Extend the check in 'rest_allow_anonymous_comments' to accept any falsy value
(previously this was an explicit check for `false`).
One possible failure case is that a plugin developer forgets to include a
return value for some code path in their callback for this filter, leading to a
value of `null` which is currently treated like `true`.
Props joehoyle, jnylen0.
Fixes#39010.
Built from https://develop.svn.wordpress.org/trunk@39487
git-svn-id: http://core.svn.wordpress.org/trunk@39427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The theme uses a hack to help the video header and header image fill the available space. This centers around `max-width: 1000%;`. It causes visual issues (zooming of the header video or image) for all users though.
This fixes that with CSS Features Queries. The hack remains for browsers that don't support Feature Queries and `object-fit`. Browsers that do support both get a better experience with a more reliable styling of the video and image header container.
Props laurelfulford, peterwilsoncc.
Fixes#39035.
Built from https://develop.svn.wordpress.org/trunk@39483
git-svn-id: http://core.svn.wordpress.org/trunk@39423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `siteurl` setting is registered and made available to the REST API. On a multisite installation, this setting is not configurable from the General Settings screen, but due to the above it is configurable from the REST API.
Props peterwilsoncc.
Fixes#39005.
Built from https://develop.svn.wordpress.org/trunk@39468
git-svn-id: http://core.svn.wordpress.org/trunk@39408 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the `require_name_email` option is true, creating a comment with an empty string for the author name or email should not be accepted. Both values can be an empty string on update.
Props flixos90, hnle, dd32, rachelbaker, jnylen0, ChopinBach, joehoyle, pento.
Fixes#38971.
Built from https://develop.svn.wordpress.org/trunk@39444
git-svn-id: http://core.svn.wordpress.org/trunk@39384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- `'orderby' => 'include'` requires an array of post_ids via the `include` collection param.
`'orderby' => 'id'` and `'orderby' => 'slug'` need map the correct WP_Query equivalents.
Props flixos90, hnle, dd32, rachelbaker, joehoyle, pento.
Fixes#38971.
Built from https://develop.svn.wordpress.org/trunk@39440
git-svn-id: http://core.svn.wordpress.org/trunk@39380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In wp-admin, users are removed from individual sites rather than deleted. A user can only be deleted from the network admin.
Until support for a `PUT` request that removes a user's site and content associations is available, `DELETE` requests are disabled to avoid possible issues with lost content.
Props jnylen0, rachelbaker.
Fixes#38962.
Built from https://develop.svn.wordpress.org/trunk@39438
git-svn-id: http://core.svn.wordpress.org/trunk@39378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When deleting a user through the WordPress admin, a specific decision is presented - whether to assign all of the user's posts to another user, or to delete all of the posts.
This change requires `reassign` as a parameter in the corresponding REST API endpoint, so that content isn't accidentally lost.
Props jeremyfelt.
Fixes#39000.
Built from https://develop.svn.wordpress.org/trunk@39426
git-svn-id: http://core.svn.wordpress.org/trunk@39366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This simplifies the line `$( siteNavigation.closest( '.main-navigation' ), this ).toggleClass( 'toggled-on' );` to `$( siteNavContain ).toggleClass( 'toggled-on' );`, since `this` is the clicked button, so the extra context isn't needed.
Props afercia, laurelfulford.
Fixes#38992.
Built from https://develop.svn.wordpress.org/trunk@39419
git-svn-id: http://core.svn.wordpress.org/trunk@39359 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that a standard header is shown on the front page whenever
a header video is set without a header image if the video doesn't load,
e.g., on mobile sizes or if the JS doesn't fire.
This adds a new class, `.has-header-video` that is added whenever the
`wp-custom-header-video-loaded` event is fired, which is then used to style
the custom headers along with `.has-header-image` whenever a header image
is available. This also changes the class name on the custom header media
wrapping `div` from `.custom-header-image` to `.custom-header-media`.
Props laurelfulford, joemcgill.
Fixes#38995.
Built from https://develop.svn.wordpress.org/trunk@39413
git-svn-id: http://core.svn.wordpress.org/trunk@39353 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Updates `wp_unique_post_slug()` to ignore `auto-draft` posts. Prevents publishing multiple posts that have the same slugs from starter content.
* Fixes fatal error when attempting to save an header_image setting from a non-admin context.
* Fixes substituting attachment symbols in options and theme mods.
* Fixes applying starter content for header images and background images.
See #38114.
Fixes#38928.
Built from https://develop.svn.wordpress.org/trunk@39411
git-svn-id: http://core.svn.wordpress.org/trunk@39351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Also moves checks from `customize_save` Ajax handler to the underlying `WP_Customize_Manager::save_changeset_post()` call which plugins may invoke directly.
* Ensures that `customize_save_response` filter is always passed an array, with error code available as `code`.
Props utkarshpatel, westonruter, sayedwp.
See #30937.
Fixes#38943.
Built from https://develop.svn.wordpress.org/trunk@39409
git-svn-id: http://core.svn.wordpress.org/trunk@39349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change the capability check used in `WP_REST_Terms_Controller` when creating a new term is attempted, from `manage_terms` to `edit_terms`. This matches the behavior within the WordPress admin. See #35614.
Props johnbillion, rmccue, rachelbaker, helen, jorbin, SergeyBiryukov.
Fixes#38958.
Built from https://develop.svn.wordpress.org/trunk@39402
git-svn-id: http://core.svn.wordpress.org/trunk@39342 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the `check_username()` and `check_password()` callbacks in the Users controller cast the provided request value to a string. The `rest_sanitize_value_from_schema()` function was being used incorrectly which was causing unintended request parsing.
In `rest_sanitize_request_arg()` do not pass nonexistent third parameter for the `rest_sanitize_value_from_schema()` function.
Props jnylen0, joehoyle, rachelbaker, ocean90.
Fixes#38984.
Built from https://develop.svn.wordpress.org/trunk@39400
git-svn-id: http://core.svn.wordpress.org/trunk@39340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
