* "-1" is an invalid nonce error, show 'An error has occurred. Please reload the page and try again.'.
* "error" means that the connection to the server was lost, show 'Connection lost or the server is busy. Please try again later.'.
* Escape the message in `wp-updates-admin-notice` because the response may include HTML.
* Remove HTML tags in `wp.updates.isValidResponse()` to make PHP's error messages more readable.
Props azaozz for review.
Fixes#37583.
Built from https://develop.svn.wordpress.org/trunk@38205
git-svn-id: http://core.svn.wordpress.org/trunk@38146 1a063a9b-81f0-0310-95a4-ce76da25c4cd
An upgrader class is used in conjunction with an upgrader skin class. A skin class handles the logging for an upgrade and informs a user about the progress and failures.
The current Ajax install/update handlers are using the `Automatic_Upgrader_Skin` class because during an Ajax request no output is intended. The difference between Ajax updates and automatic updates is that you will see the full log (usually by email) while Ajax updates focus only on success or failure. For that `Automatic_Upgrader_Skin` has one disadvantage: It doesn't provide a way to retrieve failure messages which were passed through `WP_Upgrader_Skin::error()` by the upgrader.
To solve this issue a new skin `WP_Ajax_Upgrader_Skin` has been introduced. The skin extends `Automatic_Upgrader_Skin` and overrides the `error()` and `feedback()` methods to intercept all errors, which can be a `WP_Error` object or a string.
This updates all four Ajax handler for installing/updating themes/plugins to use the new skin. They now also check the skin for any intercepted errors and pass them on to the user.
Props flixos90, obenland, ocean90.
Props DrewAPicture, pento for review.
Fixes#37531.
Built from https://develop.svn.wordpress.org/trunk@38199
git-svn-id: http://core.svn.wordpress.org/trunk@38140 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[38179] added support for the rainbow flag to core, but platform compatibility is a bit strange, because the flag was defined out of sync with the usual Unicode release cycle. For example Android N supports all Unicode 9.0 emoji, but doesn't support the rainbow flag thus the rainbow flag isn't rendered.
The Twemoji loader already has an exception for flags - it'll load if the browser supports everything but flags, and then only replace flag emoji, leaving everything else as native rendering. To provide a seamless experience for all flags the loader now uses the rainbow flag to test flag support.
Props pento.
See #37543.
Fixes#37566.
Built from https://develop.svn.wordpress.org/trunk@38194
git-svn-id: http://core.svn.wordpress.org/trunk@38135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The button was introduced in [37901] to allow users switching to the selected menu for further edits. A link makes it more clear that the user is taken away from the current view.
This also adds an aria label and makes the button label more verbose, 'Edit Menu'.
Props afercia.
Props helen for review.
Fixes#36795.
Built from https://develop.svn.wordpress.org/trunk@38189
git-svn-id: http://core.svn.wordpress.org/trunk@38130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When doing a bulk update, if there are failures the user needs to know about that. This makes it clearer that you can click on the notification to see more details, especially for screen reader users.
Fixes#37510.
Props juhise, Ankit K Gupta, afercia, jorbin, ocean90.
Built from https://develop.svn.wordpress.org/trunk@38185
git-svn-id: http://core.svn.wordpress.org/trunk@38126 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Twemoji recently added images for the Rainbow and Pirate flags, and the latest iOS 10 beta added support for the Rainbow flag. Never let it be said that WordPress is at anything less than the cutting edge of emoji research and development.
Props ocean90 for the code review.
See #37543.
Built from https://develop.svn.wordpress.org/trunk@38179
git-svn-id: http://core.svn.wordpress.org/trunk@38120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Events for updating exist, but they lack context. This adds args so that plugins can detec t what plugin/theme is being installed. Additionally, events for bulk actions, deleting and that and install is starting didn't exist, so this adds them.
Fixes#37512.
Props DavidAnderson, and ocean90, swissspidy for review.
Built from https://develop.svn.wordpress.org/trunk@38175
git-svn-id: http://core.svn.wordpress.org/trunk@38116 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since [37221] the upload form is added to every plugin install screen via `install_plugins_upload()`. Previously the form was added through the `install_plugins_upload` (alias of `install_plugins_$tab`) action which allowed plugin authors to replace the form. This restores the previous behaviour.
* Add the form only to non-upload plugin install screens.
* Replace `install_plugins_upload()` with the `install_plugins_upload` and `install_plugins_pre_upload` actions.
* Remove `$upload_tab_class` and add a CSS class for the current tab to `.wrap`
* Adjust CSS selectors and toggle the whole container to support upload without an `upload-plugin` class.
Props DavidAnderson, ocean90.
Fixes#37495.
Built from https://develop.svn.wordpress.org/trunk@38172
git-svn-id: http://core.svn.wordpress.org/trunk@38113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Selective refresh will not be available for widgets when they lack these params, so previewing will fallback to full page refreshes. Sidebars registered as such should be rare so this accounts for an edge case.
Fixes#37478.
Built from https://develop.svn.wordpress.org/trunk@38166
git-svn-id: http://core.svn.wordpress.org/trunk@38107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Requests defaults to _GET/query for HEAD/GET/DELETE and _POST/body for POST/PUT/OPTIONS/PATCH. For backward compatibility `WP_HTTP` needs to force `data_format` to 'body' for all non-GET/HEAD requests.
Props dd32.
Fixes#37456.
Built from https://develop.svn.wordpress.org/trunk@38165
git-svn-id: http://core.svn.wordpress.org/trunk@38106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Requests has its own cookie object in form of `Requests_Cookie`. Therefore we have to convert `WP_Http_Cookie` objects to `Requests_Cookie`.
This introduces `WP_Http_Cookie::get_attributes()` to retrieve cookie attributes of a `WP_Http_Cookie` object and `WP_Http::normalize_cookies()` to convert the cookie objects.
Fixes#37437.
Built from https://develop.svn.wordpress.org/trunk@38164
git-svn-id: http://core.svn.wordpress.org/trunk@38105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Add the `wpview-wrap` class and pass third param to the getNodes() callback for back-compat.
- Attach the mutation observer that resizes a view iframe inside the iframe to minimize memory use/leaks.
- Remove the `wp-mce-view-unbind` event. It has never been particularly reliable and now it doesn't fire when the user deletes a view by typing or pasting over it.
- Restore changing of a view iframe body classes when the editor body classes change.
Props iseulde, azaozz.
Fixes#36434.
Built from https://develop.svn.wordpress.org/trunk@38158
git-svn-id: http://core.svn.wordpress.org/trunk@38099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Under certain conditions upgrades on Windows may fail because `wp_tempnam()` gets called in a loop.
This can happen when `wp_tempnam()` is called with `\.maintenance` for the `$filename` parameter. The function strips the extension, in this case `.maintenance`, which results in an empty filename. Because it's empty, `wp_tempnam()` calls itself with `dirname( '\.maintenance' )`. On *nix systems this would be `"/"` which allows `wp_tempnam()` to fall back on `time()`. But on Windows it's `"\"`.
This change adds the backslash to the list of characters which allow `wp_tempnam()` to fall back on `time()`.
See [32322], [31936].
Fixes#33999.
Built from https://develop.svn.wordpress.org/trunk@38151
git-svn-id: http://core.svn.wordpress.org/trunk@38092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update DocBlock to use third-person singular verb and to include a period at the end.
* Use `submit_button()` for the submit button.
* Escape the ID attribute.
* Apply the same to `WP_List_Table::search_box()`.
See #37230.
Built from https://develop.svn.wordpress.org/trunk@38146
git-svn-id: http://core.svn.wordpress.org/trunk@38087 1a063a9b-81f0-0310-95a4-ce76da25c4cd