The following files have been added to `svn:ignore` already as they are not compatible with PHP 5.2:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php
See #36335.
Built from https://develop.svn.wordpress.org/trunk@38401
git-svn-id: http://core.svn.wordpress.org/trunk@38342 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress always* passes $args to filters as an array of arugments. A exception is made in `wp_nav_menu()` and the associated walker where these are passed to filters as an object, this has been the case for seven years (since [13368]).
These new tests enforce the use of an object in these filters to ensure backward compatibility is maintained.
See #24587.
Built from https://develop.svn.wordpress.org/trunk@38400
git-svn-id: http://core.svn.wordpress.org/trunk@38341 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.
The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php
We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php
When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.
The future is now.
See #36335.
Built from https://develop.svn.wordpress.org/trunk@38399
git-svn-id: http://core.svn.wordpress.org/trunk@38340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Automatically delete objects that we were created during `wpSetUpBeforeClass` - posts, comments, terms (except 1), and user (except 1)
* The amount of leftover data between tests was breathtaking - use the new function: `_delete_all_data()`
* Commit database transactions for all `TestCase`s, not just those that implement `wpSetUpBeforeClass` and `wpTearDownAfterClass`
* The tests run 10-20 seconds faster now
See #37699.
Built from https://develop.svn.wordpress.org/trunk@38398
git-svn-id: http://core.svn.wordpress.org/trunk@38339 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This introduces a `{$type}_template_hierarchy` filter that allows the hierarchy of candidate template filenames for a given template type to be filtered.
This allows the hierarchy to be added to or altered completely without resorting to re-building the hierarchy from scratch within the `template_include` filter, which is common and prone to conflicts between plugins and prone to getting out of sync with core's hierarchy.
Fixes#14310
Built from https://develop.svn.wordpress.org/trunk@38385
git-svn-id: http://core.svn.wordpress.org/trunk@38326 1a063a9b-81f0-0310-95a4-ce76da25c4cd
To fiddle around with what it does, run `composer install` from the project root. If you do not have Composer installed:
https://getcomposer.org/doc/00-intro.md#locally
tl;dr for Mac/Homebrew users: `brew install composer`
Classes from `wp-includes` and `wp-admin` are eligible for autoloading via `autoload.classmap`. Through a tornado of recent commits, many unsuitable files have been transitioned into a more acceptable state for autoloading: 1 file per class, no side effects.
The file bootstrap in `wp-settings.php` can transition into `autoload.files`. This will be done with care and attention.
See #36335.
Built from https://develop.svn.wordpress.org/trunk@38384
git-svn-id: http://core.svn.wordpress.org/trunk@38325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change defaults to using HTTPS endpoints for oEmbeds for those providers that have full HTTPS support and don't redirect back to HTTP when clicking through from the embed. It covers:
* Vimeo
* SmugMug
* Scribd
* WordPress.tv
* SoundCloud
* Meetup
* issuu
* Mixcloud
* TED
See #28507
Built from https://develop.svn.wordpress.org/trunk@38366
git-svn-id: http://core.svn.wordpress.org/trunk@38307 1a063a9b-81f0-0310-95a4-ce76da25c4cd
By adding the `$output` parameter to `get_attachment_taxonomies()`, the
function signature matches that of `get_object_taxonomies()`. The change
also allows for more consistent behavior when passing `output=objects`
to `get_object_taxonomies()` for the 'attachment' object type, since
the `$output` parameter is now passed through the function stack.
Props codemovement.pk.
See #37368.
Built from https://develop.svn.wordpress.org/trunk@38292
git-svn-id: http://core.svn.wordpress.org/trunk@38233 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[38058] changed `wp_mail()` so that it used PHPMailer's `setFrom()`
method rather than setting the From and FromName headers directly. See
behavior of setting the `Sender` field. This causes `mail` to be
called with the `-f` flag, which causes outgoing email to fail on some
server environments.
Props Clorith, iandunn, DrewAPicture.
Fixes#37736.
Built from https://develop.svn.wordpress.org/trunk@38286
git-svn-id: http://core.svn.wordpress.org/trunk@38227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress maintains the minified version of jquery.masonry.js since there is no official build, however it has been excluded from grunt's minification process. This adds a minification task to grunt, adds it to the precommit hook for JS, minifies the file, and bumps the version on jquery.masonry.min.js. The change to the non minified version was introduced in [38261].
Fixes#37720. See #37666.
Built from https://develop.svn.wordpress.org/trunk@38276
git-svn-id: http://core.svn.wordpress.org/trunk@38217 1a063a9b-81f0-0310-95a4-ce76da25c4cd
PHP 7.1 is the next version of PHP and WordPress should support it with the first major version after 7.1 launches. This will facilitate testing. Failures on 7.1 won't necessitate builds failing while 7.1 is still in beta.
Fixes#37625.
Built from https://develop.svn.wordpress.org/trunk@38273
git-svn-id: http://core.svn.wordpress.org/trunk@38214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Allow to add/remove a featured image to `attachment:audio` and `attachment:video` post types, see [27657].
* Change conditionals to check for theme OR post type support.
* Add tests for #12922.
Broken in [37658].
Props flixos90, joemcgill, DrewAPicture, wonderboymusic.
See #12922.
Fixes#37658.
Built from https://develop.svn.wordpress.org/trunk@38263
git-svn-id: http://core.svn.wordpress.org/trunk@38204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Add `srcset` and `sizes` to the mobile image for streamlined updates.
* Modify the order of image candidate strings in each `srcset` to address a bug in iOS8 where the first candidate will always be selected when using `w` descriptors, see #35030.
Props joemcgill.
Fixes#37246.
Built from https://develop.svn.wordpress.org/trunk@38257
git-svn-id: http://core.svn.wordpress.org/trunk@38198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_resource_hints()` parses the URL for the `preconnect` and `dns-prefetch` relation types to ensure correct values for both. While protocol-relative URLs are supported for `dns-prefetch`, the double slash was lost for `preconnect`.
Props swissspidy, peterwilsoncc.
Props azaozz for review.
Fixes#37652.
Built from https://develop.svn.wordpress.org/trunk@38255
git-svn-id: http://core.svn.wordpress.org/trunk@38196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
First added in [37588] and later modified in [38224], the idea was to ensure that filters/actions added before `advance-cache.php` would not disappear if `advance-cache.php` overloaded the filters/actions with code such as `$wp_filter = array()`. This is an edge case and one that there is no documented case of existing.
This restores the behavior from WordPress 4.5 and before. It is strongly encouraged that developers using `advance-cache.php` to use the Plugins API that is available before the loading of `advance-cache.php` rather than directly interacting with any of the globals.
Props azaozz, jorbin, dd32 for review, pento for review, westi for investigation, ipstenu for research.
See #36819.
Built from https://develop.svn.wordpress.org/trunk@38251
git-svn-id: http://core.svn.wordpress.org/trunk@38192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change restores only the margin and padding styles for the `.update-message` class when used by plugins in the context of adding arbitrary rows to the list table. The inline-update colors and icon styles were not restored, expressly with a wide variety of plugin use-cases in mind.
Props ovann86, rahulsprajapati, ocean90, DrewAPicture.
Props helen for review.
See #37504.
Built from https://develop.svn.wordpress.org/trunk@38237
git-svn-id: http://core.svn.wordpress.org/trunk@38178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The default error handler `wp_handle_upload_error()` expects a reference for the first parameter but `call_user_func()` doesn't pass parameters by reference. The current code didn't produce any issues until now. PHP 7.0.9 (and PHP 7.1) is now stricter and prevents calling the error handler with a warning:
> PHP Warning: Parameter 1 to wp_handle_upload_error() expected to be a reference, value given.
To restore the error handler `_wp_handle_upload()` now uses `call_user_func_array()`.
Props jbrinley.
Props jorbin for review.
Fixes#37570.
Built from https://develop.svn.wordpress.org/trunk@38235
git-svn-id: http://core.svn.wordpress.org/trunk@38176 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The query to select the next 5 blogs to upgrade was ordered by `registered`, which isn't indexed. This causes the query to table scan, which will be slow on networks with many blogs.
The query only needs to be ordered by something that won't change, so ordering by `blog_id` is a good replacement. `blog_id` is indexed, and it's the only column being returned, so MySQL is able to optimize for a fast index read.
Props fliespl.
Fixes#37612.
Built from https://develop.svn.wordpress.org/trunk@38229
git-svn-id: http://core.svn.wordpress.org/trunk@38170 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This corrects the selector for the delete link in `wp.updates.deletePlugin()` so the text can be changed to 'Deleting…'. `wp.updates.deleteTheme()` already worked on wp-admin/themes.php but not on wp-admin/network/themes.php because the network screen is similar to the plugins list table, this is now fixed too.
The `credential-modal-cancel` handler has been updated to support canceled delete jobs.
Props swissspidy.
Props jorbin for review.
Fixes#37603.
Built from https://develop.svn.wordpress.org/trunk@38227
git-svn-id: http://core.svn.wordpress.org/trunk@38168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[37588] added methods to backup the plugin globals, for ensuring that advanced cache drop-ins don't overwrite hooks that've been added earlier in the load process.
The method for restoring the plugin globals wasn't compatible with the implementation of `WP_Hook` in #17817. `WP_Hook` implements `ArrayAccess`, so `_restore_plugin_globals()` was treating it as an array, and inadvertantly overwriting the `WP_Hook` object with a plain array.
To avoid having to re-write this code as part of #17817, we now use `add_filter()` to restore any hooks that were added by cache drop-ins, which `WP_Hook` correctly supports.
Props pento, jorbin.
See #36819.
Built from https://develop.svn.wordpress.org/trunk@38223
git-svn-id: http://core.svn.wordpress.org/trunk@38164 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Before this change, when a bulk update was canceled due dismissing the FTP credentials modal, part of the actions didn't get canceled. This meant the "There is a new version of…” notices become blank and the updates you had checked became unchecked. Now, the notices remain and you are essentially returned to the screen you had before. Strings are also updated to improve ARIA usage.
Fixes#37563.
Props ocean90, swissspidy, obenland, afercia.
Built from https://develop.svn.wordpress.org/trunk@38221
git-svn-id: http://core.svn.wordpress.org/trunk@38162 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Custom JS events are triggered on the document in order for plugins to have something to hook into. The standard began in #31819 is dash separated and begins with `wp` to signify the namespace, followed by the subject of our action ( "theme", "plugin", etc.) followed by the action and an optional indicator of status ( "install-success", "deleting" ).
This brings some of the theme hooks in line with the standard. As of now, all plugin actions in `src/wp-admin/js/updates.js` have an equal corresponding theme action.
Fixes#37598.
See #37512, #37216, #31819.
Props olarmarius, ocean90.
Built from https://develop.svn.wordpress.org/trunk@38218
git-svn-id: http://core.svn.wordpress.org/trunk@38159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[37262] changed a check in `redirect_canonical()` so that it checked
categories in the object cache rather than querying the database. However,
the check was based on the identity of `WP_Term` objects, which in
certain cases can be augmented by the main WP query routine, causing
failures of the `in_array()` check. This caused unnecessary redirects
for URLs where `is_single()` is true, but the URL is different from the
post permalink, such as the `embed` endpoint.
`has_term()` also checks the cache, but does not sufer from this bug.
Props cmillerdev.
Fixes#36602.
Built from https://develop.svn.wordpress.org/trunk@38216
git-svn-id: http://core.svn.wordpress.org/trunk@38157 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update images for native fonts and editor features.
* Add video animation with image fallback for update feature.
* Rename "Simplified Disaster Recovery" to "Content Recovery".
* Fix broken layout on credits and freedoms pages.
Props hugobaeta, SergeyBiryukov, ocean90.
Fixes#37590.
See #37246.
Built from https://develop.svn.wordpress.org/trunk@38213
git-svn-id: http://core.svn.wordpress.org/trunk@38154 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* "-1" is an invalid nonce error, show 'An error has occurred. Please reload the page and try again.'.
* "error" means that the connection to the server was lost, show 'Connection lost or the server is busy. Please try again later.'.
* Escape the message in `wp-updates-admin-notice` because the response may include HTML.
* Remove HTML tags in `wp.updates.isValidResponse()` to make PHP's error messages more readable.
Props azaozz for review.
Fixes#37583.
Built from https://develop.svn.wordpress.org/trunk@38205
git-svn-id: http://core.svn.wordpress.org/trunk@38146 1a063a9b-81f0-0310-95a4-ce76da25c4cd
An upgrader class is used in conjunction with an upgrader skin class. A skin class handles the logging for an upgrade and informs a user about the progress and failures.
The current Ajax install/update handlers are using the `Automatic_Upgrader_Skin` class because during an Ajax request no output is intended. The difference between Ajax updates and automatic updates is that you will see the full log (usually by email) while Ajax updates focus only on success or failure. For that `Automatic_Upgrader_Skin` has one disadvantage: It doesn't provide a way to retrieve failure messages which were passed through `WP_Upgrader_Skin::error()` by the upgrader.
To solve this issue a new skin `WP_Ajax_Upgrader_Skin` has been introduced. The skin extends `Automatic_Upgrader_Skin` and overrides the `error()` and `feedback()` methods to intercept all errors, which can be a `WP_Error` object or a string.
This updates all four Ajax handler for installing/updating themes/plugins to use the new skin. They now also check the skin for any intercepted errors and pass them on to the user.
Props flixos90, obenland, ocean90.
Props DrewAPicture, pento for review.
Fixes#37531.
Built from https://develop.svn.wordpress.org/trunk@38199
git-svn-id: http://core.svn.wordpress.org/trunk@38140 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[38179] added support for the rainbow flag to core, but platform compatibility is a bit strange, because the flag was defined out of sync with the usual Unicode release cycle. For example Android N supports all Unicode 9.0 emoji, but doesn't support the rainbow flag thus the rainbow flag isn't rendered.
The Twemoji loader already has an exception for flags - it'll load if the browser supports everything but flags, and then only replace flag emoji, leaving everything else as native rendering. To provide a seamless experience for all flags the loader now uses the rainbow flag to test flag support.
Props pento.
See #37543.
Fixes#37566.
Built from https://develop.svn.wordpress.org/trunk@38194
git-svn-id: http://core.svn.wordpress.org/trunk@38135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The button was introduced in [37901] to allow users switching to the selected menu for further edits. A link makes it more clear that the user is taken away from the current view.
This also adds an aria label and makes the button label more verbose, 'Edit Menu'.
Props afercia.
Props helen for review.
Fixes#36795.
Built from https://develop.svn.wordpress.org/trunk@38189
git-svn-id: http://core.svn.wordpress.org/trunk@38130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When doing a bulk update, if there are failures the user needs to know about that. This makes it clearer that you can click on the notification to see more details, especially for screen reader users.
Fixes#37510.
Props juhise, Ankit K Gupta, afercia, jorbin, ocean90.
Built from https://develop.svn.wordpress.org/trunk@38185
git-svn-id: http://core.svn.wordpress.org/trunk@38126 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Twemoji recently added images for the Rainbow and Pirate flags, and the latest iOS 10 beta added support for the Rainbow flag. Never let it be said that WordPress is at anything less than the cutting edge of emoji research and development.
Props ocean90 for the code review.
See #37543.
Built from https://develop.svn.wordpress.org/trunk@38179
git-svn-id: http://core.svn.wordpress.org/trunk@38120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Events for updating exist, but they lack context. This adds args so that plugins can detec t what plugin/theme is being installed. Additionally, events for bulk actions, deleting and that and install is starting didn't exist, so this adds them.
Fixes#37512.
Props DavidAnderson, and ocean90, swissspidy for review.
Built from https://develop.svn.wordpress.org/trunk@38175
git-svn-id: http://core.svn.wordpress.org/trunk@38116 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since [37221] the upload form is added to every plugin install screen via `install_plugins_upload()`. Previously the form was added through the `install_plugins_upload` (alias of `install_plugins_$tab`) action which allowed plugin authors to replace the form. This restores the previous behaviour.
* Add the form only to non-upload plugin install screens.
* Replace `install_plugins_upload()` with the `install_plugins_upload` and `install_plugins_pre_upload` actions.
* Remove `$upload_tab_class` and add a CSS class for the current tab to `.wrap`
* Adjust CSS selectors and toggle the whole container to support upload without an `upload-plugin` class.
Props DavidAnderson, ocean90.
Fixes#37495.
Built from https://develop.svn.wordpress.org/trunk@38172
git-svn-id: http://core.svn.wordpress.org/trunk@38113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Selective refresh will not be available for widgets when they lack these params, so previewing will fallback to full page refreshes. Sidebars registered as such should be rare so this accounts for an edge case.
Fixes#37478.
Built from https://develop.svn.wordpress.org/trunk@38166
git-svn-id: http://core.svn.wordpress.org/trunk@38107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Requests defaults to _GET/query for HEAD/GET/DELETE and _POST/body for POST/PUT/OPTIONS/PATCH. For backward compatibility `WP_HTTP` needs to force `data_format` to 'body' for all non-GET/HEAD requests.
Props dd32.
Fixes#37456.
Built from https://develop.svn.wordpress.org/trunk@38165
git-svn-id: http://core.svn.wordpress.org/trunk@38106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Requests has its own cookie object in form of `Requests_Cookie`. Therefore we have to convert `WP_Http_Cookie` objects to `Requests_Cookie`.
This introduces `WP_Http_Cookie::get_attributes()` to retrieve cookie attributes of a `WP_Http_Cookie` object and `WP_Http::normalize_cookies()` to convert the cookie objects.
Fixes#37437.
Built from https://develop.svn.wordpress.org/trunk@38164
git-svn-id: http://core.svn.wordpress.org/trunk@38105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Add the `wpview-wrap` class and pass third param to the getNodes() callback for back-compat.
- Attach the mutation observer that resizes a view iframe inside the iframe to minimize memory use/leaks.
- Remove the `wp-mce-view-unbind` event. It has never been particularly reliable and now it doesn't fire when the user deletes a view by typing or pasting over it.
- Restore changing of a view iframe body classes when the editor body classes change.
Props iseulde, azaozz.
Fixes#36434.
Built from https://develop.svn.wordpress.org/trunk@38158
git-svn-id: http://core.svn.wordpress.org/trunk@38099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Under certain conditions upgrades on Windows may fail because `wp_tempnam()` gets called in a loop.
This can happen when `wp_tempnam()` is called with `\.maintenance` for the `$filename` parameter. The function strips the extension, in this case `.maintenance`, which results in an empty filename. Because it's empty, `wp_tempnam()` calls itself with `dirname( '\.maintenance' )`. On *nix systems this would be `"/"` which allows `wp_tempnam()` to fall back on `time()`. But on Windows it's `"\"`.
This change adds the backslash to the list of characters which allow `wp_tempnam()` to fall back on `time()`.
See [32322], [31936].
Fixes#33999.
Built from https://develop.svn.wordpress.org/trunk@38151
git-svn-id: http://core.svn.wordpress.org/trunk@38092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update DocBlock to use third-person singular verb and to include a period at the end.
* Use `submit_button()` for the submit button.
* Escape the ID attribute.
* Apply the same to `WP_List_Table::search_box()`.
See #37230.
Built from https://develop.svn.wordpress.org/trunk@38146
git-svn-id: http://core.svn.wordpress.org/trunk@38087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`$context` is a full path to the directory that is tested for being writable. A path shouldn't be a boolean value.
This also updates `WP_Upgrader_Skin::request_filesystem_credentials()` and `Automatic_Upgrader_Skin::request_filesystem_credentials()` and adds missing docs.
Props DrewAPicture, ocean90.
Fixes#37412.
Built from https://develop.svn.wordpress.org/trunk@38138
git-svn-id: http://core.svn.wordpress.org/trunk@38079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Rename the `$post_type` parameter to `$box` for clarity and consistency with other meta box functions.
* Make the docs more consistent with `post_format_meta_box()` and other meta box functions.
* Correct type and description for the third argument of `nav_menu_items_{$post_type_name}_recent` filter.
See #37211.
Built from https://develop.svn.wordpress.org/trunk@38129
git-svn-id: http://core.svn.wordpress.org/trunk@38070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `preconnect` will be potentially pretty heavy on the CDN. With the Unicode 9.0 emoji update, almost all browsers will trigger the `preconnect`.
* `preconnect` only opens one connection, but `s.w.org` is HTTP/1.1, so the browser will use the preconnected connection for the first emoji, then it has to open new connections for subsequent emoji.
Also use the same URL as we use for the `emoji_svg_url` filter. This will print the hint for the correct CDN in case someone uses a custom CDN.
Props peterwilsoncc.
Fixes#37387.
Built from https://develop.svn.wordpress.org/trunk@38122
git-svn-id: http://core.svn.wordpress.org/trunk@38063 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, changing the post thumbnail of a published post in the edit screen
would immediately apply the change, rather than waiting for the post to be
saved before applying the update. This could lead to someone unintentionally
editing the post thumbnail on a published post, and made it impossible to
preview changes to post thumbnails on published posts before saving the change.
This introduces a new Ajax handler, `wp_ajax_get_post_thumbnail_html()` to
retrieve the HTML for the post thumbnail meta box without updating the post
meta value for `_thumbnail_id`. It also allows post thumbnail changes to be
previewed by passing the `_thumbnail_id` as a query variable to the preview
screen and adding a new filter, `_wp_preview_post_thumbnail_filter()`, which
gets applied to `get_post_metadata` during the post preview process.
Props flixos90.
Fixes#12922.
Built from https://develop.svn.wordpress.org/trunk@38118
git-svn-id: http://core.svn.wordpress.org/trunk@38059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is a follow up to [38065] to ensure that `wp.html.string()` always
converts empty `alt` attributes to `alt=""` rather than returning HTML using
empty attribute notation, like `alt`. This allows screen readers to ignore
images with empty `alt` attributes, rather than reading out the URL string.
Additionally this completely removes the logic in `wp.html.string()` for
converting blank attributes to empty attribute notation since empty attribute
notation is generally meant to denote a boolean value, e.g.,
`checked` == `checked="checked"`, which doesn't apply in this context because
boolean attributes must be omitted in order to represent a `false` value.
See: https://www.w3.org/TR/html5/infrastructure.html#boolean-attributes
Props adamsilverstein, afineman, joemcgill.
Fixes#36735.
Built from https://develop.svn.wordpress.org/trunk@38116
git-svn-id: http://core.svn.wordpress.org/trunk@38057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While messages passed to `wp.speak.a11y()` should preferably be meaningful,
short, and carefully crafted case by case, this will ensure any HTML tags will
be stripped out from the message string.
Props adamsilverstein.
Fixes#37382.
Built from https://develop.svn.wordpress.org/trunk@38115
git-svn-id: http://core.svn.wordpress.org/trunk@38056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `IMAGE_EDIT_OVERWRITE` is set to true, edited image files are
supposed to be deleted when an image is restored to the original.
However, when an image was edited more than once, and then restored,
files created during previous edits were left behind.
Fixes this behavior by updating `wp_save_image()` to clean up
leftover images after each edit when `IMAGE_EDIT_OVERWRITE` is true.
Props bradt, chriscct7, joemcgill.
Fixes#32171.
Built from https://develop.svn.wordpress.org/trunk@38113
git-svn-id: http://core.svn.wordpress.org/trunk@38054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Externally hosted script and style dependencies trigger `dns-prefetch` hinting only when enqueued. This removed a bug in which hinting was added on registration.
Renames the function `wp_resource_hints_scripts_styles` to `wp_dependencies_unique_hosts` as the function provides the hosts, not the hinting.
Props swissspidy.
Fixes#37385.
Built from https://develop.svn.wordpress.org/trunk@38100
git-svn-id: http://core.svn.wordpress.org/trunk@38041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to the introduction of `WP_Term_Query`, the 'orderby' clause
passed to the 'terms_clauses' filter was prefixed by `ORDER BY`. After
`WP_Term_Query`, this was not the case; `ORDER BY` was added after the
filter. As such, plugins filtering 'terms_clauses' and returning an
'orderby' clause beginning with `ORDER BY` resulted in invalid syntax
when `WP_Term_Query` prepended a second `ORDER BY` keyword to
the clause.
This changeset rearranges the way the 'orderby' clause is built so that
it will be passed to 'terms_clauses' in the previous format.
Fixes#37378.
Built from https://develop.svn.wordpress.org/trunk@38099
git-svn-id: http://core.svn.wordpress.org/trunk@38040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Registration is now based solely on object type, which allows the code around this to be simplified significantly.
In the process of making this adjustment:
* `register_meta()`, `unregister_meta_key()`, `get_registered_metadata()`, and `registered_meta_key_exists()` no longer return `WP_Error` objects.
* The recently introduced `wp_object_type_exists()` function and the restriction on object type has been removed.
Note: No guarantee of uniqueness is made across object subtypes. Registered meta keys should be uniquely prefixed to avoid conflict.
Fixes#35658.
Built from https://develop.svn.wordpress.org/trunk@38095
git-svn-id: http://core.svn.wordpress.org/trunk@38036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Both list tables provide different actions based on where they are loaded, regular admin or network admin. Since there is only one Ajax handler for both screens we have to set the current screen before using the list tables.
Props swissspidy, ocean90.
Fixes#37373.
Built from https://develop.svn.wordpress.org/trunk@38091
git-svn-id: http://core.svn.wordpress.org/trunk@38032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This includes a new test in the emoji loader, to see if the browser supports rendering Unicode 9.0 emoji, as well as an update to `twemoji.js`, to load Unicode 9.0 twemoji images.
The default CDN location for loading Twemoji images has changed, moving to a versioned subdirectory. This allows updates without needing to purge the CDN.
Fixes#37361.
Built from https://develop.svn.wordpress.org/trunk@38087
git-svn-id: http://core.svn.wordpress.org/trunk@38028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `$size` is passed to `image_get_intermediate_size()` as an array of width
and height values and an exact image size matching those values isn't available,
the function loops through the available attachment sizes and returns the
smallest image larger than the requested dimensions with the same aspect ratio.
The aspect ratio check is skipped for the 'thumbnail' size to provide a fallback
for small sizes when no other image option is available. This resulted in a poor
selection when the size requested was smaller than the 'thumbnail' dimensions
but a larger size matching the requested ratio existed.
This refactors the internals of `image_get_intermediate_size()` to ensure the
'thumbnail' size is only returned as a fallback to small sizes once all other
options have been considered, and makes the control flow easier to follow.
This also introduces a new helper function, `wp_image_matches_ratio()` for
testing whether the aspect ratios of two sets of dimensions match. This function
is also now used in `wp_calculate_image_srcset()` during the selection process.
Props flixos, joemcgill.
Fixes#34384, #34980.
Built from https://develop.svn.wordpress.org/trunk@38086
git-svn-id: http://core.svn.wordpress.org/trunk@38027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improves the `containFocus()` function to always get the correct first and last
focusable elements, even when the theme browser shows the active theme details.
Also, when on the first and last theme, adds a `disabled` attribute on the
previous and next navigation buttons to make them not focusable.
Fixes#37383.
Built from https://develop.svn.wordpress.org/trunk@38084
git-svn-id: http://core.svn.wordpress.org/trunk@38025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Remove title attributes.
* Show "Install Now" and "Details" links if the importer isn't installed yet.
* Show a "Run Importer" link if the importer is installed. It also handles activation if the plugin isn't activated.
* Add `aria-label` attributes to each link.
* Unify the importer descriptions to make them independent from the plugin state. The API was changed in [meta3690].
* Adjust JavaScript callbacks for ajaxified importer installs.
Props afercia, swissspidy, ocean90.
See #24766.
Fixes#35191.
Built from https://develop.svn.wordpress.org/trunk@38075
git-svn-id: http://core.svn.wordpress.org/trunk@38016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36874] changed the `get_term()` call so that no `$taxonomy` parameter
was passed, as 4.4 made the parameter optional. This change made it
impossible to access a shared term that has not yet been splitr, since
passing an ambiguous `$term_id` to `get_term()` results in an error.
Restoring the `$taxonomy` parameter fixes the regression.
Props alleynoah, dlh.
Fixes#37205.
Built from https://develop.svn.wordpress.org/trunk@38069
git-svn-id: http://core.svn.wordpress.org/trunk@38010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, when inserting an image from a URL, leaving the `alt`
field blank in the media modal would result in an image being
inserted into the editor without an `alt` attribute, rather than
an empty `alt`. This happened because the `props.type` would not
get set in `wp.media.string.props()` — because `attachment` is
undefined in this case — causing the image fallbacks to get
skipped.
This fixes the issue by explicitly setting `props.type` to 'image'
in `wp.media.string.image()` before filling out the rest of the
properties.
Props ambrosey, dabnpits.
Fixes#36735.
Built from https://develop.svn.wordpress.org/trunk@38065
git-svn-id: http://core.svn.wordpress.org/trunk@38006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, `wp_mail()` implemented Reply-To as a generic header, using
PHPMailer's `addCustomHeader()`. As such, the email address portion of
the header was being incorrectly encoded when the name portion
contained UTF-8 characters. Switching to PHPMailer's more specific
`addReplyTo()` method fixes the issue.
For greater readability, the handling of all address-related headers
(To, CC, BCC, Reply-To) has been standardized.
Props szepe.viktor, iandunn, bpetty, stephenharris.
Fixes#21659.
Built from https://develop.svn.wordpress.org/trunk@38058
git-svn-id: http://core.svn.wordpress.org/trunk@37999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_HTTP_Proxy()` is used directly in `WP_Http_Curl()` and `WP_Http_Streams()`. Since `WP_Http::request()` doesn't use them anymore we have to move the proxy handling into `WP_Http::request()` so the proxy data can be passed to `Requests::request()`.
Props rmccue.
See #33055.
Fixes#37107.
Built from https://develop.svn.wordpress.org/trunk@38054
git-svn-id: http://core.svn.wordpress.org/trunk@37995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In some cases, images in the media library may contain spaces in
their filenames. This results in an invalid `srcset` attribute,
causing broken images on the front end. This change fixes the issue
by replacing spaces in URLs with URL encoded '%20' characters before
returning the `srcset` string.
Props underdude, joemcgill.
Fixes#36549.
Built from https://develop.svn.wordpress.org/trunk@38052
git-svn-id: http://core.svn.wordpress.org/trunk@37993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use `wp_kses()` to clean comment_content for preg_match against the blacklist_keys. Also includes some initial unit tests for `wp_blacklist_check()`.
Previously, if a blacklisted key was used in comment_content split by an html tag the regex in `wp_blacklist_check()` would not find a match. Example: Where "springfield" was a blacklisted word, if the content of a comment included `spring<i>field</i>" `wp_blacklist_check()` would not return true.
Props cfinke.
Fixes#37208.
Built from https://develop.svn.wordpress.org/trunk@38047
git-svn-id: http://core.svn.wordpress.org/trunk@37988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When using `register_meta()` with the function signature from 4.5 and earlier, the `auth_{$type}_meta_{$key}` and `sanitize_{$type}_meta_{$key}` filters are used. Any calls to `register_meta()` expecting this behavior should continue to work. The new filters, which take advantage of object subtypes, should not be added unless the proper `$args` array is passed.
See #35658.
Built from https://develop.svn.wordpress.org/trunk@38041
git-svn-id: http://core.svn.wordpress.org/trunk@37982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If auth and/or sanitize callbacks are specified in the arguments for
`register_meta()`, filters are added to handle these callbacks. These
should be removed when calling `unregister_meta_key()` to avoid
unintentional filtering.
See #35658.
Built from https://develop.svn.wordpress.org/trunk@38040
git-svn-id: http://core.svn.wordpress.org/trunk@37981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Don't lower memory limit if the current limit is greater than `WP_MAX_MEMORY_LIMIT`.
* Set `WP_MEMORY_LIMIT` and `WP_MAX_MEMORY_LIMIT` to current limit if the `memory_limit` setting can't be changed at runtime.
* Use `wp_convert_hr_to_bytes()` when parsing the value of the `memory_limit` setting because it can be a shorthand or an integer value.
* Introduce `wp_raise_memory_limit( $context )` to raise the PHP memory limit for memory intensive processes. This DRYs up some logic and includes the existing `admin_memory_limit` and `image_memory_limit` filters. The function can also be used for custom contexts, the `{$context}_memory_limit` filter allows to customize the limit.
* Introduce `wp_is_ini_value_changeable( $setting )` to determine whether a PHP ini value is changeable at runtime.
* Remove a `function_exists( 'memory_get_usage' )` check. Since PHP 5.2.1 support for memory limit is always enabled.
Related commits: [38011-38013]
Props jrf, A5hleyRich, swissspidy, ocean90.
Fixes#32075.
Built from https://develop.svn.wordpress.org/trunk@38015
git-svn-id: http://core.svn.wordpress.org/trunk@37956 1a063a9b-81f0-0310-95a4-ce76da25c4cd