Fixes a bug where menu assignements couldn't be changed when previewing a theme.
Also removes an unnecessary call to menu mapping after a theme switch from the customizer and makes sure the locations option is always written, for good measure.
Props westonruter.
See #39692.
Built from https://develop.svn.wordpress.org/trunk@41995
git-svn-id: http://core.svn.wordpress.org/trunk@41829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously attempted in [40256], which caused the test for decoded curly quotes to fail in some environments.
`$_SERVER['REQUEST_URI']` contains the encoded URI, so this version removes the failing tests and only checks for encoded curly quotes.
Props joostdevalk, lancewillett, SergeyBiryukov.
Fixes#20383.
Built from https://develop.svn.wordpress.org/trunk@41991
git-svn-id: http://core.svn.wordpress.org/trunk@41825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds checks throughout to allow for `wp_new_comment()` returning a `WP_Error` instance.
Updates the docs for the `pre_comment_approved` filter to include that it can be passed an error.
Props enrico.sorcinelli, ryotsun.
Fixes#39730.
Built from https://develop.svn.wordpress.org/trunk@41980
git-svn-id: http://core.svn.wordpress.org/trunk@41814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also remove `enum` for validating allowed templates to allow plugins to dynamically supply their own templates for specific posts, even when they are not in the theme.
Props TimothyBlynJacobs, jnylen0, swissspidy.
Fixes#39996.
Built from https://develop.svn.wordpress.org/trunk@41979
git-svn-id: http://core.svn.wordpress.org/trunk@41813 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Reverting this for 4.9. It will be added back in a future version of WordPress. This doesn't mean that you shouldn't be trying Gutenberg, just that it isn't ready for a call out to a larger audience. But if you are the type to read commit messages, https://github.com/WordPress/gutenberg could use your pull requests and comments on issues.
Reverts [41931] [41900] [41896] [41895]
See #41316
Built from https://develop.svn.wordpress.org/trunk@41978
git-svn-id: http://core.svn.wordpress.org/trunk@41812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The customizer and the theme installer use `visibility: hidden` on the body when
they open full-overlays screens. The FTP credentials modal needs a visibility
property set back to `visible` to be visible over those overlays.
Props purnendu.
Fixes#42205.
Built from https://develop.svn.wordpress.org/trunk@41972
git-svn-id: http://core.svn.wordpress.org/trunk@41806 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When media is uploaded to a post, the upload directory is set according to the date of the post, so that the media URLs in the post match when the post was published.
A page is a slightly different beast, pages often live for years, and are regularly updated to stay relevant. This change causes media uploaded to pages to use the upload date to determine the upload directory.
Fixes#10752.
Built from https://develop.svn.wordpress.org/trunk@41964
git-svn-id: http://core.svn.wordpress.org/trunk@41798 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update the `CodeEditorControl`'s `codemirror` deferred to be set before calling the parent class's `initialize` method. Since the `ready` method may be called directly by `initialize` it may be too late to add a new `Deferred` to the control's `deferred` property after calling the base control class's `initialize`.
Amends [41958].
See #41897.
Built from https://develop.svn.wordpress.org/trunk@41960
git-svn-id: http://core.svn.wordpress.org/trunk@41794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
CodeMirror gets initialized once the control's containing section is expanded. The deferred will be rejected if user preference for syntax highlighting is disabled.
Also move jsdoc from `wp.customize.Control` to intended `wp.customize.Control#initialize()`.
See #41897, #12423.
Built from https://develop.svn.wordpress.org/trunk@41958
git-svn-id: http://core.svn.wordpress.org/trunk@41792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allow `CodeEditorControl` to be instantiated with a `editor_settings` param which is merged with `wp.codeEditor.defaultSettings`.
Also:
* Turn redundant "CSS Code" control label into screen reader text for Additional CSS.
* Remove `code-editor` as script dependency for `custom-html-widgets` since enqueueing is determined by `wp_enqueue_code_editor()`.
* Remove useless exporting of `code_type` param to JS in `WP_Customize_Code_Editor_Control`.
* Add `disabled` class to Custom HTML widget's Save button when linting errors are present.
* Remove redundant `span` inside CodeEditorControl's `label`.
See #41897, #12423, #41872.
Built from https://develop.svn.wordpress.org/trunk@41957
git-svn-id: http://core.svn.wordpress.org/trunk@41791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Introduce a `widget_{$id_base}_instance_schema` filter for plugins to add new properties to a media widget's instance schema.
* Pass all of a gallery widget's instance props to the gallery media frame, not just the ones that core supports.
See #32417, #41914.
Fixes#42285.
Built from https://develop.svn.wordpress.org/trunk@41951
git-svn-id: http://core.svn.wordpress.org/trunk@41785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is a follow up on r41732, implementing the following improvements:
* Attachment parent info is now stored in attachment meta rather than a
separate post meta key.
* Attachments created from contextual crops (e.g. header, logos, etc.) are
filtered out of the media library using a new `_filterContext` method in
`wp.media.controller.Library`.
Props joemcgill, westonruter.
See #21819.
Built from https://develop.svn.wordpress.org/trunk@41937
git-svn-id: http://core.svn.wordpress.org/trunk@41771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Only use default control content template when a more specific template doesn't exist.
* Remove extraneous whitespace from being output in `WP_Customize_Control::render()` method.
* Move Custom Header template printing to `customize_controls_print_footer_scripts` action.
See #30738.
Built from https://develop.svn.wordpress.org/trunk@41935
git-svn-id: http://core.svn.wordpress.org/trunk@41769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update deprecated `isHostedVideo` method to always return `true` since all oEmbeds are now supported.
* Disable `scanImage` for non-image media widgets.
* Ensure embed URL field element is matched from current media frame instance due to bug where media frames are not destroyed upon closing.
* Update error message for invalid video URLs to ask user to check the URL for validity.
Props gk.loveweb, octalmage, westonruter.
See #42039, #40935.
Fixes#41052.
Built from https://develop.svn.wordpress.org/trunk@41933
git-svn-id: http://core.svn.wordpress.org/trunk@41767 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update stubs to have draft status when changeset is saved as draft, instead of preventing auto-draft garbage collection by giving them a far-future `post_date`.
* Show notice in publish metabox when editing a customization draft indicating that it will be published automatically with its changeset; a link to Customizer is included.
* Include a new "Customization Draft" display post state in the post list table.
* Disconnect stubs from their changesets when they are updated with a status other than "Draft".
* Trash customization drafts when their related changeset is trashed or deleted.
* Add a `_customize_changeset_uuid` postmeta to stubs to link them with their associated changeset.
* Include `customize_changeset_uuid` as context when requesting to insert a new auto-draft.
Props westonruter, melchoyce.
See #39896, #39752, #34923.
Fixes#42220.
Built from https://develop.svn.wordpress.org/trunk@41887
git-svn-id: http://core.svn.wordpress.org/trunk@41721 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The meta capabilities `install_languages` and `update_languages` rely on the admin function `wp_can_install_language_pack()`. That function in turn relies on `request_filesystem_credentials()`, so it needs to be ensured that this function is available as well.
Fixes#42230.
Built from https://develop.svn.wordpress.org/trunk@41885
git-svn-id: http://core.svn.wordpress.org/trunk@41719 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While `get_site_by()` makes sense as a more explicit and less complex replacement for `get_blog_details()`, it is not ready yet in terms of caching, where it currently falls short of the older function under specific circumstances.
See #40180, #40228.
Built from https://develop.svn.wordpress.org/trunk@41883
git-svn-id: http://core.svn.wordpress.org/trunk@41717 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The warning displayed upon first visit on the File Editors introduced in [41774]
needs to be the only perceivable content in the page for users of assistive
technologies. It looks like a modal but it's not exactly an ARIA dialog, not an
ARIA alert either, and needs some special treatment.
- constrains tabbing within the modal
- uses `wp.a11y.speak()` to make screen readers announce the modal message
- hides all the other page content from assistive technologies using `aria-hidden="true"`
This way, even if users miss the speak message, the warning is actually the only
perceivable content in the page.
Fixes#42110.
Built from https://develop.svn.wordpress.org/trunk@41876
git-svn-id: http://core.svn.wordpress.org/trunk@41710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the `WP_Network::$blog_id` property is set manually, for example in the multisite bootstrap process, `get_main_site_id()` should use that value instead of running its own logic. The main logic for the function was therefore moved into the internal `WP_Network::get_main_site_id()` method, which is now being accessed by the function through the magic property handling for `WP_Network::$blog_id` (and its equivalent `WP_Network::$site_id`).
Props spacedmonkey, jeremyfelt.
Fixes#41936.
Built from https://develop.svn.wordpress.org/trunk@41861
git-svn-id: http://core.svn.wordpress.org/trunk@41695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update date control padding.
* Collapse publish settings section when opening panes for available widgets or nav menus.
* Remove save and cog buttons in mobile preview only mode.
* Move definition of `wp.customize.previewedDevice` to `wp.customize.state('previewedDevice')` for centralization, maintaining old alias.
* Remove unused CSS because the section is inside form now.
Props sayedwp, westonruter.
See #39896.
Fixes#42027, #42199.
Built from https://develop.svn.wordpress.org/trunk@41860
git-svn-id: http://core.svn.wordpress.org/trunk@41694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix an issue where the escape key would no longer close the attachment details modal after attempting to navigate over the navigation boundaries (by clicking the left arrow key on the first media item or clicking the right arrow key on the last media item). Remove a focus blur which caused the underlying Backbone View to not receive the 'keydown' event.
Props subrataemfluence, afercia.
Fixes#42180.
Built from https://develop.svn.wordpress.org/trunk@41856
git-svn-id: http://core.svn.wordpress.org/trunk@41690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, shortcodes were being counted when the `init` action fired, even though it's possible for shortcodes to be registered later than that.
By leaving the counting until just before the script is printed, we get a more accurate list of shortcodes.
Props ocean90.
Fixes#41917.
Built from https://develop.svn.wordpress.org/trunk@41844
git-svn-id: http://core.svn.wordpress.org/trunk@41678 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the (W) logo on the single site login screen linked to wordpress.org, with an appropriate `title` attribute, but the link text was the blog name.
To fix this discrepency, the link text is now the same as the `title` attribute.
Props pento, obrienlabs, afercia, flixos90, lukecavanagh, and the infinite stack of bikesheds that WordPress is balanced upon.
Fixes#34625.
Built from https://develop.svn.wordpress.org/trunk@41843
git-svn-id: http://core.svn.wordpress.org/trunk@41677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Customization locking is checked when changesets are saved and when heartbeat ticks.
* Lock is lifted immediately upon a user closing the Customizer.
* Heartbeat is introduced into Customizer.
* Changes made to user after it was locked by another user are stored as an autosave revision for restoration.
* Lock notification displays link to preview the other user's changes on the frontend.
* A user loading a locked Customizer changeset will be presented with an option to take over.
* Autosave revisions attached to a published changeset are converted into auto-drafts so that they will be presented to users for restoration.
* Focus constraining is improved in overlay notifications.
* Escape key is stopped from propagating in overlay notifications, and it dismisses dismissible overlay notifications.
* Introduces `changesetLocked` state which is used to disable the Save button and suppress the AYS dialog when leaving the Customizer.
* Fixes bug where users could be presented with each other's autosave revisions.
Props sayedwp, westonruter, melchoyce.
See #31436, #31897, #39896.
Fixes#42024.
Built from https://develop.svn.wordpress.org/trunk@41839
git-svn-id: http://core.svn.wordpress.org/trunk@41673 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On narrower devices, input fields are too short to fit the number of default digits they contain. This widens the fields and also breaks each height and width attribute onto a new line for better usability, using some terrible CSS trickery. My apologies.
Props: Toru, Presskopp, desrosj, xkon, ryelle, melchoyce.
Fixes#34539.
Built from https://develop.svn.wordpress.org/trunk@41836
git-svn-id: http://core.svn.wordpress.org/trunk@41670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
JSON files don't need a particular indent style, this was just inherited from the jQuery `.editorconfig`, that we based ours on.
`package.json` is staying in the 2-space-indent group for now, due to npm 3 and 4 having issues. Upgrading to npm 5 will allow us to remove `package.json`, too.
Props netweb.
Fixes#40946.
Built from https://develop.svn.wordpress.org/trunk@41835
git-svn-id: http://core.svn.wordpress.org/trunk@41669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes an issue where hovering over the warning icon didn't work if there were multiple warnings on the same line of code. Also updates the cursor from "pointer" to "help" when hovering over warnings and errors.
Props joyously, obenland.
Fixes#42129.
Built from https://develop.svn.wordpress.org/trunk@41830
git-svn-id: http://core.svn.wordpress.org/trunk@41664 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes a change in behaviour introduced by [41629].
The host is set to an empty string when it isn't defined, this continues existing behaviour. In particular, the mysqli library treats a `null` host as being the same as `localhost`, which is not always the intended behaviour.
Props birgire, markjaquith, pento.
Fixes#41722.
Built from https://develop.svn.wordpress.org/trunk@41820
git-svn-id: http://core.svn.wordpress.org/trunk@41654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On newer versions of MySQL, an error was being thrown when creating a table with an index that we wanted to be silently truncated.
To avoid this, the test now tries to use a newer InnoDB file format where available, and skips the test when that happens.
Props pento, danielbachhuber, straussd.
Fixes#41716.
Built from https://develop.svn.wordpress.org/trunk@41818
git-svn-id: http://core.svn.wordpress.org/trunk@41652 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Introduce `WP_Customize_Themes_Section::$filter_type`, which has built-in functionality for `local` and `remote` filtering. When this set to `local`, all themes are assumed to be loaded from Ajax when the section is first loaded, and subsequent searching/filtering is applied to the loaded collection of themes within the section. This is how the core "Installed" section behaves - third-party sources with limited numbers of themes may consider leveraging this implementation. When this is set to `remote`, searching and filtering always triggers a new remote query via Ajax. The core "WordPress.org" section uses this approach, as it has over 5000 themes to search.
* Refactor `filterSearch()` to accept a raw term string as input. This enables a feature filter to be used on a section where `filter_type` is `local`.
* Refactor `filter()` on a theme control to check for an array of terms. Also sort the results by the number of matches. Rather than searching for an exact match, this will now search for each word in a search distinctly, allowing things like tags to rank in search results more accurately.
* Split `loadControls()` into two functions for themes section JS: `loadThemes()` to initiate and manage an Ajax request and `loadControls()` to create theme controls based on the results of the Ajax call. If third-party sections need to change the way controls are loaded, such as by using a custom control subclass of `WP_Customize_Theme_Control`, this allows them to use the core logic for managing the Ajax call and only override the actual control-creation process.
* Introduce `customize_load_themes` filter to facilitate loading themes from third-party sources (or modifying the results of the core sections).
* Bring significant improvements to the installed themes search filter.
Props celloexpressions.
Amends [41648].
See #37661.
Fixes#42049.
Built from https://develop.svn.wordpress.org/trunk@41807
git-svn-id: http://core.svn.wordpress.org/trunk@41641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The theme and plugin editors now list all files in the selected theme or plugin, recursing through subdirectories as necessary.
Props WraithKenny, schlessera, chsxf, MikeHansenMe, Daedalon, valendesigns, westonruter, pento.
Fixes#6531.
Built from https://develop.svn.wordpress.org/trunk@41806
git-svn-id: http://core.svn.wordpress.org/trunk@41640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Increase PHP execution time limit prior to issuing loopback requests where are themselves given timeouts to ensure PHP file can be reverted.
* Output scrape messages on success and failure so that absence of either can also be flagged as an error condition.
* Forward browser's HTTP Basic Auth credentials in loopback requests to admin and home URL.
* Display more helpful message when loopback request fails.
Amends [41721].
See #21622.
Fixes#42102.
Built from https://develop.svn.wordpress.org/trunk@41805
git-svn-id: http://core.svn.wordpress.org/trunk@41639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It doesn't look like `wp_register_sidebar_widget()` ever used a global named `$wp_register_widget_defaults`. It does however make use of `$wp_registered_widget_controls` now.
See [8960], [30776].
Props upadalavipul.
Fixes#41592.
Built from https://develop.svn.wordpress.org/trunk@41798
git-svn-id: http://core.svn.wordpress.org/trunk@41632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Open the door for future browser history feature in #28536, which is currently not feasible when customize-loader is used.
* Remove customizer-loader from being used on admin screens for Dashboard, Themes, non-shiny theme install/update.
* Keep the customize-loader functionality available for plugins, for the time being. It may become deprecated.
* Ensure `return` param in customizer links in Themes screen update to reflect `search` updated by `pushState`.
* Persist `return` when reloading Customizer due to theme switch, autosave restoration, or changeset trashing.
* Use `location.replace()` instead of changing `location.href` when trashing.
* Hide theme browser while Themes screen is loading when there is a `search` to prevent flash of unfiltered themes.
* Use throttling instead of debouncing when searching themes to ensure that screen is updated immediately on page load.
* Fix encoding and decoding of `search` param between URL and search field.
* Add support for dismissing autosaves when closing customize-loader, when it is used by plugins.
* Skip sending changeset UUID to customize-loader for population in browser location if changeset branching is not enabled.
See #28536.
Fixes#40254.
Built from https://develop.svn.wordpress.org/trunk@41797
git-svn-id: http://core.svn.wordpress.org/trunk@41631 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Prevent autoloading an existing draft/future changeset when theme not active.
* Add missing notifications container to Themes panel.
* Remove deactivation of themes panel when selected status is not publish.
* Show notification in Themes panel when themes cannot be previewed and disable preview buttons.
* Reject installTheme call when theme preview not available.
* Return promise from installTheme and eliminate use of global events in favor of promises.
Props westonruter, melchoyce, zoonini.
See #37661, #39896.
Fixes#42126.
Built from https://develop.svn.wordpress.org/trunk@41788
git-svn-id: http://core.svn.wordpress.org/trunk@41622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Fix keeping text selection and scroll position when there are embeds from URL.
- Add editor setting to disable keeping selection and scroll position.
- Remove dependency on Underscore.js.
- Fix error in the Text widget editor.
Props biskobe.
Fixes#42059, see #40854.
Built from https://develop.svn.wordpress.org/trunk@41783
git-svn-id: http://core.svn.wordpress.org/trunk@41617 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is an effort to provide a speed bump before heading into something potentially destructive and some education for users on better alternatives, even as we make the file editors safer to use. Each user, including existing users, will be shown a one-time dismissible modal warning on their first visit to each of the theme and plugin file editors.
Copy tweaks to come.
props michelleweber, Ipstenu, melchoyce, adamsilverstein, westonruter, toddnestor, aryamaaru, ZaneMatthew, cliffseal, helen.
fixes#31779.
Built from https://develop.svn.wordpress.org/trunk@41774
git-svn-id: http://core.svn.wordpress.org/trunk@41608 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Often, folks run into two issues when they create new menus: they click "Add a Menu" thinking it will add a new page to their menu, or they forget to assign their new menu to a location, and then wonder why it doesn't show up on their site.
This commit rearranges the order of items in the menu panel, and updates the flow for creating a menu by breaking it up into steps. Additionally, more help text has been added to guide people through the process of creating a menu.
Also adds default `type` lookups for Panel and Section instances. See #30741.
Props bpayton, obenland, westonruter, celloexpessions, afercia, melchoyce, zoonini, michelleweber.
Fixes#40104.
Built from https://develop.svn.wordpress.org/trunk@41768
git-svn-id: http://core.svn.wordpress.org/trunk@41602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds an "include_slug" orderby value for REST API collections to permit returning a collection filtered by slugs in the same order in which those slugs are specified.
Previously, the order of slugs provided with the ?slug query parameter had no effect on the order of the returned records.
Props wonderboymusic, ocean90, boonebgorges.
Fixes#40826.
Built from https://develop.svn.wordpress.org/trunk@41760
git-svn-id: http://core.svn.wordpress.org/trunk@41594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Enables register_setting to accept an object as its schema value, allowing settings to accept non-scalar values through the REST API.
This whitelists the added type in the settings controller, and passes properties from argument registration into the validation functions.
Props joehoyle.
See #38583.
Built from https://develop.svn.wordpress.org/trunk@41758
git-svn-id: http://core.svn.wordpress.org/trunk@41592 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Remove plugins icons from the plugin list table, as there were performance issues loading the icons when the site had lots of plugins.
- Depending on which icons the plugin has uploaded, prefer them in this order: `svg`, `128x128`, `256x256`.
- Improve the style of the fallback icon for plugins that don't have an icon defined.
Props Travel_girl, danieltj, afercia, karmatosed,hugobaeta, empireoflight, brentjett, melchoyce, pento.
Fixes#30186.
Built from https://develop.svn.wordpress.org/trunk@41755
git-svn-id: http://core.svn.wordpress.org/trunk@41589 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Allow passing settings in keyed object (e.g. `settings: { default: 'id' } ), or as an array (e.g. `settings: [ 'id' ]`) with first being default; again, `Setting`/`Value` objects may be supplied instead of IDs.
* Allow a single setting to be supplied with just a single `setting` param, either a string or a `Setting`/`Value` object.
* Update `changeset_status` and `scheduled_changeset_date` to be added dynamically with JS and simply passing of `api.state()` instances as `setting`.
* Introduce a `data-customize-setting-key-link` attribute which, unlike `data-customize-setting-link`, allows passing the setting key (e.g. `default`) as opposed to the setting ID.
* Allow `WP_Customize_Control::get_link()` to return `data-customize-setting-key-link` when setting is not registered.
* Eliminate `default_value` from `WP_Customize_Date_Time_Control` since now comes from supplied `Value`.
* Export status choices as `wp.customize.settings.changeset.statusChoices`.
* Export date and time formats as `wp.customize.settings.dateFormat` and `wp.customize.settings.timeFormat` respectively.
Props westonruter, sayedwp.
See #39896, #30738, #30741, #42083.
Fixes#37964, #36167.
Built from https://develop.svn.wordpress.org/trunk@41750
git-svn-id: http://core.svn.wordpress.org/trunk@41584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When able to be parsed, store the created date for a video file from meta,
since this is useful separately from the dates on the file itself.
Introduces `wp_get_media_creation_timestamp()` to read the timestamp from
getID3 and a `wp_read_video_metadata` filter analogous to
`wp_read_image_metadata`.
Fixes#35218.
Props stevegrunwell, joemcgill, desrosj, blobfolio, mikeschroder.
Built from https://develop.svn.wordpress.org/trunk@41746
git-svn-id: http://core.svn.wordpress.org/trunk@41580 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allows REST API consumers to specify the specific fields needed in their application code, whitelisting those fields and omitting all others from the returned JSON response object.
This permits applications that only need for example the ID and title of posts to avoid having to transfer the entire rendered post content over the wire alongside the desired fields.
While this whitelisting has no affect on the queries run when preparing the response, it can yield significant reductions in the bandwidth required to transfer a response payload for simple applications.
Props adamsilverstein, TimothyBlynJacobs, svrooij.
Fixes#38131.
Built from https://develop.svn.wordpress.org/trunk@41744
git-svn-id: http://core.svn.wordpress.org/trunk@41578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This sets a referrer policy of `same-origin` which adds hardening by preventing a referrer being sent from the admin area or login screens to other origins. This helps prevent unwanted exposure of potentially sensitive information that may be contained within URLs.
This change introduces a new filter, `admin_referrer_policy`, for filtering the referrer policy header value. The header can be disabled if necessary by removing the `wp_admin_headers` action from the `admin_init` and `login_init` hooks.
Props joostdevalk
Fixes#42036
Built from https://develop.svn.wordpress.org/trunk@41741
git-svn-id: http://core.svn.wordpress.org/trunk@41575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`get_sites()` queries for a maximum of 100 records by default. In `domain_exists()`, we only use one.
A previous commit, [41736], has this same commit message but applies to `get_blog_id_from_url()` and #42073 instead.
Props danieltj, spacedmonkey.
Fixes#42072.
Built from https://develop.svn.wordpress.org/trunk@41738
git-svn-id: http://core.svn.wordpress.org/trunk@41572 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes an issue where submitting a well-formed request to create a term inappropriately returns a 500 error status if that term already exists.
HTTP 5xx error codes should be reserved for unexpected server errors, so "409 Conflict" is a more appropriate response.
Props alibasheer, guzzilar, shooper.
Fixes#41370.
Built from https://develop.svn.wordpress.org/trunk@41737
git-svn-id: http://core.svn.wordpress.org/trunk@41571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds `Custom_Image_Header::get_previous_crop()`, which finds any
previously cropped headers created from the same base image and replaces
that attachment rather than creating a new attachment.
After updating a crop, the replaced images is also removed from the list
of previous header images in the Customizer.
See #21819.
Built from https://develop.svn.wordpress.org/trunk@41732
git-svn-id: http://core.svn.wordpress.org/trunk@41566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Move the `create_function()` code into a file that's only loaded, and into a test that's only run, on PHP <= 7.2 to avoid deprecated warnings in 7.2+.
* Convert the test skipping into a failure if the GlotPress locale file cannot be downloaded.
* Ensure `test_exceptions` fails if an exception is not thrown.
* Docs improvements
See #41562, #40109
Built from https://develop.svn.wordpress.org/trunk@41730
git-svn-id: http://core.svn.wordpress.org/trunk@41564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When registering routes developers can now define their complex objects in the schema and benefit from the automatic validation and sanitization in the REST API. This also paves the way for support for complex object registration via register_meta and register_setting.
See #38583.
Props TimothyBlynJacobs5.
Built from https://develop.svn.wordpress.org/trunk@41727
git-svn-id: http://core.svn.wordpress.org/trunk@41561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Eliminate need to pass both ID and instance in calls to `Values#add()` for panels, sections, controls, settings, partials, and notifications.
* Eliminate need to supply `content` param when constructing a `Control`.
* Unwrap the `options.params` object passed in constructors to just pass a flat `options`. (Back-compat is maintained.)
* Add support for `templateId` param for `Control` to override which template is used for the content.
* Remove unused `previewer` being supplied in `Control` instances.
* Rename `classes` to `containerClasses` on `Notification`.
* Automatically supply `instanceNumber` to improve stable sorting.
* Use `api.Notifications` for notifications in settings instead of `api.Value`.
See #30741.
Fixes#42083.
Built from https://develop.svn.wordpress.org/trunk@41726
git-svn-id: http://core.svn.wordpress.org/trunk@41560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`test_cache` used PHPUnit's object mocking to test some internal behaviour in `Plural_Forms`, but made use of the `willReturn()` method, which was introduced in PHPUnit 4.0 as shorthand for `will($this->returnValue())`. Fixed by switching to the longer form.
Several tests used the `@expectedException` directive to catch generic `Exception` exceptions, which was added in PHPUnit 3.7. Fixed by changing to an explicit `try` / `catch` test.
See #41562.
Built from https://develop.svn.wordpress.org/trunk@41725
git-svn-id: http://core.svn.wordpress.org/trunk@41559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Historically, we've evaluated the plural forms for each language using `create_function()`. This is being deprecated in PHP 7.2, so needs to be replaced.
The `Plural_Forms` class parses the `Plural-Forms` header from the PO file, and internally caches the result of all subsequent plural form tests, allowing it to match the performance of the existing code.
Props rmccue.
Fixes#41562.
Built from https://develop.svn.wordpress.org/trunk@41722
git-svn-id: http://core.svn.wordpress.org/trunk@41556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Edits to active plugins which cause PHP fatal errors will no longer auto-deactivate the plugin. Supersedes #39766.
* Introduce sandboxed PHP file edits for active themes, preventing accidental whitescreening of a user's site when introducing a fatal error.
* After writing a change to a PHP file for an active theme or plugin, perform loopback requests on the file editor admin screens and the homepage to check for fatal errors. If a fatal error is encountered, roll back the edited file and display the error to the user to fix and try again.
* Introduce a secure way to scrape PHP fatal errors from a site via `wp_start_scraping_edited_file_errors()` and `wp_finalize_scraping_edited_file_errors()`.
* Moves file modifications from `theme-editor.php` and `plugin-editor.php` to common `wp_edit_theme_plugin_file()` function.
* Refactor themes and plugin editors to submit file changes via Ajax instead of doing full page refreshes when JS is available.
* Use `get` method for theme/plugin dropdowns.
* Improve styling of plugin editors, including width of plugin/theme dropdowns.
* Improve notices API for theme/plugin editor JS component.
* Strip common base directory from plugin file list. See #24048.
* Factor out functions to list editable file types in `wp_get_theme_file_editable_extensions()` and `wp_get_plugin_file_editable_extensions()`.
* Scroll to line in editor that has linting error when attempting to save. See #41886.
* Add checkbox to dismiss lint errors to proceed with saving. See #41887.
* Only style the Update File button as disabled instead of actually disabling it for accessibility reasons.
* Ensure that value from CodeMirror is used instead of `textarea` when CodeMirror is present.
* Add "Are you sure?" check when leaving editor when there are unsaved changes.
Supersedes [41560].
See #39766, #24048, #41886.
Props westonruter, Clorith, melchoyce, johnbillion, jjj, jdgrimes, azaozz.
Fixes#21622, #41887.
Built from https://develop.svn.wordpress.org/trunk@41721
git-svn-id: http://core.svn.wordpress.org/trunk@41555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`get_site_by()` is now the preferred way to retrieve a site object by lookup for identifying data. By using a coherent structure and `get_sites()` internally, it has several advantages over the direct database queries and complex code in `get_blog_details()`. Therefore `get_blog_details()` is now a wrapper for `get_site_by()`, providing backward compatibility fixes where necessary.
Unit tests have been adjusted to account for the `blog-details` and `blog-lookup` cache groups, which are no longer needed.
Props spacedmonkey, jeremyfelt, flixos90.
Fixes#40228.
Built from https://develop.svn.wordpress.org/trunk@41719
git-svn-id: http://core.svn.wordpress.org/trunk@41553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Going forward, `clean_blog_cache()` is recommended to be used instead of `refresh_blog_details()`. It has been adjusted to match the functionality of the latter, with the exception that it always requires a site ID or object to be passed. The `refresh_blog_details` action has been deprecated in favor of the `clean_site_cache` action. The function itself is not formally deprecated at this point, but will likely be in the near future.
Props spacedmonkey.
Fixes#40201.
Built from https://develop.svn.wordpress.org/trunk@41716
git-svn-id: http://core.svn.wordpress.org/trunk@41550 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These tests no longer test anything that WordPress core has control over. YouTube now serves everything
over HTTPS by default, so the tests for #23149 will always pass, and the tests for #32714 aren't testing
anything that core has control over.
Tests for the responses from oEmbed providers has been attempted and reverted in #32360.
See #42076, #32714, #23149
Built from https://develop.svn.wordpress.org/trunk@41712
git-svn-id: http://core.svn.wordpress.org/trunk@41546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- fixes invalid HTML and duplicate IDs
- as per the Accessibility coding standards, all new code must use explicitly associated form labels
- properly escapes a few HTML attributes
Props celloexpressions, afercia.
Fixes#42054.
Built from https://develop.svn.wordpress.org/trunk@41709
git-svn-id: http://core.svn.wordpress.org/trunk@41543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This was previously attempted in [41043], which unfortunately had severe performance issues, the regex it used was fatally slow on long posts.
This version now uses an array of all emoji that Twemoji supports, which maintains the accuracy of [41043], while being the same speed or only a few ms slower than the code prior to [41043].
As with [41043], the `grunt precommit:emoji` task detects when `twemoji.js` has changed, and regenerates the array.
Props jmdodd for feedback, suggestions, and insults where appropriate.
Fixes#35293. 🤞🏻
Built from https://develop.svn.wordpress.org/trunk@41701
git-svn-id: http://core.svn.wordpress.org/trunk@41535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [25548], the `archived` column in `wp_blogs` was changed from `ENUM` to `TINYINT` to match other status fields. When `WP_Site_Query` was written later, it used `%d` as a placeholder when formatting the archived status.
It is possible that this query will fail for any installations that did not update the schema for `wp_blogs` as only single quoted values are accepted for the `ENUM` type. In this case, `'0'` or `'1'` rather than `0` or `1`.
We can work around this and support both `ENUM` and `TINYINT` in the query by using the `%s` placeholder and casting the value with `absint()`.
Props stephdau.
Fixes#38856. See #27832.
Built from https://develop.svn.wordpress.org/trunk@41700
git-svn-id: http://core.svn.wordpress.org/trunk@41534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
To mirror theme list table behaviour, the plugin icon now appears next to plugins in the plugin list tables. For plugins that don't have an icon, or non-W.org plugins, a fallback dashicon is shown.
Props melchoyce, afercia, paulwilde, pento, obenland.
Fixes#30186.
Built from https://develop.svn.wordpress.org/trunk@41695
git-svn-id: http://core.svn.wordpress.org/trunk@41529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows users who are using the admin area in a language other than the site language to read the notice on the login screen
(which explains that they need to log in again) in their chosen language.
Props Nikschavan, swissspidy
Fixes#40205
Built from https://develop.svn.wordpress.org/trunk@41692
git-svn-id: http://core.svn.wordpress.org/trunk@41526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `aria-current` attribute is a simple, effective way to help assistive
technologies users orientate themselves within a list of items. Continues the
introduction in core of the `aria-current` attribute after [41359] and [41371].
Props joedolson, flixos90, afercia.
Fixes#32399.
Built from https://develop.svn.wordpress.org/trunk@41683
git-svn-id: http://core.svn.wordpress.org/trunk@41517 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Add/fix `getMeta`, `getMetas`, `setMeta` and `setMetas` helpers for models that support meta.
* Add tests for new helpers, verify meta support for `Posts`, `Comments`, `Tags` and `Users`.
* Include meta data in fixture generation and fixture file driving tests.
Fixes#41055.
Built from https://develop.svn.wordpress.org/trunk@41678
git-svn-id: http://core.svn.wordpress.org/trunk@41512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Let date `legend` be screen reader text when time is not included.
* Skip rendering containers for label (title) and description when not supplied in registered control.
* Fix margins and padding.
Amends [41670].
Props westonruter, afercia, sayedwp.
Fixes#42022.
Built from https://develop.svn.wordpress.org/trunk@41672
git-svn-id: http://core.svn.wordpress.org/trunk@41506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Allow time fields to be omitted by constructing with `timeIncluded` as `false`.
* Ensure `reportValidity` is only called on a control when it is in an expanded section.
* Rename "ampm" to "meridian".
* Improve accessibility and fix HTML validation and style issues for both the date/time control and the preview link control.
* Fix styling of dropdowns and clean CSS.
* Improve accessibility of nav menus component.
Props westonruter, afercia, sayedwp, melchoyce.
Amends [41626].
See #39896.
Fixes#42022.
Built from https://develop.svn.wordpress.org/trunk@41670
git-svn-id: http://core.svn.wordpress.org/trunk@41504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Moves the repeated code in the emoji browser support test to a function to reduced the potential for errors and follow DRY principles.
Renames the "emoji4" test "emoji" as unicode version specific tests were removed in [38869].
Props peterwilsoncc, pento for code review.
Fixes#41156.
Built from https://develop.svn.wordpress.org/trunk@41669
git-svn-id: http://core.svn.wordpress.org/trunk@41503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`is_user_option_local()` was added during MU development and used for a handful of changesets before the code using it was removed again. It has not been used by MU or core since nor is it widely used elsewhere.
Fixes#41697.
Props bnap00, jeremyfelt.
Built from https://develop.svn.wordpress.org/trunk@41668
git-svn-id: http://core.svn.wordpress.org/trunk@41502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Introduce a new `wp.customize.previewer.trash()` JS API to trash the current changeset, along with logic to `WP_Customize_Manager` to handle deleting changeset drafts.
* Add `trashing` to `wp.customize.state` which is then used to update the UI.
* UI for trashing is pending design feedback. One possibility is to add a new trash button to Publish Settings section that invokes `wp.customize.previewer.trash()`.
* Improve logic for managing the visibility and disabled states for publish buttons.
* Prevent attempting `requestChangesetUpdate` while processing and bump processing while doing `save`.
* Update `changeset_date` state only if sent in save response.
* Merge `ThemesSection#loadThemePreview()` into `ThemesPanel#loadThemePreview()`.
* Remove unused `autosaved` state.
* Start autosaving and prompting at beforeunload after a change first happens. This is key for theme previews since even if a user did not make any changes, there were still dirty settings which would get stored in an auto-draft unexpectedly.
* Allow `Notification` to accept additional `classes` to be added to `container`.
* Introduce `OverlayNotification` and use for theme installing, previewing, and trashing. Such overlay notifications take over the entire window.
Props westonruter, celloexpressions.
See #37661, #39896, #21666, #35210.
Built from https://develop.svn.wordpress.org/trunk@41667
git-svn-id: http://core.svn.wordpress.org/trunk@41501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wpdb::prepare()` currently gives no information if the number of arguments passed doesn't match the number of placeholders in the query. This change gives an explicit notice that the call was incorrect.
Also fixes an enrelated term meta test that was triggering this new notice.
Props thekt12 for the initial patch.
Fixes#42040.
Built from https://develop.svn.wordpress.org/trunk@41662
git-svn-id: http://core.svn.wordpress.org/trunk@41496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`get_current_blog_id()` is more appropriate for determining the ID of the current site in most cases. This eliminates the need for the global `$wpdb` in several functions and is better than the implicit global used in admin pages.
Props bnap00, spacedmonkey.
Fixes#41684.
Built from https://develop.svn.wordpress.org/trunk@41661
git-svn-id: http://core.svn.wordpress.org/trunk@41495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- sets the modal content to `role="document"` to make screen readers switch back to browse mode
- standardizes the Themes screen and Customizer modals interaction
- Themes screen modal: sets initial focus on the modal overlay instead of the primary button, avoiding to "skip" content for keyboard and screen reader users
Fixes#42055.
Built from https://develop.svn.wordpress.org/trunk@41658
git-svn-id: http://core.svn.wordpress.org/trunk@41492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update the way and location the JavaScript client determines which models/endpoints require the `force=true` parameter when being deleted to avoid a `rest_trash_not_supported` error. Identify models with endpoints that support DELETE, excluding those that support the trash (posts and pages by default). Also, move the check into the default `wp.api.WPApiBaseModel.initialize()` function.
Props caercam, euthelup.
Fixes#40672.
Built from https://develop.svn.wordpress.org/trunk@41657
git-svn-id: http://core.svn.wordpress.org/trunk@41491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this change, when passing another site than the current one to `wp_get_users_with_no_role()` through its `$site_id` parameter, the function still used the roles available on the current site, which would cause users with other roles that possibly exist on the other site to show up as users without a role. Switching the site before retrieving the available rules fixes the issue.
Fixes#42015.
Built from https://develop.svn.wordpress.org/trunk@41654
git-svn-id: http://core.svn.wordpress.org/trunk@41488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `time` strategy in `count_users()` queries users by role. However, the roles queried for were not affected by passing another site than the current one through the `$site_id` parameter, causing users having roles that were not queried for to appear as users without a role. This changeset fixes the issue by switching the site before retrieving the roles to query for.
Fixes#42014.
Built from https://develop.svn.wordpress.org/trunk@41653
git-svn-id: http://core.svn.wordpress.org/trunk@41487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Deactivate the Themes panel immediately after changing selected status to non-publish.
* Animate publish settings button into view with publish button when collapsing Themes panel.
* Deactivate publish settings section and hide publish settings button entirely when customizer state is clean.
* Harden access of Themes panel in case it was removed by plugin.
* Fix throttling of `renderScreenshots` calls in `ThemesSection`.
Amends [41648], [41626].
See #37661, #39896, #34843.
Built from https://develop.svn.wordpress.org/trunk@41649
git-svn-id: http://core.svn.wordpress.org/trunk@41483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Unify the theme-browsing and theme-customization experiences by introducing a comprehensive theme browser and installer directly accessible in the customizer. Replaces the customizer theme switcher with a full-screen panel for discovering/browsing and installing themes available on WordPress.org. Themes can now be installed and previewed directly in the customizer without entering the wp-admin context. Also includes an extensible framework for browsing and installing themes from other sources.
Also includes CSS auto-prefixing added via `grunt precommit:css`.
For details, see: https://make.wordpress.org/core/2016/10/03/feature-proposal-a-new-experience-for-discovering-installing-and-previewing-themes-in-the-customizer/
Previously [38813] but reverted in [39140].
Fixes#37661, #34843, #38666.
Props celloexpressions, folletto, westonruter, karmatosed, melchoyce, afercia.
Built from https://develop.svn.wordpress.org/trunk@41648
git-svn-id: http://core.svn.wordpress.org/trunk@41482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When switching between post editor modes, the current cursor position and selection is now preserved. This allows authors to switch modes without losing the context of where they were in the document.
Props biskobe.
Fixes#41962.
Built from https://develop.svn.wordpress.org/trunk@41630
git-svn-id: http://core.svn.wordpress.org/trunk@41465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`pre_cache_alloptions` is run before the alloptions array is inserted into the cache, and is valuable for sanity checking the options, particularly if your caching scheme has size limitations.
`alloptions` is run before returning the alloptions array, and is useful for when you have extra information that alloptions should return.
Props sebastian.pisula, keesiemeijer.
Fixes#33958.
Built from https://develop.svn.wordpress.org/trunk@41627
git-svn-id: http://core.svn.wordpress.org/trunk@41462 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Incorporates code from the Customize Snapshots and Customize Posts feature plugins.
* Adds a new Publish Settings section for managing the changeset status, scheduled date, and frontend preview link.
* Updates Publish button to reflect the status selected in the Publish Settings (including Save Draft and Schedule).
* Deactivates the Themes section when a non-publish status selected, and deactivates the Publish Settings section when previewing a theme switch.
* Introduces an `outer` section type (`wp.customize.OuterSection` in JS) for the Publish Settings section to use and for available widgets and available nav menu panels to use in the future. These sections can be expanded while other sections are expanded.
* Introduces `WP_Customize_Date_Time_Control` in PHP and `wp.customize.DateTimeControl` in JS for managing a date/time value.
* Keeps track of scheduled time and proactively publish from the client when the time arrives, as opposed to waiting for WP Cron.
* Auto-publishes a scheduled changeset when attempting to access one that missed its schedule.
* Starts a new changeset if attempting to save a changeset that was previously publish.
* Adds `force` arg to `requestChangesetUpdate()` to force an update request even when there are no pending changes.
* Adds utils methods for `getCurrentTimestamp` and `getRemainingTime`.
* Adds new state values for `selectedChangesetStatus`, `changesetDate`, `selectedChangesetDate`.
* Fixes logic for when to short-circuit check to close Customizer when there are unsaved changes.
* Adds getter methods for `autosaved` and `branching` parameters, with the latter applying the `customize_changeset_branching` filter.
* Call to `establish_loaded_changeset` on the fly when `changeset_uuid()` is called if no changeset UUID was specififed.
* De-duplicates logic for dismissing auto-draft changesets.
* Includes unit tests.
Builds on [41597].
Props sayedwp, westonruter, melchoyce, JoshuaWold, folletto, stubgo, karmatosed, dlh, paaljoachim, afercia, johnregan3, utkarshpatel, valendesigns.
See #30937.
Fixes#39896, #28721, #39275.
Built from https://develop.svn.wordpress.org/trunk@41626
git-svn-id: http://core.svn.wordpress.org/trunk@41461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Switching the available roles and the current user's capabilities no longer happens in `switch_to_blog()` and `restore_current_blog()`, instead it has been moved to a new function `wp_switch_roles_and_user()` which is hooked into the site switching process. This allows to improve performance by temporarily unhooking the function when roles and capabilities do not need to be switched.
This change ensures that switching available roles now works closer to switching user capabilities, particularly the changes in [41624]. A new `WP_Roles::for_site( $site_id )` method has been introduced, and the `WP_Roles::_init()` method has been deprecated. It is furthermore possible to retrieve the site ID for which the available roles are currently initialized through a new `WP_Roles::get_site_id()`.
Props johnjamesjacoby, flixos90.
Fixes#38645.
Built from https://develop.svn.wordpress.org/trunk@41625
git-svn-id: http://core.svn.wordpress.org/trunk@41460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While it has always been possible to initialize a user's roles and capabilities for another site than the current one in a multisite, the actual roles available were not switched prior to this change, possibly causing invalid roles to show up or actually valid capabilities not being available.
In order to fix this bug in a clean way, relevant parts of the `WP_User` class have been refactored. The ID of the site for which capabilities are currently initialized are now stored in a private property `WP_User::$site_id`. The `WP_User::for_blog( $blog_id )` and `WP_User::_init_caps( $cap_key )` methods have been deprecated in favor of `WP_User::for_site( $site_id )`. In addition, a new method `WP_User::get_site_id()` has been introduced to retrieve the site ID for which the user's capabilities are currently initialized.
Props ryanduff, jeremyfelt, flixos90.
Fixes#36961.
Built from https://develop.svn.wordpress.org/trunk@41624
git-svn-id: http://core.svn.wordpress.org/trunk@41459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Given the new WordPress browsers support policy, the `screen-reader-text` css
class used in the admin can be updated to use modern CSS and correct syntax. See
https://github.com/wpaccessibility/a11ythemepatterns/blob/master/read-more-links/style.css
Worth noting the `clip` property is deprecated and kept for IE11 and Edge.
- uses `clip-path` for modern browsers
- keeps `clip` for old browsers and update its value to a correct syntax
- resets `clip-path` to `none` where the class is used to dynamically reveal elements
- removes an old rule that made `screen-reader-text` completely invisible in the help tabs `#screen-meta`
- standardizes the rule across CSS files
Fixes#40970.
Built from https://develop.svn.wordpress.org/trunk@41622
git-svn-id: http://core.svn.wordpress.org/trunk@41457 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- uses button elements for the toggles
- uses `aria-expanded` on the toggles to communicate to assistive technologies the panels expanded/collapsed state
- adds the "circular focus" style to the toggles to give users a clear indication of the currently focused element
- standardizes CSS class names to `.toggle-indicator` and `.handlediv` as these names are already used across the admin for similar controls
Props monikarao, xavortm, mihai2u, Kopepasah.
Fixes#37013.
Built from https://develop.svn.wordpress.org/trunk@41621
git-svn-id: http://core.svn.wordpress.org/trunk@41456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Calling the `count_users()` function is expensive, regardless of the counting strategy that's used, and it gets
slower the more users there are on a site. In order to speed up the Users screen in the admin area, calling
`count_users()` can be avoided entirely while still displaying the total count for users.
This introduces some new functions:
* `wp_is_large_user_count()`
* `wp_get_active_user_count()`
* `wp_update_active_user_count()`
A corresponding `wp_is_large_user_count` filter is also introduced.
Props tharsheblows, johnbillion
Fixes#38741
Built from https://develop.svn.wordpress.org/trunk@41613
git-svn-id: http://core.svn.wordpress.org/trunk@41448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Autosaved changes made on top of `auto-draft` changesets get written on top of the `auto-draft` itself, similar to how autosaves for posts will overwrite post drafts.
* Autosaved changes made to saved changesets (e.g. `draft`, `future`) will be placed into an autosave revision for that changeset and that user.
* Opening the Customizer will now prompt the user to restore their most recent auto-draft changeset; if notification is dismissed or ignored then the auto-draft will be marked as dismissed and will not be prompted to user in a notification again.
* Customizer will no longer automatically supply the `changeset_uuid` param in the `customize.php` URL when branching changesets are not active.
* If user closes Customizer explicitly via clicking on X link, then autosave auto-draft/autosave will be dismissed so as to not be prompted again.
* If there is a changeset already saved as a `draft` or `future` (UI is forthcoming) then this changeset will now be autoloaded for the user to keep making additional changes. This is the linear model for changesets.
* To restore the previous behavior of the Customizer where each session started a new changeset, regardless of whether or not there was an existing changeset saved, there is now a `customize_changeset_branching` hook which can be filtered to return `true`.
* `wp.customize.requestChangesetUpdate()` now supports a second with options including `autosave`, `title`, and `date`.
* The window `blur` event for `customize.php` has been replaced with a `visibilitychange` event to reduce autosave requests when clicking into preview window.
* Adds `autosaved` and `branching` args to `WP_Customize_Manager`.
* The `changeset_uuid` param for `WP_Customize_Manager` is extended to recognize a `false` value which causes the Customizer to defer identifying the UUID until `after_setup_theme` in the new `WP_Customize_Manager::establish_loaded_changeset()` method.
* A new `customize_autosaved` query parameter can now be supplied which is passed into the `autosaved` arg in `WP_Customize_Manager`; this option is an opt-in to source data from the autosave revision, allowing a user to restore autosaved changes.
Props westonruter, dlh, sayedwp, JoshuaWold, melchoyce.
See #39896.
Built from https://develop.svn.wordpress.org/trunk@41597
git-svn-id: http://core.svn.wordpress.org/trunk@41430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Galleries are managed in the widget in the same way they are managed in the post editor, both using the media manager.
* Gallery widget is merged from the Core Media Widgets v0.2.0 feature plugin and it extends `WP_Widget_Media` in the same way as is done for image, audio, and video widgets.
* Model syncing logic is updated to support booleans and arrays (of integers).
* Placeholder areas in media widgets are now clickable shortcuts for selecting media.
* Image widget placeholder is updated to match gallery widget where clicking preview is shortcut for editing media.
Props westonruter, joemcgill, timmydcrawford, m1tk00, obenland, melchoyce.
See #32417.
Fixes#41914.
Built from https://develop.svn.wordpress.org/trunk@41590
git-svn-id: http://core.svn.wordpress.org/trunk@41423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- properly labels all the code editor areas (Theme/Plugin, Custom HTML widget, Additional CSS), whether CodeMirror is enabled or disabled
- adds `role="textbox"` and `aria-multiline="true"` to the CodeMirror editing area to allow assistive technologies properly identify it as a textarea
- standardizes the "keyboard trap" help text across the admin and keeps it as a list for better readability
- use the Help text elements as target for `aria-describedby`, to make screen readers read out the help text when focusing the editors
- fixes the `aria-expanded` attribute usage in the Customizer "Additional CSS" help toggle
- moves focus to the CodeMirror editing area when clicking on the associated label
- in the Plugin editor screen: changes a `<big>` element to `<h2>` for better semantics and consistency with the Theme editor screen
- also, removes a few textdomain leftovers, see `better-code-editing` and `default`
Props westonruter, melchoyce, afercia.
Fixes#41872.
Built from https://develop.svn.wordpress.org/trunk@41586
git-svn-id: http://core.svn.wordpress.org/trunk@41419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Invalidate PHP opcache after file is updated to ensure `include` will ''include'' the written changes.
* Define `WP_ADMIN` when activating plugin in sandbox so plugin code targeting admin will be loaded.
* Do actions that get triggered when loading the admin to ensure plugin code runs that could cause errors on plugin editor screen (and lock out access).
* Fix ability to re-activate a plugin after editing a PHP file other than the main plugin file, and ensure PHP fatal error will be displayed in such cases.
* Consolidate duplicated code into `plugin_sandbox_scrape()` and re-use in `activate_plugin()`.
* Show an error notice instead of a success notice when a file is updated but a plugin was deactivated due to a fatal error.
* Update style of warning when editing an active plugin to be styled as an actual warning notice.
See #12423, #21622.
Fixes#39766.
Built from https://develop.svn.wordpress.org/trunk@41560
git-svn-id: http://core.svn.wordpress.org/trunk@41393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Adds `WP_Customize_Code_Editor_Control` and `wp.customize.CodeEditorControl()`.
* Control respects user preference for syntax highlighting, showing a textarea when user opts out.
* Code editor control takes the ad hoc code for Additional CSS and makes it reusable and extensible, for Additional CSS in core and plugins to use (such as Jetpack).
* Replace `settings` arg in `wp_enqueue_code_editor()` with separate args for `codemirror`, `csslint`, `jshint`, and `htmlhint`.
* Prefix `codemirror` script and style handles with `wp-` to prevent collisions, as also the object is exported as `wp.CodeMirror` in JS.
* Reduce indent size in Customizer code editor instances and Custom HTML widget to use tab size of 2 instead of 4 to save on space.
See #12423, #38707, #35395.
Fixes#41897.
Built from https://develop.svn.wordpress.org/trunk@41558
git-svn-id: http://core.svn.wordpress.org/trunk@41391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Builds on efforts brought forward in #17979.
This will send sidebars through three levels of mapping:
1. If both themes have only one sidebar, that gets mapped.
2. If both themes have sidebars with the same slug, they get mapped.
3. Sidebars that (even partially) match slugs from a similar kind of sidebar will get mapped.
Finally, if the theme has previously been active and we have a record of its
sidebar configuration then, any unmapped sidebar will be restored to its
previous state.
Props westonruter, obenland, alexvorn2, timmydcrawford.
See #39693.
Built from https://develop.svn.wordpress.org/trunk@41555
git-svn-id: http://core.svn.wordpress.org/trunk@41388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Keep the nonce used for cookie based authentication fresh by pulling in and using any new nonce supplied in the response headers.
* Enable passing nonce to init so each api/endpoint can use a unique nonce.
* Store nonce for endpoint on endpointModel.
* New model helper `nonce()` retrieves a model's routeModel nonce.
* When a response header contains a nonce that doesn't match the stored nonce, replace it.
Fixes#40422.
Built from https://develop.svn.wordpress.org/trunk@41553
git-svn-id: http://core.svn.wordpress.org/trunk@41386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Adds a `notifications` property to instances of `wp.customize.Panel` and `wp.customize.Section`.
* Adds a `setupNotifications()` method to `Panel`, `Section`, and `Control`.
* Adds a `getNotificationsContainerElement()` method to the `Panel` and `Section` classes, like `Control` has.
* Replace hard-coded notification in header media section with a notification.
* Limit rendering notifications to panels and sections that are expanded, and to controls that have an expanded section.
See #34893, #35210, #38778.
Fixes#38794.
Built from https://develop.svn.wordpress.org/trunk@41390
git-svn-id: http://core.svn.wordpress.org/trunk@41223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Show global error notiafication when saving is blocked due to client-side setting invalidity.
* Refactor `wp.customize.Notifications#render()` to ensure a notification re-renders if its `message` or data changes but its `code` does not.
Props MatheusGimenez, sixhours, westonruter, karmatosed, aocean90, zoonini, michelleweber, melchoyce.
See #35210.
Fixes#21492.
Built from https://develop.svn.wordpress.org/trunk@41389
git-svn-id: http://core.svn.wordpress.org/trunk@41222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensures that a control's `Element` is updated in response to pasting into the field. Also fixes issue where inputs using "new" HTML5 types (like `url` and `number`) were not updating in the preview during keystrokes. The use of `input` was previously blocked due to needing to support IE9, but this is no longer a concern since IE<11 is no longer supported.
See #38845, #28477.
Fixes#35832.
Built from https://develop.svn.wordpress.org/trunk@41387
git-svn-id: http://core.svn.wordpress.org/trunk@41220 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This function can be used to easily get the main site ID of a given network via the optional `$network_id` parameter, which defaults to the current network. The existing `is_main_site()` now uses the new function internally and now accepts an optional `$network_id` parameter as well.
The main purpose of the new function at this point is to ensure that the `WP_Network::$blog_id` property is always set. Magic getters in the class have been adjusted to auto-fill the property when it is accessed and empty. Furthermore the function encapsulates logic that was previously part of `ms_load_current_site_and_network()` and has been replaced with a call to the function now.
Props spacedmonkey, jeremyfelt, johnjamesjacoby, flixos90.
Fixes#29684.
Built from https://develop.svn.wordpress.org/trunk@41380
git-svn-id: http://core.svn.wordpress.org/trunk@41213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Generally, duplicate terms returned by a term query are eliminated in PHP,
after the database query takes place. This technique doesn't work properly
when the query parameters specify the `number` of results, since the results
of a `SELECT ... LIMIT x...` query may be deduplicated to a count less than
`x`. In these cases, we force the original query to be `DISTINCT`.
Props elvishp2006.
Fixes#41796.
Built from https://develop.svn.wordpress.org/trunk@41377
git-svn-id: http://core.svn.wordpress.org/trunk@41210 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Code editor is integrated into the Theme/Plugin Editor, Additional CSS in Customizer, and Custom HTML widget. Code editor is not yet integrated into the post editor, and it may not be until accessibility concerns are addressed.
* The CodeMirror component in the Custom HTML widget is integrated in a similar way to TinyMCE being integrated into the Text widget, adopting the same approach for integrating dynamic JavaScript-initialized fields.
* Linting is performed for JS, CSS, HTML, and JSON via JSHint, CSSLint, HTMLHint, and JSONLint respectively. Linting is not yet supported for PHP.
* When user lacks `unfiltered_html` the capability, the Custom HTML widget will report any Kses-invalid elements and attributes as errors via a custom Kses rule for HTMLHint.
* When linting errors are detected, the user will be prevented from saving the code until the errors are fixed, reducing instances of broken websites.
* The placeholder value is removed from Custom CSS in favor of a fleshed-out section description which now auto-expands when the CSS field is empty. See #39892.
* The CodeMirror library is included as `wp.CodeMirror` to prevent conflicts with any existing `CodeMirror` global.
* An `wp.codeEditor.initialize()` API in JS is provided to convert a `textarea` into CodeMirror, with a `wp_enqueue_code_editor()` function in PHP to manage enqueueing the assets and settings needed to edit a given type of code.
* A user preference is added to manage whether or not "syntax highlighting" is enabled. The feature is opt-out, being enabled by default.
* Allowed file extensions in the theme and plugin editors have been updated to include formats which CodeMirror has modes for: `conf`, `css`, `diff`, `patch`, `html`, `htm`, `http`, `js`, `json`, `jsx`, `less`, `md`, `php`, `phtml`, `php3`, `php4`, `php5`, `php7`, `phps`, `scss`, `sass`, `sh`, `bash`, `sql`, `svg`, `xml`, `yml`, `yaml`, `txt`.
Props westonruter, georgestephanis, obenland, melchoyce, pixolin, mizejewski, michelleweber, afercia, grahamarmfield, samikeijonen, rianrietveld, iseulde.
See #38707.
Fixes#12423, #39892.
Built from https://develop.svn.wordpress.org/trunk@41376
git-svn-id: http://core.svn.wordpress.org/trunk@41209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Displays an error notification in the global area when a save attempt is rejected due to invalid settings. An error notification is also displayed when saving fails due to a network error or server error.
* Introduces `wp.customize.Notifications` subclass of `wp.customize.Values` to contain instances of `wp.customize.Notification` and manage their rendering into a container.
* Exposes the global notification area as `wp.customize.notifications` collection instance.
* Updates the `notifications` object on `Control` to use `Notifications` rather than `Values` and to re-use the rendering logic from the former. The old `Control#renderNotifications` method is deprecated.
* Allows notifications to be dismissed by instantiating them with a `dismissible` property.
* Allows `wp.customize.Notification` to be extended with custom templates and `render` functions.
* Triggers a `removed` event on `wp.customize.Values` instances _after_ a value has been removed from the collection.
Props delawski, westonruter, karmatosed, celloexpressions, Fab1en, melchoyce, Kelderic, afercia, adamsilverstein.
See #34893, #39896.
Fixes#35210, #31582, #37727, #37269.
Built from https://develop.svn.wordpress.org/trunk@41374
git-svn-id: http://core.svn.wordpress.org/trunk@41207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Used now in core to facilitate displaying inserted media. See #40854.
* The `[embed]` shortcode is not supported because there is no post context for caching oEmbed responses. This depends on #34115.
* Add `do_shortcode()` to the `widget_text_content` filter in the same way it is added for `the_content` at priority 11, with `shortcode_unautop()` called at priority 10 after `wpautop()`.
* For Text widget in legacy mode, manually apply `do_shortcode()` (and `shortcode_unautop()` if auto-paragraph checked) if the core-added `widget_text_content` filter remains, unless a plugin added `do_shortcode()` to `widget_text` to prevent applying shortcodes twice.
* Ensure that global `$post` is `null` while filters apply in the Text widget so shortcode handlers won't run with unexpected contexts.
Props westonruter, nacin, aaroncampbell.
See #40854, #34115.
Fixes#10457.
Built from https://develop.svn.wordpress.org/trunk@41361
git-svn-id: http://core.svn.wordpress.org/trunk@41194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `aria-current` attribute is a simple, effective way to communicate to assistive
technologies which the current item within a set of items is. While the admin menu
structure isn't 100% ideal (the top-level item is repeated also as a sub-item)
adding `aria-current="page"` to the sub-items gives an important feedback to
assistive technologies users.
This change introduces `aria-current` for the first time in core. Worth noting
there are other places where it can be used to improve accessibility. These should
be addressed in separate tickets and patches.
Fixes#41589.
Built from https://develop.svn.wordpress.org/trunk@41359
git-svn-id: http://core.svn.wordpress.org/trunk@41192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Plugin details modal custom implementation in the Plugins page conflicts with
other Thickbox instances added by plugins. Thickbox shows its age and has been
modified over time to suit core needs. However, WordPress should do its best to
not create conflicts with the native Thickbox styles and functionalities. Plugin
authors should be able to use `add_thickbox()` in any admin page as documented,
without having to worry about potential errors.
- fixes a JavaScript error when closing a native Thickbox modal in the Plugins page
- avoids to override the native Thickbox modal styles
- uses a CSS class to target the Plugin details modal and remove a pile of overqualified CSS selectors
Fixes#41417.
Built from https://develop.svn.wordpress.org/trunk@41356
git-svn-id: http://core.svn.wordpress.org/trunk@41189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Mark a widget as dirty when a field input triggers a `change` or `input` event; clear dirty state when widget is successfully saved.
* Disable Save button and re-label "Saved" when widget not dirty.
* Show AYS dialog when leaving widgets admin screen with unsaved changes.
* When widgets are dirty, expand all unsaved widgets at AYS check and focus on first one.
* Change "Close" link to "Done"; hide link when widget is dirty and reveal when saved.
* The "Done" link persistently appears in the Customizer even after making a change (when the widget is dirty) because changes are autosaved into the changeset.
* Prevent saving widget when form fails `checkValidity`.
* Fix frequency of triggering of `change` event on the rich Text widget's `textarea` limited now to when there are actual changes.
* Add a class of `widget-dirty` to widget containers when the widget has unsaved changes.
Props westonruter, timmydcrawford, melchoyce.
Fixes#41610, #23120.
Built from https://develop.svn.wordpress.org/trunk@41352
git-svn-id: http://core.svn.wordpress.org/trunk@41185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improve JS parsing of our inline JSDocs by introducing `@namespace`, `@lends` and `@memberOf`. Helps set the way for showing our JavaScript documentation on developer.wordpress.org, see https://meta.trac.wordpress.org/ticket/3063.
* Define all used namespaces using @namespace.
* Correctly specify in which namespace each class is using @memberOf.
* Define each usage of the extend function as a prototype assignment using @lends.
* Some comment blocks were moved to correct the parsing of certain definitions.
Props herregroen, atimmer, netweb, SergeyBiryukov.
Fixes#41682.
Built from https://develop.svn.wordpress.org/trunk@41351
git-svn-id: http://core.svn.wordpress.org/trunk@41184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When multisite is setup already, e.g. in a multi network environment, this change gives a performance benefit over the direct SQL query that was previously used. The SQL query remains in place for when setting up multisite initially as the network API is not available at that point.
Props spacedmonkey.
Fixes#41805.
Built from https://develop.svn.wordpress.org/trunk@41348
git-svn-id: http://core.svn.wordpress.org/trunk@41181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add two new helper functions, `wp.api.getModelByRoute` and `wp.api.getCollectionByRoute`. Passed a route, they return the matching model or collection, or `undefined` if none is found.
Also adds tests to verify these functions work as expected.
Props rcutmore.
Fixes#41111.
Built from https://develop.svn.wordpress.org/trunk@41334
git-svn-id: http://core.svn.wordpress.org/trunk@41165 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Refactors the UI controls around the Iris color picker to output valid and semantic markup
- Simplifies the way elements visibility gets toggled
- Properly associates the visually hidden label with the color input field
- Makes the toggle button a real button
- Adds `aria-expanded` to the toggle button
- Keeps focus on the toggle button instead of moving it to the color input field
- Adds `aria-label` attributes to give better context to some controls
- Removes a redundant title attribute
- Keeps the toggle button text to "Select Color" instead of changing it to "Current Color" when a color is selected
- Slightly improves the responsive view
- CSS clean-up
Fixes#39662.
Built from https://develop.svn.wordpress.org/trunk@41329
git-svn-id: http://core.svn.wordpress.org/trunk@41160 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Update to 2.1.9.
- Include the non-minified plupload.js and moxie.js.
- Remove support for Flash and Silverlight, the available runtime options are `html5` and `html4`.
- Delete plupload.flash.swf and plupload.silverlight.xap.
Fixes#41755.
Built from https://develop.svn.wordpress.org/trunk@41328
git-svn-id: http://core.svn.wordpress.org/trunk@41159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This was accidentally introduced in [41125]. Since the `added_existing_user` filter has historically accepted either `true` or a `WP_Error` object, the clause is not necessary here. The doc block has been adjusted to account for the new possible `WP_Error` condition.
Fixes#41101.
Built from https://develop.svn.wordpress.org/trunk@41324
git-svn-id: http://core.svn.wordpress.org/trunk@41155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes an issue where failures when inserting the attachment post via
`wp_insert_attachment()` would result in a return value of `0` instead of a
`WP_Error` object, as documented. This is addressed by passing `true` as the
fourth param (added in WP 4.7.0) when calling `wp_insert_attachment()`.
Props mrasharirfan, flixos90.
Fixes#41726.
Built from https://develop.svn.wordpress.org/trunk@41323
git-svn-id: http://core.svn.wordpress.org/trunk@41154 1a063a9b-81f0-0310-95a4-ce76da25c4cd
ALso fixes:
* Accessibility for volume control
* Progress bar tooltip positioning and dimensions correctly set for media with long duration
* Better codec checking
* Minor CSS fix to avoid flickering effect on volume control
Props rafa8626.
See #39686.
Fixes#41640.
Built from https://develop.svn.wordpress.org/trunk@41320
git-svn-id: http://core.svn.wordpress.org/trunk@41151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These log entries are only useful when troubleshooting unexpected results from the API, which is not common. The vast majority of users are better served by not having their logs cluttered with noise.
For the rare situations where troubleshooting is necessary, it can be achieved by a plugin (see #41217 for an example).
Props Howdy_McGee, dd32.
Fixes#41217.
Built from https://develop.svn.wordpress.org/trunk@41316
git-svn-id: http://core.svn.wordpress.org/trunk@41147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [38296] we replaced `get_post_meta()` with `wp_get_attachment_metadata()`
so that attachment metadata could be consistently filtered. However, this
results in extra post queries which were previously avoided.
This uses `_prime_post_caches()` instead of `update_meta_cache()` to improve
post caching before looping through all images to retrieve attachment metadata.
Props dlh.
Fixes#40490.
Built from https://develop.svn.wordpress.org/trunk@41315
git-svn-id: http://core.svn.wordpress.org/trunk@41146 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This introduces the following meta capabilities:
* `activate_plugin`
* `deactivate_plugin`
* `deactivate_plugins`
The singular `activate_plugin` and `deactivate_plugin` capabilities are used along with the corresponding plugin name when
determining whether or not a user can activate or deactivate an individual plugin.
The plural `deactivate_plugins` capability is used in place of the existing `activate_plugins` capability when determining
whether a user can deactivate plugins.
Each of these new meta capabilities map to the existing `activate_plugins` primitive capability, which means there is no
change in existing behaviour, but plugins can now filter the capabilities required to activate and deactivate individual
plugins.
Fixes#38652
Built from https://develop.svn.wordpress.org/trunk@41290
git-svn-id: http://core.svn.wordpress.org/trunk@41130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
"Install" is not a noun, and while it might be acceptable to use the verb as a noun, it is not correct. Using the correct
noun, "installation", increases clarity, especially for non-native English speakers.
This change fixes the usage in user-facing text and in developer documentation.
Fixes#41620
Built from https://develop.svn.wordpress.org/trunk@41289
git-svn-id: http://core.svn.wordpress.org/trunk@41129 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Removing inline examples already listed in the Code Reference
* Improving the summary and description to explain how tag conflicts are handled
* Supplement the docs for the `$func` parameter by describing the three arguments passed to a shortcode callback.
Props grapplerulrich for the initial patch.
Fixes#37222.
Built from https://develop.svn.wordpress.org/trunk@41281
git-svn-id: http://core.svn.wordpress.org/trunk@41121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Patches occasionally come in on generated files. We should be kind to new contributors and give them a hint that these files are auto generated.
Props drewapicture, samuelsidler, netweb, valendesigns, kpdesign, nacin, jorbin
Fixes#30666
Built from https://develop.svn.wordpress.org/trunk@41271
git-svn-id: http://core.svn.wordpress.org/trunk@41111 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new meta capabilities are called `install_languages` and `update_languages`. Prior to this change, there were no proper capability checks applied. Instead only the filesystem and related constants were checked, and for actual permissions a rather vague fallback was used where a user needed to have at least one of the other updating capabilities. In addition to being generally more verbose, the new capabilities make it possible for example to allow a user to update languages, but nothing else. By default they fall back to the original way of how they were handled.
Props johnbillion, flixos90.
Fixes#39677.
Built from https://develop.svn.wordpress.org/trunk@41268
git-svn-id: http://core.svn.wordpress.org/trunk@41108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There were a handful of files with an underscore in the name, which violated our naming scheme, and caused problems for anyone how enforced the scheme on their own systems.
This commit renames all of the files to the correct camelCase scheme.
Fixes#41658.
Built from https://develop.svn.wordpress.org/trunk@41261
git-svn-id: http://core.svn.wordpress.org/trunk@41101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Passing a non-null value to the filter will prevent the uploaded file from being moved to the uploads directory for any of the functions leveraging `_wp_handle_upload()`, such as `wp_handle_upload()` or `wp_handle_sideload()`.
Error reporting related to the file being moved will also be skipped.
Props ryan, Mte90.
Fixes#24603.
Built from https://develop.svn.wordpress.org/trunk@41258
git-svn-id: http://core.svn.wordpress.org/trunk@41098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their site.
Props MatheusGimenez, johnbillion
Fixes#39118
Built from https://develop.svn.wordpress.org/trunk@41254
git-svn-id: http://core.svn.wordpress.org/trunk@41094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Twemoji 2.3.0 has a rendering issue in Safari, emoji can sometimes be followed by U+FEOF (which is just a flag meaning "render the preceding character as emoji).
Twemoji wasn't catching this character correctly, and Safari rendered it incorrectly.
Twemoji 2.5.0 resolves this issue.
Fixes#41584.
Built from https://develop.svn.wordpress.org/trunk@41250
git-svn-id: http://core.svn.wordpress.org/trunk@41090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This will send nav menu locations through three levels of mapping:
1. If both themes have only one location, that gets mapped.
2. If both themes have locations with the same slug, they get mapped.
3. Locations that (even partially) match slugs from a similar kind of menu location will get mapped.
Menu locations are mapped for Live Previews in the Customizer and during theme switches.
Props westonruter, obenland, welcher, melchoyce.
Fixes#39692.
Built from https://develop.svn.wordpress.org/trunk@41237
git-svn-id: http://core.svn.wordpress.org/trunk@41077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The following tests were never executed as they have `@depends` annotations which means they get skipped because the `test_video_shortcode_body()` test has not run by the time they run. Re-ordering the test methods fixes this.
* `test_wp_video_shortcode_with_empty_params()`
* `test_wp_video_shortcode_with_bad_attr()`
* `test_wp_video_shortcode_attributes()`
* `test_wp_video_shortcode_youtube_remove_feature()`
* `test_wp_video_shortcode_youtube_force_ssl()`
* `test_wp_video_shortcode_vimeo_force_ssl_remove_query_args()`
* `test_wp_video_shortcode_vimeo_adds_loop()`
* `test_wp_video_shortcode_vimeo_force_adds_loop_true()`
See #35367
Built from https://develop.svn.wordpress.org/trunk@41229
git-svn-id: http://core.svn.wordpress.org/trunk@41069 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes a visual glitch visible on Ubuntu. WordPress uses system fonts and they have
different metrics across operating systems. Uses screen-reader-text as a more
solid way to visually hide text.
Props punit5658, afercia.
Fixes#41497.
Built from https://develop.svn.wordpress.org/trunk@41227
git-svn-id: http://core.svn.wordpress.org/trunk@41067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While site administrators cannot generally edit users in multisite, they have always been able to change the roles of users on their site. In the REST API however, this has not been possible so far. This changeset brings parity with how it is handled in the administration panel: A REST request to edit only a user's roles succeeds correctly, while a REST request to edit any further details of a user fails.
Props jnylen0.
Fixes#40263.
Built from https://develop.svn.wordpress.org/trunk@41226
git-svn-id: http://core.svn.wordpress.org/trunk@41066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Under certain circumstances, it can be necessary that a user should not be added to a site, beyond the restrictions that WordPress core applies. With the new `can_add_user_to_blog` filter, plugin developers can run custom checks and return an error in case of a failure, that will prevent the user from being added.
The user-facing parts and the REST API route that interact with `add_user_to_blog()` have been adjusted accordingly to provide appropriate error feedback when a user could not be added to a site. Furthermore, two existing error feedback messages in the site admin's "New User" screen have been adjusted to properly show inside an error notice instead of a success notice.
Props jmdodd.
Fixes#41101.
Built from https://develop.svn.wordpress.org/trunk@41225
git-svn-id: http://core.svn.wordpress.org/trunk@41065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This introduces three new filters, replacing those that were introduced in [41153]:
* `wp_password_change_notification_email`
* `wp_new_user_notification_email_admin`
* `wp_new_user_notification_email`
Props pbearne
Fixes#38068
Built from https://develop.svn.wordpress.org/trunk@41213
git-svn-id: http://core.svn.wordpress.org/trunk@41053 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are now 3 places where we call out to the REST API from within wp-admin. This commit introduces a small library to allow overriding these calls, centralize nonce-passing logic, and eliminate the need to pass a full REST URL down to client code (this last feature is not yet used and will be explored in a separate ticket).
Fixes#40919.
Built from https://develop.svn.wordpress.org/trunk@41206
git-svn-id: http://core.svn.wordpress.org/trunk@41046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `settings_previewed` property eliminates the need for the Customizer components from having to look at global `doing_ajax` state. This is in particular needed when saving settings, as some settings will short-circuit the update operation if they detect no changes are introduced. This is also needed for low-level integrations with the Customizer, such as in REST API endpoints under development.
Props stubgo, westonruter, utkarshpatel for testing.
See #38900.
Fixes#39221.
Built from https://develop.svn.wordpress.org/trunk@41205
git-svn-id: http://core.svn.wordpress.org/trunk@41045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_Comment_Query` always queries runs an ID query, and so is unaffected
by the 'fields' parameter. As such, 'fields' can be ignored when building
a cache key for the results of the ID query.
Props spacedmonkey.
Fixes#41348.
Built from https://develop.svn.wordpress.org/trunk@41190
git-svn-id: http://core.svn.wordpress.org/trunk@41030 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Often times, it can be confusing to set a custom permalink structure. One has to double-check the documentation, make
sure to correctly insert the structure tag, and hope not to break their site.
With this addition, the available structure tags are being displayed as a list of easily clickable buttons that can be
used to insert tags to the custom structure input field and to remove them again.
Props kpdesign, swissspidy, joedolson, afercia.
Fixes#29872.
Built from https://develop.svn.wordpress.org/trunk@41182
git-svn-id: http://core.svn.wordpress.org/trunk@41022 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `__autoload()` function is deprecated in PHP 7.2, which means WordPress' own `__autoload()` compat function for PHP 5.2 needs to be moved into a separate file to prevent the PHP 7.2 compiler from complaining.
Props ayeshrajans
See #40109
Built from https://develop.svn.wordpress.org/trunk@41178
git-svn-id: http://core.svn.wordpress.org/trunk@41018 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This reduces the chances of a site compromise going unnoticed, in the same way that the same notifications for user account email address changes reduces the chances of a user account compromise going unnoticed.
Props MatheusGimenez, johnbillion
Fixes#39117
Built from https://develop.svn.wordpress.org/trunk@41164
git-svn-id: http://core.svn.wordpress.org/trunk@41004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their account.
Props rodrigosprimo, tharsheblows, johnbillion
Fixes#16470
Built from https://develop.svn.wordpress.org/trunk@41163
git-svn-id: http://core.svn.wordpress.org/trunk@41003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to about 2013, many class methods lacked even access modifiers which made the `@access` notations that much more useful. Now that we've gotten to a point where the codebase is more mature from a maintenance perspective and we can finally remove these notations. Notable exceptions to this change include standalone functions notated as private as well as some classes still considered to represent "private" APIs.
See #41452.
Built from https://develop.svn.wordpress.org/trunk@41162
git-svn-id: http://core.svn.wordpress.org/trunk@41002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to about 2013, many class methods lacked even access modifiers which made the `@access` notations that much more useful. Now that we've gotten to a point where the codebase is more mature from a maintenance perspective and we can finally remove these notations. Notable exceptions to this change include standalone functions notated as private as well as some classes still considered to represent "private" APIs.
See #41452.
Built from https://develop.svn.wordpress.org/trunk@41161
git-svn-id: http://core.svn.wordpress.org/trunk@41001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[41139] changed how the REST API URL is generated, but included an incorrect version of `wp-api-generated.js`.
This updates the generator to create the correct `wp-api-generated.js`, and updates ``wp-api-generated.js`.
See #40886.
Built from https://develop.svn.wordpress.org/trunk@41154
git-svn-id: http://core.svn.wordpress.org/trunk@40994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since WordPress 2.3, the Recent Posts widget used to output the post ID for posts
with an empty title. Using '(no title)' seems a best option and is consistent with
what's already used in other similar cases.
Props antonrinas, Ankit K Gupta.
Fixes#35709.
Built from https://develop.svn.wordpress.org/trunk@41149
git-svn-id: http://core.svn.wordpress.org/trunk@40989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures all the column titles, not just the Comments column one, are
"clean" when later reused for the Screen Options checkboxes. Also introduces
some consistency with what is already done in WP_List_Table.
Fixes#41261.
Built from https://develop.svn.wordpress.org/trunk@41148
git-svn-id: http://core.svn.wordpress.org/trunk@40988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When pretty permalinks are disabled, the web server will internally forward requests to `index.php`. Unfortunately, nginx only forwards HTTP/1.0 methods: `PUT`, `PATCH`, and `DELETE` methods will return a 405 error.
To work around this nginx behaviour, including `index.php` in the REST URL skips the internal redirect.
Fixes#40886.
Built from https://develop.svn.wordpress.org/trunk@41139
git-svn-id: http://core.svn.wordpress.org/trunk@40979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The REST API does not provide a mechanism to distinguish between endpoints representing models and those representing collections, so the Backbone client must make that distinction internally. Previously wp-api.js accounted for `/users/me`, but not for `/settings`. This patch updates the logic so that `/settings` is properly registered as a Backbone model.
When calling `wp.api.init`, additional endpoints can be specified to be models using the `modelEndpoints` argument.
Props @adamsilverstein.
Fixes#41056.
Built from https://develop.svn.wordpress.org/trunk@41112
git-svn-id: http://core.svn.wordpress.org/trunk@40952 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensures that users who copy HTML from the Text widget in legacy mode over to the Custom HTML widget will continue to get all of the same filters applied, including tag balancing and shortcodes, if a plugin added support. Plugins still have the `widget_text_content` and `widget_custom_html_content` filters they can use to target the specific widget types.
Amends [40893].
See #40951.
Fixes#40907 for trunk.
Built from https://develop.svn.wordpress.org/trunk@41086
git-svn-id: http://core.svn.wordpress.org/trunk@40926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since plugin-added shortcode handling is just-in-time deferred to run after `wpautop`, there is no need to retain the presence of shortcodes to trigger legacy mode. Also updates Text widget legacy mode notice informing of Custom HTML widget.
Amends [41050].
Props westonruter, melchoyce.
Fixes#40951 for trunk.
Built from https://develop.svn.wordpress.org/trunk@41070
git-svn-id: http://core.svn.wordpress.org/trunk@40922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this change, the similar help tab and sidebar for these screens were all duplicated for each respective screen. This changeset introduces two internal admin functions `get_site_screen_help_tab_args()` and `get_site_screen_help_sidebar_content()` that make these available in a centralized location.
Props atanasangelovdev.
Fixes#41167.
Built from https://develop.svn.wordpress.org/trunk@41065
git-svn-id: http://core.svn.wordpress.org/trunk@40917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this change there were two different cache keys used for the same query. That is because regardless of the `$fields` argument, the query response will be the same. This was already fixed for `WP_Site_Query` in [41059].
Props spacedmonkey.
Fixes#41347.
Built from https://develop.svn.wordpress.org/trunk@41063
git-svn-id: http://core.svn.wordpress.org/trunk@40915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress no longer supports many old old browsers: https://make.wordpress.org/core/2017/04/23/target-browser-coverage/
This also removes alot of no longer necessary CSS. It served us well, but we are never getting back together with IE8,9,10.
So, in the (paraphrased) words of Taylor Swift:
I remember when we dropped support the first time
Saying, "This is it, I've had enough, " 'cause like
We hadn't seen many users in a month
When you said you needed flexbox. (What?)
Then you postMessage again and say
"IE8, I miss you and I swear I'm gonna change, trust me."
Remember how that lasted for a day?
I say, "I hate the box model, " we break up, you call me, "I love css-grids."
Ooh, we called it off again last night
But ooh, this time I'm telling you, I'm telling you
We are never ever ever supporting IE 8,9,10,
We are never ever ever supporting IE 8,9,10,
You go talk to EDGE, talk to my FIREFOX, talk to CHROME
But we are never ever ever ever getting back together
Like, ever...
Fixes#37651.
Props stunnedbeast, netweb, jorbin.
Built from https://develop.svn.wordpress.org/trunk@41062
git-svn-id: http://core.svn.wordpress.org/trunk@40912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Before this changeset, the language of a new site would always result in the language of the current network, regardless of the `$site_id` parameter passed that actually determines the network for the site. Now the correct `WPLANG` value is used in such cases.
Alongside this change, a few minor documentation changes around the function have been made to account for the current naming conventions of sites and networks.
Props spacedmonkey.
Fixes#40503.
Built from https://develop.svn.wordpress.org/trunk@41058
git-svn-id: http://core.svn.wordpress.org/trunk@40908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Text widget in legacy mode omits TinyMCE and retains old behavior for matching pre-existing Text widgets. Usage pointers added to default visual mode appear when attempting to paste HTML code into the Visual tab and when clicking on the Text tab, informing users of the new Custom HTML widget.
Props westonruter, melchoyce, gitlost for testing, obenland for testing, dougal for testing, afercia for testing.
See #35243.
Fixes#40951.
Built from https://develop.svn.wordpress.org/trunk@41050
git-svn-id: http://core.svn.wordpress.org/trunk@40900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, these filters were being run once per post, but the changes in [41043] caused them to be run once per emoji found.
We will not stand idly by while this kind of unfair performance penalty is placed on the emoji literate. The filters are now run once only, emoji aficionados everywhere can rest easy, knowing their posts will be just as performant as their emoji-less cousins.
Props ocean90 for noticing this severe oversight.
See #35293.
Built from https://develop.svn.wordpress.org/trunk@41046
git-svn-id: http://core.svn.wordpress.org/trunk@40896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, `wp_encode_emoji()` and `wp_staticize_emoji()` used inaccurate regular expressions to find emoji, and transform then into HTML entities or `<img>`s, respectively. This would result in emoji not being correctly transformed, or occasionally, non-emoji being incorrectly transformed.
This commit adds a new `grunt` task - `grunt precommit:emoji`. It finds the regex in `twemoji.js`, transforms it into a PHP-friendly version, and adds it to `formatting.php`. This task is also automatically run by `grunt precommit`, when it detects that `twemoji.js` has changed.
The new regex requires features introduced in PCRE 8.32, which was introduced in PHP 5.4.14, though it was also backported to later releases of the PHP 5.3 series. For versions of PHP that don't support this, it will fall back to an updated version of the loose-matching regex.
For short posts, the performance difference between the old and new regex is negligible. As the posts get longer, however, the new method is exponentially faster.
Fixes#35293.
Built from https://develop.svn.wordpress.org/trunk@41043
git-svn-id: http://core.svn.wordpress.org/trunk@40893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[40514] introduced a bug that caused term queries to return some duplicates
when the `$taxonomies` array contained only taxonomies that were originally
registered with an `$args` array. We fix this bug by ensuring that
recursive `get_terms()` queries stop when all queried `$taxonomies` have
already been referenced.
Props bor0, atanasangelovdev.
Fixes#41010.
Built from https://develop.svn.wordpress.org/trunk@41037
git-svn-id: http://core.svn.wordpress.org/trunk@40887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Set view state properly when navigating history using the browser back/next button in the media library (grid view). Correctly handle navigating, search, image detail view and image edit mode. Also handle bookmarking/reloading.
Props kucrut, joemcgill, afercia.
Fixes#31846.
Built from https://develop.svn.wordpress.org/trunk@41021
git-svn-id: http://core.svn.wordpress.org/trunk@40871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change standardizes some language in the parameter descriptions between the two hook docs in an effort to reduce confusion between the `$pre_option` pseudo-parameters and the new `$default` ones. `$pre_option` is the truthy value used to short-circuit the `get_*option()` call, `$default` is the value passed to the `get_*option()` returned in the event that 1) a short circuit isn't performed, 2) the option doesn't exist.
Props sc0ttkclark.
Fixes#41254.
Built from https://develop.svn.wordpress.org/trunk@41013
git-svn-id: http://core.svn.wordpress.org/trunk@40863 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, changing these constants in `wp-tests-config` would cause PHPUnit to regenerate `wp-api-generated.js` with different values.
This commit uses the existing mechanism to also "freeze" all values that would change as a result of changing these constants.
Fixes#41123.
Built from https://develop.svn.wordpress.org/trunk@41006
git-svn-id: http://core.svn.wordpress.org/trunk@40856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, checks like `current_user_can( 'edit_term_meta', $term_id )`
returned the proper value, but generated a PHP notice due to the fact
that `get_term( $term_id )` could, in certain instances, return
`WP_Error` objects.
Props caercam.
Fixes#40891.
Built from https://develop.svn.wordpress.org/trunk@40999
git-svn-id: http://core.svn.wordpress.org/trunk@40849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Meta capabilities use the capability `do_not_allow` to indicate a user should be blocked from performing a particular action. This ensures users can not have the capability as it would cause unexpected behaviour.
Props johnbillion.
Fixes#41059.
Built from https://develop.svn.wordpress.org/trunk@40993
git-svn-id: http://core.svn.wordpress.org/trunk@40843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This parameter allows querying for posts with a specific value of
`comment_count`. It is also possible to query for posts that match
a `comment_count` comparison by passing an array with 'value' and
'compare' operators (eg `array( 'compare' => '>', 'value' => 5 )`).
Props ramon fincken.
Fixes#28399.
Built from https://develop.svn.wordpress.org/trunk@40978
git-svn-id: http://core.svn.wordpress.org/trunk@40828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Separately, use `$post` for checking the post status and retrieving the page_uri in `get_post_permalink()` instead of referencing back to the original `$id` parameter.
Props GunGeekATX for the initial patch.
Fixes#40780.
Built from https://develop.svn.wordpress.org/trunk@40975
git-svn-id: http://core.svn.wordpress.org/trunk@40825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
At the heart of the matter, the `$menu_slug` parameter in `add_menu_page()` and `add_submenu_page()` is not sanitized with `sanitize_key()`. When the screen object is later built for the admin page, the screen ID is derived from that `$menu_slug` value, though passed through `sanitize_key()`, which can produce unexpected results in comparison check.
Changing the sanitization code to provide actual parity is out of the question at this juncture, so updating the docs to describe how to avoid this edge case is the next best option.
Props GregRoss.
Fixes#35305.
Built from https://develop.svn.wordpress.org/trunk@40967
git-svn-id: http://core.svn.wordpress.org/trunk@40817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `get_index_template()`
* `get_404_template()`
* `get_author_template()`
* `get_category_template()`
* `get_tag_template()`
* `get_taxonomy_template()`
* `get_date_template()`
* `get_home_template()`
* `get_front_page_template()`
* `get_page_template()`
* `get_search_template()`
* `get_single_template()`
* `get_embed_template()`
* `get_singular_template()`
* `get_attachment_template()`
As mentioned when these dynamic hook references were originally fixed in [33274], we can't link to non-existent hooks inline because the Code Reference auto-linker won't pick up on the dynamic-ness of the hook, it'll just try to link to a hook reference that doesn't exist. In these cases, we need to be generic and provide context for the value of `$type`.
See [38418] for where the original fix was reversed. See this changeset for reversing the reversal.
Props donutz, milana_cap.
Fixes#41198.
Built from https://develop.svn.wordpress.org/trunk@40964
git-svn-id: http://core.svn.wordpress.org/trunk@40814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change brings consistency with the regular site administration panel settings pages: Radio and checkbox labels do not use full stops there, so those in the network administration panel should not either.
Props Ankit K Gupta.
Fixes#39319.
Built from https://develop.svn.wordpress.org/trunk@40953
git-svn-id: http://core.svn.wordpress.org/trunk@40803 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also provide differentiation between arguments as passed to `get_posts()` vs used for ordering outputted menu items.
By and large, arguments in the `$args` array are intended to directly affect how nav_menu_item posts are retrieved. When the default ARRAY_A is used for 'output', the 'order' and 'orderby' arguments are essentially ignored, instead giving preference to a hard-coded order of 'ASC' and an orderby value derived from the non-get_posts() argument 'output_key'.
Fixes#15533.
Built from https://develop.svn.wordpress.org/trunk@40942
git-svn-id: http://core.svn.wordpress.org/trunk@40792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset addresses two related issues:
* When splitting shared terms from hierarchical taxonomies, the process of regenerating the taxonomy hierarchy (`_get_taxonomy_hierarchy()`) requires recursive calls to `get_terms()` in order to descend the tree. By waiting until all shared terms in a term group have been invalidated before regenerating their taxonomy hierarchies, we avoid certain race conditions.
* Previously, a coding error prevented single-term caches from being invalidated for children of split terms. This error dates from [31418].
See #37189.
Built from https://develop.svn.wordpress.org/trunk@40920
git-svn-id: http://core.svn.wordpress.org/trunk@40770 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the edit media screen, ensure that the 'replace' button is disabled until a media item is selected. Fix an issue where clicking the button with no item selected threw a JavaScript error and failed to work.
Props timmydcrawford, subrataemfluence, psiico.
Fixes#40589.
Built from https://develop.svn.wordpress.org/trunk@40902
git-svn-id: http://core.svn.wordpress.org/trunk@40752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the `focus` event on the permalink custom structure field made impossible
to navigate through all the form fields using only the keyboard without actually
selecting the custom structure setting. Instead, using click and input preserves
the original functionality when using any kind of pointing or input device.
Also changes `attr()` to `prop()`` as recommended for a `checked` property.
Fixes#40982.
Built from https://develop.svn.wordpress.org/trunk@40897
git-svn-id: http://core.svn.wordpress.org/trunk@40747 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes issue where Video widgets embedding external files fail to get recognized due to the presence of the `loop` param after the video filename, even though it has a recognized extension. Regardless, the `loop` param is only present to fix a Vimeo issue in ME.js 2.x.
Props timmydcrawford.
Amends [40640].
See #39686, #39994.
Fixes#40977.
Built from https://develop.svn.wordpress.org/trunk@40892
git-svn-id: http://core.svn.wordpress.org/trunk@40742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change version numbers in stylesheets, fix typo in Twenty Fourteen readme and update copyright dates for themes. Twentysixteen wasn't updated this cycle.
See #40745 for changes that helped push this along.
Fixes#40905.
Props davidakennedy, mrahmadawais, maedahbatool.
Built from https://develop.svn.wordpress.org/trunk@40883
git-svn-id: http://core.svn.wordpress.org/trunk@40733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- changes "Drafts" to "Your Recent Drafts" to clarify displayed drafts are the ones from the current user
- clarifies and simplifies the "View all" link
Props soniakash, sudar, bhargavbhandari90, zachwtx, johnroper100, rcutmore.
Fixes#37595.
Built from https://develop.svn.wordpress.org/trunk@40877
git-svn-id: http://core.svn.wordpress.org/trunk@40727 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes the UN flag not being correctly compared to itself, introduced in [40837].
Replaces the bearded person check with a male fairy. Emoji 5 does not have gendered bearded people, so we needed to switch it out to use the ZWJ check for a broken render.
Props peterwilsoncc for the code and commit message.
Fixes#40858.
Built from https://develop.svn.wordpress.org/trunk@40850
git-svn-id: http://core.svn.wordpress.org/trunk@40701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In this situation, a site which uses `http` on the front end but `https` in the admin area is more likely to have a working REST API endpoint URL when used in the admin area.
Props mohanjith, westonruter, jnylen0
Fixes#36451
Built from https://develop.svn.wordpress.org/trunk@40843
git-svn-id: http://core.svn.wordpress.org/trunk@40694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Mostly adds styles for lists and mediaelement.js instances within widgets.
Adds size classname to image widget so themes can customize their display.
Props Soean, obenland, celloexpressions, ocean90, karmatosed.
Fixes#40745.
Built from https://develop.svn.wordpress.org/trunk@40839
git-svn-id: http://core.svn.wordpress.org/trunk@40690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates Twemoji to 2.3.0 to include Emoji 5 support.
The pride flag test is replaced with a test for the English flag, a five character sub-devision locale. The UN flag test is retained as the most recent two character locale.
An Emoji 5 "bearded person" replaces both Emoji 4 tests.
Fixes#40858.
Built from https://develop.svn.wordpress.org/trunk@40837
git-svn-id: http://core.svn.wordpress.org/trunk@40688 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When closing the theme preview, restore the previously selected tab. Avoid an issue where duplicate entries in the history prevented navigation. When re-opening the preview, remove bound event handlers before re-adding them.
Props afercia.
Fixes#36613.
Built from https://develop.svn.wordpress.org/trunk@40824
git-svn-id: http://core.svn.wordpress.org/trunk@40681 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes some minor HTML issues in the admin and, most notably, changes the rel
attribute used in the List Tables from `rel="permalink"` to `rel="bookmark"`.
Props mihai2u, pento, arena, topher1kenobe, michalzuber, stubgo.
Fixes#37004.
Built from https://develop.svn.wordpress.org/trunk@40823
git-svn-id: http://core.svn.wordpress.org/trunk@40680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- improves accessibility using an aria-label attribute to match the information conveyed visually with the one exposed to assistive technologies
- adds an option in the widget to display the item counts, consistently with what other widgets already do (Archives, Categories)
Props adamsoucie, emirpprime, Samantha Miller., MikeLittle, rianrietveld, sami.keijonen, adamsilverstein, westonruter, afercia.
See #24766.
Fixes#35566.
Built from https://develop.svn.wordpress.org/trunk@40816
git-svn-id: http://core.svn.wordpress.org/trunk@40674 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this commit, `WP_Rest_Request::get_param()` traversed through the parameter order but `WP_Rest_Request::set_param()` did not. For JSON requests (and likely other situations as well), this meant that changing a parameter with `set_param()` would have no effect on `get_param()`.
Props TimothyBlynJacobs.
Fixes#40344.
Built from https://develop.svn.wordpress.org/trunk@40815
git-svn-id: http://core.svn.wordpress.org/trunk@40673 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Plugins may continue to add embedding support for these file formats by re-adding them via the `wp_video_extensions` and `wp_audio_extensions` filters while also implementing fallback rendering routines via the `wp_video_shortcode_override` and `wp_audio_shortcode_override` filters.
See #39994, #39995.
Fixes#40819.
Built from https://develop.svn.wordpress.org/trunk@40813
git-svn-id: http://core.svn.wordpress.org/trunk@40671 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `wp_prepare_attachment_for_js()`:
- Normalize behavior when author does not exist by returning '(no author)' for `authorName` in these cases.
- Decode HTML entities in `author_name`.
- Add tests for both of the above.
Props arshidkv12, ocean90, sloisel, mikeschroder.
Fixes#39955.
Built from https://develop.svn.wordpress.org/trunk@40809
git-svn-id: http://core.svn.wordpress.org/trunk@40667 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit adds a new `WP_REST_Server#remove_header` method and uses it to clear the `Last-Modified` header when the "no caching" headers are sent (by default for all authenticated REST API requests). This matches the behavior of the `nocache_headers` function used in other parts of WordPress.
Previously, the REST API would send an empty `Last-Modified` header in this situation. Under some server and browser configurations, this causes browsers to cache authenticated REST API requests, which is undesirable.
Props iv3rson76, zinigor, rmccue, jnylen0.
Fixes#40444.
Built from https://develop.svn.wordpress.org/trunk@40805
git-svn-id: http://core.svn.wordpress.org/trunk@40663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Close the form after obtaining a valid location.
- Fix focusing the toggle button after closing the form.
- Fix aria attribute values.
- Fix positions in IE11.
- Some JS and CSS cleanup.
Props afercia, coreymckrill.
Fixes#40735.
Built from https://develop.svn.wordpress.org/trunk@40789
git-svn-id: http://core.svn.wordpress.org/trunk@40647 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new version of TinyMCE introduces a cursor-boundary feature for some formatting elements but, by default, it does not provide much in the way of styles. This tweaks their appearance in the WordPress custom skin to match the intended design of the feature.
Props joen.
Fixes#40767.
Built from https://develop.svn.wordpress.org/trunk@40783
git-svn-id: http://core.svn.wordpress.org/trunk@40641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Only set these headers if (1) `WP_DEBUG` is enabled and (2) headers have not already been sent.
Previously, this code could generate warnings by trying to set a header after response data has already been sent. This happens when code attached to the `shutdown` filter calls a deprecated function, for example.
Also, these headers are unlikely to be useful in the majority of cases; let's only send them if `WP_DEBUG` is enabled.
Props kraftbj, jnylen0, ocean90, rmccue.
Fixes#40787.
Built from https://develop.svn.wordpress.org/trunk@40782
git-svn-id: http://core.svn.wordpress.org/trunk@40640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, a role selected below the list table would not apply on save. This aligns the behavior with `wp-admin/users.php` and allows role changes from both selections, deferring to the bottom selection when both are populated.
Props desrosj.
Fixes#40113.
Built from https://develop.svn.wordpress.org/trunk@40780
git-svn-id: http://core.svn.wordpress.org/trunk@40638 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On Chrome 58 and above, plugin names within the plugin details modal were collapsed down into an ellipsis. This fix rewrites the CSS to make sure the titles are always shown.
Props mrwweb, afercia, Presskopp.
Fixes#40579.
Built from https://develop.svn.wordpress.org/trunk@40672
git-svn-id: http://core.svn.wordpress.org/trunk@40535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Brings the minimum characters expected for a valid email address to six, which matches the expectations in `wp_handle_comment_submission()` and REST API email arguments.
Props rmccue, lukecavanagh, rachelbaker, desrosj, sudar.
Fixes#38708.
Built from https://develop.svn.wordpress.org/trunk@40667
git-svn-id: http://core.svn.wordpress.org/trunk@40530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes bug where previously the `$post_id` function argument was passed to the '_open' filters, instead of the result of the `get_post()` call. If the current post is not found, the `$post_id` filter parameter will be 0.
Props johnbillion, shulard, rachelbaker.
Fixes#40286.
Built from https://develop.svn.wordpress.org/trunk@40666
git-svn-id: http://core.svn.wordpress.org/trunk@40529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The jQuery `hasClass` method accepts a class name without a prefix '.' (period). Remove an errant class name with a '.' in `wp-mediaelement.js` that broke the selector in certain circumstances.
Props kostasx, Presskopp.
Fixes#40354.
Built from https://develop.svn.wordpress.org/trunk@40659
git-svn-id: http://core.svn.wordpress.org/trunk@40522 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In customizer preview, strip changeset uuid in menu urls before comparing with current url to determine menu item classes.
In the customizer, menu items now contain a changeset uuid as part of their urls. Strip the changeset uuid off the url before comparing with current url (which lacks the changeset uuid).
Props priyankabehera155, jipmoors.
Fixes#39758.
Built from https://develop.svn.wordpress.org/trunk@40658
git-svn-id: http://core.svn.wordpress.org/trunk@40521 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a 'delete' link next to the update button on the term edit screen so you can delete a term while you are reviewing it's details.
Props cklosows, bradt, ocean90, johnbillion, DrewAPicture, ryan, MatheusGimenez, maguiar.
Fixes#9777.
Built from https://develop.svn.wordpress.org/trunk@40655
git-svn-id: http://core.svn.wordpress.org/trunk@40518 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes a bug where cached events & location data was not accessible because the
cache key could not be regenerated without latitude and longitude information.
Discovered and fixed during #wcber contributor day.
Props soean, kubik-rubik, obenland.
See #40702.
Built from https://develop.svn.wordpress.org/trunk@40651
git-svn-id: http://core.svn.wordpress.org/trunk@40514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These controls toggle the visibility of the update progress: they perform an action
therefore they should be buttons. Also:
- uses `aria-expanded` to communicate the toggle button state
- removes some inline JavaScript
- when clicking the toggle buttons, the progress details get moved with JavaScript after the button: this helps users of assistive technologies in finding them and makes the UI a bit more intuitive
Props Cheffheid, afercia.
See #26504.
Fixes#40453.
Built from https://develop.svn.wordpress.org/trunk@40646
git-svn-id: http://core.svn.wordpress.org/trunk@40507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This offscreen text is not meant to be revealed on focus and just acts as fallback
for assistive technologies that don't support `aria-label` and `role="slider"`.
Also, revealing it on focus has proven over time to be very fragile and to cause
unexpected layout issues.
See #30281.
Fixes#40707.
Built from https://develop.svn.wordpress.org/trunk@40642
git-svn-id: http://core.svn.wordpress.org/trunk@40503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The last time a new widget was introduced, Vuvuzelas were a thing, Angry Birds started taking over phones, and WordPress stopped shipping with Kubrick. Seven years and 17 releases without new widgets have been enough, time to spice up your sidebar!
Props westonruter, melchoyce, obenland, timmydcrawford, adamsilverstein, gonom9, wonderboymusic, Fab1en, DrewAPicture, sirbrillig, joen, matias, samikeijonen, afercia, celloexpressions, designsimply, michelleweber, ranh, kjellr, karmatosed.
Fixes#32417, #39993, #39994, #39995.
Built from https://develop.svn.wordpress.org/trunk@40640
git-svn-id: http://core.svn.wordpress.org/trunk@40501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
During a PHPUnit test suite run, a file named `wp-api-generated.js` is created which contains some response objects that serve as fixtures for the `wp-api.js` client unit tests.
Previously, some of these API responses were actually error objects, which isn't what we want for testing. This commit fixes the existing error responses and prevents this situation in the future.
Fixes#40734.
Built from https://develop.svn.wordpress.org/trunk@40629
git-svn-id: http://core.svn.wordpress.org/trunk@40490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates Twemoji and adds a second Emoji 4 test to include a shrugging man. Emoji 4 is being implemented gradually, while some browsers now support the female technologist, the indifferent shrugging man is breaking things with his presence.
Props peterwilsoncc, pento for code review.
Fixes#40615.
Built from https://develop.svn.wordpress.org/trunk@40626
git-svn-id: http://core.svn.wordpress.org/trunk@40487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Now that Travis has confirmed that it is sending messages to Slack when a test fails, we no longer need a failing test.
The failing test added in [40613] is reverted, as Travis has failed to fail at notifying us about failing tests.
See #40712.
Built from https://develop.svn.wordpress.org/trunk@40614
git-svn-id: http://core.svn.wordpress.org/trunk@40484 1a063a9b-81f0-0310-95a4-ce76da25c4cd
To ensure that Travis is sending messages to Slack, a test needs to fail, so here's a failing test.
This failing test (and no other failing tests) will be reverted once Travis confirms that it isn't failing to message Slack about failing tests.
See #40712.
Built from https://develop.svn.wordpress.org/trunk@40613
git-svn-id: http://core.svn.wordpress.org/trunk@40483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this change, after creating a site, the network site count was always refreshed on the current network, regardless of whether the site was created on a different network. With the recent changes, particularly [40591], it is now possible to update the site count for a specific `$network_id`, so this changeset makes use of the new parameter.
Fixes#38699.
Built from https://develop.svn.wordpress.org/trunk@40612
git-svn-id: http://core.svn.wordpress.org/trunk@40482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The unit tests introduced as part of [40486] used the wrong `site_count` network option name instead of `blog_count`. This did not cause actual issues in the tests, but deleting the option was supposed to verify that it is properly recreated afterwards. The usage of the wrong name made these tests less useful, so this changeset fixes it.
Fixes#40725.
Built from https://develop.svn.wordpress.org/trunk@40611
git-svn-id: http://core.svn.wordpress.org/trunk@40481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The unit test introduced in [40370] used the strict `assertSame()` check while comparison a count with the value of an option, which under most conditions is not an integer. While the test passed on some setups, it failed on others. This changeset ensures that `assertEquals()` is used to make the test stable.
Fixes#40724.
Built from https://develop.svn.wordpress.org/trunk@40610
git-svn-id: http://core.svn.wordpress.org/trunk@40480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Now that the `WordPress/wordpress-develop` GitHub repo is syncing correctly, we can use it for Travis integration.
Props jorbin for getting the ball rolling so long ago, unprops jorbin because his Travis build can finally be retired.
Fixes#40712.
Built from https://develop.svn.wordpress.org/trunk@40604
git-svn-id: http://core.svn.wordpress.org/trunk@40474 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Browsers send an "Origin: null" header value for file and data URLs, as they can be generated by any document, and their origin is not guaranteed. Since we want to allow any URL to access the API (intentionally disabling the CORS protections), we need to special-case the non-URL "null" value.
Props joehoyle.
Fixes#40011.
Built from https://develop.svn.wordpress.org/trunk@40600
git-svn-id: http://core.svn.wordpress.org/trunk@40470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces option to `$return` parameter to return the attachment id created after a successful image sideload.
Props slbmeh, kawauso, alexkingorg, SergeyBiryukov, georgestephanis, DrewAPicture, nacin, trepmal, mattheu, kraftbj, whyisjake, dotancohen, MrGregWaugh, danielbachhuber.
Fixes#19629.
Built from https://develop.svn.wordpress.org/trunk@40597
git-svn-id: http://core.svn.wordpress.org/trunk@40467 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[40591] and [40593] introduced a `$network_id` parameter for `wp_maybe_update_network_site_counts()` and `wp_maybe_update_network_user_counts()`, as well as [40486] previously added it to `wp_update_network_counts()`. This changeset ensures the filter hooks in `ms-default-filters.php` do not pass any parameter to them that might conflict with their actual `$network_id` parameter, which caused unit test failures before.
Fixes#40703.
Built from https://develop.svn.wordpress.org/trunk@40596
git-svn-id: http://core.svn.wordpress.org/trunk@40466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If an email address is missing an `@`, we can't assume enough to check it against a list of domain names.
Additional validation of email should happen in `is_email()` before being passed to `is_email_address_unsafe()`.
Fixes#39915.
Built from https://develop.svn.wordpress.org/trunk@40595
git-svn-id: http://core.svn.wordpress.org/trunk@40465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Now that `get_blog_count()` and `get_user_count()` both support passing a `$network_id` parameter (see [40370] and [40371]), similar functionality is now available for `wp_is_large_network()`. In addition, the filter `wp_is_large_network` now accepts the network ID as its fourth parameter.
This changeset furthermore introduces unit tests for the `wp_is_large_network()` function and its filter.
Fixes#40489.
Built from https://develop.svn.wordpress.org/trunk@40590
git-svn-id: http://core.svn.wordpress.org/trunk@40460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this change, the minimum site name length checked in `wpmu_validate_blog_signup()` was set to a fixed value of 4. The new filter allows tweaking this value, as there may be cases where shorter site names may be required.
Fixes#39676.
Built from https://develop.svn.wordpress.org/trunk@40589
git-svn-id: http://core.svn.wordpress.org/trunk@40459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the UN flag test relied on the image being produced to be quite small. Unfortunately, the Chrome PNG encoder seems to have changed recently, and it now produces a relatively large image.
For a better test, we can compare the rendering of [U] + [N] against [U] + zero width space + [N].
Fixes#40616.
Built from https://develop.svn.wordpress.org/trunk@40582
git-svn-id: http://core.svn.wordpress.org/trunk@40452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When headers are stored in WP_REST_Request internally they are canonicalized. This step already happens on setting / getting headers in any way, but was missed when implementing remove_header().
Props TimothyBlynJacobs.
Fixes#40347.
Built from https://develop.svn.wordpress.org/trunk@40577
git-svn-id: http://core.svn.wordpress.org/trunk@40447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Valid code is important not just to formally meet the specification, but also to
ensure user agents, including assistive technologies, can accurately interpret
and parse content. When HTML elements are not used in the recommended way,
user agents may render them in unexpected ways. It can also become a problem for
compatibility with older or even future browsers, devices, or other software.
See W3C WCAG 4.1.1.
Props takayukister, aryamaaru.
Fixes#34881.
Built from https://develop.svn.wordpress.org/trunk@40572
git-svn-id: http://core.svn.wordpress.org/trunk@40442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the `focus` event on the date and time custom format fields made impossible
to navigate through all the form fields using only the keyboard without actually
selecting the custom format setting. Instead, using `click` and `input` preserves
the original functionality when using any kind of pointing or input device.
Fixes#40515.
Built from https://develop.svn.wordpress.org/trunk@40568
git-svn-id: http://core.svn.wordpress.org/trunk@40436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the need to manually call `$this->skipWithMultisite()` and `$this->skipWithoutMultisite()` from within the test when the test only runs without Multisite or only runs on Multisite, respectively.
Props jdgrimes for the suggestion.
Fixes#40531
Built from https://develop.svn.wordpress.org/trunk@40564
git-svn-id: http://core.svn.wordpress.org/trunk@40433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This has a slight performance impact on sites with a large number of users when the `time` strategy is used for counting users. Hopefully this impact will be negated by enhancements proposed in #38741.
Props psoluch, dots, boonebgorges, ptbello, tharsheblows
Fixes#29785
Built from https://develop.svn.wordpress.org/trunk@40560
git-svn-id: http://core.svn.wordpress.org/trunk@40429 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The test `Tests_Comment_CheckComment::test_should_return_true_when_content_does_not_match_moderation_keys()`
did not, in fact, test for a `true` value, but for a false one.
Switching to `assertTrue()` caused a failure, because the test comment
triggered the 'comment_moderation' test. As in other tests in the file,
the solution is to force 'comment_moderation' to 0 for the purposes of
the test.
Introduced in [32519].
Props stephdau.
Fixes#40584.
Built from https://develop.svn.wordpress.org/trunk@40557
git-svn-id: http://core.svn.wordpress.org/trunk@40426 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This brings much needed uniformity to test skipping when a test requires Multisite or when a test should be excluded from running when Multisite is enabled.
Used in conjunction with the `@group ms-required` and `@group ms-excluded` notation, this removes a significant number of skipped tests from the default test suite run.
Fixes#40531
Built from https://develop.svn.wordpress.org/trunk@40543
git-svn-id: http://core.svn.wordpress.org/trunk@40419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a compatibility shim for the new namespaced structure of PHPUnit and the removed `setExpectedException()` method. In addition, this updates the Travis config so PHPUnit 6.1 is used where appropriate.
Props miyauchi, gitlost.
Fixes#39822
Built from https://develop.svn.wordpress.org/trunk@40536
git-svn-id: http://core.svn.wordpress.org/trunk@40412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Tests in the `ms-excluded` group are now excluded when running tests with multisite enabled, and tests in the `ms-required` group are excluded when running tests without multisite enabled. The end result is a significantly reduced number of skipped tests polluting PHPUnit's output, which means verbose mode can be used to more easily see which tests are skipped or incomplete, and why.
See #40531
Built from https://develop.svn.wordpress.org/trunk@40520
git-svn-id: http://core.svn.wordpress.org/trunk@40396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[7520] introduced an undocumented feature whereby developers could
register a custom taxonomy with an 'args' parameter, consisting of
an array of config params that, when present, override corresponding
params in the `$args` array passed to `wp_get_object_terms()` when
using that function to query for terms in the specified taxonomy.
The `wp_get_object_terms()` refactor in [38667] failed to respect
this secret covenant, and the current changeset atones for the
transgression.
Props danielbachhuber.
Fixes#40496.
Built from https://develop.svn.wordpress.org/trunk@40513
git-svn-id: http://core.svn.wordpress.org/trunk@40389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the new parameter, it is now possible to update the user count on a network different from the current one. While the count itself is technically a global user count and not network-wide, it is stored on each individual network, and the new parameter provides more control about where to update the count.
Fixes#40349. See #38699.
Built from https://develop.svn.wordpress.org/trunk@40485
git-svn-id: http://core.svn.wordpress.org/trunk@40361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Links used as UI controls that behave like buttons, should be buttons.
- changes the widgets "toggle", "Delete", and "Close" links to buttons
- uses `aria-expanded` to announce the state of the toggle buttons
- increases a bit the clickable area of the toggle
- ensures the "circular focus" doesn't get cut-off in some browsers by centering the toggle arrows
- uses a `<span>` element with an `aria-hidden` attribute to hide CSS generated font icons from assistive technologies
- standardizes on `.toggle-indicator:before` rather than `:after`
- changes two `#f00` reds in `#dc3232`, see #35622Fixes#31476.
Built from https://develop.svn.wordpress.org/trunk@40480
git-svn-id: http://core.svn.wordpress.org/trunk@40356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The behaviour was previously possible with the `blog_details` filter and `get_blog_details()` function. The former is deprecated since [38936].
This change adjusts the magic methods of `WP_Site` to also check if `$key` exists in `WP_Site::get_details()`.
Fixes#40458.
Built from https://develop.svn.wordpress.org/trunk@40478
git-svn-id: http://core.svn.wordpress.org/trunk@40354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the posts page is on the front page or within a front page section, the heading hierarchy for the individual post titles needs to be adjusted accordingly.
Props joedolson, celloexpressions, davidakennedy.
Fixes#40264.
Built from https://develop.svn.wordpress.org/trunk@40458
git-svn-id: http://core.svn.wordpress.org/trunk@40334 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As a general rule, this means the fastest test jobs now run first because each subsequent version of PHP is faster than the previous. When a committer is patiently waiting for a Travis build to complete, they are at least more likely to see unexpected failures earlier than they otherwise would.
In addition, this updates the JavaScript test job to run on PHP 7.1.
Props netweb
See #39705
Built from https://develop.svn.wordpress.org/trunk@40434
git-svn-id: http://core.svn.wordpress.org/trunk@40332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix an issue where legacy JavaScript for SWFUpload still used jQuery's
deprecated `live` event which no longer works - switch to using `on`.
This JavaScript is still used by some plugins and themes.
Props MMDeveloper.
Fixes#39886.
Built from https://develop.svn.wordpress.org/trunk@40431
git-svn-id: http://core.svn.wordpress.org/trunk@40329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids a couple of expensive queries that attempt to determine whether the media library contains any audio or video items, and also makes the UI for creating playlists more discoverable.
[40382] and [40421] added filters to allow overriding this behavior; this commit changes the default value of the filters to always show these UI buttons and never run the expensive queries. The old behavior can still be restored using the filters if desired.
Props sboisvert, adamsilverstein, joemcgill, jnylen0.
Fixes#31071.
Built from https://develop.svn.wordpress.org/trunk@40430
git-svn-id: http://core.svn.wordpress.org/trunk@40328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As a follow-up to [40382], this commit makes the following improvements:
- Make the filter names more specific.
- Fix the inline documentation (use `@param` instead of `@return).
- Use `null ===` instead of `is_null` to avoid extra function calls.
- Rename the `$has_audio` and `$has_video` variables now that they actually represent something slightly different.
See #31071.
Built from https://develop.svn.wordpress.org/trunk@40421
git-svn-id: http://core.svn.wordpress.org/trunk@40319 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Toolbar search field, when the Toolbar is displayed on the frontend, might
inherit CSS properties from the active Theme stylesheet. For example, this
happened with Twenty Seventeen that sets `display: block;` on all the input
fields. Thus, there's the need to reset some CSS properties to avoid inheritance.
Props @sagarprajapati.
Fixes#40313.
Built from https://develop.svn.wordpress.org/trunk@40418
git-svn-id: http://core.svn.wordpress.org/trunk@40316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When using `is_super_admin()` in a non-multisite environment, the function is supposed to check for administrator capabilities. The process of querying all users and filtering them with that function can be optimized by only querying users with the administrator role instead.
Fixes#40406. See #37616.
Built from https://develop.svn.wordpress.org/trunk@40406
git-svn-id: http://core.svn.wordpress.org/trunk@40313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this change, a mix of `is_super_admin()` calls and `manage_network` capability checks was used to determine whether the current user could upgrade the network. With this changeset a dedicated capability is introduced that allows more granular handling.
Props dhanendran for the original patch.
Fixes#39205. See #37616.
Built from https://develop.svn.wordpress.org/trunk@40404
git-svn-id: http://core.svn.wordpress.org/trunk@40311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[40295] removed the restriction of a minimum amount of characters for new site names, which could cause unexpected behavior. That changeset is reverted here with the exception of the removal of the `is_super_admin()` check, which can safely be omitted. A new filter for the minimum site name length will be introduced later to be able to modify that behavior.
See #39676, #37616.
Built from https://develop.svn.wordpress.org/trunk@40391
git-svn-id: http://core.svn.wordpress.org/trunk@40298 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`setup_network` is a new meta capability that brings more granular control over the permissions to setup a multisite environment. In a non-multisite environment it falls back to `manage_options` while in a multisite it falls back to `manage_network_options`. The introduction of this capability furthermore allows replacing an `is_super_admin()` check.
Props ashokkumar24 for the original patch.
Fixes#39206. See #37616.
Built from https://develop.svn.wordpress.org/trunk@40390
git-svn-id: http://core.svn.wordpress.org/trunk@40297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are a couple of queries that do a full table scan of attachment posts to support features of the media library. Pending a more complete solution, allow overriding these queries via filters.
Props sboisvert, jnylen0.
See #31071.
Built from https://develop.svn.wordpress.org/trunk@40382
git-svn-id: http://core.svn.wordpress.org/trunk@40289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Accounts for HTTPS links (port 443) where [40318] only accounted for HTTP links (port 80). Addresses issue in IE11 where the default port number is unexpectedly included on `link.host` for links dynamically created by scripts.
Props mattwiebe.
Amends [40318], [38890].
See #38409.
Fixes#40198.
Built from https://develop.svn.wordpress.org/trunk@40381
git-svn-id: http://core.svn.wordpress.org/trunk@40288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `get_user_count()` function returns the number of active users on a network, which is stored in a `user_count` network option. Since `get_network_option()` supports retrieving options from other networks than the current one, `get_user_count()` can now make use of that feature.
Fixes#37866.
Built from https://develop.svn.wordpress.org/trunk@40371
git-svn-id: http://core.svn.wordpress.org/trunk@40278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `get_blog_count()` function used to support an `$id` parameter for the network ID prior to WordPress 3.1. This parameter has not been used since the introduction of `get_site_option()` and was later deprecated in [25113]. With `get_network_option()` however it is possible to support the parameter again, now properly renamed as `$network_id`.
A unit test has for the parameter has been added as well. Another unit test in the same class was adjusted to work properly with multiple networks existing.
Fixes#37865.
Built from https://develop.svn.wordpress.org/trunk@40370
git-svn-id: http://core.svn.wordpress.org/trunk@40277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Enable connecting to multiple wp-api `endpoints`. Calling `wp.api.init` with a new `apiRoot` will parse the new endpoint's schema and store a new set of models and collections. A collection of connected endpoints is stored in `wp.api.endpoints`.
Props lucasstark.
Fixes#39683.
Built from https://develop.svn.wordpress.org/trunk@40364
git-svn-id: http://core.svn.wordpress.org/trunk@40271 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For better accessibility, expandable panels should be placed immediately after
the control that expands them. This change moves the Media Library inline
uploader up, right after the "Add New" button, also introducing consistency with
the Plugin and Theme uploaders.
Adds a proper ARIA role on the button and an `aria-expanded` attribute to give
better feedback to assistive technologies users about the uploader's expanded state.
Improves the focus handling when closing the uploader, improves the focus style
and color contrast ratio of the uploader "close" button.
Props mantismamita, karmatosed, adamsilverstein, afercia.
Fixes#37188.
Built from https://develop.svn.wordpress.org/trunk@40359
git-svn-id: http://core.svn.wordpress.org/trunk@40266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
After [40059] the CSS class `button-link` uses `text-align: left` by default.
This change now requires to limit as much as possible the use of `button-link`
to controls that should really look like links and to explicitly set
`text-align: center` in a few other cases.
Fixes#39983.
Built from https://develop.svn.wordpress.org/trunk@40358
git-svn-id: http://core.svn.wordpress.org/trunk@40265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to 4.7, term relationships - as set by `wp_set_object_terms()` or
`wp_remove_object_terms()` - did not affect the term query cache. The
introduction of the 'object_ids' parameter in 4.7 means that the query
cache must be aware of object-term relationships. As such, the
'last_changed' incrementor is now invalidated when term relationships
are modified.
This bug only reared its head when delaying term counting, because term
counting performs its own term query cache invalidation.
Props mboynes.
Fixes#40306.
Built from https://develop.svn.wordpress.org/trunk@40353
git-svn-id: http://core.svn.wordpress.org/trunk@40260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A couple of REST API tests had an assertion `assertNotInstanceOf( 'WP_Error', $response );` which will never be true.
Since these assertions are invalid, and also made redundant by the response status check, we can just remove them.
Props dlh.
Fixes#40270.
Built from https://develop.svn.wordpress.org/trunk@40350
git-svn-id: http://core.svn.wordpress.org/trunk@40257 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In previous iterations of `WP_Site`, there was concern that not all properties would be available when storing a site's details in cache. When introduced in [37918], an `ms_loaded` check was added to address this concern. Any properties that are still `false` after `ms_loaded` really are `false` and can be cached as such.
Props flixos90.
Fixes#40247.
Built from https://develop.svn.wordpress.org/trunk@40344
git-svn-id: http://core.svn.wordpress.org/trunk@40251 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [31349], core `varchar` column key lengths were changed from 255 to 191 to support the 767 byte index size limit on standard utf8mb4 MySQL installs. This changes the DB schema tests to match.
Props caseypatrickdriscoll, clarinetlord.
Fixes#35958.
Built from https://develop.svn.wordpress.org/trunk@40339
git-svn-id: http://core.svn.wordpress.org/trunk@40246 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This extends the existing behavior which only showed a message only when there were no widget areas rendered in the preview. The number of non-rendered widget areas is indicated. Also removes needles deletion of `wp.customize.Widgets.data.l10n` property which hindered plugins.
See #33567, #33052.
Fixes#39087.
Built from https://develop.svn.wordpress.org/trunk@40312
git-svn-id: http://core.svn.wordpress.org/trunk@40219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Avoid a PHP Error when attempting to embed the parent post of an attachment, when the parent post ID is invalid. Instead check if the parent post object exists before checking the read permission for the parent post.
Props GhostToast.
Fixes#39881.
Built from https://develop.svn.wordpress.org/trunk@40306
git-svn-id: http://core.svn.wordpress.org/trunk@40213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously `update_blog_option()` would trigger an invalidation of that site's entire cache although these changes did not affect the content of these caches. Furthermore changes to the special options `blogname`, `siteurl` and `post_count` should not invalidate the entire cache of that site, but only their respective site details cache. The option `home` now has the same behavior as it also belongs to the site details, but did not invalidate the cache at all previously.
Several new unit tests confirm these changes work as expected.
Fixes#40063.
Built from https://develop.svn.wordpress.org/trunk@40305
git-svn-id: http://core.svn.wordpress.org/trunk@40212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Exclude 'node_modules' directories from paths searched in `WP_Theme::scandir()`. Introduces the `theme_scandir_exclusions` filter to allow sites to exclude any other paths like `bower_components` or `vendor` from being searched for template files.
Props lukasbesch, dd32, swisspidy, rachelbaker.
Fixes#38292.
Built from https://develop.svn.wordpress.org/trunk@40301
git-svn-id: http://core.svn.wordpress.org/trunk@40208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This prevents an additional 301 redirect when clicking on the nav menu item, and it also prevents a scenario where the auth cookie may not be passed and cause an authentication error when navigating in the customizer.
Props dlh, swissspidy.
Fixes#40112.
Built from https://develop.svn.wordpress.org/trunk@40300
git-svn-id: http://core.svn.wordpress.org/trunk@40207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It is sometimes desirable to support shorter site names than 4 characters, therefore that restriction should be removed. It is still possible to manually enforce it by using the `wpmu_validate_blog_signup` filter.
As a result of this change, another `is_super_admin()` call gets removed which affects the ongoing efforts of working on a network-wide role system.
Props milindmore22.
Fixes#39676. See #37616.
Built from https://develop.svn.wordpress.org/trunk@40295
git-svn-id: http://core.svn.wordpress.org/trunk@40202 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to [38677], `get_term_by()` would always return false if
an empty string were passed as the queried 'name' or 'slug'. The
refactor to use `get_terms()` broke this behavior; inappropriately
imprecise `empty()` checks caused the 'name' or 'slug' clause to be
discarded altogether when fetching terms, resulting in an incorrect
term being returned from the function.
We fix the regression by special-casing truly empty values passed
to `get_term_by()`, and ensuring that `WP_Term_Query` is properly
able to handle `0` and `'0'` term queries.
Props sstoqnov.
Fixes#21760.
Built from https://develop.svn.wordpress.org/trunk@40293
git-svn-id: http://core.svn.wordpress.org/trunk@40200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The time chosen for `test_empty_post_date_gmt_shimmed_using_post_date` falls within US daylight savings time. This may cause the test to fail depending on whether the current locale has DST.
The fix is to specify a numeric `gmt_offset` rather than a `timezone_string`.
Unprops jnylen0.
Fixes#40136.
Built from https://develop.svn.wordpress.org/trunk@40284
git-svn-id: http://core.svn.wordpress.org/trunk@40196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Historically, it has been possible to call `get_term_by()` within
a 'get_terms' filter callback. Since `get_term_by()` was refactored
to use `get_terms()` internally [38677], callbacks of this nature
have resulted in infinite loops.
As a workaround, we introduce a 'suppress_filter' option to `get_terms()`,
and use it when calling the function from within `get_term_by()`.
Props ocean90.
See #21760.
Built from https://develop.svn.wordpress.org/trunk@40275
git-svn-id: http://core.svn.wordpress.org/trunk@40192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change moves to specifying the PHPUnit version for all PHP versions, and fixes an issue where the Composer global bin directory is not at `~/.composer/vendor/bin` on the boxes that are used for HHVM builds.
See #40100
Built from https://develop.svn.wordpress.org/trunk@40269
git-svn-id: http://core.svn.wordpress.org/trunk@40188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Overriding pluggable functions in the test suite is asking for trouble in the future. In addition, it means the test suite can't be guaranteed to behave the same as core.
This instead introduces a `send_auth_cookies` filter which can be hooked in during the test suite to prevent these functions from attempting to send cookie headers to the client.
Fixes#39367
Built from https://develop.svn.wordpress.org/trunk@40263
git-svn-id: http://core.svn.wordpress.org/trunk@40183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The site's current timezone offset is an important piece of information for any REST API client that needs to manipulate dates. It has not been previously available.
Expose both the `gmt_offset` (the site's current offset from UTC in hours) and `timezone_string` (which also provides information about daylight savings time) via the "site info" endpoint (the base `/wp-json` response).
Also update the `wp-api-generated.js` fixture file with the changes to the default API responses.
Props sagarkbhatt.
Fixes#39854.
Built from https://develop.svn.wordpress.org/trunk@40238
git-svn-id: http://core.svn.wordpress.org/trunk@40168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit adds some missing test cases for combinations of `orderby` and other parameters (`post_parent__in` and `post_name__in`).
Followup to [40056] for `orderby` and `post__in`.
The interaction of these parameters is perhaps counterintuitive because `orderby` does not affect the returned results. This is overall probably the best design, and it's now better tested and documented.
Props fibonaccina.
See #39055.
Built from https://develop.svn.wordpress.org/trunk@40237
git-svn-id: http://core.svn.wordpress.org/trunk@40167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Terms with duplicate names are not allowed at the same level of a
taxonomy hierarchy. The name lookup introduced in [34809] did not
properly account for the 'parent' parameter, with the result that
the duplicate-name restriction was tighter than intended (terms
with duplicate names could not be created at different levels of
a single hierarchy).
Props mikejolley.
Fixes#39984.
Built from https://develop.svn.wordpress.org/trunk@40145
git-svn-id: http://core.svn.wordpress.org/trunk@40084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_insert_term()` does not allow for terms with the same name to exist
at the same hierarchy level, unless the second term has a unique slug.
When this logic was refactored in [31792] and [34809], a bug was
introduced whereby it was possible to bypass the no-same-named-sibling
check in cases where the first term had a non-auto-generated slug
(ie, where the name was 'Foo' but the slug something other than 'foo',
such that the second term would get the non-matching slug 'foo').
This changeset fixes this issue by ensuring that the duplicate name
check runs both in cases where there's an actual slug clash *and* in
cases where no explicit `slug` has been provided to `wp_insert_term()`.
The result is a more reliable error condition:
`wp_insert_term( 'Foo' ... )` will always fail if there's a sibling
'Foo', regardless of the sibling's slug.
Props mikejolley.
See #39984.
Built from https://develop.svn.wordpress.org/trunk@40144
git-svn-id: http://core.svn.wordpress.org/trunk@40083 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since support for PDF previews were added in [38949], it's possible
that the generated image file could overwrite an existing image file
with the same name. This uses `wp_unique_filename()` to avoid this
issue and adds a '-pdf' identifier on the end of filenames.
Props gitlost, derosj, mikeschroder, joemcgill.
Fixes#39875. See #31050.
Built from https://develop.svn.wordpress.org/trunk@40130
git-svn-id: http://core.svn.wordpress.org/trunk@40067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [40123], `WP_Image_Editor_Imagick` started using
`Imagick::setImageOrientation` and `Imagick::ORIENTATION_TOPLEFT`,
but had no equivalent feature check.
While they were introduced more than 9 years ago, it's important
to double-check everything is available before using with Imagick.
Fixes#37140.
Built from https://develop.svn.wordpress.org/trunk@40129
git-svn-id: http://core.svn.wordpress.org/trunk@40066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A few of the multisite tests were failing after [40124] because
multisite filters `upload_mimes` with the `check_upload_mimes()`
function to reduce the set of allowed MIME types. This fixes those
errors by skipping the tests for adding additional MIME types and
only tests file types assumed to be allowed.
See #39550.
Built from https://develop.svn.wordpress.org/trunk@40125
git-svn-id: http://core.svn.wordpress.org/trunk@40062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[39831] introduced more strict MIME type checking for uploads, which
resulted in unintetionally blocking several filetypes that were
previously valid. This change uses a more targeted approach to MIME
validation to restore previous behavior for most types.
Props blobfolio, iandunn, ipstenu, markoheijnen, xknown, joemcgill.
Fixes#39550, #39552.
Built from https://develop.svn.wordpress.org/trunk@40124
git-svn-id: http://core.svn.wordpress.org/trunk@40061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Due to inconsistencies in the way browsers handle Exif orientation data,
if a user manually rotates an image within WordPress, set the Exif orientation to
the default (1) so that the image displays with the same rotation/flip in every browser.
Props sanchothefat, triplejumper12, joemcgill, azaozz, markoheijnen, mikeschroder.
See #14459.
Fixes#37140.
Built from https://develop.svn.wordpress.org/trunk@40123
git-svn-id: http://core.svn.wordpress.org/trunk@40060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, when getting posts from the API with `sticky=true`, if there were no sticky posts set, the query would return all posts as if the `sticky` argument was not set. In this situation, the query should return an empty array instead.
A `sticky=true` query that should return an empty array (in the previous situation, or with `include` and no intersecting post IDs) was also broken in that it would query the post with ID 1.
Finally, this commit significantly improves test coverage for the `sticky` filter argument, including direct testing of the `WHERE` clauses generated by `WP_Query`.
Props ryelle.
Fixes#39947.
Built from https://develop.svn.wordpress.org/trunk@40122
git-svn-id: http://core.svn.wordpress.org/trunk@40059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A `post_format` not used by the current theme, but supported by core is not a wrong/broken piece of information. It's just not used at this point in time. Therefore we should allow setting and retrieving any of the standard post formats supported in core, even if the current theme doesn't use them.
After this commit, a post's `format` value can survive a round trip through the API, which is a good general design principle for an API.
Props JPry, iseulde, davidakennedy, Drivingralle.
Fixes#39232.
Built from https://develop.svn.wordpress.org/trunk@40120
git-svn-id: http://core.svn.wordpress.org/trunk@40057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add QUnit tests for the parsing of custom namespace routes. Add a custom schema fixture based on the `wp-js-widgets` plugin. Test that the client can parse the widget namespace in the schema and correctly construct the expected group of models and collections. Also includes a small unrelated QUnit fix to ensure nav-menu test passes when it is loaded without its tests executing as well as a small jshint fix, adding a missing semicolon since [40107].
Props jnylen0.
Fixes#39561.
Built from https://develop.svn.wordpress.org/trunk@40109
git-svn-id: http://core.svn.wordpress.org/trunk@40046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Internally, WordPress uses a special `post_date_gmt` value of `0000-00-00 00:00:00` to indicate that a draft's date is "floating" and should be updated whenever the post is saved. This makes it much more difficult for API clients to know the correct date of a draft post.
This commit provides a best guess at a `date_gmt` value for draft posts in this situation using the `date` field and the site's current timezone offset.
Props joehoyle.
Fixes#38883.
Built from https://develop.svn.wordpress.org/trunk@40108
git-svn-id: http://core.svn.wordpress.org/trunk@40045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Enable history support for the new theme screen, including navigating theme details and closing the details modal. Theme selection is now also bookmark-able, so linking to a URL like `/wp-admin/theme-install.php?theme=twentyseventeen` correctly opens the theme preview.
Props dd32.
Fixes#36613.
Built from https://develop.svn.wordpress.org/trunk@40107
git-svn-id: http://core.svn.wordpress.org/trunk@40044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It has been unintendedly possible to both view and edit users from a different site than the current site in multisite environments. Moreover, when passing roles to a user in an update request, that user would implicitly be added to the current site.
This changeset removes the incorrect behavior for now in order to be able to provide a proper REST API workflow for managing multisite users in the near future. Related unit tests have been adjusted as well.
Props jnylen0, jeremyfelt, johnjamesjacoby.
Fixes#39701.
Built from https://develop.svn.wordpress.org/trunk@40106
git-svn-id: http://core.svn.wordpress.org/trunk@40043 1a063a9b-81f0-0310-95a4-ce76da25c4cd
DELETE was inadvertently omitted from the list of non-POST HTTP methods that should be able to accept body parameters. Parameters passed to DELETE requests as JSON are already parsed correctly; this commit fixes `application/x-www-form-urlencoded` parameters as well.
Props mnelson4.
Fixes#39933.
Built from https://develop.svn.wordpress.org/trunk@40105
git-svn-id: http://core.svn.wordpress.org/trunk@40042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit modifies the `rest_get_date_with_gmt` function to correctly parse local and UTC timestamps with or without timezone information.
It also ensures that the REST API can edit the dates of draft posts by setting the `edit_date` flag to `wp_update_post`.
Overall this commit ensures that post and comment dates can be set and updated as expected.
Fixes#39256.
Built from https://develop.svn.wordpress.org/trunk@40101
git-svn-id: http://core.svn.wordpress.org/trunk@40038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously the status for a Post (or other post_types) was only exposed under the `edit` context, which doesn't really make much sense considering we support querying by post status without authentication. Originally introduced in v2.0 beta 1: 69f617d749 without any explanation in the commit message.
Props dhanendran, jnylen0, rachelbaker.
Fixes#39466.
Built from https://develop.svn.wordpress.org/trunk@40080
git-svn-id: http://core.svn.wordpress.org/trunk@40017 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are a couple of changes to the generated API schemas between single-site and multisite mode - for example, the `url` and `email` settings are not present in the settings endpoint (see #39005).
To avoid unexpected changes to the `wp-api-generated.js` fixture file, skip generating the client test fixtures when running the test suite in multisite mode.
See #39264.
Built from https://develop.svn.wordpress.org/trunk@40077
git-svn-id: http://core.svn.wordpress.org/trunk@40014 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix parsing of custom namespace routes. Transform class names, removing dashes and capitalizing each word/route part so a route path of `widgets/recent-posts` becomes a collection with the name `WidgetsRecentPosts`. Correct parent route part when routes are longer than expected, reversing parse direction.
Props westonruter, jazbek.
Fixes#39561.
Built from https://develop.svn.wordpress.org/trunk@40074
git-svn-id: http://core.svn.wordpress.org/trunk@40011 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Follow-up to [40065] - `JSON_*` constants are differently unsupported in PHP 5.2 and 5.3, which caused other, more different failures.
Also bring back `JSON_UNESCAPED_SLASHES` because the generated output looks nicer this way.
Fixes#39264.
Built from https://develop.svn.wordpress.org/trunk@40066
git-svn-id: http://core.svn.wordpress.org/trunk@40003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Remove `JSON_UNESCAPED_SLASHES` from the `wp_json_encode` call - this constant is not supported in PHP < 5.4, and we don't polyfill it either.
Also make the PHPUnit test suite correctly exit with a non-zero exit code when `wp-tests-config.php` is not present. This was causing `grunt restapi-jsclient` to incorrectly proceed to its second step even when the first step failed with this error.
Props ocean90.
Fixes#39264.
Built from https://develop.svn.wordpress.org/trunk@40065
git-svn-id: http://core.svn.wordpress.org/trunk@40002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `post_author` field is a string internally, but we need to cast it to an integer in the REST API. This was already done for posts, but not for revisions. The field is already declared as an integer in both controllers.
Fixes#39871.
Built from https://develop.svn.wordpress.org/trunk@40063
git-svn-id: http://core.svn.wordpress.org/trunk@40000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a data normalization pass when generating data fixtures for the REST API endpoints. Ensures that the `wp-api-generated.js` fixture won't change between test runs. Set more default properties and use fixed values for any properties that can't be easily controlled (object IDs and derivatives like link). Generate the fixture file with JSON_PRETTY_PRINT so that future diffs are easier to follow.
Props jnylen0, netweb.
Fixes#39264.
Built from https://develop.svn.wordpress.org/trunk@40061
git-svn-id: http://core.svn.wordpress.org/trunk@39998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a debounce wrapper to the media grid search handler. The search callback is now fired after a 300 ms typing pause.
Remove redundant handlers for 'search' and 'change', preventing multiple/duplicate search callbacks.
Props certainstrings, joemcgill, Kelderic, batmoo.
Fixes#38911.
Built from https://develop.svn.wordpress.org/trunk@40060
git-svn-id: http://core.svn.wordpress.org/trunk@39997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add QUnit tests: verify that wp-api loads correctly, verify that the expected base models and collections exist and can be instantiated, verify that collections contain the correct models, verify that expected helper functions are in place for each collection.
The QUnit tests rely on two fixture files: `tests/qunit/fixtures/wp-api-generated.js` contains the data response from each core endpoint and is generated by running the PHPUnit `restapi-jsclient` group. `tests/qunit/fixtures/wp-api.js` maps the generated data to endpoint routes, and overrides `Backbone.ajax` to mock the responses for the tests.
Add PHPUnit tests in `tests/phpunit/tests/rest-api/rest-schema-setup.php`. First, verify that the API returns the expected routes via `server->get_routes()`. Then, the `test_build_wp_api_client_fixtures` test goes thru each endpoint and requests it from the API, tests that it returns data, and builds up the data for the mocked QUnit tests, saving the final results to `tests/qunit/fixtures/wp-api-generated.js`.
Add a new grunt task `restapi-jsclient` which runs the phpunit side data generation and the qunit tests together.
Props jnylen0, welcher.
Fixes#39264.
Built from https://develop.svn.wordpress.org/trunk@40058
git-svn-id: http://core.svn.wordpress.org/trunk@39995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates `.button-link` adding color and underline to make link-like buttons look
like links by default. Introduces `.button-link-delete` as a modifier, stackable
CSS class for red button-links.
Props Cheffheid, afercia.
See #34242.
Fixes#35126.
Built from https://develop.svn.wordpress.org/trunk@40052
git-svn-id: http://core.svn.wordpress.org/trunk@39989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit adds tests for `orderby=relevance` combined with a search term in the REST API.
It also improves tests for the `orderby` parameter in `WP_REST_Posts_Controller` by looking at the generated SQL query instead of creating a bunch of carefully arranged test objects. This should be much more robust, and we can use this approach in other places (such as #39055).
Fixes#39079.
Built from https://develop.svn.wordpress.org/trunk@40037
git-svn-id: http://core.svn.wordpress.org/trunk@39974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Partial revert of [38929].
This reverts the source code from the commit for #30210 to prevent valid but empty feeds from returning 404 file not found errors for the home and custom feeds.
The tests in the commit that remain applicable are retained.
Props pavelevap for reporting, stevenkword for initial patch.
See #30210.
Fixes#39157.
Built from https://develop.svn.wordpress.org/trunk@40030
git-svn-id: http://core.svn.wordpress.org/trunk@39967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The category is not shown in the preview. And because of how `themename_categorized_blog()` function in each theme returns false for 1 or fewer categories, and in this case it won't show the new category.
The patch uses `is_preview()` to fix that in Twenty Fourteen, Fifteen and Seventeen.
Props lancewillett.
Fixes#39531.
Built from https://develop.svn.wordpress.org/trunk@40023
git-svn-id: http://core.svn.wordpress.org/trunk@39960 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The line of code throwing the error was introduced in WordPress 4.5 in r37040 "Customize: Require opt-in for selective refresh of widgets". Since `is_customize_preview()` was introduced in 4.0.0 and Twenty Fourteen should work from WordPress 3.6 and up, this caused the issue.
The patch adds an `is_customize_preview` function if it's missing.
Props adamsilverstein.
Fixes#39407.
Built from https://develop.svn.wordpress.org/trunk@40022
git-svn-id: http://core.svn.wordpress.org/trunk@39959 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix a JavaScript error when the media edit screen is loaded directly via a url such as `/wp-admin/post.php?post={post_id}&action=edit&image-editor`. Add a check in `imgLoaded` for `this.hold.sizer` which is set up during initialization and required for the cropping tool. Call `init` if this is undefined.
Props NoseGraze.
Fixes#38138.
Built from https://develop.svn.wordpress.org/trunk@40020
git-svn-id: http://core.svn.wordpress.org/trunk@39957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Enqueues the style along with the `customize-preview` script in the manager instead of via the `widgets` and `nav_menus` components, ensuring that the stylesheet is loaded for users who cannot manage widgets or nav menus.
Props dlh.
See #27403.
Fixes#39498.
Built from https://develop.svn.wordpress.org/trunk@39951
git-svn-id: http://core.svn.wordpress.org/trunk@39888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously the menu items would all be displayed solely based on the `manage_network` capability. This change provides parity with the network admin menu.
Unit tests for the network admin menu functionality of `wp_admin_bar_my_sites_menu()` have been added.
Props chandrapatel.
Fixes#39082.
Built from https://develop.svn.wordpress.org/trunk@39948
git-svn-id: http://core.svn.wordpress.org/trunk@39885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The checks were introduced in [22256] to prevent user settings to be set for super admins that were not a member of the current site. However the latter should apply to any kind of user, so the `is_super_admin()` check is redundant. Furthermore, removing these checks is necessary for the ongoing effort to get rid of `is_super_admin()` checks in general.
Props chandrapatel for initial patch.
Fixes#39199. See #37616.
Built from https://develop.svn.wordpress.org/trunk@39932
git-svn-id: http://core.svn.wordpress.org/trunk@39869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The strings addressing the network administrator in `wp-signup.php` were still using the old terminology of blogs and sites. Furthermore concatenation of the strings has been removed to make them i18n-friendly.
Props jignesh.nakrani, SergeyBiryukov.
Fixes#39611.
Built from https://develop.svn.wordpress.org/trunk@39929
git-svn-id: http://core.svn.wordpress.org/trunk@39866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fire a `menu-item-added` event after a menu item is added to the DOM. Fire a `menu-removing-item` event before a menu item is removed from the DOM. Enables hooking into and responding to menu changes.
Props welcher, adamsilverstein.
Fixes#31218.
Built from https://develop.svn.wordpress.org/trunk@39928
git-svn-id: http://core.svn.wordpress.org/trunk@39865 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When hitting the index, untrailingslashit() would make the REST route empty, which would then use the fallback inside WP_REST_Server. This isn't a problem most of the time, but WP_REST_Server contains a fallback to PATH_INFO. Combined with PATH_INFO permalinks, this would give a 404 on the API index, as it attempts to look up a route for "/wp-json/".
Props ccprog.
Fixes#39432.
Built from https://develop.svn.wordpress.org/trunk@39923
git-svn-id: http://core.svn.wordpress.org/trunk@39860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If index lengths change in table definitions, we don't recreate the index - instead, we throw a database error, as `dbDelta()` tries to create a new index with the same name.
It's better to leave the index as is, MySQL doesn't have an efficient process for resizing indices, and dropping/creating is a slow process which we don't want to trigger automatically.
Fixes#34870.
Built from https://develop.svn.wordpress.org/trunk@39921
git-svn-id: http://core.svn.wordpress.org/trunk@39858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `$user_total` member of `WP_User_Query`, and corresponding `get_total()` method, have always been documented as returning an `int`. `$user_total`, however, is populated by `$wpdb->get_var()`, which returns
a string (containing an integer value). Casting the return value from `get_var()` as an `int` rectifies this discrepency.
Props runciters.
Fixes#39297.
Built from https://develop.svn.wordpress.org/trunk@39915
git-svn-id: http://core.svn.wordpress.org/trunk@39852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add test coverage for requests of a single user resource for authors of post types registered as:
- public = true, show_in_rest = true: success without auth.
- public = true, show_in_rest = false: fail without auth.
- public = false, show_in_rest = true: success without auth.
- public = false, show_in_rest = false: fail without auth.
See #38878.
Fixes#39546.
Built from https://develop.svn.wordpress.org/trunk@39913
git-svn-id: http://core.svn.wordpress.org/trunk@39850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a new function `wp_get_image_mime()` which is used by
`wp_check_filetype_and_ext()` to validate image files using
`exif_imagetype()` if available instead of `getimagesize()`.
`getimagesize()` is less performant than `exif_imagetype()` and is
dependent on GD. If `exif_imagetype()` is not available, it falls back to
`getimagesize()` as before.
If `wp_check_filetype_and_ext()` can't validate the filetype, we now return
`false` for ext/MIME values.
See #11946.
Built from https://develop.svn.wordpress.org/trunk@39831
git-svn-id: http://core.svn.wordpress.org/trunk@39769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When installing and using database-saved salts, wp_create_nonce() causes database errors as wp_salt() attempts to insert into the not-yet-created options table. Since authentication isn't available during installation, we can safely skip creating a nonce.
Props nullvariable, pento, dd32.
Fixes#39047.
Built from https://develop.svn.wordpress.org/trunk@39684
git-svn-id: http://core.svn.wordpress.org/trunk@39624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
SimplePie can set the Content-Type header automatically with the correct charset for convenience, but we already force the charset to match the site's, making it redundant at best. At worst, SimplePie incorrectly overrides the content-type for non-HTML content (such as API requests).
Props dlh, stevenkword.
Fixes#39066.
Built from https://develop.svn.wordpress.org/trunk@39681
git-svn-id: http://core.svn.wordpress.org/trunk@39621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[38740] incorrectly introduced logic that changed a comment's page when
'comment_order' was set to 'desc'. This is in violation of the design
of the comment pagination system: a comment's page is designed not to
change when 'comment_order' or 'default_comment_page' are changed.
See #31101.
Props rachelbaker.
Fixes#39280.
Built from https://develop.svn.wordpress.org/trunk@39663
git-svn-id: http://core.svn.wordpress.org/trunk@39603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`terms` values are passed through `sanitize_term_field()` with the 'db'
flag, which add slashes. Because `terms` are subsequently run through
`esc_sql()`, these slashes must be removed. See [36348], which added
a similar step to sanitization in `get_terms()`.
Props bcworkz.
Fixes#39315.
Built from https://develop.svn.wordpress.org/trunk@39662
git-svn-id: http://core.svn.wordpress.org/trunk@39602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change avoids a PHP fatal error that can be encountered when the specified (or generated) source email is an invalid address, such as `wordpress@_`, it makes no effort to set a valid source, only avoid the fatal error.
See #25239 for correcting the email address.
Fixes#39360.
Built from https://develop.svn.wordpress.org/trunk@39655
git-svn-id: http://core.svn.wordpress.org/trunk@39595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replaces the "doesn't" contraction with "does not" to be consistent with similar strings in `WP_Error` messages when a specified term or parent term is missing in `WP_REST_Terms_Controller`.
Props ramiy, ocean90.
Fixes#39176.
Built from https://develop.svn.wordpress.org/trunk@39648
git-svn-id: http://core.svn.wordpress.org/trunk@39588 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Includes a new `supports` property in the response object and schema for the `/types` endpoints for users with the `edit_posts` capability for the given post type. The `supports` property returns an object of the features the given post type *supports*.
Props timmydcrawford, tyxla.
Fixes#39033.
Built from https://develop.svn.wordpress.org/trunk@39647
git-svn-id: http://core.svn.wordpress.org/trunk@39587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduced in [38674], the `wp_update_comment_data` filter took place after the `$data` was sliced and prepared for the database update statement. The location of the filter assumed the result of anyone applying it would not change the data type or make structural modifications or additions to the $data array. 😅
This moves the `wp_update_comment_data` filter to take place before the `$data` is sliced and prepared for the database update statement.
Props dshanske for initial patch.
Fixes#39380.
Built from https://develop.svn.wordpress.org/trunk@39640
git-svn-id: http://core.svn.wordpress.org/trunk@39580 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `term_exists()` check is not needed because of existing dupe
checks in `wp_insert_term()`. Furthermore, `term_exists()` conflates
term names and sanitized slugs, so incorrectly marks terms like
'C' and 'C+' as duplicates of one another.
Props garyc40, SergeyBiryukov, kovshenin, MikeHansenMe.
Fixes#16567.
Built from https://develop.svn.wordpress.org/trunk@39637
git-svn-id: http://core.svn.wordpress.org/trunk@39577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This addresses a major bug. Incorrectly setting the `$content_width` causes media embeds to end up with the wrong aspect ratio, among other issues. This fix uses `template_redirect`, to ensure conditional theme tags can be used. It also defines a default value at `after_theme_setup` so that plugins have something to work with at `init`.
Props sstoqnov, laurelfulford, obenland.
Fixes#39272.
Built from https://develop.svn.wordpress.org/trunk@39635
git-svn-id: http://core.svn.wordpress.org/trunk@39575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When plugins don't disable the `backupGlobals` PHPUnit option in their own tests, `$wpdb` is backed up and restored between classes of tests. The serialisation process used for this broke the database connection. This previously wasn't a problem, as it was reconnecting before each test.
[38398] introduced some changes that required the connection to be available in `setUpBeforeClass()`, earlier than in was previously reconnecting. This didn't cause warnings in Core, but it did cause warnings for plugins that don't disable the `backupGlobals` option.
The database connection now reconnects in `setUpBeforeClass()`. This change also fixes a few Core tests that weren't calling `parent::setUpBeforeClass()` or `parent::tearDown()` correctly.
Fixes#39327.
Built from https://develop.svn.wordpress.org/trunk@39626
git-svn-id: http://core.svn.wordpress.org/trunk@39566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also fix logic for `focus-control-for-setting` handler to focus on the first control (lowest `priority` value) associated with a given setting instead of the last control encountered when iterating over all controls, as this ensures the first control in a `nav_menu` section is focused rather than the last one.
Props westonruter, sirbrillig.
See #27403.
Fixes#39101.
Built from https://develop.svn.wordpress.org/trunk@39622
git-svn-id: http://core.svn.wordpress.org/trunk@39562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `rest_{$taxonomy}_collection_params` filter in 4.7 is incorrectly using
single quotes instead of double quotes, which means it is not working correctly
as a dynamic filter. This fixes the quotes around the filter name, and also
updates the docblocks for the other 3 similar filters for better conformance to
the documentation standards.
Props shazahm1hotmailcom, JPry, jnylen0.
Fixes#39300.
Built from https://develop.svn.wordpress.org/trunk@39621
git-svn-id: http://core.svn.wordpress.org/trunk@39561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If `add_theme_support( 'post-formats' )` is called with no additional
arguments, then `get_theme_support( 'post-formats' )` returns `true` rather
than an array of supported formats. Avoid generating PHP warnings in this
situation.
Props dreamon11, ChopinBach.
Fixes#39293.
Built from https://develop.svn.wordpress.org/trunk@39620
git-svn-id: http://core.svn.wordpress.org/trunk@39560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Correct setup for the `model` attribute of `wp.api.collections` objects. Set the collection model as a function that returns a new model of the underlying type, instead of setting it as the model prototype. Fixes an issue where models for fetched collections weren't set up properly and didn't have the expected mixin methods such as `getCategories` available.
Props jesseenterprises.
Fixes#39070.
Built from https://develop.svn.wordpress.org/trunk@39603
git-svn-id: http://core.svn.wordpress.org/trunk@39543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [38625], the functionality to search for attachments by filename was added
via the `posts_clauses` filter and the `_filter_query_attachment_filenames()`
function. This moves `_filter_query_attachment_filenames()` from
`wp-admin/includes/post.php` to `wp-includes/post.php` so that it can be
applied in the same manner in the REST API media endpoint.
Props jblz, tyxla.
Fixes#39092.
Built from https://develop.svn.wordpress.org/trunk@39598
git-svn-id: http://core.svn.wordpress.org/trunk@39538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It's fairly common for clients to send `Content-Type: application/json` with an
empty body. While technically not valid JSON, we've historically supported
this behaviour, so it shouldn't cause an error.
Props JPry.
Fixes#39150.
Built from https://develop.svn.wordpress.org/trunk@39594
git-svn-id: http://core.svn.wordpress.org/trunk@39534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`get_category_link()` is a wrapper for `get_term_link()`. Using the
unwrapped function makes more sense semantically (it's taxonomy-
agnostic) and it's also more parsimonious (the `WP_Error` check in
`get_category_link()` is redundant with similar checks just before
in `get_term_link()`).
Props keesiemeijer.
Fixes#17069.
Built from https://develop.svn.wordpress.org/trunk@39593
git-svn-id: http://core.svn.wordpress.org/trunk@39533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Site administrators should not be able to remove themselves from a site. This moves the enforcement of this rule from `wp-admin/users.php` to `remove_user_from_blog()` via the `remove_user` capability, which furthermore allows us to get rid of two additional clauses and their `is_super_admin()` checks in `wp-admin/users.php`. A unit test for the new behavior has been added.
Fixes#39063. See #37616.
Built from https://develop.svn.wordpress.org/trunk@39588
git-svn-id: http://core.svn.wordpress.org/trunk@39528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously an option containing an object would trigger an SQL `UPDATE` on all calls to `update_option`, even if the old and new values were identical. This was due to the old and new values having differing resource IDs.
This change compares the old and new values as serialized data to remove the resource ID from the comparison.
Props salcode, bradyvercher, peterwilsoncc.
Fixes#38903.
Built from https://develop.svn.wordpress.org/trunk@39564
git-svn-id: http://core.svn.wordpress.org/trunk@39504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The logic in WP_REST_Request->sanitize_params() added in [39091] did not account for `null` or `false` being the sanitization_callback preventing overriding `rest_parse_request_arg()`. This fixes that oversight, allowing the built in sanitization function to be bypassed. See #38593.
Props kkoppenhaver, rachelbaker, jnylen0.
Fixes#39042.
Built from https://develop.svn.wordpress.org/trunk@39563
git-svn-id: http://core.svn.wordpress.org/trunk@39503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The super admin on multisite as well as the administrator on non-multisite both have this capability already. For custom post types using different capabilities this change ensures that only users with that capability have permissions.
Fixes#39059. See #37616.
Built from https://develop.svn.wordpress.org/trunk@39539
git-svn-id: http://core.svn.wordpress.org/trunk@39479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When sections of the media modal are hidden out of view, their controls may be
still focusable and actionable. This completely hides these sections to avoid
unnecessary tab stops and potential confusion for assistive technology users.
Props SergeyBiryukov, afercia.
Fixes#30599.
Built from https://develop.svn.wordpress.org/trunk@39529
git-svn-id: http://core.svn.wordpress.org/trunk@39469 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds `srcset` and `sizes` to the about page images, including
art direction, via `<picture>` for the lead Twenty Seventeen image.
This also replaces URLs for all images and feature videos to their
CDN locations on s.w.org.
Props helen, pento, joemcgill.
Fixes#38616.
Built from https://develop.svn.wordpress.org/trunk@39514
git-svn-id: http://core.svn.wordpress.org/trunk@39454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The ultimate `post_name` is stored in postmeta until the post is published. The `get_page_by_path()` function does not exclude `auto-draft` posts. Revert changes to `wp_unique_post_slug()` from [39411] which excluded `auto-draft` posts.
Props westonruter, dlh for testing, helen for testing.
See #38114, #38928.
Fixes#39078.
Built from https://develop.svn.wordpress.org/trunk@39506
git-svn-id: http://core.svn.wordpress.org/trunk@39446 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Bump version numbers and update readme files for themes with changes. Also updates description for Twenty Seventeen and removes version number for HTML5 shiv for easier updates in the future.
Props davidakennedy.
Fixes#38858.
Built from https://develop.svn.wordpress.org/trunk@39496
git-svn-id: http://core.svn.wordpress.org/trunk@39436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the theme's CSS feature query for `object-fit` overrode styles it shouldn't have on interior pages.
This moves the feature query farther down in the stylesheet so it takes precedence in the cascade in supported browsers, and applies the appropriate selector for the interior pages. In browsers that don't support feature queries or `object-fit`, the fallback styles are still applied. The problem was that the rules had the same specificity, so this way, the cascade takes over properly. The transforms and position changes for fallbacks are still needed in browsers that don't support `object-fit` and feature queries.
Props peterwilsoncc, davidakennedy.
Fixes#39073.
Built from https://develop.svn.wordpress.org/trunk@39495
git-svn-id: http://core.svn.wordpress.org/trunk@39435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Extend the check in 'rest_allow_anonymous_comments' to accept any falsy value
(previously this was an explicit check for `false`).
One possible failure case is that a plugin developer forgets to include a
return value for some code path in their callback for this filter, leading to a
value of `null` which is currently treated like `true`.
Props joehoyle, jnylen0.
Fixes#39010.
Built from https://develop.svn.wordpress.org/trunk@39487
git-svn-id: http://core.svn.wordpress.org/trunk@39427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The theme uses a hack to help the video header and header image fill the available space. This centers around `max-width: 1000%;`. It causes visual issues (zooming of the header video or image) for all users though.
This fixes that with CSS Features Queries. The hack remains for browsers that don't support Feature Queries and `object-fit`. Browsers that do support both get a better experience with a more reliable styling of the video and image header container.
Props laurelfulford, peterwilsoncc.
Fixes#39035.
Built from https://develop.svn.wordpress.org/trunk@39483
git-svn-id: http://core.svn.wordpress.org/trunk@39423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `siteurl` setting is registered and made available to the REST API. On a multisite installation, this setting is not configurable from the General Settings screen, but due to the above it is configurable from the REST API.
Props peterwilsoncc.
Fixes#39005.
Built from https://develop.svn.wordpress.org/trunk@39468
git-svn-id: http://core.svn.wordpress.org/trunk@39408 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the `require_name_email` option is true, creating a comment with an empty string for the author name or email should not be accepted. Both values can be an empty string on update.
Props flixos90, hnle, dd32, rachelbaker, jnylen0, ChopinBach, joehoyle, pento.
Fixes#38971.
Built from https://develop.svn.wordpress.org/trunk@39444
git-svn-id: http://core.svn.wordpress.org/trunk@39384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- `'orderby' => 'include'` requires an array of post_ids via the `include` collection param.
`'orderby' => 'id'` and `'orderby' => 'slug'` need map the correct WP_Query equivalents.
Props flixos90, hnle, dd32, rachelbaker, joehoyle, pento.
Fixes#38971.
Built from https://develop.svn.wordpress.org/trunk@39440
git-svn-id: http://core.svn.wordpress.org/trunk@39380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In wp-admin, users are removed from individual sites rather than deleted. A user can only be deleted from the network admin.
Until support for a `PUT` request that removes a user's site and content associations is available, `DELETE` requests are disabled to avoid possible issues with lost content.
Props jnylen0, rachelbaker.
Fixes#38962.
Built from https://develop.svn.wordpress.org/trunk@39438
git-svn-id: http://core.svn.wordpress.org/trunk@39378 1a063a9b-81f0-0310-95a4-ce76da25c4cd