Commit Graph

610 Commits

Author SHA1 Message Date
Sergey Biryukov
097229b3ab Coding Standards: Use strict comparison in wp_handle_comment_submission().
Follow-up to [549], [1985], [2464], [2556], [2558], [34799], [40667].

Props deepakrohilla, narenin.
See #62316.
Built from https://develop.svn.wordpress.org/trunk@59556


git-svn-id: http://core.svn.wordpress.org/trunk@58942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-12-22 22:44:23 +00:00
Sergey Biryukov
7b9673722e Comments: Use a more precise check for disallowed keys on filtered comment data.
The previous approach of running `wp_allow_comment()` twice could have unintended consequences, e.g. the `check_comment_flood` action was also triggered twice, which might lead to false-positive identification of comment flood in case there is some custom callback hooked to it, which is not expecting identical data seeing twice.

This commit introduces a new function, `wp_check_comment_data()`, to specifically check for disallowed content before and after comment data is filtered.

Follow-up to [59267].

Props david.binda, SergeyBiryukov.
See #61827.
Built from https://develop.svn.wordpress.org/trunk@59319


git-svn-id: http://core.svn.wordpress.org/trunk@58705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-10-29 15:38:19 +00:00
Sergey Biryukov
aed49756e0 Docs: Adjust comments about set_time_limit() per the documentation standards.
Includes splitting long comments into multiple lines and moving a few comments above the `function_exists()` check for more consistent placement.

Follow-up to [59039], [59288].

See #62281.
Built from https://develop.svn.wordpress.org/trunk@59291


git-svn-id: http://core.svn.wordpress.org/trunk@58683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-10-25 20:26:20 +00:00
Sergey Biryukov
4318418b39 Comments: Validate new comments before and after comment data is filtered.
This ensures that a Disallowed Comment Keys match will consistently send the comment to the Trash, by checking both the original unmodified comment data and the final filtered comment data.

If the first check has already resulted in a `trash` or `spam` status, the second check is skipped as redundant.

Follow-up to [2894], [3851], [48121], [48575].

Props cfinke, kbrownkd, thompsonsj, mi5t4n, devspace, chaion07, engahmeds3ed, SergeyBiryukov.
Fixes #61827.
Built from https://develop.svn.wordpress.org/trunk@59267


git-svn-id: http://core.svn.wordpress.org/trunk@58659 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-10-21 23:07:15 +00:00
Peter Wilson
8c3dd2eb88 General: Remove noopener from links opening in a new tab.
Removes the automatic addition of `rel="noopener noreferrer"` from links targeting a new tab or window, `target='_blank'`. Since this was introduced, supported browsers have changed their security policies and no longer allow the opened link to have JavaScript access to the previous tab.

Deprecates:

* `wp_targeted_link_rel()`
* `wp_targeted_link_rel_callback()`
* `wp_init_targeted_link_rel_filters()`: converted to a noop function
* `wp_remove_targeted_link_rel_filters()`: converted to a noop function

The deprecated functions are retained in `formatting.php` as in `SHORTINIT` mode the file is included while `deprecated.php` is not.

This also removes the `noopener` from links hard coded within the WordPress dashboard linking to documentation and other resources.

Props audrasjb, azaozz, dhruval04, dorzki, neo2k23, presskopp, sabernhardt, swissspidy, tobiasbg.
Fixes #53843.

Built from https://develop.svn.wordpress.org/trunk@59120


git-svn-id: http://core.svn.wordpress.org/trunk@58516 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-30 05:19:16 +00:00
Aaron Jorbin
723d01e3e1 Bootstrap/Load: Ensure uses of set_time_limit are documented why.
`set_time_limit` can cause unexpected behavior so it general should be avoided. There are instances though where they should be used so those instances should be properly documented.

Props Rcrayno, ryan, kurtpayne, jorbin.
Fixes #21521. See #19487.

Built from https://develop.svn.wordpress.org/trunk@59039


git-svn-id: http://core.svn.wordpress.org/trunk@58435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-17 22:41:13 +00:00
Sergey Biryukov
8532edd526 Docs: Further clarify return results for a non-existing ID in metadata functions.
This adds a note that the functions return either an empty array or an empty string for a valid but non-existing ID, depending on the `$single` parameter.

Follow-up to [48658], [50641].

Props rodrigosprimo, jrf.
See #61608.
Built from https://develop.svn.wordpress.org/trunk@58962


git-svn-id: http://core.svn.wordpress.org/trunk@58358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-01 18:30:16 +00:00
Aaron Jorbin
01876b0906 Comments: Expire comment author cookies after 1 year (rather than 0.95129375951 of a year)
This filter was originally added in [19622] which predates the addition of the constant added in [21996] by 24085717 seconds.

Props peterwilsoncc, khokansardar, krupalpanchal.
Fixes #61412.

Built from https://develop.svn.wordpress.org/trunk@58401


git-svn-id: http://core.svn.wordpress.org/trunk@57850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-06-13 13:05:13 +00:00
Pascal Birchler
f97698702d General: Consistently cast return value to int in functions that use ceil().
The return value of `ceil()` is still of type `float` as the value range of `float` is usually bigger than that of `int`.

Props crstauf, audrasjb.
Fixes #58683.
Built from https://develop.svn.wordpress.org/trunk@57648


git-svn-id: http://core.svn.wordpress.org/trunk@57149 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-02-17 15:24:08 +00:00
John Blackbourn
eadb61542a Docs: Various improvements and corrections to inline documentation.
See #59651

Built from https://develop.svn.wordpress.org/trunk@57644


git-svn-id: http://core.svn.wordpress.org/trunk@57145 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-02-16 21:47:12 +00:00
Sergey Biryukov
8f3e5f1640 Coding Standards: Rename the $ID parameter to $post_id in trackback().
This resolves a few WPCS warnings:
{{{
Variable "$ID" is not in valid snake_case format, try "$i_d"
}}}

See #59650.
Built from https://develop.svn.wordpress.org/trunk@57530


git-svn-id: http://core.svn.wordpress.org/trunk@57031 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-02-04 18:46:14 +00:00
spacedmonkey
8aca3fdc68 Comments: Improve WP_Comment_Query count query performance by setting 'order by' to 'none'.
In cases where `WP_Comment_Query` or `get_comments` is employed with the 'count' parameter set to true, specify 'order by' as 'none'. Since these queries serve solely to determine the count of comments matching specific query parameters, the 'order by' clause becomes redundant and places unnecessary strain on the database server, resulting in slower query execution. Given that count queries are executed on every admin request to retrieve comment counts, this change enhances the performance of the wp-admin interface.

Props guss77, davidbaumwald, SergeyBiryukov, westonruter, peterwilsoncc, foliovision, hareesh-pillai, spacedmonkey.
Fixes #58368
Built from https://develop.svn.wordpress.org/trunk@56747


git-svn-id: http://core.svn.wordpress.org/trunk@56259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-29 17:13:24 +00:00
Sergey Biryukov
d8936a9fe7 Coding Standards: Remove superfluous blank lines at the end of various functions.
Note: This is enforced by WPCS 3.0.0.

Follow-up to [56536], [56547].

Props jrf.
See #59161, #58831.
Built from https://develop.svn.wordpress.org/trunk@56548


git-svn-id: http://core.svn.wordpress.org/trunk@56060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-08 10:03:21 +00:00
John Blackbourn
46fda1912c Privacy: Improve docblocks for hooks and functions related to personal data export and erasure.
See #58833

Built from https://develop.svn.wordpress.org/trunk@56482


git-svn-id: http://core.svn.wordpress.org/trunk@55994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-08-28 21:53:21 +00:00
audrasjb
8c76c6d58c Docs: Replace multiple single line comments with multi-line comments.
This changeset updates various comments as per WordPress PHP Inline Documentation Standards.
See https://developer.wordpress.org/coding-standards/inline-documentation-standards/php/#5-inline-comments.

Follow-up to [56174], [56175], [56176], [56177], [56178], [56179].

Props costdev, audrasjb.
See #58459.



Built from https://develop.svn.wordpress.org/trunk@56180


git-svn-id: http://core.svn.wordpress.org/trunk@55692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-09 21:48:22 +00:00
Sergey Biryukov
1ce5dc7444 Code Modernization: Replace usage of strpos() with str_contains().
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).

WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].

Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes #58206.
Built from https://develop.svn.wordpress.org/trunk@55988


git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-22 14:36:26 +00:00
spacedmonkey
3c5d179fc9 Comments: Deprecate wp_queue_comments_for_comment_meta_lazyload function.
As of [55749] wp_queue_comments_for_comment_meta_lazyload is no longer used in core. This commit, deprecates this function. Update docs and tests accordingly.

Props sh4lin, spacedmonkey, costdev, peterwilsoncc.
Fixes #58301.
Built from https://develop.svn.wordpress.org/trunk@55855


git-svn-id: http://core.svn.wordpress.org/trunk@55367 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-25 10:31:23 +00:00
John Blackbourn
a714bc03ee Docs: Various corrections and improvements to inline docs and docblocks.
See #57840

Built from https://develop.svn.wordpress.org/trunk@55753


git-svn-id: http://core.svn.wordpress.org/trunk@55265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-12 21:35:21 +00:00
spacedmonkey
fda9000c7b Comments: Always lazily load comment meta.
In [34270] introduced lazy loading of comment meta. However, this was only in the context of `WP_Query`. Other parts of the codebase, like `WP_Comment_Query` did not lazily load comment meta. In this change, calls to `update_meta_cache` are now replaced with `wp_lazyload_comment_meta`, that instead of priming comment meta caches, just adds them to the queue to be primed it ever called. This results in far less database queries, as there a number of places where comment meta is being primed unnecessarily and never used. Adding everything to the comment meta queue, also means that if comment meta is used, that is all loaded in a single database / cache call.

Follow on from [55671], [55747].

Props spacedmonkey, peterwilsoncc, flixos90, mukesh27.
Fixes #57801.
Built from https://develop.svn.wordpress.org/trunk@55749


git-svn-id: http://core.svn.wordpress.org/trunk@55261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-11 12:27:22 +00:00
John Blackbourn
5ef972680a Docs: A host of corrections and improvements to inline documentation.
See #57840

Built from https://develop.svn.wordpress.org/trunk@55732


git-svn-id: http://core.svn.wordpress.org/trunk@55244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-08 22:37:24 +00:00
Sergey Biryukov
2ec23a82ed Code Modernization: Replace usage of strpos() with str_starts_with().
`str_starts_with()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins with the given substring (needle).

WordPress core includes a polyfill for `str_starts_with()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `0 === strpos( ... )` with `str_starts_with()` in core files, making the code more readable and consistent, as well as improving performance.

While `strpos()` is slightly faster than the polyfill on PHP < 8.0, `str_starts_with()` is noticeably faster on PHP 8.0+, as it is optimized to avoid unnecessarily searching along the whole haystack if it does not find the needle.

Follow-up to [52039], [52040], [52326].

Props spacedmonkey, costdev, sabernhardt, mukesh27, desrosj, jorbin, TobiasBg, ayeshrajans, lgadzhev, SergeyBiryukov.
Fixes #58012.
Built from https://develop.svn.wordpress.org/trunk@55703


git-svn-id: http://core.svn.wordpress.org/trunk@55215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-02 15:45:22 +00:00
spacedmonkey
c1facaa4ce Cache API: Add helper function wp_cache_set_last_changed.
Add a helper function called `wp_cache_set_last_changed` to set the last changed value for cache groups. This function has a new action called `wp_cache_set_last_changed`, allowing for developers to cache invalidate when last changed value is changed. 

Props tillkruess, spacedmonkey, peterwilsoncc, mukesh27, johnjamesjacoby. 
Fixes #57905.
Built from https://develop.svn.wordpress.org/trunk@55702


git-svn-id: http://core.svn.wordpress.org/trunk@55214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-02 11:26:24 +00:00
Sergey Biryukov
0008d8df06 Coding Standards: Replace include_once with require_once for required files.
Per [https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/#writing-include-require-statements WordPress PHP coding standards], it is ''strongly recommended'' to use `require[_once]` for unconditional includes. When using `include[_once]`, PHP will throw a warning when the file is not found but will continue execution, which will almost certainly lead to other errors/warnings/notices being thrown if your application depends on the file loaded, potentially leading to security leaks. For that reason, `require[_once]` is generally the better choice as it will throw a `Fatal Error` if the file cannot be found.

Follow-up to [1674], [1812], [1964], [6779], [8540], [10521], [11005], [11911], [16065], [16149], [25421], [25466], [25823], [37714], [42981], [45448], [47198], [54276], [55633].

Props kausaralm, SergeyBiryukov.
See #57839.
Built from https://develop.svn.wordpress.org/trunk@55641


git-svn-id: http://core.svn.wordpress.org/trunk@55153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-09 11:57:22 +00:00
spacedmonkey
1bf93a87a4 Cache API: Introduce new queries cache groups.
Give developers more control over how query caches are handled within an object caches. Now all caches that cache the result of a query, are cached in a group that is suffixed with -queries. Developers can use these groups, to add custom cache invalidation rules or to make them none persistent.

Props spacedmonkey, owi, tillkruess, skithund, peterwilsoncc, flixos90, sergeybiryukov, mukesh27.
Fixes #57625.
Built from https://develop.svn.wordpress.org/trunk@55526


git-svn-id: http://core.svn.wordpress.org/trunk@55048 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-03-10 16:30:03 +00:00
Sergey Biryukov
325a14a3ef Docs: Correct duplicate hook reference for notify_moderator.
The original filter location is `wp_notify_moderator()` in `wp-includes/pluggable.php`.

This commit updates the instance in `wp_new_comment_notify_moderator()` to point to the correct file.

Follow-up to [35339], [35725].

Props zevilz.
Fixes #57808.
Built from https://develop.svn.wordpress.org/trunk@55424


git-svn-id: http://core.svn.wordpress.org/trunk@54957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-25 21:56:21 +00:00
Sergey Biryukov
77dfc892fe Docs: Document default values for optional parameters in various DocBlocks.
Props paulkevan, costdev, audrasjb, SergeyBiryukov.
See #56792.
Built from https://develop.svn.wordpress.org/trunk@55398


git-svn-id: http://core.svn.wordpress.org/trunk@54931 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-21 16:39:19 +00:00
Peter Wilson
a77704f1a3 Comments: Prevent replying to unapproved comments.
Introduces client and server side validation to ensure the `replytocom` query string parameter can not be exploited to reply to an unapproved comment or display the name of an unapproved commenter.

This only affects commenting via the front end of the site. Comment replies via the dashboard continue their current behaviour of logging the reply and approving the parent comment.

Introduces the `$post` parameter, defaulting to the current global post, to `get_cancel_comment_reply_link()` and `comment_form_title()`.

Introduces `_get_comment_reply_id()` for determining the comment reply ID based on the `replytocom` query string parameter.

Renames the parameter `$post_id` to `$post` in `get_comment_id_fields()` and `comment_id_fields()` to accept either a post ID or `WP_Post` object.

Adds a new `WP_Error` return state to `wp_handle_comment_submission()` to prevent replies to unapproved comments. The error code is `comment_reply_to_unapproved_comment` with the message `Sorry, replies to unapproved comments are not allowed.`.

Props costdev, jrf, hellofromtonya, fasuto, boniu91, milana_cap.
Fixes #53962.

Built from https://develop.svn.wordpress.org/trunk@55369


git-svn-id: http://core.svn.wordpress.org/trunk@54902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-21 01:45:24 +00:00
Sergey Biryukov
371afa317c Comments: Use correct orderby parameter name in personal data exporter and eraser.
This ensures that `get_comments()` is called with the correct parameter name in:
* `wp_comments_personal_data_exporter()`
* `wp_comments_personal_data_eraser()`

Follow-up to [42888], [42994].

Props smeunus, kapilpaul, SergeyBiryukov.
Fixes #57700.
Built from https://develop.svn.wordpress.org/trunk@55324


git-svn-id: http://core.svn.wordpress.org/trunk@54857 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-13 22:05:22 +00:00
Sergey Biryukov
bd92d87b74 Coding Standards: Rename $comment_ID variable to $comment_id in various files.
This resolves 80+ WPCS warnings in core:
{{{
Variable "$comment_ID" is not in valid snake_case format
}}}

While matching the database field of the same name, the `$comment_ID` variable did not follow the WordPress coding standards, and is now renamed to address that.

This affects:
* Function parameters in:
 * `get_comment_author()`
 * `comment_author()`
 * `get_comment_author_email()`
 * `comment_author_email()`
 * `get_comment_author_link()`
 * `comment_author_link()`
 * `get_comment_author_IP()`
 * `comment_author_IP()`
 * `get_comment_author_rl()`
 * `comment_author_url()`
 * `get_comment_date()`
 * `comment_date()`
 * `get_comment_excerpt()`
 * `comment_excerpt()`
 * `get_comment_text()`
 * `comment_text()`
 * `get_comment_time()`
 * `comment_time()`
 * `get_comment_type()`
 * `get_page_of_comment()`
 * `wp_new_comment_notify_moderator()`
 * `wp_new_comment_notify_postauthor()`
 * `get_commentdata()`

* Internal variables in:
 * `get_comment_ID()`
 * `wp_new_comment()`
 * `wp_xmlrpc_server::wp_deleteComment()`
 * `wp_xmlrpc_server::wp_editComment()`
 * `wp_xmlrpc_server::wp_newComment()`
 * `wp_xmlrpc_server::pingback_ping()`

* Hook parameters in:
 * `get_comment_author`
 * `comment_author`
 * `get_comment_author_email`
 * `author_email`
 * `get_comment_author_link`
 * `get_comment_author_IP`
 * `get_comment_author_url`
 * `comment_url`
 * `get_comment_excerpt`
 * `comment_excerpt`
 * `get_comment_ID`
 * `get_comment_type`
 * `get_page_of_comment`
 * `comment_{$new_status}_{$comment->comment_type}`
 * `comment_post`
 * `notify_moderator`
 * `notify_post_author`
 * `commentrss2_item`
 * `xmlrpc_call_success_wp_deleteComment`
 * `xmlrpc_call_success_wp_editComment`
 * `xmlrpc_call_success_wp_newComment`
 * `pingback_post`

Note: The name change only affects variable names and DocBlocks.

The change does not affect:

* `comment_ID` as the `$orderby` value in `WP_Comment_Query::__construct()`
* `comment_ID` as the `$orderby` value in `WP_Comment::get_children()`
* `comment_ID` as part of `$commentarr` parameter in `wp_update_comment()`

The associated array keys still match the database field.

Follow-up to [53723].

Props krunal265, costdev, SergeyBiryukov.
Fixes #57671. See #56791.
Built from https://develop.svn.wordpress.org/trunk@55308


git-svn-id: http://core.svn.wordpress.org/trunk@54841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-12 18:08:21 +00:00
Sergey Biryukov
b29536b060 General: Check that set_time_limit() function is available before using it in core.
This avoids a fatal error if the function is disabled on certain environments.

Props theode, jokerrs, johnbillion, hellofromTonya, costdev, jrf, azaozz, SergeyBiryukov.
Fixes #55711.
Built from https://develop.svn.wordpress.org/trunk@55258


git-svn-id: http://core.svn.wordpress.org/trunk@54791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-07 13:28:18 +00:00
Sergey Biryukov
eff6618cbb Docs: Capitalize X-Pingback in discover_pingback_server_uri() DocBlock.
Follow-up to [55210], [55211], [55212].

See #54225.
Built from https://develop.svn.wordpress.org/trunk@55213


git-svn-id: http://core.svn.wordpress.org/trunk@54746 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-03 14:47:18 +00:00
audrasjb
28358ab213 HTTP API: Fix request header inconsistencies.
This changeset improves the consistency in capitalization of fetching and outputting of request headers. It also updates occurrences found in some docblocks.

Props johnjamesjacoby, costdev, audrasjb, petitphp, mhkuu, SergeyBiryukov.
Fixes #54225.

Built from https://develop.svn.wordpress.org/trunk@55210


git-svn-id: http://core.svn.wordpress.org/trunk@54743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-03 13:35:20 +00:00
Sergey Biryukov
3ba44120d0 Coding Standards: Always use parentheses when instantiating an object.
Note: This will be enforced by WPCS 3.0.0.

Props jrf.
See #56791.
Built from https://develop.svn.wordpress.org/trunk@54891


git-svn-id: http://core.svn.wordpress.org/trunk@54443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-29 15:51:14 +00:00
Sergey Biryukov
b105e59c23 Comments: Make moderated or disallowed key check case-insensitive for non-Latin words.
The `check_comment()` and `wp_check_comment_disallowed_list()` functions are expected to be case-insensitive, but that only worked for words using Latin script and consisting of ASCII characters.

This commit adds the Unicode flag to the regular expression used for the check in these functions, so that both pattern and subject can be treated as UTF-8 strings.

Reference: [https://www.php.net/manual/en/reference.pcre.pattern.modifiers.php PHP Manual: Pattern Modifiers].

Follow-up to [984], [2075], [48121], [48575].

Props bonjour52, SergeyBiryukov.
Fixes #57207.
Built from https://develop.svn.wordpress.org/trunk@54888


git-svn-id: http://core.svn.wordpress.org/trunk@54440 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-28 19:44:17 +00:00
audrasjb
114fc4cf69 Docs: Improve various globals documentation, as per documentation standards.
Props upadalavipul.
See #57069, #56792.


Built from https://develop.svn.wordpress.org/trunk@54877


git-svn-id: http://core.svn.wordpress.org/trunk@54429 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-26 09:39:13 +00:00
audrasjb
566d22260a Comments: Apply kses when editing comments.
Props davidbaumwald, xknown, peterwilsoncc, paulkevan.

Built from https://develop.svn.wordpress.org/trunk@54527


git-svn-id: http://core.svn.wordpress.org/trunk@54082 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-17 11:31:12 +00:00
Sergey Biryukov
88ba20042c Comments: Consistently normalize user_ID to user_id in wp_new_comment().
For backward compatibility, the `user_id` parameter of `wp_new_comment()` can be spelled as `user_ID`, and plugins utilizing the `preprocess_comment` filter or the `comment_post` action should be able to receive both variations.

Follow-up to [12267], [12300], [28915], [36038], [53729].

Props peterwilsoncc, SergeyBiryukov.
Fixes #56244.
Built from https://develop.svn.wordpress.org/trunk@54489


git-svn-id: http://core.svn.wordpress.org/trunk@54048 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-11 16:32:13 +00:00
Sergey Biryukov
d83f8e682c Code Modernization: Correct default values in wp_handle_comment_submission().
This affects the following parameters subsequently passed to `wp_new_comment()`:
* `comment_author`
* `comment_author_email`
* `comment_author_url`
* `comment_content`

The default values for these parameters were previously set to `null`, causing PHP 8.1 "null to non-nullable" deprecation notices when running sanitization filters on them via `wp_filter_comment()`.

While the deprecation notices were temporarily silenced in the unit test suite, that caused an unexpected issue in a test for [source:tags/6.0.2/tests/phpunit/tests/comment-submission.php#L202 submitting a comment to a password protected post], where the `$_COOKIE[ 'wp-postpass_' . COOKIEHASH ]` value was no longer unset, as the test stopped any further execution once the deprecation notice was triggered.

Due to how WordPress handles password protected posts, once that value is set, it affects all posts protected with the same password, so this resulted in unintentionally affecting [source:tags/6.0.2/tests/phpunit/tests/rest-api/rest-posts-controller.php#L1866 another test] which happened to use the same password.

These values are all documented to be a string in various related filters, and core also expects them to be a string, so there is no reason for these defaults to be set to `null`. Setting them to an empty string instead resolves the issues.

This commit includes:
* Setting the defaults in `wp_handle_comment_submission()` to an empty string.
* Adding a dedicated unit test to verify the type of these default values.
* Removing the deprecation notice silencing as no longer needed.

Follow-up to [34799], [34801], [51968].

Props jrf, desrosj, mukesh27, SergeyBiryukov.
Fixes #56712. See #56681, #55656.
Built from https://develop.svn.wordpress.org/trunk@54368


git-svn-id: http://core.svn.wordpress.org/trunk@53927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-03 15:22:10 +00:00
Peter Wilson
ba9dd1d7d7 Cache API, Docs: Remove private delegation from cache priming functions.
Remove the private delegation from the following cache priming functions for various object types:

- `_prime_post_caches()`
- `_prime_term_caches()`
- `_prime_comment_caches()`
- `_prime_network_caches()`
- `_prime_site_caches()`
- `_get_non_cached_ids() `

Plugins and themes are now encouraged to use these functions to improve the performance of their code by reducing the number of database queries.

Props robinwpdeveloper, desrosj, SergeyBiryukov, mukesh27, costdev.
Fixes #56386.


Built from https://develop.svn.wordpress.org/trunk@53944


git-svn-id: http://core.svn.wordpress.org/trunk@53503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-08-26 01:03:14 +00:00
Sergey Biryukov
c0065475f3 Coding Standards: Remove extra comma in a compact() call.
This fixes a PHP compatibility error in `wp_handle_comment_submission()`:

* `Trailing comma's are not allowed in function calls in PHP 7.2 or earlier`

Follow-up to [53729].

See #55647, #56244.
Built from https://develop.svn.wordpress.org/trunk@53730


git-svn-id: http://core.svn.wordpress.org/trunk@53289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-07-20 14:22:08 +00:00
Sergey Biryukov
e2a5b8684e Coding Standards: Standardize on user_id when passing data to comment functions.
The `wp_new_comment()`, `wp_update_comment()`, and `wp_filter_comment()` functions already normalize the `user_ID` parameter internally to `user_id`, which matches the database field name.

This commit aims to bring some consistency when passing the parameter in core.

The corresponding `$user_ID` variable is also renamed to `$user_id` to match the other variables when not referring to the `$user_ID` global, which has an exception in the WordPress coding standards.

Follow-up to [8543], [8720], [12267], [12300], [26491], [28915], [28922], [34799], [49303].

See #55647, #56244.
Built from https://develop.svn.wordpress.org/trunk@53729


git-svn-id: http://core.svn.wordpress.org/trunk@53288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-07-20 14:14:09 +00:00
Sergey Biryukov
69a8ecce33 Coding Standards: Rename $comment_post_ID and $comment_author_IP variables in various files.
This fixes two WPCS warnings:
* `Variable "$comment_post_ID" is not in valid snake_case format`
* `Variable "$comment_author_IP" is not in valid snake_case format`

While matching the database fields of the same name, these variables did not follow the WordPress coding standards, and are now renamed to address that.

Note: The name change only affects internal variables and parameters for a few actions receiving a comment post ID:

* `edit_comment`
* `comment_id_not_found`
* `comment_closed`
* `comment_on_trash`
* `comment_on_draft`
* `comment_on_password_protected`
* `pre_comment_on_post`

The change does not affect parameters for functions receiving an array of comment data:

* `wp_insert_comment()`
* `wp_new_comment()`
* `wp_update_comment()`
* `wp_handle_comment_submission()`

The associated array keys still match the database fields: `comment_post_ID` and `comment_author_IP`.

Follow-up to [1706], [2894], [8720], [28427], [28437], [28457], [34799], [53720],

See #55647, #56244.
Built from https://develop.svn.wordpress.org/trunk@53723


git-svn-id: http://core.svn.wordpress.org/trunk@53282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-07-19 16:19:11 +00:00
Sergey Biryukov
1069ac4afd Posts, Post Types: Standardize on $post parameter name where appropriate.
This renames the `$post_id` or `$id` parameters to `$post` for functions that accept a post ID or post object:

* `get_sample_permalink()`
* `get_sample_permalink_html()`
* `wp_check_post_lock()`
* `wp_set_post_lock()`
* `get_the_tags()`
* `comment_class()`
* `get_comment_class()`
* `get_comments_link()`
* `get_comments_number()`
* `comments_number()`
* `get_comments_number_text()`
* `comments_open()`
* `pings_open()`
* `comment_form()`
* `do_trackbacks()`
* `pingback()`
* `post_permalink()`
* `get_post_permalink()`
* `get_edit_post_link()`
* `edit_post_link()`
* `get_delete_post_link()`
* `post_class()`
* `get_post_class()`
* `the_attachment_link()`
* `wp_get_attachment_link()`
* `wp_list_post_revisions()`
* `check_and_publish_future_post()`
* `add_ping()`
* `get_pung()`
* `get_to_ping()`
* `wp_get_post_revisions()`
* `wp_get_post_revisions_url()`

Additionally, `$revision_id` is renamed to `$revision` in:

* `wp_restore_post_revision()`
* `wp_delete_post_revision()`

Includes minor documentation improvements for consistency and code layout fixes for better readability.

Follow-up to [1599], [1794], [2881], [3303], [3851], [5302], [6633], [6716], [6985], [7103], [7149], [7747], [8011], [8638], [8643], [8695], [9138], [9273], [11425], [11922], [11956], [12284], [12810], [12923], [13023], [13171], [25567], [27156], [27473], [28558], [28602], [33659], [38852], [47276], [47366], [48622], [49544], [49597], [52095].

See #56243, #55647.
Built from https://develop.svn.wordpress.org/trunk@53715


git-svn-id: http://core.svn.wordpress.org/trunk@53274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-07-18 17:37:17 +00:00
audrasjb
bbe60d66c3 Text Changes: Improve consistency of admin error notices.
This changeset replaces `<strong>Error</strong>:` with `<strong>Error:</strong>`, for better consistency.

Props transl8or, mihaidumitrascu, audrasjb.
Fixes #50785.

Built from https://develop.svn.wordpress.org/trunk@53458


git-svn-id: http://core.svn.wordpress.org/trunk@53047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-06-02 15:05:13 +00:00
John Blackbourn
6aa053dc01 Docs: Various docblock improvements.
See #54729

Built from https://develop.svn.wordpress.org/trunk@53299


git-svn-id: http://core.svn.wordpress.org/trunk@52888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-28 09:46:21 +00:00
audrasjb
29cc1e94c0 Docs: Use third-person singular verbs for function descriptions in Core Comment API and Comment template functions.
See #54729.

Built from https://develop.svn.wordpress.org/trunk@53265


git-svn-id: http://core.svn.wordpress.org/trunk@52854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-26 06:20:08 +00:00
Peter Wilson
40942c2695 Comments: Improve accuracy of get_comment_count() docblock.
Remove reference to uncached database query now `get_comment_count()` uses `WP_Comment_Query` which contains caching. Remove reference to `$wpdb` global, it is no longer used.

Follow up to [53036].

Fixes #19901.

Built from https://develop.svn.wordpress.org/trunk@53225


git-svn-id: http://core.svn.wordpress.org/trunk@52814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-20 05:53:11 +00:00
spacedmonkey
1ad5807bb0 Comments: Improve performance of the wp_count_comments function.
Improve performance of the `wp_count_comments` function by replacing a complex query with multiple calls to the `get_comments` function. Passing the `count` parameter to the `get_comments` function results in a simple 
count query that returns quickly. Using `get_comments` also means that query is cached and run through filters. 


Props FolioVision, markjaquith, nacin, ryan, coffee2code, wonderboymusic, ComputerGuru, jb510, SergeyBiryukov, Znuff, Rahe, uday17035, spacedmonkey, peterwilsoncc.
Fixes #19901.


Built from https://develop.svn.wordpress.org/trunk@53036


git-svn-id: http://core.svn.wordpress.org/trunk@52625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-31 09:09:07 +00:00
spacedmonkey
a4026420cc Cache: Use wp_cache_*_multiple() in core functions.
Implement the `wp_cache_add_multiple`, `wp_cache_set_multiple` and `wp_cache_delete_multiple` in a number of core functions after they were introduced in [52700]

Props: spacedmonkey, adamsilverstein, flixos90, mitogh.
Fixes: #55029.

Built from https://develop.svn.wordpress.org/trunk@52707


git-svn-id: http://core.svn.wordpress.org/trunk@52296 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-02-11 18:51:59 +00:00
John Blackbourn
39bff93b6b Docs: Various inline documentation corrections and improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@52332


git-svn-id: http://core.svn.wordpress.org/trunk@51924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-07 12:20:02 +00:00