The following warnings could, in very select circumstances, be shown:
{{{
// PHP 8.0 and higher:
Warning: foreach() argument must be of type array|object, bool given
// PHP 5.6 – 7.4
Warning: Invalid argument supplied for foreach()
}}}
In `WP_Media_List_Table::prepare_items()`, the cron info array is retrieved via a call to `_get_cron_array()`, but as the documentation (correctly) states, the return type of that function is `array|false`, where `false` is returned for a virgin site, with no cron jobs scheduled yet.
However, no type check is done on the return value, and the method just blindly continues by using it in a `foreach`.
Fixed by adding validation for the returned value from `_get_cron_array()` and only running the `foreach` when the returned value is an array.
Reference: [https://developer.wordpress.org/reference/functions/_get_cron_array/ WordPress Developer Resources: _get_cron_array()]
Follow-up to [48417].
Props jrf, hellofromTonya, mukesh27.
Fixes#53949.
Built from https://develop.svn.wordpress.org/trunk@51638
git-svn-id: http://core.svn.wordpress.org/trunk@51244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Hide the browser's native radio button on the custom background position selector in the Customizer and the legacy background screen. This fixes an issue causing both to display.
Props mukesh27, ravipatel, sabernhardt, walbo.
Fixes#53803.
Built from https://develop.svn.wordpress.org/trunk@51637
git-svn-id: http://core.svn.wordpress.org/trunk@51243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As per the PHP manual:
> If the `component` parameter is omitted, an associative array is returned.
> If the `component` parameter is specified, `parse_url()` returns a string (or an int, in the case of `PHP_URL_PORT`) instead of an array. If the requested component doesn't exist within the given URL, `null` will be returned.
Reference: [https://www.php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-returnvalues PHP Manual: parse_url(): Return Values]
This commit adds three unit tests for `download_url()`:
* The first test is "girl-scouting" to make sure that the code up to the point where the error is expected is tested.
* The second test exposed a PHP 8.1 `basename(): Passing null to parameter #1 ($path) of type string is deprecated` error due to the call to `parse_url()` returning `null` when the component requested does not exist in the passed URL.
* The output of the call to `parse_url()` stored in the `$url_path` variable is used in more places in the function logic. The third test exposes a second PHP 8.1 deprecation notice, this time for `substr(): Passing null to parameter #1 ($string) of type string is deprecated`.
This commit also removes duplicate `parse_url()` calls. Neither `$url` nor `$url_filename` are changed between when they are first received/defined and when they are re-used, so there is no need to repeat the function calls.
Follow-up to [51606], [51622].
Props jrf, hellofromTonya, SergeyBiryukov.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51626
git-svn-id: http://core.svn.wordpress.org/trunk@51232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that when multiple plugins or themes are updated and one succeeds and another fails, the error is reported accordingly.
Previously, both updates would end up treated as a success, due to `$this->result` containing the result of the previous operation and not the current one.
Follow-up to [12097].
Props pwtyler, afragen.
Fixes#53002.
Built from https://develop.svn.wordpress.org/trunk@51528
git-svn-id: http://core.svn.wordpress.org/trunk@51139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This matches the documented type of the `$post_id` argument and is consistent with other instances of `wp_terms_checklist()` calls.
Per the function documentation, the default value is integer `0`, not `null`.
Follow-up to [13535].
Props tareiking, donmhico, jrf.
Fixes#43639.
Built from https://develop.svn.wordpress.org/trunk@51520
git-svn-id: http://core.svn.wordpress.org/trunk@51131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a one-off notice to the dashboard in the event WordPress has automatically deactivated a plugin due to incompatibility with the new version of WordPress.
Introduces the new private function `deactivated_plugins_notice()` to display the notice in the dashboard. Introduces the new auto-loaded option `wp_force_deactivated_plugins` to store a list of automatically deactivated plugins; the option is used on both a site and network level.
Follow up to [51180].
Props desrosj, jorbin, azaozz, SergeyBiryukov, peterwilsoncc.
See #53432.
Built from https://develop.svn.wordpress.org/trunk@51266
git-svn-id: http://core.svn.wordpress.org/trunk@50875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is the start of the WordPress 5.8 about page, introducing new content and a first pass of the new style.
Props chanthaboune, cbringmann, webcommsat, marybaum, melchoyce, shaunandrews, desrosj, ryelle, oglekler, yvettesonneveld, nalininonstopnewsuk, meher, femkreations, alanjacobmathew, courane01, annezazu, matveb, milana_cap, javiarce, ryokuhi, audrasjb.
See #52775.
Built from https://develop.svn.wordpress.org/trunk@51264
git-svn-id: http://core.svn.wordpress.org/trunk@50873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This wraps the inner-content of the Site Health dashboard widget to give a unique target for CSS selectors, restoring the ability to collapse the widget.
The initial implementation targeted the `.inside` class used by all widgets to apply styling to the widget content, but this prevented the widget from being collapsed, as it added grid-styles which other widgets do not use, overriding the usual behavior when toggling widget visibility.
Follow-up to [50833].
Props alanjacobmathew, walbo.
Fixes#53521.
Built from https://develop.svn.wordpress.org/trunk@51247
git-svn-id: http://core.svn.wordpress.org/trunk@50856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids a fatal error due to `WP_Block_Template` class redeclaration when updating to WordPress 5.8 with an older version of Gutenberg activated.
Follow-up to [35582] for the REST API plugin.
Props hellofromTonya, oglekler, azaozz, desrosj, pbiron, jorbin, youknowriad, TimothyBlynJacobs, Clorith, markparnell.
See #53432.
Built from https://develop.svn.wordpress.org/trunk@51180
git-svn-id: http://core.svn.wordpress.org/trunk@50789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This matches the documentation for the filter of the same name.
Previously, the function could return `false` for an audio or video attachment that does not exist in the local filesystem.
Props Chouby, SergeyBiryukov.
Fixes#52603.
Built from https://develop.svn.wordpress.org/trunk@51162
git-svn-id: http://core.svn.wordpress.org/trunk@50771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Restore the original shape of the AJAX response data in the media library after removing infinite scroll, and pass total number of attachments in the response headers `X-WP-Total` and `X-WP-TotalPages`.
Improve backwards compatibility for plugins intercepting the ajax response. Headers match the structure and count calculation used in REST API responses.
Fix an issue with hiding the spinner after the load is completed and ensure that the load more view is created when changing tabs in the media library modal.
Follow up to [50829].
props adamsilverstein, spacedmonkey, joedolson.
Fixes#50105.
Built from https://develop.svn.wordpress.org/trunk@51145
git-svn-id: http://core.svn.wordpress.org/trunk@50754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds the list of file formats supported by the GD library to the Media Handling section in Site Health.
This will help site owners debug any issues they encounter as support for newer, more modern image formats is added (such as WebP in [50810]).
Follow up to [50817].
Props adamsilverstein, jorbin.
Fixes#53022.
Built from https://develop.svn.wordpress.org/trunk@51143
git-svn-id: http://core.svn.wordpress.org/trunk@50752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The filters `user_confirmed_action_email_content`, `user_erasure_complete_email_subject`, and `user_erasure_complete_email_headers` have been deprecated.
They have been replaced with `user_erasure_fulfillment_email_content`, `user_erasure_fulfillment_email_subject`, and `user_erasure_fulfillment_email_headers`.
Props desrosj, garrett-eclipse, birgire, DrewAPicture, lifeforceinst, ocean90, pbiron, pento, coffee2code, TZ-Media, SergeyBiryukov, johnbillion, audrasjb, davidbaumwald, hellofromTonya, helen, xkon, antpb, peterwilsoncc, lukecarbis.
Fixes#44314.
Built from https://develop.svn.wordpress.org/trunk@51129
git-svn-id: http://core.svn.wordpress.org/trunk@50738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If a browser matches Internet Explorer, the dashboard will display a notice recommending a more modern browser.
Props youknowriad, sabernhardt, afercia, SergeyBiryukov, davidbaumwald, netweb, johnbillion, jeherve.
See #48743.
Built from https://develop.svn.wordpress.org/trunk@51117
git-svn-id: http://core.svn.wordpress.org/trunk@50726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Additionally, add a notice for when you are editing the "latest posts" page.
Fixes#45537.
Props cameronjonesweb, swissspidy, hannahmalcolm, Fantasy1125, ArnaudBan, grantmkin, youknowriad, knutsp, SergeyBiryukov, audrasjb, whyisjake.
Built from https://develop.svn.wordpress.org/trunk@51116
git-svn-id: http://core.svn.wordpress.org/trunk@50725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This affects:
* `validate_plugin_requirements()`
* `validate_theme_requirements()`
Historically, the `Requires PHP` header was introduced in #meta2952 for the Plugin Directory first, so at the time it made sense to have it defined in the same place as `Requires at least`, which only existed in `readme.txt`.
Since parsing of PHP and WordPress requirements was later added to WordPress core, the core should retrieve all the necessary data from the main plugin or theme file and not from `readme.txt`, which only contains the data meant for the Plugin or Theme Directory.
The recommended place for `Requires PHP` and `Requires at least` headers is as follows:
* The plugin's main PHP file
* The theme's `style.css` file
The place for the `Tested up to` header remains in `readme.txt` for the time being, as it's not used by WordPress core.
Follow-up to [44978], [45546], [47573], [47574], [meta5841], [meta9050].
Props afragen, Otto42, joyously, williampatton, audrasjb.
Fixes#48520. See #48515, #meta2952, #meta4514, #meta4621.
Built from https://develop.svn.wordpress.org/trunk@51092
git-svn-id: http://core.svn.wordpress.org/trunk@50701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix the enter key in profile form fields moving focus to the application password input instead of submitting the profile update for. Replace the submit button type used for application passwords with `button type="button"` and ensure that the enter key's native behavior isn't overwritten.
props audrasjb, alexstine, promz, sabernhardt.
Fixes#52849.
Built from https://develop.svn.wordpress.org/trunk@51086
git-svn-id: http://core.svn.wordpress.org/trunk@50695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
By the time the tests run, both `wp_is_site_protected_by_basic_auth()` and `rest_url()` functions are available, so there is no need to check for their existence.
Follow-up to [44986], [51057].
Props Clorith, costdev, SergeyBiryukov.
Fixes#52642.
Built from https://develop.svn.wordpress.org/trunk@51066
git-svn-id: http://core.svn.wordpress.org/trunk@50675 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The test to confirm if Authorization headers can be used and recognized by WordPress needs to include a username and password combination that WordPress can compare against during the testing phase. The inclusion of credentials here would unfortunately also invalidate any existing basic auth session for the site, for example if the user had added this as an extra layer of security on their back-end.
This test is now skipped if the `wp_is_site_protected_by_basic_auth()` function detects that basic auth is being used, since the act of using basic auth to access the site confirms that this feature is working as expected in the first place.
Props WebDragon, TimothyBlynJacobs, costdev.
Fixes#52642.
Built from https://develop.svn.wordpress.org/trunk@51057
git-svn-id: http://core.svn.wordpress.org/trunk@50666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add `$status` parameter to `post_exists()` to allow developers to specify a post type, date and status to ensure they hit the `wp_posts` table's `type_status_date` index when determining if a post exists.
Props apokalyptik, boonebgorges, brettshumaker, DrewAPicture, MikeHansenMe, peterwilsoncc, whyisjake.
Fixes#34012.
Built from https://develop.svn.wordpress.org/trunk@51027
git-svn-id: http://core.svn.wordpress.org/trunk@50636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The styles for the Privacy settings page were based on the Site Health section. These were duplicated into `edit.css` in #49264. This change merges the selectors from Site Health into the Privacy section, to reduce that duplicate code.
Props xkon, notlaura, clorith.
See #52429.
Built from https://develop.svn.wordpress.org/trunk@51025
git-svn-id: http://core.svn.wordpress.org/trunk@50634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This provides direct links to install and activate the plugin, if the user has the capabilities to do so, instead of just linking to plugin search results.
It also matches more closely the message about installing the Classic Editor plugin for meta boxes incompatible with the block editor.
Follow-up to [22855], [44280], [45657].
Props tw2113, peterwilsoncc, SergeyBiryukov.
Fixes#52669.
Built from https://develop.svn.wordpress.org/trunk@51011
git-svn-id: http://core.svn.wordpress.org/trunk@50620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds an option to bulk delete menu items from the core Navigation Menus screen, offering a considerable usability benefit when making significant changes to navigation menus.
Uses the bulk select pattern found in post and media lists for consistency with other core management screens, rather than the rapid delete pattern found in menus in the customizer.
Props wphound, welcher, melchoyce, maxpertici, audrasjb
Fixes#21603.
Built from https://develop.svn.wordpress.org/trunk@51006
git-svn-id: http://core.svn.wordpress.org/trunk@50615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `update_user_option()` function is a way to update a user meta value after adding a blog’s prefix to the beginning of the meta key. But when the fourth parameter is `true`, the behavior is exactly the same as calling `update_user_meta()` directly.
This replaces all instances of `update_user_option()` when the fourth parameter is `true` in Core with a direct call to `update_user_meta()` to prevent an unnecessary call to `update_user_option()`.
Props johnjamesjacoby, zkancs, obenland, desrosj.
Fixes#43339.
Built from https://develop.svn.wordpress.org/trunk@50981
git-svn-id: http://core.svn.wordpress.org/trunk@50590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This shows the parent theme name in a child theme's metadata section in the list table, in a similar way it is displayed in the theme details modal on the single site Themes screen.
Props dpik, Mista-Flo, seanchayes, poena, johnbillion, jeremyfelt, bradt, jacklenox, helen, Travel_girl, karmatosed, Presskopp, joyously, SergeyBiryukov.
Fixes#30240.
Built from https://develop.svn.wordpress.org/trunk@50978
git-svn-id: http://core.svn.wordpress.org/trunk@50587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This reverts the changes to `id_base` from [50953] due to backward compatibility concerns, and instead focuses on the `id` and `class` attributes specifically.
With this change, any backslashes in the `id` or `class` attributes for a namespaced widget class are converted to underscores, making it easier to style the output or target the widget with JavaScript.
Follow-up to [50953].
Fixes#44098.
Built from https://develop.svn.wordpress.org/trunk@50961
git-svn-id: http://core.svn.wordpress.org/trunk@50570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change fixes a false positive that would appear during scheduled events, by only running the REST test when a user visits the Site Health page, meaning an active session is available.
The test checking if the REST API is available, includes a parameter for `context=edit` to make sure the block editor can function properly. This means a user session with editor capabilities is required for the test to pass, which is not the case during a scheduled event.
Props szaqal21, TimothyBlynJacobs, hermpheus.
Fixes#52112.
Built from https://develop.svn.wordpress.org/trunk@50939
git-svn-id: http://core.svn.wordpress.org/trunk@50548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are a few instances where two separate functions are used for both escaping and translating output. This change combines the two functions into the appropriate Core helper function.
Props dimadin, SergeyBiryukov.
Fixes#53153.
Built from https://develop.svn.wordpress.org/trunk@50931
git-svn-id: http://core.svn.wordpress.org/trunk@50540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows third-party plugins to avoid accidentally being overwritten with an update of a plugin of a similar name from the WordPress.org Plugin Directory.
Additionally, introduce the `update_plugins_{$hostname}` filter, which third-party plugins can use to offer updates for a given hostname.
If set, the `Update URI` header field should be a URI and have a unique hostname.
Some examples include:
* `https://wordpress.org/plugins/example-plugin/`
* `https://example.com/my-plugin/`
* `my-custom-plugin-name`
`Update URI: false` also works, and unless there is code handling the `false` hostname, the plugin will never get an update notification.
If the header is present, the WordPress.org API will currently only return updates for the plugin if it matches the following format:
* `https://wordpress.org/plugins/{$slug}/`
* `w.org/plugin/{$slug}`
If the header has any other value, the API will not return a result and will ignore the plugin for update purposes.
Props dd32, DavidAnderson, meloniq, markjaquith, DrewAPicture, mweichert, design_dolphin, filosofo, sean212, nhuja, JeroenReumkens, infolu, dingdang, joyously, earnjam, williampatton, grapplerulrich, markparnell, apedog, afragen, miqrogroove, rmccue, crazycoders, jdgrimes, damonganto, joostdevalk, jorbin, georgestephanis, khromov, GeekStreetWP, jb510, Rarst, juliobox, Ipstenu, mikejolley, Otto42, gMagicScott, TJNowell, GaryJ, knutsp, mordauk, nvartolomei, aspexi, chriscct7, benoitchantre, ryno267, lev0, gregorlove, dougwollison, SergeyBiryukov.
See #14179, #23318, #32101.
Built from https://develop.svn.wordpress.org/trunk@50921
git-svn-id: http://core.svn.wordpress.org/trunk@50530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replace infinitely autoloading behavior on scroll with a user-controlled load more button. Fix a long standing accessibility issue in the media library. Infinite scroll poses a wide range of problems for accessibility, usability, and performance.
This change modifies the library to load 40 items in the initial view, with a load more button to load the next 40 items and a button to move focus from the load more region to the first of the most recently added items.
The text for communicating the jump target was broadly discussed, agreeing that the text incorporated here would most concisely and clearly convey the purpose of the button, and any further detail is learnable from use.
Props afercia, adamsilverstein, joedolson, audrasjb, francina
Fixes#50105. See #40330.
Built from https://develop.svn.wordpress.org/trunk@50829
git-svn-id: http://core.svn.wordpress.org/trunk@50438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change introduces the `delete_theme` and `deleted_theme` action hooks, which fire immediately before and after an attempt to delete a theme, respectively.
Props scottconnerly, ptahdunbar, pbiron, vetyst, desrosj.
Fixes#16401.
Built from https://develop.svn.wordpress.org/trunk@50826
git-svn-id: http://core.svn.wordpress.org/trunk@50435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds additional information to the Media Handling section of the Site Health Info page. When ImageMagick is used as the site’s image editor, a full list of file formats supported will now be shown. This will help site owners debug any issues they encounter as support for newer, more modern image formats is added (such as WebP in [50810]).
Additionally, the version of Imagick installed. This will help site owners debug issues with generating images on the PHP side.
Some variables have also been renamed to more accurately represent what is being stored.
Props Clorith, desrosj.
Fixes#53022.
Built from https://develop.svn.wordpress.org/trunk@50817
git-svn-id: http://core.svn.wordpress.org/trunk@50426 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add support for uploading, editing and saving WebP images when supported by the server.
Add 'image/webp' to supported mime types. Correctly identify WebP images and sizes even when PHP doesn't support WebP. Resize uploaded WebP files (when supported) and use for front end markup.
Props markoheijne, blobfolio, Clorith, joemcgill, atjn, desrosj, spacedmonkey, marylauc, mikeschroder, hellofromtonya, flixos90.
Fixes#35725.
Built from https://develop.svn.wordpress.org/trunk@50810
git-svn-id: http://core.svn.wordpress.org/trunk@50419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids accidentally overriding some variables in the scope of `activate_plugin()`, e.g. `$silent` or `$network_wide`.
Plugins expecting to have access to `$network_wide` directly on inclusion should receive it as an argument of the activation hook callback instead, on any of these actions:
* `activate_plugin`
* `activate_{$plugin}`
* `activated_plugin`
Follow-up to [28644].
Props Mike_Cowobo, dd32, DrewAPicture, mensmaximus, SergeyBiryukov.
Fixes#31104.
Built from https://develop.svn.wordpress.org/trunk@50787
git-svn-id: http://core.svn.wordpress.org/trunk@50396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are several WordPress hooks defined on the server that depend on $post object that isn’t present on the new screens like edit site, edit widgets, or edit navigation. This patch deprecates existing filters and introduces replacements that are context-aware.
Props azaozz, andraganescu, jeremyfelt, nosolosw, youknowriad.
See #52920.
Built from https://develop.svn.wordpress.org/trunk@50776
git-svn-id: http://core.svn.wordpress.org/trunk@50385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
