In `wp_salt()` WordPress pre-populates the check for duplicate salt values with the default put your unique phrase here. As the `wp-config.php file` for non-en_US can be translated in downloaded packages, a translated version of this phrase ought to be in the pre-populated duplicate values array too.
Props peterwilsoncc, SergeyBiryukov, whaze, costdev, audrasjb.
Fixes#55937.
Built from https://develop.svn.wordpress.org/trunk@54249
git-svn-id: http://core.svn.wordpress.org/trunk@53808 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset contextualizes the usage of `nonce_life` filter by passing the `$action` parameter. It allows to alterate the default lifespan of nonces on a case by case basis.
Props giuseppemazzapica, dwainm, DrewAPicture, jorbin, audrasjb, SergeyBiryukov, costdev, antonvlasenko.
Fixes#35188.
Built from https://develop.svn.wordpress.org/trunk@54218
git-svn-id: http://core.svn.wordpress.org/trunk@53777 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When extracting the email and name from a “From” header, the last character of the name is incorrectly trimmed when a space is not included between the name and the opening `<`.
Though the space is required for the header to be compliant with RFC5322 (see https://www.rfc-editor.org/rfc/rfc5322#section-3.4), the absence of a space can be ignored here. PHPMailer accepts the name and email as separate parameters and constructs the header correctly later on.
Props hakanca, mikehansenme, SergeyBiryukov, kovshenin, mattyrob, drewapicture, desrosj.
Fixes#19847.
Built from https://develop.svn.wordpress.org/trunk@53900
git-svn-id: http://core.svn.wordpress.org/trunk@53459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Make the descriptions for `update_post_author_caches()` and `update_post_caches()` more specific.
* Move the unit test into its own file, for consistency with `update_post_cache()` tests. This also allows for using shared fixtures in case more tests are added in the future.
Follow-up to [53482].
See #55716.
Built from https://develop.svn.wordpress.org/trunk@53483
git-svn-id: http://core.svn.wordpress.org/trunk@53072 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For a call to `WP_Query` or a post REST API request that contains posts from multiple authors, call the `cache_users` function, to ensure that all user data for post authors is primed in
a single database query. This results in far fewer database queries on multiple author sites.
Props spacedmonkey, timothyblynjacobs, peterwilsoncc.
Fixes#55716.
Built from https://develop.svn.wordpress.org/trunk@53482
git-svn-id: http://core.svn.wordpress.org/trunk@53071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Dynamically add `decoding="async"` to image tags on the front end of a site to instruct browsers to download them in parallel.
Modifies `wp_get_attachment_image()`, `get_avatar()` to include the attribute by default. Modifies `wp_filter_content_tags()` to add the attribute during the front-end render of the site.
Introduces `wp_img_tag_add_decoding_attr()` to take an image tag and modify it to include the attribute. Introduces the filter `wp_img_tag_add_decoding_attr` used to define the default value for the attribute.
Props adamsilverstein, ayeshrajans, costdev, flixos90, hellofromtonya, isaumya, michaelbourne, mihai2u, mitogh, sergiomdgomes, spacedmonkey, westonruter, peterwilsoncc.
Fixes#53232.
Built from https://develop.svn.wordpress.org/trunk@53480
git-svn-id: http://core.svn.wordpress.org/trunk@53069 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As per the PHP manual:
> If the `component` parameter is omitted, an associative array is returned.
> If the `component` parameter is specified, `parse_url()` returns a string (or an int, in the case of `PHP_URL_PORT`) instead of an array. If the requested component doesn't exist within the given URL, `null` will be returned.
Reference: [https://www.php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-returnvalues PHP Manual: parse_url(): Return Values]
In PHP 8.1, if the home URL does not have a "host" component, it would lead to a `substr(): Passing null to parameter #1 ($string) of type string is deprecated` notice.
Changing the logic around and adding validation for the return type value of `wp_parse_url()` prevents that.
Follow-up to [48601], [51606], [51622], [51626], [51629], [51630].
Props dennisatyoast, jrf.
See #54730.
Built from https://develop.svn.wordpress.org/trunk@52799
git-svn-id: http://core.svn.wordpress.org/trunk@52388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds a new `wp_mail_succeeded` action in `wp_mail` after the mail is sent. Also, adds a disclaimer to the hook's docblock, clarifying that the hook's firing doesn't necessarily mean the recipient received the mail, only that the mail was processed without any errors.
Props birgire, donmhico, johnbillion.
Fixes#53826.
Built from https://develop.svn.wordpress.org/trunk@52083
git-svn-id: http://core.svn.wordpress.org/trunk@51675 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset implements the refined lazy-loading behavior outlined in https://make.wordpress.org/core/2021/07/15/refining-wordpress-cores-lazy-loading-implementation/ in order to improve the Largest Contentful Paint metric, which can see a regression from images or iframes above the fold being lazy-loaded. Adjusting this so far has been possible for developers via filters and still is, however this enhancement brings a more accurate behavior out of the box for the majority of themes.
Specifically, this changeset skips the very first "content image or iframe" on the page from being lazy-loaded. "Content image or iframe" denotes any image or iframe that is found within content of any post in the current main query loop as well as any featured image of such a post. This applies both to "singular" as well as "archive" content: On a "singular" page the first image/iframe of the post is not lazy-loaded, while on an "archive" page the first image/iframe of the _first_ post in the query is not lazy-loaded.
This approach refines the lazy-loading behavior correctly for the majority of themes, which use a single-column layout for post content. For themes with multi-column layouts, a new `wp_omit_loading_attr_threshold` filter can be used to change how many of the first images/iframes are being skipped from lazy-loaded (default is `1`). For example, a theme using a three-column grid of latest posts for archives could use the filter to override the threshold to `3` on archive pages, so that the first three content images/iframes would not be lazy-loaded.
Props adamsilverstein, azaozz, flixos90, hellofromtonya, jonoaldersonwp, mte90, rviscomi, tweetythierry, westonruter.
Fixes#53675. See #50425.
Built from https://develop.svn.wordpress.org/trunk@52065
git-svn-id: http://core.svn.wordpress.org/trunk@51657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Share the `WP_User` instance for the current user between the functions `get_userdata()` and `wp_get_current_user()`. Both functions return the `$current_user` global for the current user.
Force refresh the `$current_user` global within `clean_user_cache()` by immediately re-calling `wp_set_current_user()` with the current user's ID. This ensures any changes to the current user's permissions or other settings are reflected in the global. As a side-effect this immediately rewarms the current user's cache.
Props chaion07, chriscct7, donmhico, hellofromtonya, lukecarbis, peterwilsoncc, rmccue, TimothyBlynJacobs.
Fixes#28020.
Built from https://develop.svn.wordpress.org/trunk@50790
git-svn-id: http://core.svn.wordpress.org/trunk@50399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The function `wp_text_diff` generated an invalid table structure if the $args parameter contained any values. This patch corrects the structure generated by `wp_text_diff` and related usages so that the column count matches the data generated. Additionally, this patch passes arguments to the Revisions screen so that the screen has column headings that reflect the content in each column. Improves the accessibility and usability of the Revisions table.
Props joedolson, mehulkaklotar, afercia, adamsilverstein, zodiac1978, jeremyfelt
Fixes#25473
Built from https://develop.svn.wordpress.org/trunk@50034
git-svn-id: http://core.svn.wordpress.org/trunk@49735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the canonical function name for PHP functions is strongly recommended, as aliases may be deprecated or removed without (much) warning.
This replaces all uses of the following:
* `join()` with `implode()`
* `sizeof()` with `count()`
* `is_writeable()` with `is_writable()`
* `doubleval()` with a `(float)` cast
In part, this is a follow-up to #47746.
Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49193
git-svn-id: http://core.svn.wordpress.org/trunk@48955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to the PHPMailer update in 5.5, old version of the PHPMailer was setting the validator to 'auto' resulting in a sophisticated logic for determining what email address validation should be used. But the new version defaults to 'php', possibly leading to rejection of email addresses which were fine prior to the upgrade. Let's use the WordPress core function `is_email()` so that it can be fully pluggable.
Fixes#50720.
Props david.binda, ayeshrajans, Synchro, SergeyBiryukov, whyisjake.
Built from https://develop.svn.wordpress.org/trunk@48645
git-svn-id: http://core.svn.wordpress.org/trunk@48407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Due to the varying server setups, `$_SERVER['SERVER_NAME'];` can't reliably ensure that there will be a relevant host that could be used as the hostname in an email. Since the `network_home_url()` is set at this point, and is filterable, this should better enable emails to be sent from the server.
Fixes#25239.
Props layotte, SergeyBiryukov, nacin, sreedoap, szepe.viktor, jesin, kitchin, mensmaximus, mt8.biz, Grzegorz.Janoszka, cbutlerjr, dd32, BjornW, neodjandre, BjornW, Ipstenu, ocean90, danielbachhuber, desmith, joemcgill, jdgrimes, riasat, derekakelly, swissspidy, lilmike, tsimmons, robert.peake, DavidAnderson, cloudstek, pigdog234, BjornW, rawrly, pessoft, RedSand, seayou, dvershinin, bastho, chesio, Starbuck, afragen, ocean90, whyisjake.
Built from https://develop.svn.wordpress.org/trunk@48601
git-svn-id: http://core.svn.wordpress.org/trunk@48363 1a063a9b-81f0-0310-95a4-ce76da25c4cd
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”
With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).
Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.
Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.
Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes#50413.
Built from https://develop.svn.wordpress.org/trunk@48121
git-svn-id: http://core.svn.wordpress.org/trunk@47890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Partially reverts [48059] as there's no full consensus on the removal of the text prefix. Further actions should be taken to improve consistency and accessibility of the admin notices. Keeps some improvements to the translatable strings from [48059].
Fixes#47656.
Built from https://develop.svn.wordpress.org/trunk@48115
git-svn-id: http://core.svn.wordpress.org/trunk@47884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The tag was supported in phpDocumentor 1.x, but is no longer supported in 2.x and 3.x.
Usage of static variables is considered an internal implementation detail and has no information value for someone reading the docs.
Props alishanvr, jrf.
Fixes#50426.
Built from https://develop.svn.wordpress.org/trunk@48109
git-svn-id: http://core.svn.wordpress.org/trunk@47878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For a number of years, most of the WordPress error messages have been prefixed with "Error:". However, these messages appear in a context where it's already clear an error occurred. Whether it's an error, a warning, or any other classification, that's not so relevant for users. The content of the message is the relevant part. The "Error:" prefix doesn't add great value while it does add unnecessary complexity for the message readability.
Also, revises some of these messages to improve clarity and removes HTML from translatable strings.
Props garrett-eclipse, ramiy, SergeyBiryukov, afercia, sabernhardt, quadthemes, audrasjb.
See #47003, #43037, #42945, #15887.
Fixes#47656.
Built from https://develop.svn.wordpress.org/trunk@48059
git-svn-id: http://core.svn.wordpress.org/trunk@47826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Now that WordPress Core supports PHP >= 5.6, the PHPMailer library can be updated to the latest version.
The PHPMailer files now reside in a new directory, `wp-includes/PHPMailer`. These files are copied verbatim from the library upstream and will make updating in the future easier. For backwards compatibility, the old files will remain and trigger deprecated file warnings.
The PHPMailer class is also now under the `PHPMailer\PHPMailer\PHPMailer` namespace. The `PHPMailer` class in the global namespace has been aliased for a seamless transition.
This upgrade also clears up a handful of PHP compatibility issues detailed in #49922.
For a full list of changes, see the PHPMailer GitHub: https://github.com/PHPMailer/PHPMailer/compare/v5.2.27...v6.1.6.
Props Synchro, SergeyBiryukov, desrosj, donmhico, ayeshrajans.
Fixes#41750.
Built from https://develop.svn.wordpress.org/trunk@48033
git-svn-id: http://core.svn.wordpress.org/trunk@47800 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the `@` operator was used to prevent possible warnings emitted by `parse_url()` in PHP < 5.3.3 when URL parsing failed.
Now that the minimum version of PHP required by WordPress is 5.6.20, this is no longer needed.
Props netpassprodsr, Howdy_McGee.
Fixes#49980. See #24780.
Built from https://develop.svn.wordpress.org/trunk@47617
git-svn-id: http://core.svn.wordpress.org/trunk@47392 1a063a9b-81f0-0310-95a4-ce76da25c4cd