. The details about the original workflow are passed through the `github.event` context.

This also moves the conditional check controlling whether the Slack workflow is run into the calling workflows to prevent them from running for pull requests.

Follow up to [51921-51922,51924-51925,51934].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51937


git-svn-id: http://core.svn.wordpress.org/trunk@51526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-25 20:27:56 +00:00
desrosj
fc06dda73e Build/Test Tools: Restore Slack notifications for older branches.
In [51921], the GitHub Actions workflows were updated to utilize the Slack notifications workflow as a callable one instead of on the `workflow_run` event.

This eliminated the need for an additional “Slack Notifications” workflow run for every completed workflow, but only when other workflows are updated as well. This resulted in notifications from older branches breaking, as the changes in [51921] were not backported.

Instead of backporting the needed changes now (the Slack workflow is still being polished), this commit partially restores the `workflow_run` event for older branches so that notifications will resume.

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51934


git-svn-id: http://core.svn.wordpress.org/trunk@51525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-25 19:30:00 +00:00
Sergey Biryukov
d31f31c579 Coding Standards: Rename $theHeaders variable to $processed_headers in WP_Http_Curl::request().
This fixes a `Variable "$theHeaders" is not in valid snake_case format` WPCS warning.

Follow-up to [8516], [8520], [51826], [51929].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51931


git-svn-id: http://core.svn.wordpress.org/trunk@51524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-25 16:20:00 +00:00
Peter Wilson
cdf1000cbb Docs: Use sign-up & signup consistently in wp-signup.php.
In the docblocks throughout `wp-signup.php` use sign up for verbs and sign-up for nouns.

Props audrasjb, jeffpaul.
Fixes #54041. See #53399.


Built from https://develop.svn.wordpress.org/trunk@51930


git-svn-id: http://core.svn.wordpress.org/trunk@51523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-25 00:23:57 +00:00
Sergey Biryukov
f8f74e7aa5 Coding Standards: Rename the $arrHeaders variable to $processed_headers in WP_Http_Streams::request().
This fixes a `Variable "$arrHeaders" is not in valid snake_case format` WPCS warning.

Follow-up to [8516], [51826].

See #53359.
Built from https://develop.svn.wordpress.org/trunk@51929


git-svn-id: http://core.svn.wordpress.org/trunk@51522 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-24 19:23:00 +00:00
Sergey Biryukov
50aa2df391 Tests: Add @ticket references for page_on_front canonical tests.
Follow-up to [669/tests], [849/tests], [36238], [47760].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51928


git-svn-id: http://core.svn.wordpress.org/trunk@51521 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-23 12:38:01 +00:00
Sergey Biryukov
d468eb17c3 Coding Standards: Escape id attributes in WP_Customize_Control::render_content() and ::print_template().
Follow-up to [30014], [38906].

Props sabbirshouvo.
See #54295.
Built from https://develop.svn.wordpress.org/trunk@51927


git-svn-id: http://core.svn.wordpress.org/trunk@51520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-22 16:09:59 +00:00
Sergey Biryukov
4152fbfdb2 Coding Standards: Improve escaping in wp_login_form().
* Split long concatenated lines using `sprintf()`. This aims to improve readability and avoid multiple `esc_attr()` calls for the same value.
* Escape the form `name` and `id` attributes.

Follow-up to [12696], [18444], [19033].

Props sabbirshouvo, mukesh27, audrasjb, henry.wright, SergeyBiryukov.
Fixes #54279.
Built from https://develop.svn.wordpress.org/trunk@51926


git-svn-id: http://core.svn.wordpress.org/trunk@51519 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-21 18:19:00 +00:00
desrosj
e791d7f5db Build/Test Tools: Fix syntax for passing secrets to a called workflow.
Follow up to [51923].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51925


git-svn-id: http://core.svn.wordpress.org/trunk@51518 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-20 19:51:58 +00:00
desrosj
1d76e9f33c Build/Test Tools: Pass required secrets to the Slack notifications workflow.
Secrets are not available within callable workflows by default. They must be defined within the callable workflow, and passed from the calling workflow.

Follow up to [51921-51922].

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51924


git-svn-id: http://core.svn.wordpress.org/trunk@51517 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-20 19:26:57 +00:00
Sergey Biryukov
e6ede0c816 Coding Standards: Improve escaping in wp-admin/theme-install.php.
* Rename a duplicate `$feature_name` variable to `$feature_group` for clarity.
* Escape the remaining `$feature_name` variable.

Follow-up to [27636], [35273].

Props sabbirshouvo, sabernhardt, mukesh27, afragen.
Fixes #54277.
Built from https://develop.svn.wordpress.org/trunk@51923


git-svn-id: http://core.svn.wordpress.org/trunk@51516 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-20 19:18:01 +00:00
desrosj
b54ec08215 Build/Test Tools: Adjustments as a follow up to [51921].
This adjusts the syntax for using the `github-scripts` action.

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51922


git-svn-id: http://core.svn.wordpress.org/trunk@51515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-20 15:36:58 +00:00
desrosj
0f8c4989b0 Build/Test Tools: Modify the Slack notifications workflow to be a reusable one.
The ability to reuse workflow files within GitHub Action workflows was recently added and allows for less code duplication.

In the context of WordPress Core, this also eliminates the need for an additional “Slack Notifications” workflow to run for every completed workflow.

See #53363.
Built from https://develop.svn.wordpress.org/trunk@51921


git-svn-id: http://core.svn.wordpress.org/trunk@51514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-20 14:42:02 +00:00
Sergey Biryukov
2c84d63322 Help/About: Don't output empty <span> tags on Credits screen.
If the contributor does not have a title, the empty tags are not necessary.

Follow-up to [17877], [17909], [17942], [18162], [19143], [46709].

Props sayedulsayem, audrasjb, mukesh27.
Fixes #54275.
Built from https://develop.svn.wordpress.org/trunk@51920


git-svn-id: http://core.svn.wordpress.org/trunk@51513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-19 23:09:00 +00:00
hellofromTonya
234877c9c3 Coding Standards: Add public visibility to methods in src directory.
This commit adds the `public` visibility keyword to each method which did not have an explicit visibility keyword.

Why `public`?

With no visibility previously declared, these methods are implicitly `public` and available for use. Changing them to anything else would be a backwards-compatibility break.

Props costdev, jrf.
See #54177.
Built from https://develop.svn.wordpress.org/trunk@51919


git-svn-id: http://core.svn.wordpress.org/trunk@51512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-18 17:52:58 +00:00
Sergey Biryukov
a60032feec Coding Standards: Add a leading zero in the CSS declarations printed by the print_emoji_styles() function.
Follow-up to [31733], [31786].

Props audrasjb, sabernhardt.
Fixes #54284.
Built from https://develop.svn.wordpress.org/trunk@51918


git-svn-id: http://core.svn.wordpress.org/trunk@51511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-18 16:53:57 +00:00
hellofromTonya
db3a05178b Cron: Remove errant false values in cron array when upgrading to 5.9+.
[51916] fixed a bug where `array( `false` )` was added to the cron array when `_get_cron_array()` returned `false`. 

This commit:
* Removes any `false` values from the cron array when upgrading to 5.9+.
* Bumps the database version.

Follow-up to [44917], [51916].

Props peterwilsoncc, jrf.
See #53950.
Built from https://develop.svn.wordpress.org/trunk@51917


git-svn-id: http://core.svn.wordpress.org/trunk@51510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-18 13:30:57 +00:00
hellofromTonya
248c36d748 Cron: Fix malformed cron array in wp_schedule_single_event() when _get_cron_array() returns false.
In `wp_schedule_single_event()`, the cron info array is retrieved via a call to `_get_cron_array()` and straight away cast to an array. But as the documentation for that function (correctly) states, the return type of that function is `array|false`, where `false` is returned for a site where no cron jobs have been scheduled (yet).

In the case that `_get_cron_array()` would return `false`, this would now unintentionally create an array with a single entry with key `0` and as the value `false`.

This is a bug. Fixed now by adding validation to the output of `_get_cron_array()` and initializing `$crons` to an empty array if `false` was returned.

Tests added first to prove the bug (a) was introduced in #44818 [44917] and (b) is now fixed.

Follow-up to [44917].

Props jrf, peterwilsoncc.
Fixes #53950.
Built from https://develop.svn.wordpress.org/trunk@51916


git-svn-id: http://core.svn.wordpress.org/trunk@51509 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-18 12:51:58 +00:00
John Blackbourn
00b914db08 REST API: Correct the order of the parameters documented for WP_REST_Server::respond_to_request().
See #53399

Built from https://develop.svn.wordpress.org/trunk@51915


git-svn-id: http://core.svn.wordpress.org/trunk@51508 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-18 11:14:57 +00:00
Sergey Biryukov
cea5785cdb Coding Standards: Consistently escape form action URL in wp-admin/update-core.php.
Follow-up to [10166], [23739], [25806].

Props sabbirshouvo, mukesh27.
Fixes #54278.
Built from https://develop.svn.wordpress.org/trunk@51914


git-svn-id: http://core.svn.wordpress.org/trunk@51507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-17 20:31:02 +00:00
Sergey Biryukov
8447683474 Docs: Improve documentation for the tax_input parameter of wp_insert_post().
Follow-up to [10222], [13217], [33922].

Props dingo_d.
Fixes #54264.
Built from https://develop.svn.wordpress.org/trunk@51913


git-svn-id: http://core.svn.wordpress.org/trunk@51506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-16 02:38:58 +00:00
hellofromTonya
4a1cc2c3e2 FileSystem API: Add safeguard for invalid return from get_attached_file() in wp_delete_attachment().
The `get_attached_file()` function is supposed to return the path to the file, but could:
1. Return `false` if the file doesn't exist.
2. Return literally anything else, as a filter is being applied to the value on return.

As the `clean_dirsize_cache()` now has input validation, passing anything but a non-empty string to `clean_dirsize_cache()` will result in a PHP error notice.

This was exposed by the `Tests_Post_GetPostStatus::wpSetUpBeforeClass()` method which started generating unexpected output (the doing it wrong message) during the test run.

While this indicates that there is a flaw in the mocking being done in the test suite, debugging that is outside of the scope of the current patch.

At the same time, as based on the above point, this ''could'' potentially happen in a real-world situation as well, adding additional conditions to the `if` in the `wp_delete_attachment()` function before calling the `clean_dirsize_cache()` function, is warranted.

As there are no tests for the `wp_delete_attachment()` function at all at this time, we're not adding a test specifically for this change for now. This should however be addressed in the future, when tests will be added to cover the `wp_delete_attachment()` function completely. 

Follow-up to [32619], [49212], [51910].

Props jrf, hellofromTonya.
See #52241.
Built from https://develop.svn.wordpress.org/trunk@51912


git-svn-id: http://core.svn.wordpress.org/trunk@51505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-15 22:58:56 +00:00