Commit Graph

6584 Commits

Author SHA1 Message Date
Weston Ruter
31647252e7 Plugin Editor: Remove plugins_loaded from being re-triggered in plugin_sandbox_scrape().
Props jdgrimes.
Amends [41560].
Fixes #39766.

Built from https://develop.svn.wordpress.org/trunk@41671


git-svn-id: http://core.svn.wordpress.org/trunk@41505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 17:07:49 +00:00
Jeremy Felt
abdfe59c28 Multisite: Use get_current_blog_id() instead of $wpdb->blogid.
`get_current_blog_id()` is more appropriate for determining the ID of the current site in most cases. This eliminates the need for the global `$wpdb` in several functions and is better than the implicit global used in admin pages.

Props bnap00, spacedmonkey.
Fixes #41684.

Built from https://develop.svn.wordpress.org/trunk@41661


git-svn-id: http://core.svn.wordpress.org/trunk@41495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 01:44:47 +00:00
Andrea Fercia
1f4dab28fe Accessibility: Improve the Theme Details modal accessibility.
- sets the modal content to `role="document"` to make screen readers switch back to browse mode
- standardizes the Themes screen and Customizer modals interaction
- Themes screen modal: sets initial focus on the modal overlay instead of the primary button, avoiding to "skip" content for keyboard and screen reader users

Fixes #42055.

Built from https://develop.svn.wordpress.org/trunk@41658


git-svn-id: http://core.svn.wordpress.org/trunk@41492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-01 13:48:46 +00:00
Weston Ruter
76f590b99b Customize: Introduce a new experience for discovering, installing, and previewing themes within the customizer.
Unify the theme-browsing and theme-customization experiences by introducing a comprehensive theme browser and installer directly accessible in the customizer. Replaces the customizer theme switcher with a full-screen panel for discovering/browsing and installing themes available on WordPress.org. Themes can now be installed and previewed directly in the customizer without entering the wp-admin context. Also includes an extensible framework for browsing and installing themes from other sources.

Also includes CSS auto-prefixing added via `grunt precommit:css`.

For details, see: https://make.wordpress.org/core/2016/10/03/feature-proposal-a-new-experience-for-discovering-installing-and-previewing-themes-in-the-customizer/

Previously [38813] but reverted in [39140].
Fixes #37661, #34843, #38666.
Props celloexpressions, folletto, westonruter, karmatosed, melchoyce, afercia.

Built from https://develop.svn.wordpress.org/trunk@41648


git-svn-id: http://core.svn.wordpress.org/trunk@41482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 20:13:50 +00:00
Sergey Biryukov
6a2b59745e I18N: Use a consistent pattern for translator comments for placeholders in wp-admin/includes/dashboard.php.
See #41974.
Built from https://develop.svn.wordpress.org/trunk@41641


git-svn-id: http://core.svn.wordpress.org/trunk@41475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-29 11:44:45 +00:00
Gary Pendergast
0028a9555e Database: Don't quote placeholders in queries going through $wpdb->prepare()
To bring Core into line with the changes to `$wpdb->prepare()` in WordPress 4.8.2, query placeholders shouldn't be quoted.

Props jrf, johnjamesjacoby.
Fixes #41983.


Built from https://develop.svn.wordpress.org/trunk@41628


git-svn-id: http://core.svn.wordpress.org/trunk@41463 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-28 04:32:46 +00:00
Andrea Fercia
8c7a2b1d54 Accessibility: Improve the sidebar toggles in the Widgets screen.
- uses button elements for the toggles
- uses `aria-expanded` on the toggles to communicate to assistive technologies the panels expanded/collapsed state
- adds the "circular focus" style to the toggles to give users a clear indication of the currently focused element
- standardizes CSS class names to `.toggle-indicator` and `.handlediv` as these names are already used across the admin for similar controls

Props monikarao, xavortm, mihai2u, Kopepasah.
Fixes #37013.

Built from https://develop.svn.wordpress.org/trunk@41621


git-svn-id: http://core.svn.wordpress.org/trunk@41456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 16:29:44 +00:00
John Blackbourn
50a7d2b121 Options, Meta APIs: Require a confirmation link in an email to be clicked when a user attempts to change the network
admin email address on Multisite.

This mirrors the same functionality for the site admin email address and user profile email address.

Fixes #41254

Built from https://develop.svn.wordpress.org/trunk@41617


git-svn-id: http://core.svn.wordpress.org/trunk@41452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 14:17:45 +00:00
John Blackbourn
807bc5a6c9 Users: Introduce the concept of a large site in order to speed up the Users screen when there are many users.
Calling the `count_users()` function is expensive, regardless of the counting strategy that's used, and it gets
slower the more users there are on a site. In order to speed up the Users screen in the admin area, calling
`count_users()` can be avoided entirely while still displaying the total count for users.

This introduces some new functions:

* `wp_is_large_user_count()`
* `wp_get_active_user_count()`
* `wp_update_active_user_count()`

A corresponding `wp_is_large_user_count` filter is also introduced.

Props tharsheblows, johnbillion

Fixes #38741

Built from https://develop.svn.wordpress.org/trunk@41613


git-svn-id: http://core.svn.wordpress.org/trunk@41448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 13:04:47 +00:00
Pascal Birchler
0fe4c3b3f2 Upgrade/Install: Fix updating plugins on the Add Plugins screen.
Props imath.
Fixes #41407.

Built from https://develop.svn.wordpress.org/trunk@41612


git-svn-id: http://core.svn.wordpress.org/trunk@41447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 11:59:47 +00:00
Pascal Birchler
2dd83960b9 Upgrade/Install: Show new version number when updating a theme on Multisite.
Props afragen.
Fixes #40764.

Built from https://develop.svn.wordpress.org/trunk@41611


git-svn-id: http://core.svn.wordpress.org/trunk@41446 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 09:44:45 +00:00
Pascal Birchler
1f5c7470fb Plugins: Improve error messages on plugins screen.
This unifies the layout and wording of error messages on both the plugins screen and the themes screen.

Props tinkerbelly, juhise, Ankit K Gupta, m1tk00, swissspidy, mrahmadawais, danieltj.
Fixes #37430.

Built from https://develop.svn.wordpress.org/trunk@41608


git-svn-id: http://core.svn.wordpress.org/trunk@41443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 08:46:45 +00:00
Dion Hulse
db86c635ba Standardise on performing api.WordPress.org requests over SSL when possible, falling back to non-SSL when appropriate.
This also standardises the `User-Agent` used when communicating with WordPress.org, allowing for more consistent version detection.

Fixes #42004.

Built from https://develop.svn.wordpress.org/trunk@41605


git-svn-id: http://core.svn.wordpress.org/trunk@41440 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 08:00:49 +00:00
Pascal Birchler
fce70235f2 Permalinks: Change structure tag button state more reliably.
Changes the highlighted tag buttons accordingly when selecting one of the commong permalink settings.

Deprecates `options_permalink_add_js()` as that JavaScript isn't added inline anymore.

Fixes #29872.

Built from https://develop.svn.wordpress.org/trunk@41598


git-svn-id: http://core.svn.wordpress.org/trunk@41433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-26 08:24:46 +00:00
Andrew Ozz
a5f8097899 Retire Press This and extract it to a plugin. First run.
Props kraftbj, azaozz.
See #41689.
Built from https://develop.svn.wordpress.org/trunk@41584


git-svn-id: http://core.svn.wordpress.org/trunk@41417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-24 14:22:54 +00:00
Sergey Biryukov
d379f839cf Posts, Post Types: Pass $post parameter to post_submitbox_start, attachment_submitbox_misc_actions, media_submitbox_misc_sections, audio_submitbox_misc_sections filters.
Props sebastian.pisula, SergeyBiryukov.
Fixes #36206.
Built from https://develop.svn.wordpress.org/trunk@41581


git-svn-id: http://core.svn.wordpress.org/trunk@41414 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 17:07:46 +00:00
Sergey Biryukov
c28cc57f3b Quick/Bulk Edit: Remove duplicate inline-edit-{$screen->post_type} CSS class from Quick Edit table rows.
Props ibachal.
Fixes #41906.
Built from https://develop.svn.wordpress.org/trunk@41576


git-svn-id: http://core.svn.wordpress.org/trunk@41409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 11:02:46 +00:00
Andrew Ozz
58b769a057 Plupload: also delete plupload.full.min.js when updating.
See #41755.
Built from https://develop.svn.wordpress.org/trunk@41571


git-svn-id: http://core.svn.wordpress.org/trunk@41404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 20:48:46 +00:00
Sergey Biryukov
4db08514ea Taxonomy: Convert tag cloud in Tags meta box to a list (<ul>) for better semantics and accessibility.
An unordered list allows screen reader users to know in advance how many tags are within the list.

Props audrasjb, afercia.
Fixes #40187.
Built from https://develop.svn.wordpress.org/trunk@41563


git-svn-id: http://core.svn.wordpress.org/trunk@41396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 11:28:44 +00:00
Weston Ruter
bf1eb1b505 Plugin Editor: Use include_once instead of include in plugin_sandbox_scrape() to fix unit tests broken with [41560].
See #39766.

Built from https://develop.svn.wordpress.org/trunk@41561


git-svn-id: http://core.svn.wordpress.org/trunk@41394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 02:01:45 +00:00
Weston Ruter
aff467e1cb Plugin Editor: Improve reliability of detecting PHP fatal errors when editing an active plugin.
* Invalidate PHP opcache after file is updated to ensure `include` will ''include'' the written changes.
* Define `WP_ADMIN` when activating plugin in sandbox so plugin code targeting admin will be loaded.
* Do actions that get triggered when loading the admin to ensure plugin code runs that could cause errors on plugin editor screen (and lock out access).
* Fix ability to re-activate a plugin after editing a PHP file other than the main plugin file, and ensure PHP fatal error will be displayed in such cases.
* Consolidate duplicated code into `plugin_sandbox_scrape()` and re-use in `activate_plugin()`.
* Show an error notice instead of a success notice when a file is updated but a plugin was deactivated due to a fatal error.
* Update style of warning when editing an active plugin to be styled as an actual warning notice.

See #12423, #21622.
Fixes #39766.

Built from https://develop.svn.wordpress.org/trunk@41560


git-svn-id: http://core.svn.wordpress.org/trunk@41393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 01:36:48 +00:00
Adam Silverstein
415e9379f9 Revisions: correct a timezone display issue.
When preparing the data for the revisions screen, add ' +0000' to the gmt date string before passing it thru `strtotime`.

Props biranit, nacin, buley.
Fixes #25365.

Built from https://develop.svn.wordpress.org/trunk@41559


git-svn-id: http://core.svn.wordpress.org/trunk@41392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 23:33:44 +00:00
Andrew Ozz
76296ef657 Remove SWFUpload,
- Refactor swfupload.js to output a simple upload form, and handlers.js.
- Delete the SWFUpload plugins directory and swfupload.swf.
- Remove flash cookies "hack" from async-upload.php.

See #41752.
Built from https://develop.svn.wordpress.org/trunk@41554


git-svn-id: http://core.svn.wordpress.org/trunk@41387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 16:35:48 +00:00
John Blackbourn
69de73224f Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues.
Built from https://develop.svn.wordpress.org/trunk@41457


git-svn-id: http://core.svn.wordpress.org/trunk@41290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 14:36:47 +00:00
John Blackbourn
e088205014 General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area.
Props kawauso, Mte90 for initial patches

Fixes #13377

Built from https://develop.svn.wordpress.org/trunk@41399


git-svn-id: http://core.svn.wordpress.org/trunk@41232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 10:11:43 +00:00
Weston Ruter
90bedf8f9d Editor: Add CodeMirror-powered code editor with syntax highlighting, linting, and auto-completion.
* Code editor is integrated into the Theme/Plugin Editor, Additional CSS in Customizer, and Custom HTML widget. Code editor is not yet integrated into the post editor, and it may not be until accessibility concerns are addressed.
* The CodeMirror component in the Custom HTML widget is integrated in a similar way to TinyMCE being integrated into the Text widget, adopting the same approach for integrating dynamic JavaScript-initialized fields.
* Linting is performed for JS, CSS, HTML, and JSON via JSHint, CSSLint, HTMLHint, and JSONLint respectively. Linting is not yet supported for PHP.
* When user lacks `unfiltered_html` the capability, the Custom HTML widget will report any Kses-invalid elements and attributes as errors via a custom Kses rule for HTMLHint.
* When linting errors are detected, the user will be prevented from saving the code until the errors are fixed, reducing instances of broken websites.
* The placeholder value is removed from Custom CSS in favor of a fleshed-out section description which now auto-expands when the CSS field is empty. See #39892.
* The CodeMirror library is included as `wp.CodeMirror` to prevent conflicts with any existing `CodeMirror` global.
* An `wp.codeEditor.initialize()` API in JS is provided to convert a `textarea` into CodeMirror, with a `wp_enqueue_code_editor()` function in PHP to manage enqueueing the assets and settings needed to edit a given type of code.
* A user preference is added to manage whether or not "syntax highlighting" is enabled. The feature is opt-out, being enabled by default.
* Allowed file extensions in the theme and plugin editors have been updated to include formats which CodeMirror has modes for: `conf`, `css`, `diff`, `patch`, `html`, `htm`, `http`, `js`, `json`, `jsx`, `less`, `md`, `php`, `phtml`, `php3`, `php4`, `php5`, `php7`, `phps`, `scss`, `sass`, `sh`, `bash`, `sql`, `svg`, `xml`, `yml`, `yaml`, `txt`.

Props westonruter, georgestephanis, obenland, melchoyce, pixolin, mizejewski, michelleweber, afercia, grahamarmfield, samikeijonen, rianrietveld, iseulde.
See #38707.
Fixes #12423, #39892.

Built from https://develop.svn.wordpress.org/trunk@41376


git-svn-id: http://core.svn.wordpress.org/trunk@41209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-13 06:08:47 +00:00
Weston Ruter
203d220c6f Customize: Re-use homepage settings help tab text from Reading Options admin screen in description for corresponding Customizer section.
Also remove "Static" reference in template name, missed in [41363].

See #41829.

Built from https://develop.svn.wordpress.org/trunk@41364


git-svn-id: http://core.svn.wordpress.org/trunk@41197 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-10 17:08:43 +00:00
Weston Ruter
a74e98d7be Customize: Rename "Static front page" to just "Homepage".
Props danieltj, melchoyce.
Fixes #41828.

Built from https://develop.svn.wordpress.org/trunk@41363


git-svn-id: http://core.svn.wordpress.org/trunk@41196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-10 16:20:44 +00:00
Weston Ruter
9b5d71bad0 Widgets: Add dirty state tracking for widgets on admin screen.
* Mark a widget as dirty when a field input triggers a `change` or `input` event; clear dirty state when widget is successfully saved.
* Disable Save button and re-label "Saved" when widget not dirty.
* Show AYS dialog when leaving widgets admin screen with unsaved changes.
* When widgets are dirty, expand all unsaved widgets at AYS check and focus on first one.
* Change "Close" link to "Done"; hide link when widget is dirty and reveal when saved.
* The "Done" link persistently appears in the Customizer even after making a change (when the widget is dirty) because changes are autosaved into the changeset.
* Prevent saving widget when form fails `checkValidity`.
* Fix frequency of triggering of `change` event on the rich Text widget's `textarea` limited now to when there are actual changes.
* Add a class of `widget-dirty` to widget containers when the widget has unsaved changes.

Props westonruter, timmydcrawford, melchoyce.
Fixes #41610, #23120.

Built from https://develop.svn.wordpress.org/trunk@41352


git-svn-id: http://core.svn.wordpress.org/trunk@41185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-08 19:11:43 +00:00
Felix Arntz
6ced176459 Multisite: Use get_network() in populate_network() to check whether a network with the given ID already exists.
When multisite is setup already, e.g. in a multi network environment, this change gives a performance benefit over the direct SQL query that was previously used. The SQL query remains in place for when setting up multisite initially as the network API is not available at that point.

Props spacedmonkey.
Fixes #41805.

Built from https://develop.svn.wordpress.org/trunk@41348


git-svn-id: http://core.svn.wordpress.org/trunk@41181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-08 16:33:43 +00:00
John Blackbourn
2bd20bb0db Embeds: Remove support for oEmbedded videos from Vine.
* Vine effectively shut down in December 2016.
* The oEmbed endpoint no longer works and returns a 404.
* Developer documentation for Vine has been removed.

Fixes #41817

Built from https://develop.svn.wordpress.org/trunk@41347


git-svn-id: http://core.svn.wordpress.org/trunk@41180 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-08 15:01:44 +00:00
Andrew Ozz
a93298f0c7 Plupload: remove the reinstated plupload.js from the list of old files.
Props afercia.
See #41755.
Built from https://develop.svn.wordpress.org/trunk@41332


git-svn-id: http://core.svn.wordpress.org/trunk@41163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-04 10:22:47 +00:00
Andrew Ozz
e38ec0f485 Plupload:
- Update to 2.1.9.
- Include the non-minified plupload.js and moxie.js.
- Remove support for Flash and Silverlight, the available runtime options are `html5` and `html4`.
- Delete plupload.flash.swf and plupload.silverlight.xap.

Fixes #41755.
Built from https://develop.svn.wordpress.org/trunk@41328


git-svn-id: http://core.svn.wordpress.org/trunk@41159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-01 12:28:46 +00:00
Joe McGill
682ec35fbc Media: Ensure 'media_handle_upload()' returns 'WP_Error' on failure.
This fixes an issue where failures when inserting the attachment post via
`wp_insert_attachment()` would result in a return value of `0` instead of a
`WP_Error` object, as documented. This is addressed by passing `true` as the 
fourth param (added in WP 4.7.0) when calling `wp_insert_attachment()`.

Props mrasharirfan, flixos90.
Fixes #41726.

Built from https://develop.svn.wordpress.org/trunk@41323


git-svn-id: http://core.svn.wordpress.org/trunk@41154 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-30 15:04:48 +00:00
Sergey Biryukov
00c88acb5e Docs: Correct description for view_mode_post_types filter added in [35357].
Props birgire.
Fixes #41730.
Built from https://develop.svn.wordpress.org/trunk@41317


git-svn-id: http://core.svn.wordpress.org/trunk@41148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-25 19:27:45 +00:00
iandunn
476377f64d Dashboard: Discontinue nonessential logging of Events API requests.
These log entries are only useful when troubleshooting unexpected results from the API, which is not common. The vast majority of users are better served by not having their logs cluttered with noise.

For the rare situations where troubleshooting is necessary, it can be achieved by a plugin (see #41217 for an example).

Props Howdy_McGee, dd32.
Fixes #41217.

Built from https://develop.svn.wordpress.org/trunk@41316


git-svn-id: http://core.svn.wordpress.org/trunk@41147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-25 18:12:44 +00:00
John Blackbourn
76e864854f Widgets: Correctly strip slashes from widget and sidebar names to allow namespaced widgets to function correctly.
Fixes #27770

Props jdgrimes

Built from https://develop.svn.wordpress.org/trunk@41292


git-svn-id: http://core.svn.wordpress.org/trunk@41132 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-22 14:52:44 +00:00
John Blackbourn
c7a79b0e6a Plugins: Introduce singular capabilities for activating and deactivating individual plugins.
This introduces the following meta capabilities:

* `activate_plugin`
* `deactivate_plugin`
* `deactivate_plugins`

The singular `activate_plugin` and `deactivate_plugin` capabilities are used along with the corresponding plugin name when
determining whether or not a user can activate or deactivate an individual plugin.

The plural `deactivate_plugins` capability is used in place of the existing `activate_plugins` capability when determining
whether a user can deactivate plugins.

Each of these new meta capabilities map to the existing `activate_plugins` primitive capability, which means there is no
change in existing behaviour, but plugins can now filter the capabilities required to activate and deactivate individual
plugins.

Fixes #38652 

Built from https://develop.svn.wordpress.org/trunk@41290


git-svn-id: http://core.svn.wordpress.org/trunk@41130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-22 14:02:44 +00:00
John Blackbourn
28eda6f4bc General: Improve terminology used when referring to installations of WordPress and its extensions.
"Install" is not a noun, and while it might be acceptable to use the verb as a noun, it is not correct. Using the correct
noun, "installation", increases clarity, especially for non-native English speakers.

This change fixes the usage in user-facing text and in developer documentation.

Fixes #41620

Built from https://develop.svn.wordpress.org/trunk@41289


git-svn-id: http://core.svn.wordpress.org/trunk@41129 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-22 11:52:48 +00:00
John Blackbourn
9891448a42 Media: Rename several attachment related parameters from $post_id to $attachment_id for clarity, and improve related
documentation.

See #41017

Built from https://develop.svn.wordpress.org/trunk@41288


git-svn-id: http://core.svn.wordpress.org/trunk@41128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-22 11:12:44 +00:00
Drew Jaynes
78da113bd0 Docs: Add a missing return description for the deprecated get_screen_icon() function.
See #41017.

Built from https://develop.svn.wordpress.org/trunk@41275


git-svn-id: http://core.svn.wordpress.org/trunk@41115 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-20 04:04:44 +00:00
Drew Jaynes
510fb1fe85 Administration: Explicitly deprecate screen_icon() and get_screen_icon(), which were soft-deprecated in [26537] for 3.8.0.
Props ippei-sumida for the initial patch.
Fixes #41153.

Built from https://develop.svn.wordpress.org/trunk@41274


git-svn-id: http://core.svn.wordpress.org/trunk@41114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-20 04:03:45 +00:00
John Blackbourn
2916cd9417 Media: bring the capability check in wp_ajax_crop_image() inline with those in wp_ajax_imgedit_preview() and wp_ajax_image_editor().
This change means that a user can crop an image if they have the ability to edit its attachment post, without requiring the ability to access the Customizer.

Fixes #40193

Built from https://develop.svn.wordpress.org/trunk@41270


git-svn-id: http://core.svn.wordpress.org/trunk@41110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-19 13:30:43 +00:00
Drew Jaynes
d5e3ea444d Filesystem: Introduce the pre_move_uploaded_file filter.
Passing a non-null value to the filter will prevent the uploaded file from being moved to the uploads directory for any of the functions leveraging `_wp_handle_upload()`, such as `wp_handle_upload()` or `wp_handle_sideload()`.

Error reporting related to the file being moved will also be skipped.

Props ryan, Mte90.
Fixes #24603.

Built from https://develop.svn.wordpress.org/trunk@41258


git-svn-id: http://core.svn.wordpress.org/trunk@41098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-16 21:59:43 +00:00
John Blackbourn
b52e37f9bf Options, Meta APIs: Require a confirmation link in an email to be clicked when an admin attempts to change the site admin email address.
This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their site.

Props MatheusGimenez, johnbillion

Fixes #39118

Built from https://develop.svn.wordpress.org/trunk@41254


git-svn-id: http://core.svn.wordpress.org/trunk@41094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-14 20:13:43 +00:00
John Blackbourn
b51f60de6d Users: Display the "Your email address has not been updated yet" message when a user changes their profile email address from within network admin.
This ensures continuity with the regular profile editing screen and the user admin profile editing screen.

Fixes #41635

Built from https://develop.svn.wordpress.org/trunk@41253


git-svn-id: http://core.svn.wordpress.org/trunk@41093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-14 19:42:43 +00:00
Felix Arntz
473e1ba73b Multisite: Remove references to $wpdb->siteid and use get_current_network_id() instead.
Props sathyapulse, spacedmonkey.
Fixes #41507.

Built from https://develop.svn.wordpress.org/trunk@41242


git-svn-id: http://core.svn.wordpress.org/trunk@41082 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-12 13:11:43 +00:00
Felix Arntz
820d3973a3 Multisite: Rename internal $site_id variables referencing networks to $network_id.
This change improves code clarity by using the current naming conventions for networks.

Props lemacarl.
Fixes #41510.

Built from https://develop.svn.wordpress.org/trunk@41241


git-svn-id: http://core.svn.wordpress.org/trunk@41081 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-12 12:48:47 +00:00
John Blackbourn
c96b33e3a5 Plugins: Correct and improve docblocks for the various plugin_action_links filters on the Plugins screen.
This also adds a changelog for the removal of the Edit links in [41160].

See #41017
Fixes #38169

Built from https://develop.svn.wordpress.org/trunk@41231


git-svn-id: http://core.svn.wordpress.org/trunk@41071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-04 22:15:45 +00:00
Andrea Fercia
a029f83fb5 Menus: Visually hide the menu item edit link text in a consistent way.
Fixes a visual glitch visible on Ubuntu. WordPress uses system fonts and they have
different metrics across operating systems. Uses screen-reader-text as a more
solid way to visually hide text.

Props punit5658, afercia.
Fixes #41497.

Built from https://develop.svn.wordpress.org/trunk@41227


git-svn-id: http://core.svn.wordpress.org/trunk@41067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 22:12:43 +00:00