Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-11-14 14:45:45 +01:00
Code Issues Projects Releases Wiki Activity
35,563 Commits 50 Branches 748 Tags 792 MiB
babd79fb36
Commit Graph

35563 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
John Blackbourn
babd79fb36 Posts, Post Types: Prevent users from being able to delete a protected meta field from a post. 
Previously a user could remove a protected meta field by using their browser developer tools to alter the form field properties in the Custom Fields meta box, given that they know the ID of the protected meta field. This change prevents this by preventing any change to a protected meta field, including changing its key.

Props ajoah, johnbillion, peterwilsoncc
Fixes #38293

Built from https://develop.svn.wordpress.org/trunk@39062


git-svn-id: http://core.svn.wordpress.org/trunk@39004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 19:30:32 +00:00
Joe Hoyle
6ee8f33660 REST API: Sanitize arrays being sent as CSVs. 
In #38586 the ability to parse arrays as csv was introduced, however it didn't add any support for validating csv arrays. This adds such sanitization, and also a good amount of unit tests for all sanitization baed off schema.

See #38586.

Built from https://develop.svn.wordpress.org/trunk@39061


git-svn-id: http://core.svn.wordpress.org/trunk@39003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 17:08:31 +00:00
Weston Ruter
1c45ae618c Customize: Ensure state query params persist in preview through calls to history.pushState() & history.replaceState(). 
Allow history to be manipulated before DOM ready by sourcing state params from the current URL instead of from the `wp.customize.settings` object, since they will be the same anyway. This fixes a JS error since `wp.customize.settings` is not defined before DOM ready.

Amends [38810].
See #30937.
Fixes #38592.

Built from https://develop.svn.wordpress.org/trunk@39060


git-svn-id: http://core.svn.wordpress.org/trunk@39002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 16:42:30 +00:00
Andrea Fercia
4356a28b52 Administration: remove a leftover check from get_submit_button. 
Props sstoqnov.
Fixes #34891.

Built from https://develop.svn.wordpress.org/trunk@39059


git-svn-id: http://core.svn.wordpress.org/trunk@39001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 16:39:32 +00:00
Joe Hoyle
f1591eccca REST API: Add support for "integer" type for meta and options 
Previously Settings only supported "number" which meant it was possible to push floats to things like posts_per_page. This means now developers can also specify `type => ineger` in meta nad settings resgration.

Props flixos90.
Fixes #38393.

Built from https://develop.svn.wordpress.org/trunk@39058


git-svn-id: http://core.svn.wordpress.org/trunk@39000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 16:07:31 +00:00
Boone Gorges
1dd88e334b Taxonomy: Remove redundant 'get_terms_args' filter call from WP_Term_Query. 
Introduced in [37572]. The correct 'get_terms_args' filter call is in
`WP_Term_Query::get_terms()`.

Props Tkama.
Fixes #38589.
Built from https://develop.svn.wordpress.org/trunk@39057


git-svn-id: http://core.svn.wordpress.org/trunk@38999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 15:47:33 +00:00
Gary Pendergast
03e34ab461 REST API: Allow a CSV list of user roles to be passed to /users. 
After [39048], this changes explicitly parses the list of user roles as slugs, and adds tests.

Props jnylen0.
Fixes #38557.


Built from https://develop.svn.wordpress.org/trunk@39056


git-svn-id: http://core.svn.wordpress.org/trunk@38998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 11:11:29 +00:00
Gary Pendergast
9862543913 REST API: Allow a CSV list of term IDs to be passed to /posts. 
[39048] added CSV support to array types, this change explicitly parses term lists as IDs, and adds tests.

Props timmydcrawford, pento.
Fixes #38553.


Built from https://develop.svn.wordpress.org/trunk@39055


git-svn-id: http://core.svn.wordpress.org/trunk@38997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 11:06:31 +00:00
Drew Jaynes
33b8bb3cf3 Docs: Clarify descriptions for home_url() and get_home_url() on the true effect of the $scheme parameter. 
Part props thomaswm.
Props stevenlinx.
Fixes #36468.

Built from https://develop.svn.wordpress.org/trunk@39054


git-svn-id: http://core.svn.wordpress.org/trunk@38996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 07:06:32 +00:00
Drew Jaynes
3a02481d9e Docs: Fix an incorrect pseudo-parameter referenced in the hook doc for the widget_tag_cloud_args filter. 
Props backermann.
Fixes #37654.

Built from https://develop.svn.wordpress.org/trunk@39053


git-svn-id: http://core.svn.wordpress.org/trunk@38995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 06:40:49 +00:00
Drew Jaynes
568838bebd Docs: Update the DocBlock description for WP_Query::is_single() to mention that it works for any post types excluding pages. 
Props ryankienstra.
Fixes #38225.

Built from https://develop.svn.wordpress.org/trunk@39052


git-svn-id: http://core.svn.wordpress.org/trunk@38994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 06:34:34 +00:00
Drew Jaynes
5f4497f0af Docs: Fix multiple trivial typos throughout a variety of core files. 
Props ottok.
Fixes #38489.

Built from https://develop.svn.wordpress.org/trunk@39051


git-svn-id: http://core.svn.wordpress.org/trunk@38993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 06:28:32 +00:00
Peter Wilson
c7691ceb36 Themes: Exit wp-custom-header.js early in browsers wihout modern events. 
Adds a check for `window.addEventListener` support before attempting to use it. In browsers without support, the file is exited early to avoid throwing a JavaScript error.

Fixes #38585.

Built from https://develop.svn.wordpress.org/trunk@39050


git-svn-id: http://core.svn.wordpress.org/trunk@38992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 06:17:29 +00:00
Drew Jaynes
9635867540 Docs: The query_vars filter used in the REST posts controller should be notated as a duplicate rather than a new hook. 
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39049


git-svn-id: http://core.svn.wordpress.org/trunk@38991 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 05:50:29 +00:00
Gary Pendergast
54b378e411 REST API: Allow parameters defined as array to be sent as CSVs. 
This allows parameters that are often handled as CSVs to be properly parsed.

Fixes #38586.


Built from https://develop.svn.wordpress.org/trunk@39048


git-svn-id: http://core.svn.wordpress.org/trunk@38990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 05:45:32 +00:00
Ryan McCue
4dab905dba REST API: Support password on non-post post types. 
The password field was incorrectly only added to "post" post types, but is supported for all post types in the Dashboard UI.

Props jnylen0.
Fixes #38582.

Built from https://develop.svn.wordpress.org/trunk@39047


git-svn-id: http://core.svn.wordpress.org/trunk@38989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 03:53:32 +00:00
Gary Pendergast
6c1e98d1fb REST API: Add support for arrays in schema validation and sanitization. 
By allowing more fine-grained validation and sanitisation of endpoint args, we can ensure the correct data is being passed to endpoints.

This can easily be extended to support new data types, such as CSV fields or objects.

Props joehoyle, rachelbaker, pento.
Fixes #38531.


Built from https://develop.svn.wordpress.org/trunk@39046


git-svn-id: http://core.svn.wordpress.org/trunk@38988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 01:48:41 +00:00
John Blackbourn
8c811f8f90 XML-RPC: Correctly handle empty and duplicate comments. 
This prevents `wp_die()` being sent in response to an XML-RPC call that attempts to submit a duplicate comment, and correctly returns an error in response to an attempt to submit an empty comment.

Props markoheijnen, websupporter.
Fixes #14452, #38466.
See #36901

Built from https://develop.svn.wordpress.org/trunk@39045


git-svn-id: http://core.svn.wordpress.org/trunk@38987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 01:27:31 +00:00
Gary Pendergast
dbc4b87b7f REST API: Allow Content-Type on CORS requests. 
This allows `POST` requests with a wider variety of `Content-Type' headers - `Content-Type: application/json`, for example.

Props jnylen0.
Fixes #37994.


Built from https://develop.svn.wordpress.org/trunk@39044


git-svn-id: http://core.svn.wordpress.org/trunk@38986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 00:34:33 +00:00
Rachel Baker
b7e6c43c64 REST API: Correctly test the roles parameter when creating a user in WP_Test_REST_Users_Controller. 
Props jnylen0.
Fixes #38575.
Built from https://develop.svn.wordpress.org/trunk@39043


git-svn-id: http://core.svn.wordpress.org/trunk@38985 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 00:28:29 +00:00
Gary Pendergast
69539eb2a7 REST API: Add PATCH to CORS allowed methods. 
Editable resources in the REST API accept the `PATCH` method, but the CORS headers don't mention it.

Props jnylen0.
Fixes #38546.


Built from https://develop.svn.wordpress.org/trunk@39042


git-svn-id: http://core.svn.wordpress.org/trunk@38984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-31 00:19:30 +00:00
Rachel Baker
d15f7b5f44 REST API: Delete temporary files during teardown of WP_Test_REST_Attachments_Controller. 
Props jnylen0.
Fixes #38574.
Built from https://develop.svn.wordpress.org/trunk@39041


git-svn-id: http://core.svn.wordpress.org/trunk@38983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 23:32:35 +00:00
Dominik Schilling
ba9b3cf6a6 I18N: Don't use get_user_option() for retrieving user's language. 
`get_user_option()` checks for both option types, site and network. Since `locale` is only a network option we can directly access the field via `WP_User`s magic getter.

Props johnjamesjacoby.
Fixes #38578.
Built from https://develop.svn.wordpress.org/trunk@39040


git-svn-id: http://core.svn.wordpress.org/trunk@38982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 22:26:31 +00:00
Dominik Schilling
cf571b12c1 I18N: Use correct value for the for attribute of the user language setting label. 
Props johnjamesjacoby.
Fixes #38576.
Built from https://develop.svn.wordpress.org/trunk@39039


git-svn-id: http://core.svn.wordpress.org/trunk@38981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 21:58:38 +00:00
Weston Ruter
015cb27b87 Customize: Prevent auto-draft post/page stubs from being saved with empty slugs or published with non-unique slugs. 
* Allow `WP_Customize_Nav_Menus::insert_auto_draft_post()` to take full post array to pass to `wp_insert_post()`, except for `post_status`. Require `post_title`. 
* Ensure empty `post_name` gets explicitly set to slugified `post_title`.
* Explicitly allow only `post_type` and `post_title` params in `WP_Customize_Nav_Menus::ajax_insert_auto_draft_post()`.
* Use `wp_update_post()` instead of `wp_publish_post()` to ensure unique slugs are assigned to published auto-draft posts.
* Re-use `WP_Customize_Nav_Menus::insert_auto_draft_post()` when inserting stubs from starter content.
 
See #38114, #38013, #34923.
Fixes #38539.

Built from https://develop.svn.wordpress.org/trunk@39038


git-svn-id: http://core.svn.wordpress.org/trunk@38980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 20:21:33 +00:00
Drew Jaynes
0181e937c5 Docs: Add a slightly less ambiguous list of return types for rest_ensure_response(). 
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39037


git-svn-id: http://core.svn.wordpress.org/trunk@38979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 18:53:29 +00:00
Drew Jaynes
993b3a5c6e Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Users_Controller class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39036


git-svn-id: http://core.svn.wordpress.org/trunk@38978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 18:52:30 +00:00
John Blackbourn
5b0d11791f Role/Capability: Introduce capability tests for promoting, removing, and deleting users, and capability tests for editing comments. 
Also introduces a shared fixture for a super admin user.

See #38236

Built from https://develop.svn.wordpress.org/trunk@39035


git-svn-id: http://core.svn.wordpress.org/trunk@38977 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 18:31:33 +00:00
Drew Jaynes
b8f14e00ef Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_User_Meta_Fields class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39034


git-svn-id: http://core.svn.wordpress.org/trunk@38976 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 18:28:30 +00:00
Drew Jaynes
90c17ccbf1 Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Terms_Controller class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39033


git-svn-id: http://core.svn.wordpress.org/trunk@38975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 18:21:30 +00:00
Drew Jaynes
b71e62b9eb Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Term_Meta_Fields class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39032


git-svn-id: http://core.svn.wordpress.org/trunk@38974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 18:09:32 +00:00
Drew Jaynes
7d7d0c8599 Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Taxonomies_Controller class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39031


git-svn-id: http://core.svn.wordpress.org/trunk@38973 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 18:07:33 +00:00
Drew Jaynes
5dfa0c4cee Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Settings_Controller class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39030


git-svn-id: http://core.svn.wordpress.org/trunk@38972 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 18:01:30 +00:00
Drew Jaynes
2452f69485 REST: Fix some errant else if conditions and add a few missing periods on inline comments. 
Props mrahmadawais.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39029


git-svn-id: http://core.svn.wordpress.org/trunk@38971 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 17:54:30 +00:00
Drew Jaynes
596ee8bc9d Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Revisions_Controller class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39028


git-svn-id: http://core.svn.wordpress.org/trunk@38970 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 17:50:29 +00:00
Drew Jaynes
1ef0a5514e REST: Fix a yoda condition in WP_REST_Request::get_parameter_order() and add a missing period for an inline comment in `WP_REST_Request::from_url(). 
Props mrahmadawais.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39027


git-svn-id: http://core.svn.wordpress.org/trunk@38969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 17:42:45 +00:00
Drew Jaynes
e84b257852 Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Posts_Controller class. 
Props Soean, mrahmadawais, flixos90, DrewAPicture.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39026


git-svn-id: http://core.svn.wordpress.org/trunk@38968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 17:37:35 +00:00
Drew Jaynes
7d488bd2b1 Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Post_Types_Controller class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39025


git-svn-id: http://core.svn.wordpress.org/trunk@38967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 16:51:30 +00:00
Drew Jaynes
04f0340a96 Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Post_Statuses_Controller class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39024


git-svn-id: http://core.svn.wordpress.org/trunk@38966 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 16:44:38 +00:00
Drew Jaynes
c4df9d63ba Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Post_Meta_Fields class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39023


git-svn-id: http://core.svn.wordpress.org/trunk@38965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 16:36:32 +00:00
Drew Jaynes
9ce98d98ac Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Meta_Fields class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39022


git-svn-id: http://core.svn.wordpress.org/trunk@38964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 16:33:30 +00:00
Drew Jaynes
718f9fe868 Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Controller class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39021


git-svn-id: http://core.svn.wordpress.org/trunk@38963 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 16:20:29 +00:00
John Blackbourn
2d0d9cfbf9 Customize: Avoid using assertNotFalse() in tests because it's not available in PHPUnit 3.6. 
See #35395

Built from https://develop.svn.wordpress.org/trunk@39020


git-svn-id: http://core.svn.wordpress.org/trunk@38962 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 15:42:36 +00:00
Andrea Fercia
791c72dd4d Accessibility: Remove target=_blank from the help tab links in network.php. 
Stop taking control of users' browsers.

Props wolly.
Fixes #38572. See #23432.

Built from https://develop.svn.wordpress.org/trunk@39019


git-svn-id: http://core.svn.wordpress.org/trunk@38961 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 15:19:37 +00:00
Weston Ruter
ddea523daf Customize: Prevent toggling edit shortcuts when doing shift-click or when clicking on a descendent of an interactive element. 
See #38532, #27403.
Fixes #38554.

Built from https://develop.svn.wordpress.org/trunk@39018


git-svn-id: http://core.svn.wordpress.org/trunk@38960 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 14:59:31 +00:00
John Blackbourn
328922cc82 Customize: Correct the CRUD tests for custom CSS on multisite. 
See #35395

Built from https://develop.svn.wordpress.org/trunk@39017


git-svn-id: http://core.svn.wordpress.org/trunk@38959 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 14:04:30 +00:00
John Blackbourn
2b6ceeb465 Customize: Correct the capability mapping and associated tests for the unfiltered_css capability. 
Fixes #35395

Built from https://develop.svn.wordpress.org/trunk@39016


git-svn-id: http://core.svn.wordpress.org/trunk@38958 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 12:47:31 +00:00
Drew Jaynes
e2e47a192d Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Comments_Controller class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39015


git-svn-id: http://core.svn.wordpress.org/trunk@38957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 06:55:30 +00:00
Drew Jaynes
7d25657c01 Docs: Add much more complete and syntactically correct documentation throughout the WP_REST_Comment_Meta_Fields class. 
Props Soean, mrahmadawais, flixos90.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39014


git-svn-id: http://core.svn.wordpress.org/trunk@38956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 06:34:31 +00:00
Drew Jaynes
4247471355 Tests: Helps to also update the hour and not just the timezone to temporarily fix a test broken due to Daylight Saving Time changes in Europe. 
Built from https://develop.svn.wordpress.org/trunk@39013


git-svn-id: http://core.svn.wordpress.org/trunk@38955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-30 05:54:29 +00:00