When saving options from the Settings page, include the `'ping_sites'` option in the allowed "writing" options list only when the `'blog_public'` option is `'1'`.
Fixes a PHP 8.1 and above "null to non-nullable" deprecation notice in `sanitize_option()` ([https://core.trac.wordpress.org/browser/trunk/src/wp-includes/formatting.php?annotate=blame#L4952 which happens when here] as part of [22255]):
{{{
Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in .../wp-includes/formatting.php
}}}
**Explanation**
[https://developer.wordpress.org/apis/options/#writing Per the documentation], the `ping_sites` option requires the `'blog_public'` option to have a value of `'1'` and must be a `string` data type. `null` is not valid for this option.
The relationship between the 2 options shows itself in the `options-writing.php` code ([https://core.trac.wordpress.org/browser/tags/6.5.4/src/wp-admin/options-writing.php#L233 shown here] and in [4326]), as the `textarea#ping_sites` only renders when `'1' === get_option( 'blog_public' )`.
**What happens if `'blog_public'` is not `'1'`?**
The `'ping_sites'` option will not be a field on the page. Upon saving:
* HTTP POST (`$_POST`) does not include `'ping_sites'`.
* Before this commit:
* The [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/options.php#L333 option's value was set to] `null` before being passed to `update_option()`.
* `update_option()` invokes `sanitize_option()`.
* A `null` value for the `'ping_sites'` case was passed to `explode()`, which threw a deprecation notice on PHP 8.1 and above.
* With this commit, the `'ping_sites'` option is no longer included in the allow list and thus will not be passed to `update_options()` > `sanitize_option()` > `explode()`.
Follow-up to [22255], [12825], [4326], [949].
Props kitchin, SergeyBiryukov, swissspidy, devmuhib, rajinsharwar, hellofromTonya.
Fixes#59818.
Built from https://develop.svn.wordpress.org/trunk@58425
git-svn-id: http://core.svn.wordpress.org/trunk@57874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes some autoload values that were updated in [58105] that used the database values of `"on"` and `"off"` instead of the boolean values `true` and `false` when being passed to `add|update_option()`.
Props joemcgill, desrosj, rajinsharwar.
Fixes#61045. See #42441.
Built from https://develop.svn.wordpress.org/trunk@58416
git-svn-id: http://core.svn.wordpress.org/trunk@57865 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replaces `trigger_error()` with `wp_trigger_error()`.
The usage of `wp_trigger_error()` avoids generating `E_USER` family errors unless `WP_DEBUG` is on. In doing so, users should not see these messages in normal production.
Notes:
* Removes `E_USER_NOTICE` when passed as an argumnent, as it's the default error level.
* An empty string is passed for the function name when its name is already in the error message or does not add value to the error message.
* Externally maintained libraries are not included.
Follow-up to [55204], [25956], [29630], [38883], [52062], [52049], [54272], [38883], [55245], [51599], [14452], [38883], [24976].
Props prasadkarmalkar, rajinsharwar, thelovekesh, hellofromTonya, swissspidy.
Fixes#59652.
Built from https://develop.svn.wordpress.org/trunk@58409
git-svn-id: http://core.svn.wordpress.org/trunk@57858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This prevents the display of an inaccurate message when the `wp_insert_post_data` filter is used to change the status of a post while saving. This bug was only present when using the Classic Editor.
The previous code incorrectly assumed that a filter would never change a post’s status to `draft`, resulting in a “Post published.” message instead of “Post draft updated.”.
Props freibergergarcia, sirzooro, hakre, blepoxp, scribu, kawauso.
Fixes#11207.
Built from https://develop.svn.wordpress.org/trunk@58406
git-svn-id: http://core.svn.wordpress.org/trunk@57855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Finish task to replace placeholders used for labels with visible label elements. Add label elements in theme browser and theme installation screen. Change position of search input to match other user interfaces in WordPress.
Also crediting all contributors to ticket #61389, which this also closes.
Props joedolson, rcreators, sabernhardt, balub, rejaulalomkhan, syamraj24, nazmul111, krupajnanda, huzaifaalmesbah, hmbashar, mdnesarmridha, colorful-tones, printsachen1.
Fixes#40331, #61389.
Built from https://develop.svn.wordpress.org/trunk@58405
git-svn-id: http://core.svn.wordpress.org/trunk@57854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Removes an unassigned `sprintf` that was accidentally included as part of [57545] in the `wp_get_plugin_action_button()`. A copy/paste whoopsie.
The actual used code is assigned a wee bit lower in the function within the `install` case.
Follow-up to [57545].
Props hellofromTonya, costdev, rajinsharwar.
Fixes#61420.
Built from https://develop.svn.wordpress.org/trunk@58402
git-svn-id: http://core.svn.wordpress.org/trunk@57851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensure new multisite installs are up to date with the current mime types supported in core.
Note that this will only affect newly created networks, since this is only used to populate the schema for new networks, not change the allowed mime types for existing networks
Props spacedmonkey, costdev, pavanpatil1, joemcgill, rajinsharwar, tb1909.
Fixes#53167.
Built from https://develop.svn.wordpress.org/trunk@58400
git-svn-id: http://core.svn.wordpress.org/trunk@57849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[57545] introduced `wp_get_plugin_action_button()`. This function is documented to return a `string`. However, if the user does not have the appropriate capabilities, it returned `void`, which is unexpected.
Resolves the issue by moving the `return $button` to the bottom of the function to ensure it always returns a `string` type. On success, the button's HTML string is returned; else, an empty string is returned.
Unit tests are included.
Follow-up to [57545].
Props costdev, rajinsharwar, hellofromTonya.
Fixes#61400.
Built from https://develop.svn.wordpress.org/trunk@58396
git-svn-id: http://core.svn.wordpress.org/trunk@57845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Scalar values passed to `esc_attr()` are already converted internally to a string via both `wp_check_invalid_utf8()` and `_wp_specialchars()`.
Includes adding `@covers` tags for unit tests.
Follow-up to [58379].
See #58379.
Built from https://develop.svn.wordpress.org/trunk@58389
git-svn-id: http://core.svn.wordpress.org/trunk@57838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevent `WP_List_Table::search_box()` from throwing an array to string conversion notice when post list tables are loaded with an array of orderby parameters in the URL, eg: `/wp-admin/edit.php?post_type=page&orderby[menu_order]=ASC&orderby[title]=ASC`.
Follow up to [29027].
Props leonidasmilossis, rajinsharwar, swissspidy, NomNom99, pls78, SergeyBiryukov.
Fixes#59494.
See #17065.
Built from https://develop.svn.wordpress.org/trunk@58379
git-svn-id: http://core.svn.wordpress.org/trunk@57828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes an issue where the "Bulk select" option was getting selected when only a single user, comment, media, or plugin was selected.
Follow-up to [57745].
Props haritpanchal, swissspidy, sabernhardt, faisal03, sumitbagthariya16, mohitdadhich10.
Fixes#61168.
Built from https://develop.svn.wordpress.org/trunk@58375
git-svn-id: http://core.svn.wordpress.org/trunk@57824 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a filter to enable TinyMCE in the media description textarea on the attachment details screen.
The media description field may be used to provide extended descriptions of images and videos, such as a transcript or detailed graphic explanations. In these uses, it will generally require structural elements like paragraphs. Having the ability to enable TinyMCE makes it easier for users to add this content without HTML knowledge.
Props juliemoynat, sebastienserre, mukesh27, joedolson.
Fixes#60158.
Built from https://develop.svn.wordpress.org/trunk@58372
git-svn-id: http://core.svn.wordpress.org/trunk@57821 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds additional hardening to the Autoload options Health Check to avoid potential bugs when extenders return unserialzed values from `wp_load_alloptions()`.
Follow-up to [58332].
Props mukesh27, joemcgill, westonruter.
Fixes#61276.
Built from https://develop.svn.wordpress.org/trunk@58338
git-svn-id: http://core.svn.wordpress.org/trunk@57794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a new Site Health check that will alert site owners if they are autoloading a large amount of data from the options table, as it could result in poor performance. The issue will be shown if the size of autoloaded options is greater than 800 KB, which can be adjusted using the new `site_status_autoloaded_options_size_limit` filter.
Props mukesh27, joemcgill, rajinsharwar, costdev, audrasjb, krupajnanda, pooja1210, Ankit K Gupta, johnbillion, oglekler.
Fixes#61276.
Built from https://develop.svn.wordpress.org/trunk@58332
git-svn-id: http://core.svn.wordpress.org/trunk@57788 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset deactivates the download authenticity message by disabling package signature verification, at least until software signing is fully implemented on wordpress.org. The provided message had no actionability and only led to more support.
Props jipmoors, afercia, bridgetwillard, s0what, rajinsharwar, audrasjb, johnbillion, peterwilsoncc.
Fixes#47315.
Built from https://develop.svn.wordpress.org/trunk@58319
git-svn-id: http://core.svn.wordpress.org/trunk@57776 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[58139] introduced debugging flags to ensure debugging output would only be shown when both the `WP_DEBUG` and `WP_DEBUG_LOG` constants are defined as true. However, some of the flags incorrectly use `WP_DEBUG_DISPLAY` rather than `WP_DEBUG_LOG`.
This fixes the flags to consistently use `WP_DEBUG` and `WP_DEBUG_LOG` as intended.
Follow-up to [58128], [58139].
Props rogermedia, afragen, swissspidy, costdev.
Fixes#58281.
Built from https://develop.svn.wordpress.org/trunk@58309
git-svn-id: http://core.svn.wordpress.org/trunk@57766 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Rollback Auto-Update feature introduced additional maintenance mode toggling.
After installing WordPress in a non-English (US) language, translation updates are performed automatically. As there may be a large number of updates for Core and bundled themes, users will be presented with a maintenance notice upon visiting the newly installed website.
To avoid concerning users that the website has failed to install correctly, this excludes translation updates from triggering the additional maintenance mode toggling.
Follow-up to [58128].
Props benniledl, afragen, rajinsharwar, costdev.
Fixes#61260. See #58281.
Built from https://develop.svn.wordpress.org/trunk@58308
git-svn-id: http://core.svn.wordpress.org/trunk@57765 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change the edit menu item toggle to communicate more context about the item to be edited. Make edit text consistent between Customizer menu editor and admin menu editor.
The menu position is conveyed only visually, using indentation, because there are no organizational semantics in either editor. This change helps provide screen reader users with consistent contextual information about the order, position, and parent of the current item.
Props joedolson, rcreators, afercia, mohonchandra.
Fixes#60673, See #60672.
Built from https://develop.svn.wordpress.org/trunk@58306
git-svn-id: http://core.svn.wordpress.org/trunk@57763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Just like Site Health lists the paths to the plugins/themes/uploads directories, this changeset adds the path to the fonts directory (and its size).
Props swissspidy, andr3ribeiro, krupajnanda, ironprogrammer, iamfarhan09, naeemhaque, imasikur22, tofajjal02, sarkarripon, prottoysarkar, zunaid321, imranhasanraaz, rajinsharwar, nazmul111, audrasjb, peterwilsoncc.
Fixes#60719.
Built from https://develop.svn.wordpress.org/trunk@58299
git-svn-id: http://core.svn.wordpress.org/trunk@57759 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In #50824 support was added for a package to include a disable_autoupdate flag to indicate that the plugin/theme should not be auto-updated even if a user had opted-in via the WP-Admin UI. However, the logic implementing the flag was inverted.
This commit repairs the logic. If a package has disable_autoupdate set, then it should not be auto-updated.
Props amisiewicz.
Fixes#52796.
Built from https://develop.svn.wordpress.org/trunk@58285
git-svn-id: http://core.svn.wordpress.org/trunk@57745 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the profile edit screen in ``wp-admin, the username was previously displayed using an input field with the `disabled` attribute. This field was skipped by screen readers, which leads to a loss of information for visually impaired users. This changeset switches it to a `readonly` attribute, which is exactly the purpose of this field.
Props roytanck, audrasjb, rajinsharwar, joedolson.
Fixes#60774.
Built from https://develop.svn.wordpress.org/trunk@58280
git-svn-id: http://core.svn.wordpress.org/trunk@57740 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Site Editor Patterns page was exposed internally for the Classic theme as of WP6.5. As we aim to officially expose the new Patterns page as of WP6.6, this changeset makes the following changes available when a classic themes is activated:
- Link Appearance > Patterns submenu to the Site Editor Patterns page located at `wp-admin/site-editor.php?path=/patterns
- Remove Template Parts submenu
Props wildworks, audrasjb, ironprogrammer, azaozz, youknowriad.
Fixes#61109.
Built from https://develop.svn.wordpress.org/trunk@58278
git-svn-id: http://core.svn.wordpress.org/trunk@57738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With a new direction in the 6.5.4 to restore the Activate button's href (see [58250]), the changesets committed for 6.5.3 (see #60992) are now dead code and will not render the admin notice on successful plugin activation.
This commit is a clean revert of r58081.
Follow-up to [58250].
Props swissspidy, azaozz, costdev, jorbin, hellofromTonya, afragen.
Fixes#61331.
See #60992, #61319.
Built from https://develop.svn.wordpress.org/trunk@58257
git-svn-id: http://core.svn.wordpress.org/trunk@57720 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Make the panels for selecting menu items to add to a panel resizable using the CSS `resize` property. This minor change makes it easier to select items to add on desktop devices, and has nominal impact on other interfaces.
Props namith.jawahar, NekoJonez, jorbin, joen, joedolson.
Fixes#60763.
Built from https://develop.svn.wordpress.org/trunk@58256
git-svn-id: http://core.svn.wordpress.org/trunk@57719 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Restores the Activate button's `href` native behavior by changing the AJAX activation handler introduced in 6.5.0. It restores the pre-6.5 behavior of clicking the "Activate" button, i.e. navigates the user to the button's `href` (i.e. to the `plugins.php` UI).
Why?
Feedback was given after shipping [57545] in 6.5.0 (but was unknown during the development and testing cycles) revealed significant impacts for plugins who's users valued the onboarding / configuration experiences.
6.5.3's [58081] and [58083] added a new user action / step to the workflow. Though helpful, it did not fully resolve the impacts.
For the minor, this commit seeks to restore only the "Activate" button's `href` pre-6.5 native behavior to resolve the regression.
The next phase of the Add Plugins workflow can then continue in a major release to gain the benefits of a full major to move it from ideation through the development phases. (See #61040). The questions of redirect, how / should configuration be in the workflow, etc. can best be explored and experimented with in a major.
Follow-up to [57545], [58081], [58083].
Props costdev, jorbin, hellofromTonya, afragen, kevinwhoffman, azaozz, adrianduffell, beaulebens, hmbashar, illuminea, ironprogrammer, jjj, lopo, louiswol94, mikachan, nerrad, mukesh27, peterwilsoncc, pooja1210, smub, swissspidy.
Fixes#61319.
See #22316, #60992.
Built from https://develop.svn.wordpress.org/trunk@58250
git-svn-id: http://core.svn.wordpress.org/trunk@57713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allow translators to replace the W3C WAI decision tree link used to provide information about writing alt text. Improves accessibility for non-English speaking content authors.
Props tmatsuur, joedolson, oglekler, SergeyBiryukov, myhro, sabernhardt.
Fixes#60975.
Built from https://develop.svn.wordpress.org/trunk@58240
git-svn-id: http://core.svn.wordpress.org/trunk@57703 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The post editor uses the permalink_template property from the posts REST API to render the post slug input or not. For auto-drafts or newly created posts, this property was not set properly. This PR solves by fixing the get_sample_permalink function used to compute this property.
Props youknowriad, mcsf, antonvlasenko, azaozz, peterwilsoncc, andrewserong, hellofromTonya, spacedmonkey.
Fixes#59283.
Built from https://develop.svn.wordpress.org/trunk@58174
git-svn-id: http://core.svn.wordpress.org/trunk@57637 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Clicking on these links initiates an action, so they are more semantically a button rather than a link. Keeping them as an anchor in html allows any existing JS that is targeted to these items to continue to function. The addition of the role helps assistive technology to know that they should treat this as a button.
Props stevejonesdev, sabernhardt, vipulgupta003, rcreators, joedolson.
Fixes#61011.
Built from https://develop.svn.wordpress.org/trunk@58161
git-svn-id: http://core.svn.wordpress.org/trunk@57624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are several exist places in Core that attempt to detect if a blog charset
is UTF-8. Each place attempts to perform the same check, except the logic is
spread throughout and there's no single method provided to make this
determination in a consistent way. The `_canonical_charset()` method exists,
but is marked private for use.
In this patch the new `unicode` module provides `is_utf8_charset()` as a method
taking an optional charset slug and indicating if it represents UTF-8,
examining all of the allowable variants of that slug. Associated code is
updated to use this new function, including `_canonical_charset()`. If no slug
is provided, it will look up the current `get_option( 'blog_charset' )`.
Finally, the test functions governing `_canonical_charset()` have been
rewritten as a single test with a data provider instead of as separate test
functions.
Developed in https://github.com/WordPress/wordpress-develop/pull/6535
Discussed in https://core.trac.wordpress.org/ticket/61182Fixes#61182.
Props dmsnell, jonsurrell.
Built from https://develop.svn.wordpress.org/trunk@58147
git-svn-id: http://core.svn.wordpress.org/trunk@57612 1a063a9b-81f0-0310-95a4-ce76da25c4cd