* Introduce `WP_Customize_Manager::get_nonces()` to consolidate logic for retrieving nonces.
* Export nonces centrally in `wp.customize.settings.nonce` with each request and update nav menus preview to utilize.
* Send updated nonces to preview upon `nonce-refresh`.
* Request full preview refresh if Nav Menu selective refresh request fails (e.g. due to bad nonce).
* Update nav menus and widgets in Customizer to utilize `customize_refresh_nonces` for exporting nonces and keeping them up to date.
See #27355.
Fixes#35617.
Built from https://develop.svn.wordpress.org/trunk@36414
git-svn-id: http://core.svn.wordpress.org/trunk@36381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [36347] we moved all PHP factory classes into their own files except the main class. The main class is now in its own file, and `factory.php` is solely an include manifest for all factory classes.
Built from https://develop.svn.wordpress.org/trunk@36409
git-svn-id: http://core.svn.wordpress.org/trunk@36376 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Ensure that Setting `Value` objects in preview get initial `_dirty` flag set if values among POST data.
* Upon `saved` event, send `saved` message to preview with the `response` to trigger `saved` event there.
* Reset `_dirty` flag for all setting `Value` objects in preview upon `saved`.
* Continue to create settings synced from pane even after initial bootstrap, and create them as dirty.
* Ensure that `id` property is set for setting `Value` objects in preview.
See #27355.
Fixes#35616.
Built from https://develop.svn.wordpress.org/trunk@36407
git-svn-id: http://core.svn.wordpress.org/trunk@36374 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Leads and contributing developers will now look nicer when focused.
Also, combines adjacent image and text links for the same resource thus
simplifying markup and reducing noise for screen reader users.
Props walbo, afercia.
Fixes#34953.
Built from https://develop.svn.wordpress.org/trunk@36406
git-svn-id: http://core.svn.wordpress.org/trunk@36373 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When a comment is removed from the object cache, the `clean_comment_cache` action is now fired. This provides plugin and theme developers a chance to perform secondary cache invalidation as needed.
Props spacedmonkey.
Fixes#35610.
Built from https://develop.svn.wordpress.org/trunk@36405
git-svn-id: http://core.svn.wordpress.org/trunk@36372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Plugins installed in the plugins/ folder can be activated by users. This puts the plugin in an "active" state. Plugins in the mu-folder/ are "must-use" plugins that are always loaded. They can't be activated, and thereby can't be "active." Because of this, using the `is_plugin_active()` or `is_plugin_active_for_network()` returns false when checking for these plugins. This clarifies that behavior in the functions' docs.
Built from https://develop.svn.wordpress.org/trunk@36397
git-svn-id: http://core.svn.wordpress.org/trunk@36364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
List tables on these three screens look similar but come with unexpected caveats.
The network themes screen in particular has been neglected, using a `.plugin`
class to inherit its sibling's styles and not providing classes and data
attributes that the other two offer. This will provide some more consistency.
Fixes#35335.
Built from https://develop.svn.wordpress.org/trunk@36394
git-svn-id: http://core.svn.wordpress.org/trunk@36361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* A `WP_Site` object initially matches a row from `wp_blogs`.
* A site can be retrieved by its ID through `WP_Site::get_instance()`.
* Adds `sites` to the global cache group and captures instance lookups.
* The multisite bootstrap now ensures `$current_blog` is an instance of `WP_Site`.
Props johnjamesjacoby, jeremyfelt.
See #32450.
Built from https://develop.svn.wordpress.org/trunk@36393
git-svn-id: http://core.svn.wordpress.org/trunk@36360 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes a layout issue in the Customizer UI. Also de-duplicate title display logic, outputting "Loading..." as site title in PHP with actual title being set upon Customizer `ready`. Also update the site title in response to a `blogname` setting change as opposed to `input` DOM events on the control.
Fixes#35579.
Built from https://develop.svn.wordpress.org/trunk@36388
git-svn-id: http://core.svn.wordpress.org/trunk@36355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
After [36381], the default value of `0` was causing the list table at
edit-comments.php to be empty. `false` prevents this.
This fix is likely temporary, while more research is done into the backward
compatibility concerns tied to [36381].
See #35090.
Built from https://develop.svn.wordpress.org/trunk@36387
git-svn-id: http://core.svn.wordpress.org/trunk@36354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This effort focuses on `src/wp-includes/link-template.php`.
Multisite functions use the term "blog" to refer to what we now call a "site," e.g. `get_current_blog_id()`. These functions are here to stay because of our commitment to backwards compatibility. What we can do is set the documentation straight.
Props mrahmadawais.
Fixes#35589.
Built from https://develop.svn.wordpress.org/trunk@36386
git-svn-id: http://core.svn.wordpress.org/trunk@36353 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add missing `params.completeCallback` to `MenuItemControl.focus()` for parity with `Control.focus()`. Also adds `params` to `MenuItemControl.expandForm`, `MenuItemControl.collapseForm()`, and `MenuItemControl.toggleForm()`.
Props MattGeri, westonruter.
Fixes#32681.
Built from https://develop.svn.wordpress.org/trunk@36383
git-svn-id: http://core.svn.wordpress.org/trunk@36350 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, this was not possible due to an overly broad `empty()` check.
Passing `null`, `false`, or `''` to 'post_id', or omitting 'post_id'
altogether, will continue to return comments regardless of `comment_post_ID`,
as before. Passing `0` or `'0'` will limit results to comments with no
associated post.
Props danielbachhuber.
Fixes#35090.
Built from https://develop.svn.wordpress.org/trunk@36381
git-svn-id: http://core.svn.wordpress.org/trunk@36348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also, adds missing labels and improves the existing ones.
Updates the "custom links" labels and inputs in the Customizer too.
Introduces a generic, reusable, `.wp-initial-focus` CSS class to be used for
the sole purpose of setting the initial focus.
"Quick Search": uniform the attached events and avoids new AJAX requests to
be triggered when the pressed key doesn't change the searched term.
Fixes#35374.
Built from https://develop.svn.wordpress.org/trunk@36379
git-svn-id: http://core.svn.wordpress.org/trunk@36346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Prevent following jump links (starting with `#`), but instead scroll that element into view.
* Prevent following links clicked in the Customizer if shift key is pressed when clicking; this fixes an issue when trying to shift-click on a widget or nav menu item (#32681) to just focus on the control in the Customizer.
Fixes#26005.
Built from https://develop.svn.wordpress.org/trunk@36371
git-svn-id: http://core.svn.wordpress.org/trunk@36338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the method was introduced in [17914], the name was underscore-prefixed as is core style for private-use, though it was also introduced with a `public` access modifier for the declaration. Due to core's committment to backward-compatibility, the access modifier overrules in this case, meaning that while the method is underscore-prefixed and was originally-intentioned to be private, it is and always will be a public method, and the documentation should reflect that.
Props Frozzare.
Fixes#35289.
Built from https://develop.svn.wordpress.org/trunk@36367
git-svn-id: http://core.svn.wordpress.org/trunk@36334 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Move the legacy `allowed_themes` filter to `WP_Theme::get_allowed_on_network()`, where it will continue to filter themes allowed on the network.
* Add `network_allowed_themes` filter to `WP_Theme::get_allowed()` and pass `$blog_id` to provide context.
* Add `site_allowed_themes` filter to `WP_Theme::get_allowed_on_site()` and pass `$blog_id` to provide context.
Props pauldewouters, lamosty, michalzuber, dmsnell, johnnypea, rob.
Fixes#28436.
Built from https://develop.svn.wordpress.org/trunk@36366
git-svn-id: http://core.svn.wordpress.org/trunk@36333 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[32353] changed the way the 'name' param in `get_terms()` is sanitized, by
running it through `sanitize_term_field( 'name' )` before performing the SQL
query. An unintentional side effect of this change was that the string is
double-escaped: once by `wp_filter_kses()`, and once by `esc_sql()`. The
double-escaping was causing 'name' queries to fail when the param contained
apostrophes or other escaped characters.
Fixes#35493.
Built from https://develop.svn.wordpress.org/trunk@36348
git-svn-id: http://core.svn.wordpress.org/trunk@36315 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [36338], a template loading error was shown only to users with the `install_themes` capability. This is now displayed users with the `switch_themes` capability, as users with this cap can at least switch to a different theme. Also, this will now show for site administrators in multisite, whereas `install_themes` is limited to superadmins.
Props dd32.
See #21931.
Built from https://develop.svn.wordpress.org/trunk@36344
git-svn-id: http://core.svn.wordpress.org/trunk@36311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
After [36335], if a template file is not loaded, an error is displayed
to logged-in users. As logged-in users may have no capabilities,
this check is insubstantial. Limit the display of this error to users
with the `install_themes` capability, i.e. someone who has the capacity
to deal with the error.
See #21931.
Built from https://develop.svn.wordpress.org/trunk@36338
git-svn-id: http://core.svn.wordpress.org/trunk@36305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the off-chance the active theme folder is renamed or deleted, a "white screen
of death" was displayed to the user. Instead, the user is shown a useful error
screen displaying any errors the theme has (e.g. if the theme can't be found).
Props MikeHansenMe, SergeyBiryukov.
See #21931.
Built from https://develop.svn.wordpress.org/trunk@36335
git-svn-id: http://core.svn.wordpress.org/trunk@36302 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Show a "Media attachment reattached."/"Media attachment detached." message when only one attachment was attached/detached.
* Use the string placeholder as `number_format_i18n()` returns a string.
* Add translator comments.
* Update help text to refer to the new dropdown menus.
* Add a more generic title to the attach modal.
Fixes#33237.
Built from https://develop.svn.wordpress.org/trunk@36328
git-svn-id: http://core.svn.wordpress.org/trunk@36295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The refactor of `WP_Comment_Query`'s SQL generation in [34542] introduced a bug
that caused only the last post-related filter to be respected in comment
queries. In other words, if querying for comments using params
`post_status=draft&post_author=3`, only the last-processed of these params
would be respected. The current changeset fixes the logic so that these clauses
don't overwrite each other.
Props chriscct7.
Fixes#35478.
Built from https://develop.svn.wordpress.org/trunk@36326
git-svn-id: http://core.svn.wordpress.org/trunk@36293 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36157] fixed a problem, introduced in 4.4, that caused custom pagination
parameters passed to `wp_list_comments()`. However, the fix introduced in that
changeset was limited to the `is_singular()` context, so that the bug remained
when `wp_list_comments()` is used within a non-singular `WP_Query` loop. We
fix this by removing the `is_singular()` check and using the more general
`get_the_ID()` to identify the correct post_id to use for the secondary
comment query.
Fixes#35402.
Built from https://develop.svn.wordpress.org/trunk@36324
git-svn-id: http://core.svn.wordpress.org/trunk@36291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[34999] modified the cache strategy for terms in the context of
`wp_get_object_terms()`. As part of these changes, the `object_id` property of
term objects had to be unset before being cached. To avoid modifying passed-by-
reference terms, `update_term_cache()` attempted to make a copy of the terms
passed to the function; however, it failed to use the `clone` keyword, and thus
only created a reference instead of a copy.
Props berengerzyla.
Fixes#35462.
Built from https://develop.svn.wordpress.org/trunk@36323
git-svn-id: http://core.svn.wordpress.org/trunk@36290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows getting the excerpt for a specific post, similar to how most other template tags work.
A deprecation notice is thrown if a boolean value is passed, which is deprecated since 2.3 and has not been used for a long time.
Adds unit tests.
Fixes#27246.
Built from https://develop.svn.wordpress.org/trunk@36319
git-svn-id: http://core.svn.wordpress.org/trunk@36286 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It encourages an ugly pattern like `global $userdata; get_currentuserinfo();` in plugins/themes. `wp_get_current_user()` should be used instead, e.g. `$current_user = wp_get_current_user();`.
Props scribu for initial patch.
Fixes#19615.
Built from https://develop.svn.wordpress.org/trunk@36311
git-svn-id: http://core.svn.wordpress.org/trunk@36278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Subviews are stored internally on the Subview manager as an object. The object
is composed of key-value pairs where the key is a jQuery selector for a view,
and the value is an array of views that matching the selector.
To extract subviews, `_.flatten()` was used to collate the nested arrays of
views into a single view. However, `_.flatten()` is not intended to be used
for objects, and this unintended functionality breaks in newer versions of
Underscore.js.
Instead, we'll use `_.values()` to extract the arrays of views first,
and then flatten the array of arrays.
Props adamsilverstein.
See #34350.
Built from https://develop.svn.wordpress.org/trunk@36305
git-svn-id: http://core.svn.wordpress.org/trunk@36272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The descendant query in `WP_Comment_Query::fill_descendants()` uses the clauses
of the main `get_comment_ids()` query as a basis, discarding the `parent`,
`parent__in`, and `parent__not_in` clauses. As implemented in WP 4.4 [34546],
the WHERE clause was assembled in such a way that any modifications applied
using the `comments_clauses` filter were not inherited by `fill_descendants()`.
This resulted in descendant queries that did not always properly filter
results, and sometimes contained syntax errors.
The current changeset fixes the problem by using the post-filter WHERE clause
as the basis for the `fill_descendants()` query. This change requires a new
approach for eliminating the unneeded parent-related clauses: instead of
eliminating values in an associative array, we must use regular expressions.
Props boonebgorges, firebird75.
Fixes#35192.
Built from https://develop.svn.wordpress.org/trunk@36277
git-svn-id: http://core.svn.wordpress.org/trunk@36244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36157] fixed a bug whereby `wp_list_comments()` would not properly recognize
custom pagination arguments. See #35175. However, it inadvertently introduced
a bug that caused any `$comments` array explicitly passed to the function to be
ignored, when that array was accompanied by pagination arguments that differ
from those in `$wp_query`. We address this bug by moving the logic introduced
in [36157] inside a block that only fires when no `$comments` array has been
provided to the function.
Props ivankristianto.
Fixes#35356.
Built from https://develop.svn.wordpress.org/trunk@36276
git-svn-id: http://core.svn.wordpress.org/trunk@36243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In order to calculate comment pagination when newest comments are displayed
first, `comments_template()` must perform a separate query to determine the
total number of paginating comments available on a post. See [34729], #8071,
pagination calculation - can be defined as a top-level comment, or a comment
with `parent=0`. However, when comment threading is disabled, yet comments
exist in the database that have parents, all comments - even those with a
parent - are "paginating". (This typically happens when comments threading was
once enabled, but has since been turned off.) As such, the total-paginating-
comments query should only be limited to top-level comments when
'thread_comments' is disabled.
Props jmdodd.
Fixes#35419.
Built from https://develop.svn.wordpress.org/trunk@36275
git-svn-id: http://core.svn.wordpress.org/trunk@36242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Added hardcoded maxlength attributes on the author, author_email, author_url, and comment_field input markup. These can be modified via the comment_form_defaults filter. Added logic in wp_handle_comment_submission() to return a WP_Error when the comment_author, comment_author_url, or comment_content values exceed the max length of their columns. Introduces wp_get_comment_column_max_length() which returns the max column length for a given column name, and is filterable. Unit tests included for the error conditions in wp_handle_comment_submission()
Fixes#10377.
Props westonruter rachelbaker.
Built from https://develop.svn.wordpress.org/trunk@36272
git-svn-id: http://core.svn.wordpress.org/trunk@36239 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Date and time formats are now displayed in plain text and available for all
users. Also, lines up them with the "custom" date and time format fields to
help reinforce what these fields do.
Props afercia, perezlabs.
Fixes#35064.
Built from https://develop.svn.wordpress.org/trunk@36263
git-svn-id: http://core.svn.wordpress.org/trunk@36230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes issue where user gets stuck at login screen after trying to close the app if previously they had to first login to access the Customizer. Prevents `WP_Customize_Manager::get_return_url()` from using `wp-login.php` as a referer.
Props chandrapatel.
See #32637.
Fixes#35355.
Built from https://develop.svn.wordpress.org/trunk@36261
git-svn-id: http://core.svn.wordpress.org/trunk@36228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`array_slice()` must be told to preserve keys when the query results exceed the
limit specified the 'number' parameter, so that `id=>parent` and other
id-indexed return value formats don't get mangled.
Props fantasyworld, wpdelighter.
Fixes#35382.
Built from https://develop.svn.wordpress.org/trunk@36252
git-svn-id: http://core.svn.wordpress.org/trunk@36219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The introduction of negative search terms in 4.4 [34934] introduced the
possibility that the ORDER BY clause of a search query could be assembled in
such a way as to create invalid syntax. The current changeset fixes this by
ensuring that the ORDER BY clause corresponding to the search terms is
excluded when it would otherwise be empty.
Props salvoaranzulla.
Fixes#35361.
Built from https://develop.svn.wordpress.org/trunk@36251
git-svn-id: http://core.svn.wordpress.org/trunk@36218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When hierarchical=true, `WP_Comment_Query` will always fetch comments according
to the comment hierarchy, even if 'thread_comments' is disabled for the site.
This can cause problems when comment threading is disabled after threaded
comments have been recorded on the site; comments will no longer be returned in
a strictly chronological order.
We address the issue by refraining from querying hierarchically when comment
threading is disabled.
Props jmdodd.
Fixes#35378.
Built from https://develop.svn.wordpress.org/trunk@36226
git-svn-id: http://core.svn.wordpress.org/trunk@36193 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Link to code reference page for `customize_loaded_components` instead of linking to a Trac comment.
* Remove HTML code from being included in translated string.
* Add missing translator comment for the specifiers in the translated string.
Amends [36216].
Props DrewAPicture.
Fixes#35242.
Built from https://develop.svn.wordpress.org/trunk@36219
git-svn-id: http://core.svn.wordpress.org/trunk@36186 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Passing `'description' => null` when creating a term can cause MySQL notices,
as the description column in the terms table does not allow for null values.
We correct this by intepreting a `null` description as an empty string.
Props TimothyBlynJacobs.
Fixes#35321.
Built from https://develop.svn.wordpress.org/trunk@36214
git-svn-id: http://core.svn.wordpress.org/trunk@36181 1a063a9b-81f0-0310-95a4-ce76da25c4cd