Under certain conditions upgrades on Windows may fail because `wp_tempnam()` gets called in a loop.
This can happen when `wp_tempnam()` is called with `\.maintenance` for the `$filename` parameter. The function strips the extension, in this case `.maintenance`, which results in an empty filename. Because it's empty, `wp_tempnam()` calls itself with `dirname( '\.maintenance' )`. On *nix systems this would be `"/"` which allows `wp_tempnam()` to fall back on `time()`. But on Windows it's `"\"`.
This change adds the backslash to the list of characters which allow `wp_tempnam()` to fall back on `time()`.
See [32322], [31936].
Fixes#33999.
Built from https://develop.svn.wordpress.org/trunk@38151
git-svn-id: http://core.svn.wordpress.org/trunk@38092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update DocBlock to use third-person singular verb and to include a period at the end.
* Use `submit_button()` for the submit button.
* Escape the ID attribute.
* Apply the same to `WP_List_Table::search_box()`.
See #37230.
Built from https://develop.svn.wordpress.org/trunk@38146
git-svn-id: http://core.svn.wordpress.org/trunk@38087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`$context` is a full path to the directory that is tested for being writable. A path shouldn't be a boolean value.
This also updates `WP_Upgrader_Skin::request_filesystem_credentials()` and `Automatic_Upgrader_Skin::request_filesystem_credentials()` and adds missing docs.
Props DrewAPicture, ocean90.
Fixes#37412.
Built from https://develop.svn.wordpress.org/trunk@38138
git-svn-id: http://core.svn.wordpress.org/trunk@38079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Rename the `$post_type` parameter to `$box` for clarity and consistency with other meta box functions.
* Make the docs more consistent with `post_format_meta_box()` and other meta box functions.
* Correct type and description for the third argument of `nav_menu_items_{$post_type_name}_recent` filter.
See #37211.
Built from https://develop.svn.wordpress.org/trunk@38129
git-svn-id: http://core.svn.wordpress.org/trunk@38070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `preconnect` will be potentially pretty heavy on the CDN. With the Unicode 9.0 emoji update, almost all browsers will trigger the `preconnect`.
* `preconnect` only opens one connection, but `s.w.org` is HTTP/1.1, so the browser will use the preconnected connection for the first emoji, then it has to open new connections for subsequent emoji.
Also use the same URL as we use for the `emoji_svg_url` filter. This will print the hint for the correct CDN in case someone uses a custom CDN.
Props peterwilsoncc.
Fixes#37387.
Built from https://develop.svn.wordpress.org/trunk@38122
git-svn-id: http://core.svn.wordpress.org/trunk@38063 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, changing the post thumbnail of a published post in the edit screen
would immediately apply the change, rather than waiting for the post to be
saved before applying the update. This could lead to someone unintentionally
editing the post thumbnail on a published post, and made it impossible to
preview changes to post thumbnails on published posts before saving the change.
This introduces a new Ajax handler, `wp_ajax_get_post_thumbnail_html()` to
retrieve the HTML for the post thumbnail meta box without updating the post
meta value for `_thumbnail_id`. It also allows post thumbnail changes to be
previewed by passing the `_thumbnail_id` as a query variable to the preview
screen and adding a new filter, `_wp_preview_post_thumbnail_filter()`, which
gets applied to `get_post_metadata` during the post preview process.
Props flixos90.
Fixes#12922.
Built from https://develop.svn.wordpress.org/trunk@38118
git-svn-id: http://core.svn.wordpress.org/trunk@38059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is a follow up to [38065] to ensure that `wp.html.string()` always
converts empty `alt` attributes to `alt=""` rather than returning HTML using
empty attribute notation, like `alt`. This allows screen readers to ignore
images with empty `alt` attributes, rather than reading out the URL string.
Additionally this completely removes the logic in `wp.html.string()` for
converting blank attributes to empty attribute notation since empty attribute
notation is generally meant to denote a boolean value, e.g.,
`checked` == `checked="checked"`, which doesn't apply in this context because
boolean attributes must be omitted in order to represent a `false` value.
See: https://www.w3.org/TR/html5/infrastructure.html#boolean-attributes
Props adamsilverstein, afineman, joemcgill.
Fixes#36735.
Built from https://develop.svn.wordpress.org/trunk@38116
git-svn-id: http://core.svn.wordpress.org/trunk@38057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While messages passed to `wp.speak.a11y()` should preferably be meaningful,
short, and carefully crafted case by case, this will ensure any HTML tags will
be stripped out from the message string.
Props adamsilverstein.
Fixes#37382.
Built from https://develop.svn.wordpress.org/trunk@38115
git-svn-id: http://core.svn.wordpress.org/trunk@38056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `IMAGE_EDIT_OVERWRITE` is set to true, edited image files are
supposed to be deleted when an image is restored to the original.
However, when an image was edited more than once, and then restored,
files created during previous edits were left behind.
Fixes this behavior by updating `wp_save_image()` to clean up
leftover images after each edit when `IMAGE_EDIT_OVERWRITE` is true.
Props bradt, chriscct7, joemcgill.
Fixes#32171.
Built from https://develop.svn.wordpress.org/trunk@38113
git-svn-id: http://core.svn.wordpress.org/trunk@38054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Externally hosted script and style dependencies trigger `dns-prefetch` hinting only when enqueued. This removed a bug in which hinting was added on registration.
Renames the function `wp_resource_hints_scripts_styles` to `wp_dependencies_unique_hosts` as the function provides the hosts, not the hinting.
Props swissspidy.
Fixes#37385.
Built from https://develop.svn.wordpress.org/trunk@38100
git-svn-id: http://core.svn.wordpress.org/trunk@38041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to the introduction of `WP_Term_Query`, the 'orderby' clause
passed to the 'terms_clauses' filter was prefixed by `ORDER BY`. After
`WP_Term_Query`, this was not the case; `ORDER BY` was added after the
filter. As such, plugins filtering 'terms_clauses' and returning an
'orderby' clause beginning with `ORDER BY` resulted in invalid syntax
when `WP_Term_Query` prepended a second `ORDER BY` keyword to
the clause.
This changeset rearranges the way the 'orderby' clause is built so that
it will be passed to 'terms_clauses' in the previous format.
Fixes#37378.
Built from https://develop.svn.wordpress.org/trunk@38099
git-svn-id: http://core.svn.wordpress.org/trunk@38040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Registration is now based solely on object type, which allows the code around this to be simplified significantly.
In the process of making this adjustment:
* `register_meta()`, `unregister_meta_key()`, `get_registered_metadata()`, and `registered_meta_key_exists()` no longer return `WP_Error` objects.
* The recently introduced `wp_object_type_exists()` function and the restriction on object type has been removed.
Note: No guarantee of uniqueness is made across object subtypes. Registered meta keys should be uniquely prefixed to avoid conflict.
Fixes#35658.
Built from https://develop.svn.wordpress.org/trunk@38095
git-svn-id: http://core.svn.wordpress.org/trunk@38036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Both list tables provide different actions based on where they are loaded, regular admin or network admin. Since there is only one Ajax handler for both screens we have to set the current screen before using the list tables.
Props swissspidy, ocean90.
Fixes#37373.
Built from https://develop.svn.wordpress.org/trunk@38091
git-svn-id: http://core.svn.wordpress.org/trunk@38032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This includes a new test in the emoji loader, to see if the browser supports rendering Unicode 9.0 emoji, as well as an update to `twemoji.js`, to load Unicode 9.0 twemoji images.
The default CDN location for loading Twemoji images has changed, moving to a versioned subdirectory. This allows updates without needing to purge the CDN.
Fixes#37361.
Built from https://develop.svn.wordpress.org/trunk@38087
git-svn-id: http://core.svn.wordpress.org/trunk@38028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `$size` is passed to `image_get_intermediate_size()` as an array of width
and height values and an exact image size matching those values isn't available,
the function loops through the available attachment sizes and returns the
smallest image larger than the requested dimensions with the same aspect ratio.
The aspect ratio check is skipped for the 'thumbnail' size to provide a fallback
for small sizes when no other image option is available. This resulted in a poor
selection when the size requested was smaller than the 'thumbnail' dimensions
but a larger size matching the requested ratio existed.
This refactors the internals of `image_get_intermediate_size()` to ensure the
'thumbnail' size is only returned as a fallback to small sizes once all other
options have been considered, and makes the control flow easier to follow.
This also introduces a new helper function, `wp_image_matches_ratio()` for
testing whether the aspect ratios of two sets of dimensions match. This function
is also now used in `wp_calculate_image_srcset()` during the selection process.
Props flixos, joemcgill.
Fixes#34384, #34980.
Built from https://develop.svn.wordpress.org/trunk@38086
git-svn-id: http://core.svn.wordpress.org/trunk@38027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improves the `containFocus()` function to always get the correct first and last
focusable elements, even when the theme browser shows the active theme details.
Also, when on the first and last theme, adds a `disabled` attribute on the
previous and next navigation buttons to make them not focusable.
Fixes#37383.
Built from https://develop.svn.wordpress.org/trunk@38084
git-svn-id: http://core.svn.wordpress.org/trunk@38025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Remove title attributes.
* Show "Install Now" and "Details" links if the importer isn't installed yet.
* Show a "Run Importer" link if the importer is installed. It also handles activation if the plugin isn't activated.
* Add `aria-label` attributes to each link.
* Unify the importer descriptions to make them independent from the plugin state. The API was changed in [meta3690].
* Adjust JavaScript callbacks for ajaxified importer installs.
Props afercia, swissspidy, ocean90.
See #24766.
Fixes#35191.
Built from https://develop.svn.wordpress.org/trunk@38075
git-svn-id: http://core.svn.wordpress.org/trunk@38016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36874] changed the `get_term()` call so that no `$taxonomy` parameter
was passed, as 4.4 made the parameter optional. This change made it
impossible to access a shared term that has not yet been splitr, since
passing an ambiguous `$term_id` to `get_term()` results in an error.
Restoring the `$taxonomy` parameter fixes the regression.
Props alleynoah, dlh.
Fixes#37205.
Built from https://develop.svn.wordpress.org/trunk@38069
git-svn-id: http://core.svn.wordpress.org/trunk@38010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, when inserting an image from a URL, leaving the `alt`
field blank in the media modal would result in an image being
inserted into the editor without an `alt` attribute, rather than
an empty `alt`. This happened because the `props.type` would not
get set in `wp.media.string.props()` — because `attachment` is
undefined in this case — causing the image fallbacks to get
skipped.
This fixes the issue by explicitly setting `props.type` to 'image'
in `wp.media.string.image()` before filling out the rest of the
properties.
Props ambrosey, dabnpits.
Fixes#36735.
Built from https://develop.svn.wordpress.org/trunk@38065
git-svn-id: http://core.svn.wordpress.org/trunk@38006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, `wp_mail()` implemented Reply-To as a generic header, using
PHPMailer's `addCustomHeader()`. As such, the email address portion of
the header was being incorrectly encoded when the name portion
contained UTF-8 characters. Switching to PHPMailer's more specific
`addReplyTo()` method fixes the issue.
For greater readability, the handling of all address-related headers
(To, CC, BCC, Reply-To) has been standardized.
Props szepe.viktor, iandunn, bpetty, stephenharris.
Fixes#21659.
Built from https://develop.svn.wordpress.org/trunk@38058
git-svn-id: http://core.svn.wordpress.org/trunk@37999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_HTTP_Proxy()` is used directly in `WP_Http_Curl()` and `WP_Http_Streams()`. Since `WP_Http::request()` doesn't use them anymore we have to move the proxy handling into `WP_Http::request()` so the proxy data can be passed to `Requests::request()`.
Props rmccue.
See #33055.
Fixes#37107.
Built from https://develop.svn.wordpress.org/trunk@38054
git-svn-id: http://core.svn.wordpress.org/trunk@37995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In some cases, images in the media library may contain spaces in
their filenames. This results in an invalid `srcset` attribute,
causing broken images on the front end. This change fixes the issue
by replacing spaces in URLs with URL encoded '%20' characters before
returning the `srcset` string.
Props underdude, joemcgill.
Fixes#36549.
Built from https://develop.svn.wordpress.org/trunk@38052
git-svn-id: http://core.svn.wordpress.org/trunk@37993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use `wp_kses()` to clean comment_content for preg_match against the blacklist_keys. Also includes some initial unit tests for `wp_blacklist_check()`.
Previously, if a blacklisted key was used in comment_content split by an html tag the regex in `wp_blacklist_check()` would not find a match. Example: Where "springfield" was a blacklisted word, if the content of a comment included `spring<i>field</i>" `wp_blacklist_check()` would not return true.
Props cfinke.
Fixes#37208.
Built from https://develop.svn.wordpress.org/trunk@38047
git-svn-id: http://core.svn.wordpress.org/trunk@37988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When using `register_meta()` with the function signature from 4.5 and earlier, the `auth_{$type}_meta_{$key}` and `sanitize_{$type}_meta_{$key}` filters are used. Any calls to `register_meta()` expecting this behavior should continue to work. The new filters, which take advantage of object subtypes, should not be added unless the proper `$args` array is passed.
See #35658.
Built from https://develop.svn.wordpress.org/trunk@38041
git-svn-id: http://core.svn.wordpress.org/trunk@37982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If auth and/or sanitize callbacks are specified in the arguments for
`register_meta()`, filters are added to handle these callbacks. These
should be removed when calling `unregister_meta_key()` to avoid
unintentional filtering.
See #35658.
Built from https://develop.svn.wordpress.org/trunk@38040
git-svn-id: http://core.svn.wordpress.org/trunk@37981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Don't lower memory limit if the current limit is greater than `WP_MAX_MEMORY_LIMIT`.
* Set `WP_MEMORY_LIMIT` and `WP_MAX_MEMORY_LIMIT` to current limit if the `memory_limit` setting can't be changed at runtime.
* Use `wp_convert_hr_to_bytes()` when parsing the value of the `memory_limit` setting because it can be a shorthand or an integer value.
* Introduce `wp_raise_memory_limit( $context )` to raise the PHP memory limit for memory intensive processes. This DRYs up some logic and includes the existing `admin_memory_limit` and `image_memory_limit` filters. The function can also be used for custom contexts, the `{$context}_memory_limit` filter allows to customize the limit.
* Introduce `wp_is_ini_value_changeable( $setting )` to determine whether a PHP ini value is changeable at runtime.
* Remove a `function_exists( 'memory_get_usage' )` check. Since PHP 5.2.1 support for memory limit is always enabled.
Related commits: [38011-38013]
Props jrf, A5hleyRich, swissspidy, ocean90.
Fixes#32075.
Built from https://develop.svn.wordpress.org/trunk@38015
git-svn-id: http://core.svn.wordpress.org/trunk@37956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_convert_hr_to_bytes()` was previously defined in wp-includes/media.php because it's only used by `wp_max_upload_size()` in the same file.
Moving this function to load.php allows us to improve core's memory limit handling.
See #32075.
Built from https://develop.svn.wordpress.org/trunk@38012
git-svn-id: http://core.svn.wordpress.org/trunk@37953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, if a user was added with the checkbox for no confirmation selected and an error was then encountered in `wpmu_activate_signup()`, a fatal error would trigger because `$new_user` was a `WP_Error` object rather than a user.
Fixes#37223.
Built from https://develop.svn.wordpress.org/trunk@38007
git-svn-id: http://core.svn.wordpress.org/trunk@37948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When comment IDs are fetched from the cache rather than the database,
the subsequent `SELECT FOUND_ROWS()` query will not return the correct value.
To avoid unnecessary queries, we cache the results of the `found_comments`
query alongside the comment IDs.
Props spacedmonkey.
Fixes#37184.
Built from https://develop.svn.wordpress.org/trunk@38001
git-svn-id: http://core.svn.wordpress.org/trunk@37942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In doing this, non-core object types are no longer forcibly blocked and are instead checked against `wp_object_type_exists()` which has a filterable return value. Still, filter that at your own risk.
props Faison for the initial patch.
see 35658.
Built from https://develop.svn.wordpress.org/trunk@37991
git-svn-id: http://core.svn.wordpress.org/trunk@37932 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The array-compatibility object we started returning in r37428 unfortunately isn't enough like an array. In particular, `is_array()` checks fail, despite the object implementing ArrayAccess. Mea culpa.
This moves the WP_HTTP_Response object to a new http_response key in the array, and changes the value back to an actual array.
Fixes#37097.
See #33055.
Built from https://develop.svn.wordpress.org/trunk@37989
git-svn-id: http://core.svn.wordpress.org/trunk@37930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When enabled, the switch would override the theme's pseudo-plural `'% Comments'` string with a correct form of `_n( '%s Comment', '%s Comments', $number )`.
Historically, `comments_popup_link()` and `get_comments_number_text()` did not support plural forms and used a pseudo-plural style instead, so some locales were forced to come up with workarounds to display the number of comments in their language correctly.
This change should make those functions more i18n-friendly.
Fixes#13651.
Built from https://develop.svn.wordpress.org/trunk@37987
git-svn-id: http://core.svn.wordpress.org/trunk@37928 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `wp_calculate_image_srcset()` we get an array of image sizes
associated with an attachment and then add the original image's
information to the array before processing the `srcset`. In doing
so, we set the original data to a `$image_sizes['full']` key, which
could stomp on any custom image sizes using `full` as a size name.
This avoid the issues by adding the original data without a named
key, which is never referenced anyway.
Props jaspermdegroot.
Fixes#36345.
Built from https://develop.svn.wordpress.org/trunk@37986
git-svn-id: http://core.svn.wordpress.org/trunk@37927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_plugin_update_rows()` and `wp_theme_update_rows()` are using the site transients `update_plugins` and `update_themes` which are set by `wp_update_plugins()` and `wp_update_themes()`. Both functions are hooked into `load-plugins.php` and `load-themes.php`. Therefore the update rows need to be registered after the transients were populated.
See #13071.
Built from https://develop.svn.wordpress.org/trunk@37978
git-svn-id: http://core.svn.wordpress.org/trunk@37919 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The plugin details modal has been greatly improved in [37714]. However, Shiny Updates aren't yet implemented on the Dashboard. Therefore, we need to fall back to The Bleak Screen of Sadness. Otherwise nothing happens when trying to install an update from inside the modal.
Fixes#37131. See #37126.
Built from https://develop.svn.wordpress.org/trunk@37974
git-svn-id: http://core.svn.wordpress.org/trunk@37915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The plugin details modal has been greatly improved in [37714]. However, Shiny Updates aren't yet implemented on the WordPress Updates screen. Therefore, we need to fall back to The Bleak Screen of Sadness. Otherwise nothing happens when trying to install an update from inside the modal.
Props Nikschavan.
Fixes#37126.
Built from https://develop.svn.wordpress.org/trunk@37973
git-svn-id: http://core.svn.wordpress.org/trunk@37914 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The HTML for the toggle gets appended to the widget name which is later used for the widget title and the screen reader text of the toggle button. Storing the original widget name in the arguments allows us to use the name without the HTML for the screen reader text and doesn't require further changes by plugin developers.
Props nicholas_io, swissspidy.
Fixes#35021.
Built from https://develop.svn.wordpress.org/trunk@37972
git-svn-id: http://core.svn.wordpress.org/trunk@37913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Use the same check for a numeric value used on the crop fields on all the other fields: don't display "NaN", just empty the field.
* Remove the inline script that runs the initialization of the image editor and call it after the editor UI is fully ready.
Props afercia.
Fixes#36316.
Built from https://develop.svn.wordpress.org/trunk@37966
git-svn-id: http://core.svn.wordpress.org/trunk@37907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`register_uninstall_hook()` is designed to be given a function callback (or a static class variable), not an array/object instance. This got blocked in [16339] but the option itself was never cleaned up.
Props polevaultweb.
Fixes#31625.
Built from https://develop.svn.wordpress.org/trunk@37965
git-svn-id: http://core.svn.wordpress.org/trunk@37906 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Set the direction of previews to LTR.
* Remove the ID attribute from the favicon preview in the customizer panel. The preview in the media modal uses the same ID which prevented updating the correct favicon preview.
Fixes#37286.
Built from https://develop.svn.wordpress.org/trunk@37964
git-svn-id: http://core.svn.wordpress.org/trunk@37905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`Pragma` is supposed to be a request header, but we've been including it in responses since the beginning of time.
This is a relic dating all the way back to b2, probably originally added because Internet Explorer version 5 and earlier didn't understand the `Cache-Control` header in responses, but they did (incorrectly) obey the `Pragma` header.
Internet Explorer 6 and 7 will obey the `Pragma` response header only if no other cache-related response headers are present (in our case, they are always present), and all other browsers ignore the `Pragma` response header.
Props geekysoft.
Fixes#37250.
Built from https://develop.svn.wordpress.org/trunk@37944
git-svn-id: http://core.svn.wordpress.org/trunk@37885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevents JavaScript errors by checking zxcvbn is defined before calling.
Changes `wp.passwordStrength.meter()` to return `-1` if the strength of the password is unknown.
On the user profile screen, `generatePassword()` checks if the user has entered the password before setting the value of the password input box.
Props peterwilsoncc, adamsilverstein.
Fixes#34905.
Built from https://develop.svn.wordpress.org/trunk@37940
git-svn-id: http://core.svn.wordpress.org/trunk@37881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Before [37628], there were 3 separate conditions for ordering by domain and/or path in `get_site_by_path()` that each resulted in it's own query. Now that `get_sites()` is used and supports `WP_Site_Query`, this can be simplified.
Props spacedmonkey.
Fixes#37215.
Built from https://develop.svn.wordpress.org/trunk@37930
git-svn-id: http://core.svn.wordpress.org/trunk@37871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`register_meta()` has been altered to accept an array of arguments as the third parameter in order to support its usage beyond XML-RPC, notably in the REST API and other projects that may build on top of meta, such as a potential Fields API. Arguments are whitelisted to reserve the right for core to add more later.
New functions added to complement this expansion are:
* `registered_meta_key_exists()`
* `unregister_meta_key()`
* `get_registered_meta_keys()`
* `get_registered_metadata()`
* A "private" function for the aforementioned whitelisting.
There still need to be lots of tests written for previous and new behaviors, and many things are subject to change. Maybe things will explode. #yolo
props jeremyfelt, ericlewis, sc0ttkclark, helen, rmccue, ocean90, voldemortensen.
see #35658.
Built from https://develop.svn.wordpress.org/trunk@37924
git-svn-id: http://core.svn.wordpress.org/trunk@37865 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Partial revert of [37657]. Moving existing properties in `WP_Site` from public to private broke backwards compatibility in a pretty severe way. We made an initial attempt to work around this, but due to the variety of possible issues, moving forward does not seem wise.
Fixes#36717.
Built from https://develop.svn.wordpress.org/trunk@37923
git-svn-id: http://core.svn.wordpress.org/trunk@37864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [37888], the comment text was initially updated, however an opportunity to make the text less trivializing of actions that users will take was missed. To quote Helen Hou-Sandi: "It's important not to trivialize actions that are perfectly reasonable for a user to find tricky (where to go to log in is not exactly intuitive, even with the rewrites we have now)."
The text of the comment now reads:
> Hi, this is a comment.
> To get started with moderating, editing, and deleting comments, please visit the Comments screen in the dashboard.
> Commenter avatars come from <a href="https://gravatar.com">Gravatar</a>.
Some interesting reading on the topic of "Simple" and "Easy" and how they relate to software development can be found at http://andrewspittle.com/2012/01/31/avoiding-easy/ and written by andrewspittle.
Props helen.
Fixes#36702.
Built from https://develop.svn.wordpress.org/trunk@37921
git-svn-id: http://core.svn.wordpress.org/trunk@37862 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Resource hints allow browsers to prefetch specific pages or render them in the background to perform DNS lookups or to begin the connection handshake (DNS, TCP, TLS) in the background.
By default, `wp_resource_hints()` prints hints for "s.w.org" (the WordPress.org CDN) and for all scripts and styles which are enqueued from external hosts.
Use the `wp_resource_hints` filter to add custom domains and URLs for `dns-prefetch`, `preconnect`, `prefetch` or `prerender`.
Props voldemortensen, swissspidy.
Fixes#34292.
Built from https://develop.svn.wordpress.org/trunk@37920
git-svn-id: http://core.svn.wordpress.org/trunk@37861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the past, `get_blog_details()` has been used to retrieve the `home`, `siteurl`, `blogname`, and `post_count` options for a site. By lazy loading properties in a `WP_Site` object, we can avoid having to use `get_blog_details()` and instead provide the properties as needed.
This introduces the global `site-details` cache group in which standard objects representing the site are stored. This will one day be a replacement for the `blog-details` cache group that is currently used in `get_blog_details()`.
This relies on the `ms_loaded` action introduced in [37916] as properties are not available via `get_option()` until multisite has been fully loaded.
Props flixos90.
Fixes#36935.
Built from https://develop.svn.wordpress.org/trunk@37918
git-svn-id: http://core.svn.wordpress.org/trunk@37859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds three new functions for getting/displaying attachment captions:
* `wp_get_attachment_caption` - Retrieves a caption for a specific attachment.
* `get_the_post_thumbnail_caption()` - Returns the post thumbnail caption.
* `the_post_thumbnail_caption()` - Displays the post thumbnail caption.
These are helpful for displaying a caption associated with an image directly
in a template, rather than using the caption shortcode.
This also introduces two new filters:
* `wp_get_attachment_caption` - Filters the value of `wp_get_attachment_caption()`.
* `the_post_thumbnail_caption` - Filters the display of the post thumbnail caption.
`the_post_thumbnail_caption()` is automatically filtered by `wptexturize()`,
`convert_smilies()`, and `convert_chars()` in `wp-includes/default-filters.php`.
Props flixos90, joemcgill.
Fixes#12235.
Built from https://develop.svn.wordpress.org/trunk@37915
git-svn-id: http://core.svn.wordpress.org/trunk@37856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new format looks like "Sorry, you are not allowed to <action>.". This provides a consistent experience for all error messages related to missing permissions. It also reduces the number of similar strings and allows translators to provide a consistent style in their language.
Props ramiy, Presskopp.
Fixes#34521.
Built from https://develop.svn.wordpress.org/trunk@37914
git-svn-id: http://core.svn.wordpress.org/trunk@37855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This provides some default data for the jQuery UI datepicker. The localized data is already available via `WP_Locale` and is only passed to the datepicker if the script is enqueued.
Props clubduece, swissspidy, barryceelen, ocean90.
Fixes#29420.
Built from https://develop.svn.wordpress.org/trunk@37908
git-svn-id: http://core.svn.wordpress.org/trunk@37849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The string is used during the network installation process to inform the user about where to store additional configuration data. Since the wp-config.php file can be translated the string should be too.
Props julesaus.
Fixes#36945.
Built from https://develop.svn.wordpress.org/trunk@37902
git-svn-id: http://core.svn.wordpress.org/trunk@37843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Provides a consistent way to query `$wpdb->site` for `WP_Network` objects based on domain, path, network ID, and (main) site ID.
Introduces and uses update_network_cache() and _prime_network_caches() to maintain a cached list of WP_Network objects for use in multiple queries.
Props flixos90.
See #32504.
Built from https://develop.svn.wordpress.org/trunk@37894
git-svn-id: http://core.svn.wordpress.org/trunk@37835 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Given a network ID or network object, `get_network()` retrieves network data in the same vein as `get_site()` or `get_post()`. This will allow for clean retrieval of networks from a primed cache when `WP_Network_Query` is implemented.
Props flixos90.
See #32504.
Built from https://develop.svn.wordpress.org/trunk@37893
git-svn-id: http://core.svn.wordpress.org/trunk@37834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changes the global `$wp_post_types` to an array of `WP_Post_Type` objects. `WP_Post_Type` includes methods to handle post type supports, rewrite rules, meta boxes, hooks, and taxonomies.
Each post type argument becomes a property of `WP_Post_Type`.
Props swissspidy, flixos90.
Fixes#36217.
Built from https://develop.svn.wordpress.org/trunk@37890
git-svn-id: http://core.svn.wordpress.org/trunk@37831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new comment:
> A WordPress Commenter <!wapuu@wordpress.example>:
>
> Hi, this is a comment.
> To moderate comments, just log in. There you will have the option to edit or delete them.
> Commenter avatars come from <a href="!https://gravatar.com">Gravatar</a>.
Also introduces a network setting to set the email address of the first comment author on a new site.
Props Ipstenu, rachelbaker, jorbin, jeremyfelt.
Fixes#36702, #14268.
Built from https://develop.svn.wordpress.org/trunk@37888
git-svn-id: http://core.svn.wordpress.org/trunk@37829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a new action hook, `wp_edit_form_attachment_display` to
`edit_form_image_editor()`, which can be used as a fallback to render
previews of an attachment that isn't an image, audio, or video file
included in the media library.
Props georgestephanis.
Fixes#36502.
Built from https://develop.svn.wordpress.org/trunk@37879
git-svn-id: http://core.svn.wordpress.org/trunk@37820 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [37657], the `blog_id` and `site_id` properties were changed to private. Any `WP_Site` objects previously stored in cache with public properties should now be considered invalid. We can detect this by checking for these missing properties and clearing the dirty cache if found.
Props flixos90.
Fixes#36717.
Built from https://develop.svn.wordpress.org/trunk@37874
git-svn-id: http://core.svn.wordpress.org/trunk@37815 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changes the binding of event listeners in the Attachments Browser
to use `on` instead of `listenTo` for the `attachment:keydown:arrow` and
`attachment:details:shift-tab` events. The existing listeners broke
when we upgraded Backbone in [36546].
Props adamsilverstein.
Fixes#36900.
Built from https://develop.svn.wordpress.org/trunk@37755
git-svn-id: http://core.svn.wordpress.org/trunk@37720 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The return from `wp_logout_url()` is HTML-encoded due to its value passing through `wp_nonce_url()` and thus `esc_html()`. Adversely `wp_login_url()` passes through no such escaping and therefore should not be expected to return an HTML-encoded value.
Props akibjorklund for the initial patch.
Fixes#34352.
Built from https://develop.svn.wordpress.org/trunk@37753
git-svn-id: http://core.svn.wordpress.org/trunk@37718 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[37748] introduced `_wp_expand_nav_menu_post_data()` together with an `array_replace_recursive()` compatibility function for PHP 5.2.
Even though that compat function is tried and tested in other projects like BuddyPress, we need to add additional `isset()` checks in order to avoid 'Undefined index' notices in our case.
See #36590.
Built from https://develop.svn.wordpress.org/trunk@37750
git-svn-id: http://core.svn.wordpress.org/trunk@37715 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36510] allowed larger menus to be created in the Edit Menu screen by JSON-encoding the entire form into a single input field. However, it did not correctly handle nested arrays.
This introduces a new `_wp_expand_nav_menu_post_data()` helper function to handle this POST data which uses `array_replace_recursive()` internally. Since the latter is only available on PHP 5.3+, we add a compatibility function to ensure PHP 5.2 support.
Props ericlewis, neverything, swissspidy.
Fixes#36590 for trunk. See #14134.
Built from https://develop.svn.wordpress.org/trunk@37748
git-svn-id: http://core.svn.wordpress.org/trunk@37713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Custom permalink structures require at least one valid structure tag, e.g. `%postname%`. If none is included, it would leave users with broken permalinks.
Let's make sure this won't happen by validating the permalink structure.
Adds unit tests.
Props rockwell15 for initial patch.
Fixes#35936.
Built from https://develop.svn.wordpress.org/trunk@37747
git-svn-id: http://core.svn.wordpress.org/trunk@37712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the featured image takes longer to load, the browser might not know its exact dimensions yet and therefore sends an incorrect document height to the embedding site.
By sending the document's height again after the featured image has been loaded, we ensure that the iframe doesn't get cut off.
Fixes#35657.
Built from https://develop.svn.wordpress.org/trunk@37745
git-svn-id: http://core.svn.wordpress.org/trunk@37710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
UI controls that "do something" on a page shouldn't be links. This link behaves
like a toggle to expand the uploader panel and should be a `button` element with
an aria-expanded attribute. Also:
- improves consistency with the Plugin uploader
- keeps the themes list visible when the uploader is open
- displays a notice when JavaScript is off
- adds some `hide-if-no-js` CSS classes
- removes the `themes.router.navigate()` "upload" route: seems unnecessary and breaks history
Fixes#35457.
Built from https://develop.svn.wordpress.org/trunk@37742
git-svn-id: http://core.svn.wordpress.org/trunk@37707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When Open Sans was in use, the `300`, `400`, and `600` weights were loaded. `400` is the equivalent of `normal`; however, `bold` is equivalent to `700`, not `600`. With the move to system fonts, we need to be specific rather than relying on the lack of a `700` weight. Not all system fonts include a `600` weight; in those instances, they will use the `bold`/`700` weight.
The WordPress CSS Coding Standards have been updated accordingly.
props coderste.
see #36753.
Built from https://develop.svn.wordpress.org/trunk@37740
git-svn-id: http://core.svn.wordpress.org/trunk@37705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Unifies the APIs for getting a post's modified date or time with getting a post's date or time.
Adds the `$post` parameter to the functions `get_the_modified_date` and `get_the_modified_time`.
Adds the `$post` parameter to the filters `get_the_modified_date` and `get_the_modified_time`.
Props Soean, lukecavanagh.
Fixes#37059.
Built from https://develop.svn.wordpress.org/trunk@37738
git-svn-id: http://core.svn.wordpress.org/trunk@37703 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_Site_Query` provides for a cleaner `prepare_items()` method. It significantly improves the search experience in the sites list table:
* In a subdomain configuration, domain and path are searched for a provided terms.
* In a subdirectory configuration, path is searched for a provided term.
* The full domain is searched in a subdomain configuration rather than the portion not matching the network's domain.
* Terms are searched as `%term%` by default. Adding `*` in the middle of a term will search `%te%rm%`.
Props flixos90, Fab1en.
Fixes#33185, #24833, #21837, #36675.
Built from https://develop.svn.wordpress.org/trunk@37736
git-svn-id: http://core.svn.wordpress.org/trunk@37701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When Firefox repaints some elements, NVDA may announce "alert" even when there's
no actual message dispatched to the live region. The NVDA implementation differs
from other screen readers and is currently under discussion. To avoid a subpar
user experience better to remove the roles since they're basically redundant.
Fixes#36289.
Built from https://develop.svn.wordpress.org/trunk@37734
git-svn-id: http://core.svn.wordpress.org/trunk@37699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Gone are the days of isolation and feelings of "meh", brought on by The Bleak Screen of Sadness. For a shiny knight has arrived to usher our plugins and themes along their arduous journey of installation, updates, and the inevitable fate of ultimate deletion.
Props swissspidy, adamsilverstein, mapk, afragen, ocean90, ryelle, j-falk, michael-arestad, melchoyce, DrewAPicture, AdamSoucie, ethitter, pento, dd32, kraftbj, Ipstenu, jorbin, afercia, stephdau, paulwilde, jipmoors, khag7, svovaf, jipmoors, obenland.
Fixes#22029, #25828, #31002, #31529, #31530, #31773, #33637, #35032.
Built from https://develop.svn.wordpress.org/trunk@37714
git-svn-id: http://core.svn.wordpress.org/trunk@37680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This reduces the strictness of the duplicate check a little, but does prevent false duplicates for emoji or +1 comments by authors with matching names. The current logic was introduced all the way back in [2894].
Fixes#37093.
Built from https://develop.svn.wordpress.org/trunk@37713
git-svn-id: http://core.svn.wordpress.org/trunk@37679 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Send back setting validities with full refreshes and selective refreshes so that invalid settings can have notifications displayed immediately before attempting save, and so that these notifications can be cleared as soon as the input is corrected.
* Splits out JS logic for listing controls into separate methods `wp.customize.Setting.prototype.findControls()` and `wp.customize.findControlsForSettings()`.
* Adds a `setting` property to the `data` on notifications added to controls that are synced from their settings.
* Adds `selective-refresh-setting-validities` message sent from preview to pane.
* Changes `WP_Customize_Manager::validate_setting_values()` to return when settings are valid as well as invalid.
* Adds `WP_Customize_Manager::prepare_setting_validity_for_js()`.
* Add setting validities to data exported to JS in Customizer Preview and in selective refresh responses.
Fixes#36944.
Built from https://develop.svn.wordpress.org/trunk@37700
git-svn-id: http://core.svn.wordpress.org/trunk@37666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This introduces a minimum value of 1 second for timeouts passed to cURL.
Internally, cURL uses alarm() for interrupts, which accepts a second-resolution timeout. Any values lower than 1 second are instantly failed rather than being rounded upwards. While this makes the experience worse for those using asynchronous DNS lookups, there's no way to detect which DNS resolver is being used from PHP.
See #33055, #8923.
Built from https://develop.svn.wordpress.org/trunk@37694
git-svn-id: http://core.svn.wordpress.org/trunk@37660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Returning a non-null value from the new `posts_pre_query` filter will cause
`WP_Query` to skip its database query, so that posts data can be provided from
elsewhere. This is useful in cases where post data may be mirrored in a
separate location, such as an external search application.
Developers should note that the `WP_Query` properties generally used to
calculate pagination - specifically, `found_posts` and `max_num_pages`, which
are determined by default in `set_found_posts()` - must be provided explicitly
when using the `posts_pre_query` filter; since `WP_Query` will not be
contacting the database, it will have no access to `SELECT FOUND_ROWS()`.
The `WP_Query` instance is passed to `posts_pre_query` by reference, so that
these properties can be set manually if needed.
Props jpdavoutian, tlovett1.
Fixes#36687.
Built from https://develop.svn.wordpress.org/trunk@37692
git-svn-id: http://core.svn.wordpress.org/trunk@37658 1a063a9b-81f0-0310-95a4-ce76da25c4cd
First-order meta query clauses are defined as clauses that have either a 'key' or 'value' array key. When using named first-order clauses in meta queries to order results in the parent query, `WP_Meta_Query` can additionally accept first-order clauses at the sub-clause level, which was not previous documented.
Fixes#32659.
Built from https://develop.svn.wordpress.org/trunk@37688
git-svn-id: http://core.svn.wordpress.org/trunk@37654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_get_canonical_url()` encapsulates the URL logic of `rel_canonical()` to provide a consistent way to retrieve the canonical URL for a post.
The new filter `get_canonical_url` allows to customize the canonical URL.
Props joostdevalk, jipmoors, DrewAPicture, ocean90.
Fixes#36168.
Built from https://develop.svn.wordpress.org/trunk@37685
git-svn-id: http://core.svn.wordpress.org/trunk@37651 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `?tab=upload` page still exists for no-js support and for users who may
access it directly (e.g. from bookmarks or history) or plugins doing the same.
In this page, the "Browse plugins" link should always behave like a link.
Fixes#35429.
Built from https://develop.svn.wordpress.org/trunk@37681
git-svn-id: http://core.svn.wordpress.org/trunk@37647 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Avoid references to "visual" positions in favour of positions in the document
structure. The help text shouldn't assume users can see.
Also, in the Posts screen don't mention specific types of posts and use a more
generic text instead.
Props odysseygate, pansotdev, zakb8.
Fixes#34761.
Built from https://develop.svn.wordpress.org/trunk@37680
git-svn-id: http://core.svn.wordpress.org/trunk@37646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This switches event binding in `wp.media.controller.EditImage` to use `on`
instead of `listenTo` to restore rendering of the correct toolbar when the
`toolbar:render:edit-image` event fires. The existing listeners broke
when we upgraded Backbone in [36546].
Props adamsilverstein.
Fixes#36861 for trunk.
Built from https://develop.svn.wordpress.org/trunk@37678
git-svn-id: http://core.svn.wordpress.org/trunk@37644 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Moving to load.php introduces parity with other commonly evaluated `is_*()` functions such as `is_admin()` or `is_multisite()`. It also makes `is_ssl()` available much earlier in the loading process, such as for use in drop-ins like advanced-cache.php.
Props johnjamesjacoby.
Fixes#35844.
Built from https://develop.svn.wordpress.org/trunk@37677
git-svn-id: http://core.svn.wordpress.org/trunk@37643 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`_wp_upload_dir_baseurl()` is a private function introduced in 4.4
as part of the "responsive images" feature. It was for runtime
caching of the URL to the uploads directory. It is deprecated in
4.5 with the introduction of `wp_get_upload_dir()`.
Outside core, it's only used as part of a back-compat shim in the
original feature plugin for responsive images (ricg-responsive-images),
which includes its own version of the function definition, so it's
safe to remove from core.
Fixes#36375.
Built from https://develop.svn.wordpress.org/trunk@37676
git-svn-id: http://core.svn.wordpress.org/trunk@37642 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Similar to `get_current_blog_id`, this can be used to get the ID of the `$current_site` global. If not available, it will fallback to the main network ID. In single site, this will return 1.
Props spacedmonkey, flixos90.
Fixes#33900.
Built from https://develop.svn.wordpress.org/trunk@37670
git-svn-id: http://core.svn.wordpress.org/trunk@37636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Covers:
* Currency signs
* Decompositions for Latin-1 Supplement
* Decompositions for Latin Extended-A
* Decompositions for Latin Extended-B
* Vowels with diacritic (Chinese, Hanyu Pinyin)
* Characters replaced for the `de_DE`, `de_DE_formal`, and `da_DK` locales
Props john_schlick for the initial work.
Props DrewAPicture, ocean90.
See #34677.
Built from https://develop.svn.wordpress.org/trunk@37669
git-svn-id: http://core.svn.wordpress.org/trunk@37635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* One test per method
* Clarify existing tests.
* Add test for passing a "blog slug" string to `get_blog_details()`.
* Shared fixture of sites.
* Reduce number of sites created to only those necessary.
* Remove unnecessary networks creation.
See #36566.
Built from https://develop.svn.wordpress.org/trunk@37666
git-svn-id: http://core.svn.wordpress.org/trunk@37632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds the keyboard navigation query vars to `wp_removable_query_args()` and passes the results of said function to remove_query_var() inside the WP_List_Table pagination method.
Props EFAREM for the initial patch.
Fixes#35620.
Built from https://develop.svn.wordpress.org/trunk@37663
git-svn-id: http://core.svn.wordpress.org/trunk@37629 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Convert existing tests into a data provider and clarify expectations.
* Add shared test fixtures in preparation for future tests.
This passes with the `wp_get_sites()` from 4.5 and the deprecated version in trunk.
See #36566.
Built from https://develop.svn.wordpress.org/trunk@37662
git-svn-id: http://core.svn.wordpress.org/trunk@37628 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Add magic `__get()`, `__set()`, and `__isset()` methods to `WP_Site` and `WP_Network.
* Provide `(int) $network->site_id` for `(string) $network->blog_id`
* Provide `(int) $site->id` for `(string) $site->blog_id`
* Provide `(int) $site->network_id` for `(string) $site->site_id`
Props flixos90, jeremyfelt.
Fixes#36717.
Built from https://develop.svn.wordpress.org/trunk@37657
git-svn-id: http://core.svn.wordpress.org/trunk@37623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When custom pagination parameters are passed to `wp_list_comments()`, a
secondary query must be performed to fetch the proper comments. See [36157].
This query should show comments of the same `comment_status` as the default
query initialized in `comments_template()`: show only comments that are
approved, or those that are unapproved but belong to the current user.
Props smerriman.
Fixes#37048.
Built from https://develop.svn.wordpress.org/trunk@37655
git-svn-id: http://core.svn.wordpress.org/trunk@37621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
To ensure a clean run, the test suite drops all tables before installing, by simply looping over the table list and dropping them if they exist. This works well for Core, but may fail when a plugin has created a table with foreign key constraints in a previous test run.
Many plugins choose to base their test suite on the Core setup, so making life easier for them is a plus, even if Core doesn't directly need this change.
Props javorszky.
Fixes#37046.
Built from https://develop.svn.wordpress.org/trunk@37654
git-svn-id: http://core.svn.wordpress.org/trunk@37620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Move the REST API JSONP callback validation check into a separate function named `wp_check_jsonp_callback()`. This allows plugins to use the built-in validation when handling JSONP callbacks.
Extremely Important Note: If you send JSONP in your custom response, make sure you prefix the response with `/**/`. This will mitigate the Rosetta Flash exploit. You should also send the `X-Content-Type-Options:nosniff` header, or even better, use the REST API infrastructure.
Props rmccue.
Fixes#28523.
Built from https://develop.svn.wordpress.org/trunk@37646
git-svn-id: http://core.svn.wordpress.org/trunk@37612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Avoids a PHP notice since `Language_Pack_Upgrader_Skin::before()` tries to access a non-existent update.
Also, change the `up_to_date` string to use the plural form because translations are only updated in bulk mode.
Fixes#36615.
Built from https://develop.svn.wordpress.org/trunk@37635
git-svn-id: http://core.svn.wordpress.org/trunk@37603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[37623] used the wrong parameter name (count=true instead of fields=count).
For greater flexibility and forward compatibility with other potential changes
to the return value of `get_terms()`, we now do a looser check: any non-array
value is excluded from the filter.
Fixes#36992.
Built from https://develop.svn.wordpress.org/trunk@37634
git-svn-id: http://core.svn.wordpress.org/trunk@37602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Different tests are used for subdomain and subdirectory installs as domain and path are searched differently for each. Only trailing wildcard searches are tested because leading wildcards are not yet supported.
See #36675.
Built from https://develop.svn.wordpress.org/trunk@37633
git-svn-id: http://core.svn.wordpress.org/trunk@37601 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Non web interfaces with WordPress (such as wp-cli) need to be able to bypass certain checks in the bootstrap process. This introduces three new filters to allow for those checks to be skipped.
1. Provides a way of forcefully bypassing wp_maintenance().
2. Provides a way of forcefully bypassing wp_debug_mode(). See https://github.com/wp-cli/wp-cli/issues/177
3. Provide a way of forcefully skipping loading wp-content/advance-cache.php. See https://github.com/wp-cli/wp-cli/pull/164
These filters should not be used by plugins (in fact, they run before plugins are loaded, so they can't be used by plugins). In general, they should only be used in non-web interactions with WordPress.
See #34936.
Props jorbin, DrewAPicture.
Built from https://develop.svn.wordpress.org/trunk@37626
git-svn-id: http://core.svn.wordpress.org/trunk@37594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Hierarchical comment queries work by first fetching the IDs of top-level
comments, and then filling the descendant tree one level at a time based on the
top-level results. When top-level comment IDs are found in the cache,
`WP_Comment_Query` does not generate the SQL used to fetch these comments. In
this case, the `fill_descendants()` query does not have enough information
to fill children. As a result, descendant comments were failing to be filled
in cases where the top-level comments were found in the cache.
This was a minor bug previously, because comment caches were not maintained
between pageloads. Since comment caches are now persistent [37613], the problem
becomes evident anywhere that a persistent object cache is in use.
The solution is to cache parent-child relationships, so that when top-level
comments are found in the cache, descendant comments should be found there as
well.
Fixes#36487.
Built from https://develop.svn.wordpress.org/trunk@37625
git-svn-id: http://core.svn.wordpress.org/trunk@37593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use of the 'get_terms' filter was consolidated in [37572], with the
introduction of `WP_Term_Query`. At that time, the result of 'count=true'
queries began being filtered by 'get_terms'. This breaks existing 'get_terms'
callbacks, which often assume that the returned value will be an array or a
`WP_Error` object.
Props JustinSainton.
Fixes#36992.
Built from https://develop.svn.wordpress.org/trunk@37623
git-svn-id: http://core.svn.wordpress.org/trunk@37591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`get_sites()` should be considered a replacement for `wp_get_sites()`. Backward compatibility is maintained in the meantime by using `get_site()` to populate the return data with associative arrays rather than `WP_Site` objects.
Props spacedmonkey, flixos90.
See #35791.
Built from https://develop.svn.wordpress.org/trunk@37617
git-svn-id: http://core.svn.wordpress.org/trunk@37585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, only the 'last_changed' incrementor was manually invalidated, since
the newly created comment did not yet exist in the cache. However, this created
an inconsistency with the other comment CRUD functions, which result in the
'clean_comment_cache' action firing.
Props spacedmonkey.
See #36906.
Built from https://develop.svn.wordpress.org/trunk@37614
git-svn-id: http://core.svn.wordpress.org/trunk@37582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
'comment' was made non-persistent in [7986], to address the difficulty of
reliable cache invalidation. Since then, the comment system has improved such
that we can be more confident that caches are being busted as needed.
Props spacedmonkey.
Fixes#36906.
Built from https://develop.svn.wordpress.org/trunk@37613
git-svn-id: http://core.svn.wordpress.org/trunk@37581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This update adds two main features for your WordPress development happiness.
1) GitHub URL support. You can now use `grunt patch:https://github.com/aaronjorbin/develop.wordpress/pull/3` with any copy of WordPress on GitHub. No longer will you need to download the patch manually. Works for both core and develop mirrors on GitHub.
2) Upload patches directly from the command line. No longer will you need to create a patch and manually upload it to trac. `grunt upload_patch:20000` will upload a patch to the appropriate ticket after a user enters a WordPress.org username and password. This is limited to users with the appropriate XML-RPC privileges in trac (right now, that is just bug gardeners). You still need to manually add the `has patch` keyword.
Full changelog: https://github.com/aaronjorbin/grunt-patch-wordpress/compare/0.3.0...0.4.0Fixes#35917.
Props netweb, ericlewis, michaelbeil, jorbin.
Built from https://develop.svn.wordpress.org/trunk@37612
git-svn-id: http://core.svn.wordpress.org/trunk@37580 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The logic for determining the appropriate character set and collation to use is becoming more complex, particularly with the recent additions of [37522] and [37523]. As `init_charset()` has side effects, and makes use of constants instead of parameters, it's not possible to unit test this logic.
This commit splits the logic part of `init_charset()` out into a new method, `wpdb::determine_charset()`, along with appropriate unit tests.
See #32105, #37522.
Fixes#36917.
Built from https://develop.svn.wordpress.org/trunk@37601
git-svn-id: http://core.svn.wordpress.org/trunk@37569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to [37572], arguments passed to `get_terms()` were passed immediately
through `wp_parse_args()`, which made it possible to pass arguments as a
querystring (`hide_empty=0`) rather than an array
(`array( 'hide_empty' => false )`). [37572] moved default argument parsing
into `WP_Term_Query`, while assuming that arguments passed to `get_terms()`
would be formatted as an array.
To provide compatibility, we now parse all args passed to `get_terms()` into
an array before processing.
See #35381.
Built from https://develop.svn.wordpress.org/trunk@37599
git-svn-id: http://core.svn.wordpress.org/trunk@37567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`CHAR` is redundant, since the `meta_value` column is `LONGTEXT`. Meanwhile,
use of `CAST()` causes MySQL to ignore any index that the administrator may
have added to the column.
A number of automated tests were doing searches for `CAST` in the SQL strings
generated by `WP_Meta_Query` (for reasons unrelated to the `CAST()` behavior).
These tests have been updated to expect the new query format.
Props ericlewis.
Fixes#36625.
Built from https://develop.svn.wordpress.org/trunk@37594
git-svn-id: http://core.svn.wordpress.org/trunk@37562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since [37573], object relationship caches (`{$taxonomy}_relationships`)
contain term IDs rather than term objects. See #36814. As such, it's no longer
necessary to clear these caches when a term is updated; none of the data that's
changed on update (name, description, count, etc) is stored in the relationship
cache.
Fixes#36251.
Built from https://develop.svn.wordpress.org/trunk@37593
git-svn-id: http://core.svn.wordpress.org/trunk@37561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The process of lazy-loading can be resource intensive for object that have
terms in large numbers of taxonomies and are running a persistent object cache.
This new parameter allows the feature to be disabled in these cases.
Props DBrumbaugh10Up.
See #36953.
Built from https://develop.svn.wordpress.org/trunk@37589
git-svn-id: http://core.svn.wordpress.org/trunk@37557 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In order to allow non-web initializations of WordPress (such as through wp-cli) to modify things like the check for maintenance mode, plugins.php and the associated functions must be available much earlier. The use of these functions earlier than the loading of plugins is not recommended in most use cases.
Fixes#36819. See #34936.
Props jorbin, danielbachhuber for documentation.
Built from https://develop.svn.wordpress.org/trunk@37588
git-svn-id: http://core.svn.wordpress.org/trunk@37556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`dbDelta()` compares the index definitions against the result of `SHOW INDEX FROM $table_name`. This requires a specific format so indices are not unnecessarily re-created. This format wasn't ensured, until now.
* Parse the raw index definition to extract the type, name and columns so a normalized definition can be built (#20263, #34873).
* Standardize on uppercase types (#34871) and on 'KEY'. 'INDEX' is only a synonym for 'KEY'.
* Escape index names with backticks (#20263).
* Normalize columns: Ignore ASC and DESC definitions (#34959), remove whitespaces (#34869) and escape column names with backticks (#20263).
* Add backticks to all index change queries (#20263).
Props ocean90, pento, kurtpayne.
Fixes#20263, #34869, #34871, #34873, #34959.
Built from https://develop.svn.wordpress.org/trunk@37583
git-svn-id: http://core.svn.wordpress.org/trunk@37551 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are some table prefixes (for example, `7e1_`), which MySQL will try and parse as values when they're note quoted in backticks. Because not everything remembers to quote their table names, it's best if we just discourage their use during setup.
Fixes#36422.
Built from https://develop.svn.wordpress.org/trunk@37581
git-svn-id: http://core.svn.wordpress.org/trunk@37549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, objects containing all data about a term were stored in each
object's term cache. Besides being wasteful, this approach caused invalidation
issues, as when a modified term count required a flush for all objects
belonging to the term.
Backward compatibility is maintained for plugins that continue to put object
data directly into the `{$taxonomy}_relationships` cache bucket.
Fixes#36814.
Built from https://develop.svn.wordpress.org/trunk@37573
git-svn-id: http://core.svn.wordpress.org/trunk@37541 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_Term_Query` is modeled on existing query classes, such as those used
for comments and users. It provides a more consistent structure for generating
term queries, and should make it easier to add new functionality in the future.
Props flixos90, boonebgorges.
See #35381.
Built from https://develop.svn.wordpress.org/trunk@37572
git-svn-id: http://core.svn.wordpress.org/trunk@37540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[34529] introduced logic intended to prime the termmeta cache for certain
values of the `fields` parameter. There were a few bugs:
* The `all_with_object_id` param was misspelled.
* `term_id` was used instead of `ids`.
* The values being passed to `update_termmeta_cache()` in the case where `fields=ids` was not correct.
All of these would result in a failure to pre-fetch termmeta in some cases.
Props dlh.
Fixes#36932.
Built from https://develop.svn.wordpress.org/trunk@37567
git-svn-id: http://core.svn.wordpress.org/trunk@37535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds a unit test factory so that bookmark/link fixtures can be
created during tests.
Why are we writing tests for functionality that has been deprecated for years?
Because it's the Right Thing to Do.
See #18356.
Built from https://develop.svn.wordpress.org/trunk@37563
git-svn-id: http://core.svn.wordpress.org/trunk@37531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `$before` falls before the link markup starts
* `$after` falls after the link markup ends
* `$link_before` falls before the link text
* `$link_after` falls after the link text
Props wp_smith for the initial patch.
See #32246.
Built from https://develop.svn.wordpress.org/trunk@37561
git-svn-id: http://core.svn.wordpress.org/trunk@37529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the event that the database has gone away for some reason, calls to `mysqli_errno()` and `mysqli_error()` (and their `ext/mysql` equivalents, of course), will generate PHP warnings, which are unsightly, and not how we do things in these parts.
Props mbijon, craig-ralston for the original patch.
Fixes#23085.
Built from https://develop.svn.wordpress.org/trunk@37548
git-svn-id: http://core.svn.wordpress.org/trunk@37516 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When upgrading to `utf8mb4`, `TEXT` fields will be upgraded to `MEDIUMTEXT` (and likewise for all other `*TEXT` and `*BLOB` fields). This is to allow for the additional space requirements of `utf8mb4`.
On the subsequent upgrade, after the `utf8mb4` upgrade, `dbDelta()` would try and downgrade the fields to their original size again. At best, this it a waste of time, at worst, this could truncate any data larger than the original size. There's no harm in leaving them at their original size, so let's do that.
Fixes#36748.
Built from https://develop.svn.wordpress.org/trunk@37525
git-svn-id: http://core.svn.wordpress.org/trunk@37493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `utf8mb4_unicode_520_ci` (Unicode Collation Algorithm 5.2.0, October 2010) collation is an improvement over `utf8mb4_unicode_ci` (UCA 4.0.0, November 2003).
There is no word on when MySQL will support later UCAs.
Fixes#32105.
Built from https://develop.svn.wordpress.org/trunk@37523
git-svn-id: http://core.svn.wordpress.org/trunk@37491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Some sites prefer to use locale-specific location settings. For example, the Swedish WordPress package use `utf8_swedish_ci`, instead of `utf8_unicode_ci`. When upgrading the connection to `utf8mb4`, we were overriding this to be `utf8mb4_unicode_ci`, instead of maintaining the use of the `_swedish_ci` variant.
The locale-specific collations do have extra collation rules just for that language, so it's useful to maintain compatibility.
Fixes#32405.
Built from https://develop.svn.wordpress.org/trunk@37521
git-svn-id: http://core.svn.wordpress.org/trunk@37489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Provides a consistent way to query `$wpdb->blogs` for `WP_Site` objects based on domain, path, site ID, network ID, and more.
Introduces and uses `update_site_cache()` and `_prime_site_caches()` to maintain a cached list of `WP_Site` objects for use in multiple queries.
Props spacedmonkey, flixos90, DrewAPicture, jeremyfelt, ocean90.
See #35791.
Built from https://develop.svn.wordpress.org/trunk@37477
git-svn-id: http://core.svn.wordpress.org/trunk@37445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When a setting is invalid, not only will it be blocked from being saved but all other settings will be blocked as well. This ensures that Customizer saves aren't partial but are more transactional. User will be displayed the error in a notification so that they can fix and re-attempt saving.
PHP changes:
* Introduces `WP_Customize_Setting::validate()`, `WP_Customize_Setting::$validate_callback`, and the `customize_validate_{$setting_id}` filter.
* Introduces `WP_Customize_Manager::validate_setting_values()` to do validation (and sanitization) for the setting values supplied, returning a list of `WP_Error` instances for invalid settings.
* Attempting to save settings that are invalid will result in the save being blocked entirely, with the errors being sent in the `customize_save_response`. Modifies `WP_Customize_Manager::save()` to check all settings for validity issues prior to calling their `save` methods.
* Introduces `WP_Customize_Setting::json()` for parity with the other Customizer classes. This includes exporting of the `type`.
* Modifies `WP_Customize_Manager::post_value()` to apply `validate` after `sanitize`, and if validation fails, to return the `$default`.
* Introduces `customize_save_validation_before` action which fires right before the validation checks are made prior to saving.
JS changes:
* Introduces `wp.customize.Notification` in JS which to represent `WP_Error` instances returned from the server when setting validation fails.
* Introduces `wp.customize.Setting.prototype.notifications`.
* Introduces `wp.customize.Control.prototype.notifications`, which are synced with a control's settings' notifications.
* Introduces `wp.customize.Control.prototype.renderNotifications()` to re-render a control's notifications in its notification area. This is called automatically when the notifications collection changes.
* Introduces `wp.customize.settingConstructor`, allowing custom setting types to be used in the same way that custom controls, panels, and sections can be made.
* Injects a notification area into existing controls which is populated in response to the control's `notifications` collection changing. A custom control can customize the placement of the notification area by overriding the new `getNotificationsContainerElement` method.
* When a save fails due to setting invalidity, the invalidity errors will be added to the settings to then populate in the controls' notification areas, and the first such invalid control will be focused.
Props westonruter, celloexpressions, mrahmadawais.
See #35210.
See #30937.
Fixes#34893.
Built from https://develop.svn.wordpress.org/trunk@37476
git-svn-id: http://core.svn.wordpress.org/trunk@37444 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduce `ms_load_current_site_and_network`. This is used by core during the multisite bootstrap process to populate the `$current_site` and `$current_blog` globals based on a requested domain and path.
Return values from this function inform `ms-settings.php` as to whether a page view should continue, `ms_not_installed()` should fire, or a redirect to a new location should occur.
This was previously a procedural block in `ms-settings.php`. Wrapping this code and providing specific return values allows us to write tests that do not rely on the manual and repeated inclusion of `ms-settings.php`.
This should not be used by plugins or themes. Please.
See #34941.
Built from https://develop.svn.wordpress.org/trunk@37475
git-svn-id: http://core.svn.wordpress.org/trunk@37443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Given a site ID or site object, `get_site()` retrieves site data in the same vein as `get_post()` or `get_comment()`. This will allow for clean retrieval of sites from a primed cache when `WP_Site_Query` is implemented.
Adds a `WP_Site::to_array()` method to support multiple return types within `get_site()`.
Props spacedmonkey.
See #35791.
Built from https://develop.svn.wordpress.org/trunk@37468
git-svn-id: http://core.svn.wordpress.org/trunk@37436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduce the `network_edit_site_nav` function, which DRYs up the code used to display a common set of links at the top of "Edit Site" views.
Introduce the `network_edit_site_nav_links` filter, which allows plugins to modify the list of links displayed at the top of Edit Site views as a "tabbed" interface.
Props johnjamesjacoby, c3mdigital, Bueltge.
Fixes#15800.
Built from https://develop.svn.wordpress.org/trunk@37466
git-svn-id: http://core.svn.wordpress.org/trunk@37434 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Clicking on the Edit Menu button focuses on the corresponding nav menu section. Upon collapsing the nav menu section, the focus is returned to the Custom Menu widget instead of taking the user to the menus root panel. In this way, the back button behavior is modified once to serve as breadcrumb/history navigation. The Edit Menu button with the breadcrumb back button behavior greatly reduce the number of UI interactions needed to edit a menu referenced in a Custom Menu widget.
Props celloexpressions, westonruter.
Fixes#32683.
Built from https://develop.svn.wordpress.org/trunk@37437
git-svn-id: http://core.svn.wordpress.org/trunk@37403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `medium_large_size_w` and `medium_large_size_h` options were added to the
$whitelist_options['media'] in options.php in [35479], which causes both options
to be set to `0` when the media settings are changed. When this occurs, the
medium_large image size will no longer be created when an image is uploaded.
Since these options aren't meant to be updated via the settings UI, they can be
safely removed from the whitelist.
Fixes#36531.
Built from https://develop.svn.wordpress.org/trunk@37435
git-svn-id: http://core.svn.wordpress.org/trunk@37401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also use 'back-compat' in some inline comments where backward compatibility is the subject and shorthand feels more natural.
Note: 'backwards compatibility/compatibile' can also be considered correct, though it's primary seen in regular use in British English.
Props ocean90.
Fixes#36835.
Built from https://develop.svn.wordpress.org/trunk@37431
git-svn-id: http://core.svn.wordpress.org/trunk@37397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress erroneously follows browser-style behaviour with 3xx redirects, where a POST to 302 becomes a GET. Requests instead follows the specification and keeps the same method. Requests also exposes a hook to allow changing the behaviour.
[37428] used the wrong method of adding this hook, now corrected.
See #33055.
Built from https://develop.svn.wordpress.org/trunk@37429
git-svn-id: http://core.svn.wordpress.org/trunk@37395 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the `die()` call from `WP_Widget::widget()` and converts it to an abstract method.
`WP_Widgets` (later renamed to `WP_Widget`) was introduced in [10764] where the minimum PHP requirement was 4.3, thus no `abstract` was available.
Props johnbillion.
Fixes#35981.
Built from https://develop.svn.wordpress.org/trunk@37425
git-svn-id: http://core.svn.wordpress.org/trunk@37391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When no `$meta` arguments are passed to `wpmu_create_blog()`, `public` is set to `0` in the database for new sites. This is fine, but also does not match the default implied when most sites are created via `site-new.php`.
The only current use of the `$meta` argument in the tests is to (re)mark `public` as `0`. All existing tests pass with this change. Tests for `WP_Site_Query` can now rely on better default expectations.
See #36566.
Built from https://develop.svn.wordpress.org/trunk@37418
git-svn-id: http://core.svn.wordpress.org/trunk@37384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`load_theme_textdomain()`, `load_plugin_textdomain()` and `load_muplugin_textdomain()` now try to load the .mo file from the `wp-content/languages` directory first. After the introduction of language packs, translation files are more likely to be located there.
Props swissspidy, sebastian.pisula.
Fixes#34213.
Built from https://develop.svn.wordpress.org/trunk@37414
git-svn-id: http://core.svn.wordpress.org/trunk@37380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Rejoice, for your admins will feel more native to your surrounding computing environment and likely load faster, especially when offline, as they no longer have to talk to The Google Overlord.
At the time of introduction in 3.8, there were not good system fonts common to all platforms at the time. In the years since, Windows, Android, OS X, iOS, Firefox OS, and various flavors of Linux have all gotten their own (good) system UI fonts.
There will definitely be visual bugs, mainly around alignment and spacing; these should be documented and reported on the ticket and fixed more atomically so that our current and future selves have a better understanding of what happened and why.
The style remains registered, as it is almost certainly in use by themes and plugins.
props mattmiklic.
see #36753.
Built from https://develop.svn.wordpress.org/trunk@37361
git-svn-id: http://core.svn.wordpress.org/trunk@37327 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The test, introduced in [32207], used the incorrect syntax for 'meta_query' -
one fewer level of array-nesting than what `WP_Meta_Query` requires. This
slip uncovered a bug introduced into `WP_User_Query` in [30094], whereby
an incorrectly formatted 'meta_query' parameter would be properly parsed by
`WP_User_Query` when passed alongside `who=authors`.
We need to fix the inconsistent syntax in order to resolve#36724.
See #36724, #32019, #23849, #27026.
Built from https://develop.svn.wordpress.org/trunk@37359
git-svn-id: http://core.svn.wordpress.org/trunk@37325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The rewrite rule matching code in WP::parse_request() used an unclear variable `$request` to represent the requested path (e.g. "2016/05/03") as well as a deceptively named variable `$request_uri`, which actually represents the requested file when an install used PATHINFO links.
Those variables are replaced with `$requested_path` and `$requested_file` respectively for clarity.
Fixes#36674.
Built from https://develop.svn.wordpress.org/trunk@37356
git-svn-id: http://core.svn.wordpress.org/trunk@37322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds parity with setting instance being passed as second argument to `customize_sanitize_{$id}` and `customize_sanitize_js_{$id}`. Allows the actual ID of the (multidimensional) setting value being filtered to be inspected.
Props celloexpressions, westonruter.
Fixes#36452.
Built from https://develop.svn.wordpress.org/trunk@37350
git-svn-id: http://core.svn.wordpress.org/trunk@37316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Pressing Esc collapses any expanded widget or nav menu item controls, or any control that implements the expanding interface. Also improves alignment between `WidgetControl` and `MenuItemControl`, adding the `expanded` state and associated `expand`/`collapse` methods to nav menu items.
Props purcebr, celloexpressions, westonruter.
Fixes#22237.
Built from https://develop.svn.wordpress.org/trunk@37347
git-svn-id: http://core.svn.wordpress.org/trunk@37313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also disables Save & Publish button while save request is open. After the save request completes, any settings changed during the request can then be saved via an additional click to the button.
Props chandrapatel, westonruter.
Fixes#32941.
Built from https://develop.svn.wordpress.org/trunk@37346
git-svn-id: http://core.svn.wordpress.org/trunk@37312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.
Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.
See #32246.
Built from https://develop.svn.wordpress.org/trunk@37342
git-svn-id: http://core.svn.wordpress.org/trunk@37308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allows widgets to be registered which rely on dependency injection. Also will allow for new widget types to be created dynamically (e.g. a Recent Posts widget for each registered post type).
See #35990.
Props mdwheele, PeterRKnight, westonruter.
Fixes#28216.
Built from https://develop.svn.wordpress.org/trunk@37329
git-svn-id: http://core.svn.wordpress.org/trunk@37295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_Query` discards most non-array date values ('year', 'monthnum', etc) by
casting to integer. Since [25138], the 'm' parameter has been handled
as a string; see #24884. However, the string-handling introduced in [25138]
blindly attempted to handle arrays and other non-scalar types as strings,
resulting in PHP notices and invalid MySQL syntax.
Props vortfu.
Fixes#36718.
Built from https://develop.svn.wordpress.org/trunk@37324
git-svn-id: http://core.svn.wordpress.org/trunk@37290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The issues occur in themes that register sidebars that reference a single format placeholder (`%1$s` and `%2$s`) multiple times, such as in the `id` and `class` attributes for `$before_widget`.
Props martin.krcho, westonruter.
Fixes#36473.
Built from https://develop.svn.wordpress.org/trunk@37322
git-svn-id: http://core.svn.wordpress.org/trunk@37288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`is_user_spammy()` falls back to the current user if one is not provided. There is no current user during authentication, so the result is always `false`. Pass a user to fill the void.
Adds tests for `wp_authenticate_spam_check()`.
Props websupporter.
Fixes#36546.
Built from https://develop.svn.wordpress.org/trunk@37316
git-svn-id: http://core.svn.wordpress.org/trunk@37282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The “Name” column of the Users WP List Table is not sortable because this column displays a concatenation of two optional values, `first_name` and `last_name`. Even if WP_User_Query supported ordering queries in this manner, the resulting sequence would be chaotic.
Fixes#28064.
Props jesin, and rachelbaker.
Built from https://develop.svn.wordpress.org/trunk@37314
git-svn-id: http://core.svn.wordpress.org/trunk@37280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allow the adding of post-thumbnail support for one or more post_types without unsetting any previously added post_types. This matches the behavior of other uses of `add_theme_support()` and the expectations of a function with a prefix of “add”.
To unset post-thumbnail support use `remove_theme_support()` instead.
Fixes#22080
Props alexkingorg, jmichaelward, and flixos90.
Built from https://develop.svn.wordpress.org/trunk@37308
git-svn-id: http://core.svn.wordpress.org/trunk@37274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[35244] changed the way that `WP_UnitTest_Generator_Sequence()` created an
incrementor for object fields (like 'post_name' and 'user_email'), by making
incrementor static across the entire run of the test suite. While this helped
to enforce uniqueness across the tests, it has the side effect of bumping the
incrementor between fields on the same object (so that, eg, the same post might
have `post_name` "post-12" but `post_title` "Post 13". By switching to a
technique that uses the same incrementor for each field belonging to a given
fixture, we conform better to the expectations of developers using
`WP_UnitTest_Factory`.
Fixes#35199.
Built from https://develop.svn.wordpress.org/trunk@37299
git-svn-id: http://core.svn.wordpress.org/trunk@37265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In particular, we want it to occur after shortcode handling. The smiley conversion routine doesn't have any concept of shortcode structure, so may inadvertantly replace a smiley with HTML inside a shortcode attribute, which will cause the shortcode to not be parsed correctly.
Props Unyson for the initial suggested fix.
Fixes#36306.
Built from https://develop.svn.wordpress.org/trunk@37298
git-svn-id: http://core.svn.wordpress.org/trunk@37264 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Unicode 8 added `U+1F644`, "Face with Rolling Eyes", which matches our `:roll:` smiley. Continuing our ever present quest to rid the world of legacy smilies, we now translate that smiley into its emoji form.
Sadly, `:mrgreen:` remains sorely under-represented in the Unicode standard, I'm inclined to think that we should buy a voting membership of the Unicode Consortium, in order to rectify that situation. (Personally, I'm hoping for a green skin tone modifier.)
Fixes#36365.
Built from https://develop.svn.wordpress.org/trunk@37296
git-svn-id: http://core.svn.wordpress.org/trunk@37262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
To improve the performance of `wp_upload_dir()` the result of `wp_mkdir_p()` was stored in a persistent cache, introduced in [36565]. But this becomes an issue when WordPress is scaled horizontally. You may end up caching a value for a server where the directory doesn't exist which will prevent further uploads on other servers because of the persistent cache.
The fix is to use a non-persistent cache.
Props azaozz, ocean90.
See #34359.
Fixes#36621.
Built from https://develop.svn.wordpress.org/trunk@37285
git-svn-id: http://core.svn.wordpress.org/trunk@37251 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_update_plugins()` and `wp_update_themes()` are both hooked into `upgrader_process_complete` with priority 10. But at this stage the caches in `get_plugins()`, `search_theme_directories()`, and `wp_get_themes()` aren't refreshed yet so both functions couldn't fetch any translations for the new plugin/theme.
To reset the caches, `wp_clean_themes_cache()` and `wp_clean_plugins_cache()` are now hooked into `upgrader_process_complete` with priority 9.
This is a follow-up to [34751].
See #34029.
Fixes#36383.
Built from https://develop.svn.wordpress.org/trunk@37272
git-svn-id: http://core.svn.wordpress.org/trunk@37238 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[37028] missed some logic to capture the base emoji skin tone, to compare to the modified emoji skin tone. This caused all browsers to report that they supported skin tone modifiers, regardless of whether they actually did.
Fixes#36604 for trunk.
Built from https://develop.svn.wordpress.org/trunk@37256
git-svn-id: http://core.svn.wordpress.org/trunk@37222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adding the `singular` class per default to the list of body classes is breaking the layout of Twenty Eleven and other themes. Twenty Eleven adds the `.singular` class only to single pages if the page doesn't use specific page templates.
Props flixos90, swissspidy.
Fixes#36510.
Built from https://develop.svn.wordpress.org/trunk@37249
git-svn-id: http://core.svn.wordpress.org/trunk@37215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Use `wp_update_network_counts()` to update the database with the most current data before testing.
* Use `wp_update_network_counts()` to update the database with the most current data after deleting the sites created during the test.
* Create only 1 extra site in each test rather than 4. This shaves several seconds off the test time.
* Stop testing for an extra count now that we update the network counts properly. Previously we looked at `$site_count_start + 9` rather than 8. Now this is `+ 1`, which aligns with the actual number of sites created.
* Test 3 explicit conditions - default, filter applied as `true`, and filter applied as `false`.
* Reset data before testing assertion to avoid a suspended state.
See #36566.
Built from https://develop.svn.wordpress.org/trunk@37233
git-svn-id: http://core.svn.wordpress.org/trunk@37199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- makes the mobile preview/customize toggle a button
- changes the "Close" link hidden text from 'Cancel' to 'Close the Customizer and go back to the previous page'
- adds a missing `type="button"` attribute
- removes unnecessary `keydown` events and `preventDefault()`: buttons don't need a keydown event and when they have a `type="button"` attribute there's no default action to prevent
Props Cheffheid, afercia.
Fixes#31487.
Built from https://develop.svn.wordpress.org/trunk@37230
git-svn-id: http://core.svn.wordpress.org/trunk@37196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When multisite is not configured, the `_site_transient()` and `_site_option()` functions fallback to `_option()` and store network "meta/options" in `wp_options`.
Previously, those calls to `_option()` did not explicitly set the `autoload` parameter and anything assigned as a transient or option at the network level would be set to `autoload` by default, even though autoload is not yet a concept at the network option level.
This changes that behavior and forces the `autoload` setting to `no`. If `autoload` is desired, the single site option functions should be used.
Props thomaswm.
Fixes#22846.
Built from https://develop.svn.wordpress.org/trunk@37223
git-svn-id: http://core.svn.wordpress.org/trunk@37189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `WP_Theme::network_enable_theme()` can be used to enable a theme or array of themes on a network.
* `WP_Theme::network_disable_theme()` can be used to disable a theme or array of themes on a network.
* Use these new methods in the network admin vs direct `update_site_option()` calls.
* Add tests.
Props igmoweb.
Fixes#30594.
Built from https://develop.svn.wordpress.org/trunk@37202
git-svn-id: http://core.svn.wordpress.org/trunk@37168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Moving these functions to `wp-includes/capabilities.php` allows plugins to access more than just `is_super_admin()` and `get_super_admin()` from the front end without including a file via `wp-admin/`. Add an `is_multisite()` check to prevent use of these on single site environments now that they have left `ms.php`..
Props johnjamesjacoby.
Fixes#21788.
Built from https://develop.svn.wordpress.org/trunk@37200
git-svn-id: http://core.svn.wordpress.org/trunk@37166 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improper checking for 'Imagick::ALPHACHANNEL_UNDEFINED' and
'Imagick::ALPHACHANNEL_OPAQUE' caused fatal errors for some users
with Imagick when compiled against ImageMagick < 6.4.6, when these
constants were introduced. Fixes these compatibility checks.
Props gblsm.
Fixes#36501.
Built from https://develop.svn.wordpress.org/trunk@37192
git-svn-id: http://core.svn.wordpress.org/trunk@37158 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Following pattern of `wp_get_mime_types()`, introduce `wp_get_ext_types()` function. New function returns a filtered list of file types with their extensions.
* Use this function in new tests for `wp_ext2type()`.
Props borgesbruno.
Fixes#35987.
Built from https://develop.svn.wordpress.org/trunk@37189
git-svn-id: http://core.svn.wordpress.org/trunk@37155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevent tasks from running twice in parallel
if both .svn and .git directories are present.
Add `--ignore-externals` to `svn status`
and replace `git diff --name-only` with `git status --short`.
Merge some duplicate code.
Fixes#36394.
See #35557.
See [36906].
Built from https://develop.svn.wordpress.org/trunk@37185
git-svn-id: http://core.svn.wordpress.org/trunk@37152 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This disables the concatenation of remaining enqueued scripts once `wp_add_inline_script()` is invoked, which allows us to reliably print these scripts and their before/after inline scripts in the desired order.
Props gitlost, azaozz, swisspidy, ocean90.
Fixes#36392.
Built from https://develop.svn.wordpress.org/trunk@37171
git-svn-id: http://core.svn.wordpress.org/trunk@37138 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Theme support for `customize-selective-refresh-widgets` can be added _after_ the logic for registering the settings for incoming widgets that have been changed. This is due to themes adding the theme support in `after_setup_theme` which is also the action where `WP_Customize_Widgets::register_settings()` is called. If these both happen at priority 10, which one is called first depends on which one was added first. The other issue is that at the time that `WP_Customize_Widgets::register_settings()` is called at `after_setup_theme`, it is called before `widgets_init` and thus no widgets are yet registered. This means that any settings registered at this point will always have a `refresh` transport even if the theme supports `customize-selective-refresh-widgets`, since the `WP_Widget` instance is not visible yet to see if it supports selective refresh.
The fix: Defer `WP_Customize_Widgets::register_settings()` from `after_setup_theme` to `widgets_init` at priority 95 when the widget objects have all been registered. Also, ensure that the preview filter for `sidebars_widgets` is added before the sidebars are iterated for adding the controls.
Props westonruter.
Fixes#36389.
Built from https://develop.svn.wordpress.org/trunk@37166
git-svn-id: http://core.svn.wordpress.org/trunk@37133 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Percent signs are reserved characters in URIs. As such, it was impossible for
plugins to route requests to trashed posts, as happens in bbPress. The new
`__trashed` suffix should be sufficiently unique.
Also adds a test that demonstrates that the `__trashed` suffix can be
appended to slugs that contain the suffix somewhere other than the end of
the string.
Props netweb, ericlewis.
Fixes#11863.
Built from https://develop.svn.wordpress.org/trunk@37165
git-svn-id: http://core.svn.wordpress.org/trunk@37132 1a063a9b-81f0-0310-95a4-ce76da25c4cd
You know what's wrong with the Moderate Comment Screen? It doesn't win anymore. Well, I'm going make the Moderate Comment screen win. It's going to win by showing the urls that are linked to from every anchor. It's going to win by having those urls be a lighter shade of gray than the surrounding text. Spammy links aren't going to be able to hide in commas. Spammy links aren't going to win. The Moderate Comment Screen is going to win and we are going to make the Moderate Comment Screen Great Again.
Fixes#36380
Props rachelbaker, mikeschroder, adamsilverstein, boonebgorges, melchoyce, ocean90, jorbin, pento
Built from https://develop.svn.wordpress.org/trunk@37161
git-svn-id: http://core.svn.wordpress.org/trunk@37127 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The codex says that taxonomy names "should only contain lowercase letters and the underscore character", but that's not enforced. It's too late to enforce it, since some plugins haven't been following it and the official phpdoc doesn't mention this restriction.
Built from https://develop.svn.wordpress.org/trunk@37133
git-svn-id: http://core.svn.wordpress.org/trunk@37100 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allows themes to specify the desired width and height of logos, and whether
that is flexible or not. Has the benefit of not having to generate a logo-sized
file for every image uploaded.
Props westonruter, celloexpressions.
Fixes#36255.
Built from https://develop.svn.wordpress.org/trunk@37077
git-svn-id: http://core.svn.wordpress.org/trunk@37044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This reverts part of [34659] due to excessive canonical problems it's caused in 4.4.x.
Remove the unit tests which are no longer supported.
This also removes the `is_feed()` code to avoid confusion - only pages & embeds will be redirected.
Merges [36280] and [36281] to trunk.
Props dd32.
See #21602, #35344.
Built from https://develop.svn.wordpress.org/trunk@37075
git-svn-id: http://core.svn.wordpress.org/trunk@37042 1a063a9b-81f0-0310-95a4-ce76da25c4cd