When posts are edited in bulk, the `_edit_last` meta was not updated for each post. This change adds a call to update the `_edit_last` meta to the current user ID for each post the is updated.
Props calebwoodbridge, peterwilsoncc, guillaumeturpin, audrasjb.
Fixes#42446.
Built from https://develop.svn.wordpress.org/trunk@52141
git-svn-id: http://core.svn.wordpress.org/trunk@51733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Disable auto-correct for the slug field on the quick/bulk edit interface. As slugs may consist of a number of words combined in to a single string, they are unlikely to pass spell checkers.
Props swb1192, SergeyBiryukov, afragen, Clorith, desrosj, JeffPaul, sabernhardt, Boniu91, costdev, hellofromTonya.
Fixes#50499.
Built from https://develop.svn.wordpress.org/trunk@52092
git-svn-id: http://core.svn.wordpress.org/trunk@51684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previous messaging of this link was confusing given it went to an external source. This change describes more accurately that it will perform the action of taking you to the resource.
Props karmatosed, joedolson, melchoyce, hellofromTonya, afercia, sabernhardt, antpb.
Fixes#48939.
Built from https://develop.svn.wordpress.org/trunk@52033
git-svn-id: http://core.svn.wordpress.org/trunk@51625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, when uploading a media item type that is not supported, the default error message claims that the reason it cannot upload is due to security reasons. This is not always true. Now the warning says that the type is not allowed, which is always true.
Props antpb, Presskopp, peterwilsoncc, desrosj, iluy, circlecube, mikeschroder.
Fixes#53626.
Built from https://develop.svn.wordpress.org/trunk@52032
git-svn-id: http://core.svn.wordpress.org/trunk@51624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As a legacy from the old Health Check plugin, the constant `WP_LOCAL_DEV` was included in the debug data under the "WordPress Constants" section. This was incorrect, and has never been a constant used by core.
Instead, that field is now replaced by `WP_ENVIRONMENT_TYPE`, which was introduced with WordPress 5.5, and is a much more appropriate value to provide in a debug scenario.
Props johnbillion, bgoewert, sabbirshouvo.
Fixes#54340.
Built from https://develop.svn.wordpress.org/trunk@52021
git-svn-id: http://core.svn.wordpress.org/trunk@51613 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `get_core_checksums()` and `wp_version_check()` functions call the PHP native `http_build_query()` function, the second parameter of which is the ''optional'' `$numeric_prefix` parameter which expects a non-nullable `string`.
A parameter being optional, however, does not automatically make it nullable.
As of PHP 8.1, passing `null` to a non-nullable PHP native function will generate a deprecation notice.
In this case, this function call yielded a `http_build_query(): Passing null to parameter #2 ($numeric_prefix) of type string is deprecated` notice.
Changing the `null` to an empty string fixes this without a backward compatibility break.
References:
* [https://www.php.net/manual/en/function.http-build-query.php PHP Manual: http_build_query()]
* [https://wiki.php.net/rfc/deprecate_null_to_scalar_internal_arg PHP RFC: Deprecate passing null to non-nullable arguments of internal functions]
Follow-up to [18697], [25540].
Props bjorsch, kraftbj, hellofromTonya, jrf.
See #54229.
Built from https://develop.svn.wordpress.org/trunk@52019
git-svn-id: http://core.svn.wordpress.org/trunk@51611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Changes the submit button text from "Submit" to "Save Changes".
Why? The text is more semantic and clear of what happens when activating that button.
Follow-up to [9103].
Props zodiac1978, knutsp, hilayt24, audrasjb.
Fixes#54229.
Built from https://develop.svn.wordpress.org/trunk@52014
git-svn-id: http://core.svn.wordpress.org/trunk@51605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When viewing the listing of all comments, author links previously passed referrer information to untrusted URLs. This change adds `noreferrer` to each author link, as well as `noopener` to prevent the passing of information about the parent window.
Props cybr, adam3128, erayalakese, andraganescu, audrasjb, joedolson, sabernhardt.
Fixes#40916.
Built from https://develop.svn.wordpress.org/trunk@52007
git-svn-id: http://core.svn.wordpress.org/trunk@51596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changes some admin-area, user-facing text, to better match the guidelines and recommendations set forth in the make/core handbook, specifically:
> the word “we” should be avoided (...) unless its made very clear which group is speaking
(There are several more usages of "we" that will receive this same scrutiny in future commits/releases.)
Props audrasjb, johnbillion, marybaum, peterwilsoncc, sergeybiryukov, shital-patel.
Fixes #46057.
Built from https://develop.svn.wordpress.org/trunk@51979
git-svn-id: http://core.svn.wordpress.org/trunk@51568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The WordPress Events and News widget used an icon-only button to select a location. The Pencil icon alone provided insufficient context and labeling for accessibility. Add text to clearly describe button action and change icon to represent a location marker.
Props AmethystAnswers, sabernhardt.
Fixes#53311.
Built from https://develop.svn.wordpress.org/trunk@51971
git-svn-id: http://core.svn.wordpress.org/trunk@51560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Similar to the existing `role`/`role__in`/`role__not_in` query arguments, this adds support for three new query arguments in `WP_User_Query`:
* `capability`
* `capability__in`
* `capability__not_in`
These can be used to fetch users with (or without) a specific set of capabilities, for example to get all users
with the capability to edit a certain post type.
Under the hood, this will check all existing roles on the site and perform a `LIKE` query against the `capabilities` user meta field to find:
* all users with a role that has this capability
* all users with the capability being assigned directly
Note: In WordPress, not all capabilities are stored in the database. Capabilities can also be modified using filters like `map_meta_cap`. These new query arguments do NOT work for such capabilities.
The prime use case for capability queries is to get all "authors", i.e. users with the capability to edit a certain post type.
Until now, `'who' => 'authors'` was used for this, which relies on user levels. However, user levels were deprecated a long time ago and thus never added to custom roles. This led to constant frustration due to users with custom roles missing from places like author dropdowns.
This updates any usage of `'who' => 'authors'` in core to use capability queries instead.
Subsequently, `'who' => 'authors'` queries are being **deprecated** in favor of these new query arguments.
Also adds a new `capabilities` parameter (mapping to `capability__in` in `WP_User_Query`) to the REST API users controller.
Also updates `twentyfourteen_list_authors()` in Twenty Fourteen to make use of this new functionality, adding a new `twentyfourteen_list_authors_query_args` filter to make it easier to override this behavior.
Props scribu, lgladdly, boonebgorges, spacedmonkey, peterwilsoncc, SergeyBiryukov, swissspidy.
Fixes#16841.
Built from https://develop.svn.wordpress.org/trunk@51943
git-svn-id: http://core.svn.wordpress.org/trunk@51532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change allows for external clients to supply a suggested filename via a `Content-Disposition` response header. This filename is processed through `sanitize_file_name()` to ensure it is allowable (on the server, MIME's, etc...) and `validate_file()` to prevent directory traversal.
If the suggested filename fails the above processing/checks, that suggestion is discarded and the standard temporary filename (generated by WordPress) is used.
If no `Content-Disposition` header is found in the response headers, the standard temporary filename continues to be used as per normal.
Included in this change are 6 additional PHPUnit tests with 9 assertions. These tests confirm that valid filename values are correctly saved, and invalid filename values are correctly rejected.
Props cklosows, costdev, dd32, johnjamesjacoby, ocean90, psrpinto.
Fixes#38231.
Built from https://develop.svn.wordpress.org/trunk@51939
git-svn-id: http://core.svn.wordpress.org/trunk@51528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit adds the `public` visibility keyword to each method which did not have an explicit visibility keyword.
Why `public`?
With no visibility previously declared, these methods are implicitly `public` and available for use. Changing them to anything else would be a backwards-compatibility break.
Props costdev, jrf.
See #54177.
Built from https://develop.svn.wordpress.org/trunk@51919
git-svn-id: http://core.svn.wordpress.org/trunk@51512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[51916] fixed a bug where `array( `false` )` was added to the cron array when `_get_cron_array()` returned `false`.
This commit:
* Removes any `false` values from the cron array when upgrading to 5.9+.
* Bumps the database version.
Follow-up to [44917], [51916].
Props peterwilsoncc, jrf.
See #53950.
Built from https://develop.svn.wordpress.org/trunk@51917
git-svn-id: http://core.svn.wordpress.org/trunk@51510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Audio
* Video
* Unattached
This allows for more homogeneous translations in languages where keeping a plural form is important.
Follow-up to [6910], [7397], [8901], [9556], [11749], [13100], [12110], [15491], [15578], [22743], [29426], [29625], [34256], [45651], [46437].
Props jdy68, audrasjb, SergeyBiryukov.
Fixes#54238.
Built from https://develop.svn.wordpress.org/trunk@51903
git-svn-id: http://core.svn.wordpress.org/trunk@51496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows these actions to run ''after'' the main process, without affecting the update. Actions running on `shutdown` are immune to PHP timeouts, so in case the failure was due to a PHP timeout, we'll still be able to properly restore the previous version.
Follow-up to [51815], [51898], [51899].
Props aristath, peterwilsoncc.
See #54166.
Built from https://develop.svn.wordpress.org/trunk@51902
git-svn-id: http://core.svn.wordpress.org/trunk@51495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This replaces the `copy_dir()` usage in `WP_Upgrader::install_package()` and aims to avoid PHP timeout issues when installing or updating large plugins on slower systems like Vagrant or the WP Docker test environment.
The new function attempts a native PHP `rename()` function first and falls back to the previous `copy_dir()`.
Follow-up to [51815], [51898].
Props afragen, aristath, peterwilsoncc, galbaras, noisysocks, pbiron.
Fixes#54166. See #51857.
Built from https://develop.svn.wordpress.org/trunk@51899
git-svn-id: http://core.svn.wordpress.org/trunk@51492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids a few type problems further in the code: boolean divided by a number, or passing `false` to `size_format()` which is documented to accept integers or strings only.
Follow-up to [51815].
Props TobiasBg.
See #51857.
Built from https://develop.svn.wordpress.org/trunk@51898
git-svn-id: http://core.svn.wordpress.org/trunk@51491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows the parent `WP_List_Table::has_items()` method to work as expected, and the override in the child class can now be removed. It also makes the class more consistent with other list table classes.
As a result of this change, the "Bulk actions" dropdown is no longer unnecessarily displayed if there are no terms.
Follow-up to [15491], [17025], [17026].
Props mattoakley, swissspidy, audrasjb, SergeyBiryukov.
Fixes#54181.
Built from https://develop.svn.wordpress.org/trunk@51896
git-svn-id: http://core.svn.wordpress.org/trunk@51489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously the first and last page pagination buttons were disabled when on their next or previous page respectively. This commit removes that unnecessary logic to keep these buttons enabled and avoid confusion in the user's navigation workflow.
New behavior:
- When on page 2, the go to first page `«` button is enabled
- When on the page before the last page, the go to last page `»` button is enabled
Follow-up to [32948], [47219].
Props wp_kc, ronakganatra, knutsp, sabernhardt, Hareesh Pillai, audrasjb, hellofromTonya.
Fixes#42763.
Built from https://develop.svn.wordpress.org/trunk@51880
git-svn-id: http://core.svn.wordpress.org/trunk@51473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adjust similar code in `_post_states()` and `_media_states()` for consistency.
Follow-up to:
* [12897], [15491], [32755], [46153], [48424] for `WP_MS_Sites_List_Table::site_states()`.
* [17793], [47775], [49223] for `_media_states()`.
* [9153], [46309] for `_post_states()`.
Props joelcj91, audrasjb, desrosj.
Fixes#38296.
Built from https://develop.svn.wordpress.org/trunk@51873
git-svn-id: http://core.svn.wordpress.org/trunk@51466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress tries to avoid an issue where slugs might match an existing slug of a page/post.
If we are in a hierarchical post type, there will be a level, and we can leave it the same.
Props stormrockwell, SergeyBiryukov, terriann, tubys, jeremyfelt, Daschmi, MaximeCulea, knutsp, whyisjake.
Fixes#51147.
See also #44112 and #45260.
Built from https://develop.svn.wordpress.org/trunk@51855
git-svn-id: http://core.svn.wordpress.org/trunk@51454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to make the update process more reliable and ensures that if a plugin or theme update fails, the previous version can be safely restored.
* When updating a plugin or theme, the old version is moved to a temporary backup directory:
* `wp-content/upgrade/temp-backup/plugins/[plugin-slug]` for plugins
* `wp-content/upgrade/temp-backup/themes/[theme-slug]` for themes.
* If the update fails, then the temporary backup kept in the `upgrade/temp-backup` directory is restored to its original location.
* If the update succeeds, the temporary backup is deleted.
To further help troubleshoot plugin and theme updates, two new checks were added to the Site Health screen:
* A check to make sure that the `temp-backup` directory is writable.
* A check that there is enough disk space available to safely perform updates.
To avoid confusion: The `temp-backup` directory will NOT be used to "roll back" a plugin to a previous version after a completed update. This directory will simply contain a transient backup of the previous version of a plugin or theme being updated, and as soon as the update process finishes, the directory will be empty.
Props aristath, afragen, pbiron, dd32, poena, TimothyBlynJacobs, audrasjb, mikeschroder, a2hosting, hellofromTonya, KZeni, galbaras, richards1052, Boniu91, mai21, francina, SergeyBiryukov.
See #51857.
Built from https://develop.svn.wordpress.org/trunk@51815
git-svn-id: http://core.svn.wordpress.org/trunk@51422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that the beginning of the label matches the visible link text.
Add a similar label for the plugin URI link on the Plugins screen when the plugin is outside of the directory.
Follow-up to [28673], [28706], [35924].
Props sabernhardt, zeo, audrasjb.
Fixes#24442.
Built from https://develop.svn.wordpress.org/trunk@51795
git-svn-id: http://core.svn.wordpress.org/trunk@51402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While the new name is much better, it doesn't fully tell what will happen when invoked nor does it fully solve the root problems.
Why? The function is doing too much. And naming is hard.
Props azaozz, desrosj, andraganescu, zieladam, hellofromTonya.
See #53811.
Built from https://develop.svn.wordpress.org/trunk@51791
git-svn-id: http://core.svn.wordpress.org/trunk@51398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In each child class: renames the parameter to match the parent's method signature.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.
Changes for readability:
- `@since` clearly specifies the original parameter name and its new name as well as why the change happened.
Follow-up to [11005], [25806], [32655], [38199].
Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51782
git-svn-id: http://core.svn.wordpress.org/trunk@51389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the parent class, renames the parameter `$string` to `$feedback`.
Why? `string` is a PHP reserved keyword.
In each child class: renames the parameter to match the parent's method signature.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.
Changes for readability:
- `@since` clearly specifies the original parameter name and its new name as well as why the change happened.
Follow-up to [11005], [25228], [30680], [32655], [38199], [49596].
Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51781
git-svn-id: http://core.svn.wordpress.org/trunk@51388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the parent class, renames the parameter `$object` to `$data_object`.
Why? `object` is a PHP reserved keyword. The parameter name is selected for consistency with `Walker::start_el()`.
In each child class: renames the parameter to match the parent's method signature.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.
Changes for readability:
- `@since` clearly specifies the original parameter name and its new name as well as why the change happened.
Follow-up to [7737], [8900], [8970], [14248], [16100], [25642], [25644], [37051], [37056].
Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51780
git-svn-id: http://core.svn.wordpress.org/trunk@51387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The parent class uses `$current_object_id` while most of the child classes use `$id`. As the parent class' is more descriptive, renaming the last parameter in each of child class.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.
Changes for readability:
- `@since` clearly specifies the original parameter name and its new name as well as why the change happened.
- In methods longer than a single line, the generic parameter is reassigned to the original parameter restoring it for context for use within the method. An inline comment is added to explain why this reassignment is made.
- In cases where the original parameter name was too generic or misleading, renamed (when reassigning) to a more descriptive name for use within the method.
Follow-up to [7737], [8900], [8970], [14248], [15077], [16100], [25642], [25644], [37051], [37054], [37056], [46271], [47189], [51739].
Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51779
git-svn-id: http://core.svn.wordpress.org/trunk@51386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the parent class, renames the parameter `$object` to `$data_object`.
Why? `object` is a PHP reserved keyword.
In each child class: renames the corresponding parameter to match the parent's method signature.
Why?
PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.
Changes for readability:
- `@since` clearly specifies the original parameter name and its new name as well as why the change happened.
- in methods longer than a single line, the generic parameter is reassigned to the original parameter restoring it for context for use within the method. An inline comment is added to explain why this reassignment is made.
- in cases where the original parameter name was too generic, renamed (when reassigning) to a more descriptive name for use within the method.
Follow-up to [7737], [8900], [8970], [14248], [15077], [16100], [25642], [25644], [37051], [37054], [37056], [46271], [47189].
Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51739
git-svn-id: http://core.svn.wordpress.org/trunk@51347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Matches the method signatures of the parent class and each child class.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.
For readability:
- `@since` clearly specifies the original parameter name and its new name as well as why the change happened
- in methods longer than a single line, the generic parameter is reassigned to the original parameter restoring it for context for use within the method. An inline comment is added to explain why this reassignment is made.
Follow-up to [32644], [32664], [32798], [38489], [49183], [49197].
Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51737
git-svn-id: http://core.svn.wordpress.org/trunk@51345 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Matches the method signatures of the parent class and each child class.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.
For readability:
- `@since` clearly specifies the original parameter name and its new name as well as why the change happened
- in methods longer than a single line, the generic parameter is reassigned to the original parameter restoring it for context for use within the method. An inline comment is added to explain why this reassignment is made.
Follow-up to [15632], [30679], [31210], [32740], [32753], [32754], [32755], [32756], [32757].
Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51735
git-svn-id: http://core.svn.wordpress.org/trunk@51343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `$response` parameter is an object, not an array.
This is a minor inconsistency with the corresponding `in_theme_update_message-{$theme_key}` action for themes, where the `$response` parameter is an array.
For backward compatibility, it is safer not to change the parameter type at this point, but to make sure the documentation is correct.
Follow-up to [11193], [16141], [26540].
Props davidmosterd, audrasjb, SergeyBiryukov.
See #40006.
Built from https://develop.svn.wordpress.org/trunk@51733
git-svn-id: http://core.svn.wordpress.org/trunk@51341 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The action fires after the Save Draft (or Save as Pending) and Preview (or Preview Changes) buttons in the Publish meta box.
The previous description stated that the action fires before the post date/time setting, which was not quite correct, as there are also post status and visibility settings between the action and the date/time setting.
Follow-up to [34895].
Props bedas, audrasjb.
Fixes#54045.
Built from https://develop.svn.wordpress.org/trunk@51732
git-svn-id: http://core.svn.wordpress.org/trunk@51338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Matches the method signatures of the parent class and each child class.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.
For readability:
- `@since` clearly specifies the original parameter name and its new name as well as why the change happened
- in methods longer than a single line, the generic parameter is reassigned to the original parameter restoring it for context for use within the method. An inline comment is added to explain why this reassignment is made.
Follow-up to [15632], [30679], [31210], [32740], [32753], [32754], [32755], [32756], [32757].
Props jrf, hellofromTonya, @sergeybiryukov, @azaozz, @desrosj, @johnbillion
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51728
git-svn-id: http://core.svn.wordpress.org/trunk@51334 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The original name `retrieve_widgets()` was unclear as it suggested it was a getter, i.e. getting the widgets. This function does more than get: finds orphaned widgets, assigns them to the inactive sidebar, and updates the database.
The new name is `sync_registered_widgets()` which better represents what happens when this function is invoked.
The original `retrieve_widgets()` function is soft deprecated to avoid unnecessary code churn downstream for developers that support more than the latest version of WordPress.
Follow-up to [18630].
Props zieladam, timothyblynjacobs, andraganescu, hellofromTonya.
See #53811.
Built from https://develop.svn.wordpress.org/trunk@51705
git-svn-id: http://core.svn.wordpress.org/trunk@51311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids a fatal error on PHP 8 caused by passing a zero value to `fread()` as the `$length` argument, which must be greater than zero.
This commit also amends the previous solution for similar issues elsewhere in the file to ensure consistent type for string values, instead of changing the type from `string` to `bool` when trying to read from an empty file.
Follow-up to [50355].
Props DavidAnderson, jrf, SergeyBiryukov.
Fixes#54036.
Built from https://develop.svn.wordpress.org/trunk@51686
git-svn-id: http://core.svn.wordpress.org/trunk@51292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Installation and activation of incompatible plugins was previously disallowed in [43436] and [44978], but if such a plugin was installed manually, there was nothing on the Plugins screen that would show its compatibility status.
Showing an appropriate notice with a documentation link makes the UI more consistent and improves user experience.
Follow-up to [43436], [44937], [44939], [44978], [45043], [45165], [45546], [47573], [47816], [47819], [48172], [48636], [48637], [48638], [48640], [48652], [48653], [48654], [48660].
Props TacoVerdo, SergeyBiryukov.
Fixes#53990.
Built from https://develop.svn.wordpress.org/trunk@51678
git-svn-id: http://core.svn.wordpress.org/trunk@51284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The following warnings could, in very select circumstances, be shown:
{{{
// PHP 8.0 and higher:
Warning: foreach() argument must be of type array|object, bool given
// PHP 5.6 – 7.4
Warning: Invalid argument supplied for foreach()
}}}
In `WP_Media_List_Table::prepare_items()`, the cron info array is retrieved via a call to `_get_cron_array()`, but as the documentation (correctly) states, the return type of that function is `array|false`, where `false` is returned for a virgin site, with no cron jobs scheduled yet.
However, no type check is done on the return value, and the method just blindly continues by using it in a `foreach`.
Fixed by adding validation for the returned value from `_get_cron_array()` and only running the `foreach` when the returned value is an array.
Reference: [https://developer.wordpress.org/reference/functions/_get_cron_array/ WordPress Developer Resources: _get_cron_array()]
Follow-up to [48417].
Props jrf, hellofromTonya, mukesh27.
Fixes#53949.
Built from https://develop.svn.wordpress.org/trunk@51638
git-svn-id: http://core.svn.wordpress.org/trunk@51244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Hide the browser's native radio button on the custom background position selector in the Customizer and the legacy background screen. This fixes an issue causing both to display.
Props mukesh27, ravipatel, sabernhardt, walbo.
Fixes#53803.
Built from https://develop.svn.wordpress.org/trunk@51637
git-svn-id: http://core.svn.wordpress.org/trunk@51243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As per the PHP manual:
> If the `component` parameter is omitted, an associative array is returned.
> If the `component` parameter is specified, `parse_url()` returns a string (or an int, in the case of `PHP_URL_PORT`) instead of an array. If the requested component doesn't exist within the given URL, `null` will be returned.
Reference: [https://www.php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-returnvalues PHP Manual: parse_url(): Return Values]
This commit adds three unit tests for `download_url()`:
* The first test is "girl-scouting" to make sure that the code up to the point where the error is expected is tested.
* The second test exposed a PHP 8.1 `basename(): Passing null to parameter #1 ($path) of type string is deprecated` error due to the call to `parse_url()` returning `null` when the component requested does not exist in the passed URL.
* The output of the call to `parse_url()` stored in the `$url_path` variable is used in more places in the function logic. The third test exposes a second PHP 8.1 deprecation notice, this time for `substr(): Passing null to parameter #1 ($string) of type string is deprecated`.
This commit also removes duplicate `parse_url()` calls. Neither `$url` nor `$url_filename` are changed between when they are first received/defined and when they are re-used, so there is no need to repeat the function calls.
Follow-up to [51606], [51622].
Props jrf, hellofromTonya, SergeyBiryukov.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51626
git-svn-id: http://core.svn.wordpress.org/trunk@51232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that when multiple plugins or themes are updated and one succeeds and another fails, the error is reported accordingly.
Previously, both updates would end up treated as a success, due to `$this->result` containing the result of the previous operation and not the current one.
Follow-up to [12097].
Props pwtyler, afragen.
Fixes#53002.
Built from https://develop.svn.wordpress.org/trunk@51528
git-svn-id: http://core.svn.wordpress.org/trunk@51139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This matches the documented type of the `$post_id` argument and is consistent with other instances of `wp_terms_checklist()` calls.
Per the function documentation, the default value is integer `0`, not `null`.
Follow-up to [13535].
Props tareiking, donmhico, jrf.
Fixes#43639.
Built from https://develop.svn.wordpress.org/trunk@51520
git-svn-id: http://core.svn.wordpress.org/trunk@51131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a one-off notice to the dashboard in the event WordPress has automatically deactivated a plugin due to incompatibility with the new version of WordPress.
Introduces the new private function `deactivated_plugins_notice()` to display the notice in the dashboard. Introduces the new auto-loaded option `wp_force_deactivated_plugins` to store a list of automatically deactivated plugins; the option is used on both a site and network level.
Follow up to [51180].
Props desrosj, jorbin, azaozz, SergeyBiryukov, peterwilsoncc.
See #53432.
Built from https://develop.svn.wordpress.org/trunk@51266
git-svn-id: http://core.svn.wordpress.org/trunk@50875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is the start of the WordPress 5.8 about page, introducing new content and a first pass of the new style.
Props chanthaboune, cbringmann, webcommsat, marybaum, melchoyce, shaunandrews, desrosj, ryelle, oglekler, yvettesonneveld, nalininonstopnewsuk, meher, femkreations, alanjacobmathew, courane01, annezazu, matveb, milana_cap, javiarce, ryokuhi, audrasjb.
See #52775.
Built from https://develop.svn.wordpress.org/trunk@51264
git-svn-id: http://core.svn.wordpress.org/trunk@50873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This wraps the inner-content of the Site Health dashboard widget to give a unique target for CSS selectors, restoring the ability to collapse the widget.
The initial implementation targeted the `.inside` class used by all widgets to apply styling to the widget content, but this prevented the widget from being collapsed, as it added grid-styles which other widgets do not use, overriding the usual behavior when toggling widget visibility.
Follow-up to [50833].
Props alanjacobmathew, walbo.
Fixes#53521.
Built from https://develop.svn.wordpress.org/trunk@51247
git-svn-id: http://core.svn.wordpress.org/trunk@50856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids a fatal error due to `WP_Block_Template` class redeclaration when updating to WordPress 5.8 with an older version of Gutenberg activated.
Follow-up to [35582] for the REST API plugin.
Props hellofromTonya, oglekler, azaozz, desrosj, pbiron, jorbin, youknowriad, TimothyBlynJacobs, Clorith, markparnell.
See #53432.
Built from https://develop.svn.wordpress.org/trunk@51180
git-svn-id: http://core.svn.wordpress.org/trunk@50789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This matches the documentation for the filter of the same name.
Previously, the function could return `false` for an audio or video attachment that does not exist in the local filesystem.
Props Chouby, SergeyBiryukov.
Fixes#52603.
Built from https://develop.svn.wordpress.org/trunk@51162
git-svn-id: http://core.svn.wordpress.org/trunk@50771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Restore the original shape of the AJAX response data in the media library after removing infinite scroll, and pass total number of attachments in the response headers `X-WP-Total` and `X-WP-TotalPages`.
Improve backwards compatibility for plugins intercepting the ajax response. Headers match the structure and count calculation used in REST API responses.
Fix an issue with hiding the spinner after the load is completed and ensure that the load more view is created when changing tabs in the media library modal.
Follow up to [50829].
props adamsilverstein, spacedmonkey, joedolson.
Fixes#50105.
Built from https://develop.svn.wordpress.org/trunk@51145
git-svn-id: http://core.svn.wordpress.org/trunk@50754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds the list of file formats supported by the GD library to the Media Handling section in Site Health.
This will help site owners debug any issues they encounter as support for newer, more modern image formats is added (such as WebP in [50810]).
Follow up to [50817].
Props adamsilverstein, jorbin.
Fixes#53022.
Built from https://develop.svn.wordpress.org/trunk@51143
git-svn-id: http://core.svn.wordpress.org/trunk@50752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The filters `user_confirmed_action_email_content`, `user_erasure_complete_email_subject`, and `user_erasure_complete_email_headers` have been deprecated.
They have been replaced with `user_erasure_fulfillment_email_content`, `user_erasure_fulfillment_email_subject`, and `user_erasure_fulfillment_email_headers`.
Props desrosj, garrett-eclipse, birgire, DrewAPicture, lifeforceinst, ocean90, pbiron, pento, coffee2code, TZ-Media, SergeyBiryukov, johnbillion, audrasjb, davidbaumwald, hellofromTonya, helen, xkon, antpb, peterwilsoncc, lukecarbis.
Fixes#44314.
Built from https://develop.svn.wordpress.org/trunk@51129
git-svn-id: http://core.svn.wordpress.org/trunk@50738 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If a browser matches Internet Explorer, the dashboard will display a notice recommending a more modern browser.
Props youknowriad, sabernhardt, afercia, SergeyBiryukov, davidbaumwald, netweb, johnbillion, jeherve.
See #48743.
Built from https://develop.svn.wordpress.org/trunk@51117
git-svn-id: http://core.svn.wordpress.org/trunk@50726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Additionally, add a notice for when you are editing the "latest posts" page.
Fixes#45537.
Props cameronjonesweb, swissspidy, hannahmalcolm, Fantasy1125, ArnaudBan, grantmkin, youknowriad, knutsp, SergeyBiryukov, audrasjb, whyisjake.
Built from https://develop.svn.wordpress.org/trunk@51116
git-svn-id: http://core.svn.wordpress.org/trunk@50725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This affects:
* `validate_plugin_requirements()`
* `validate_theme_requirements()`
Historically, the `Requires PHP` header was introduced in #meta2952 for the Plugin Directory first, so at the time it made sense to have it defined in the same place as `Requires at least`, which only existed in `readme.txt`.
Since parsing of PHP and WordPress requirements was later added to WordPress core, the core should retrieve all the necessary data from the main plugin or theme file and not from `readme.txt`, which only contains the data meant for the Plugin or Theme Directory.
The recommended place for `Requires PHP` and `Requires at least` headers is as follows:
* The plugin's main PHP file
* The theme's `style.css` file
The place for the `Tested up to` header remains in `readme.txt` for the time being, as it's not used by WordPress core.
Follow-up to [44978], [45546], [47573], [47574], [meta5841], [meta9050].
Props afragen, Otto42, joyously, williampatton, audrasjb.
Fixes#48520. See #48515, #meta2952, #meta4514, #meta4621.
Built from https://develop.svn.wordpress.org/trunk@51092
git-svn-id: http://core.svn.wordpress.org/trunk@50701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix the enter key in profile form fields moving focus to the application password input instead of submitting the profile update for. Replace the submit button type used for application passwords with `button type="button"` and ensure that the enter key's native behavior isn't overwritten.
props audrasjb, alexstine, promz, sabernhardt.
Fixes#52849.
Built from https://develop.svn.wordpress.org/trunk@51086
git-svn-id: http://core.svn.wordpress.org/trunk@50695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
By the time the tests run, both `wp_is_site_protected_by_basic_auth()` and `rest_url()` functions are available, so there is no need to check for their existence.
Follow-up to [44986], [51057].
Props Clorith, costdev, SergeyBiryukov.
Fixes#52642.
Built from https://develop.svn.wordpress.org/trunk@51066
git-svn-id: http://core.svn.wordpress.org/trunk@50675 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The test to confirm if Authorization headers can be used and recognized by WordPress needs to include a username and password combination that WordPress can compare against during the testing phase. The inclusion of credentials here would unfortunately also invalidate any existing basic auth session for the site, for example if the user had added this as an extra layer of security on their back-end.
This test is now skipped if the `wp_is_site_protected_by_basic_auth()` function detects that basic auth is being used, since the act of using basic auth to access the site confirms that this feature is working as expected in the first place.
Props WebDragon, TimothyBlynJacobs, costdev.
Fixes#52642.
Built from https://develop.svn.wordpress.org/trunk@51057
git-svn-id: http://core.svn.wordpress.org/trunk@50666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add `$status` parameter to `post_exists()` to allow developers to specify a post type, date and status to ensure they hit the `wp_posts` table's `type_status_date` index when determining if a post exists.
Props apokalyptik, boonebgorges, brettshumaker, DrewAPicture, MikeHansenMe, peterwilsoncc, whyisjake.
Fixes#34012.
Built from https://develop.svn.wordpress.org/trunk@51027
git-svn-id: http://core.svn.wordpress.org/trunk@50636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The styles for the Privacy settings page were based on the Site Health section. These were duplicated into `edit.css` in #49264. This change merges the selectors from Site Health into the Privacy section, to reduce that duplicate code.
Props xkon, notlaura, clorith.
See #52429.
Built from https://develop.svn.wordpress.org/trunk@51025
git-svn-id: http://core.svn.wordpress.org/trunk@50634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This provides direct links to install and activate the plugin, if the user has the capabilities to do so, instead of just linking to plugin search results.
It also matches more closely the message about installing the Classic Editor plugin for meta boxes incompatible with the block editor.
Follow-up to [22855], [44280], [45657].
Props tw2113, peterwilsoncc, SergeyBiryukov.
Fixes#52669.
Built from https://develop.svn.wordpress.org/trunk@51011
git-svn-id: http://core.svn.wordpress.org/trunk@50620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds an option to bulk delete menu items from the core Navigation Menus screen, offering a considerable usability benefit when making significant changes to navigation menus.
Uses the bulk select pattern found in post and media lists for consistency with other core management screens, rather than the rapid delete pattern found in menus in the customizer.
Props wphound, welcher, melchoyce, maxpertici, audrasjb
Fixes#21603.
Built from https://develop.svn.wordpress.org/trunk@51006
git-svn-id: http://core.svn.wordpress.org/trunk@50615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `update_user_option()` function is a way to update a user meta value after adding a blog’s prefix to the beginning of the meta key. But when the fourth parameter is `true`, the behavior is exactly the same as calling `update_user_meta()` directly.
This replaces all instances of `update_user_option()` when the fourth parameter is `true` in Core with a direct call to `update_user_meta()` to prevent an unnecessary call to `update_user_option()`.
Props johnjamesjacoby, zkancs, obenland, desrosj.
Fixes#43339.
Built from https://develop.svn.wordpress.org/trunk@50981
git-svn-id: http://core.svn.wordpress.org/trunk@50590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This shows the parent theme name in a child theme's metadata section in the list table, in a similar way it is displayed in the theme details modal on the single site Themes screen.
Props dpik, Mista-Flo, seanchayes, poena, johnbillion, jeremyfelt, bradt, jacklenox, helen, Travel_girl, karmatosed, Presskopp, joyously, SergeyBiryukov.
Fixes#30240.
Built from https://develop.svn.wordpress.org/trunk@50978
git-svn-id: http://core.svn.wordpress.org/trunk@50587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This reverts the changes to `id_base` from [50953] due to backward compatibility concerns, and instead focuses on the `id` and `class` attributes specifically.
With this change, any backslashes in the `id` or `class` attributes for a namespaced widget class are converted to underscores, making it easier to style the output or target the widget with JavaScript.
Follow-up to [50953].
Fixes#44098.
Built from https://develop.svn.wordpress.org/trunk@50961
git-svn-id: http://core.svn.wordpress.org/trunk@50570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change fixes a false positive that would appear during scheduled events, by only running the REST test when a user visits the Site Health page, meaning an active session is available.
The test checking if the REST API is available, includes a parameter for `context=edit` to make sure the block editor can function properly. This means a user session with editor capabilities is required for the test to pass, which is not the case during a scheduled event.
Props szaqal21, TimothyBlynJacobs, hermpheus.
Fixes#52112.
Built from https://develop.svn.wordpress.org/trunk@50939
git-svn-id: http://core.svn.wordpress.org/trunk@50548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are a few instances where two separate functions are used for both escaping and translating output. This change combines the two functions into the appropriate Core helper function.
Props dimadin, SergeyBiryukov.
Fixes#53153.
Built from https://develop.svn.wordpress.org/trunk@50931
git-svn-id: http://core.svn.wordpress.org/trunk@50540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows third-party plugins to avoid accidentally being overwritten with an update of a plugin of a similar name from the WordPress.org Plugin Directory.
Additionally, introduce the `update_plugins_{$hostname}` filter, which third-party plugins can use to offer updates for a given hostname.
If set, the `Update URI` header field should be a URI and have a unique hostname.
Some examples include:
* `https://wordpress.org/plugins/example-plugin/`
* `https://example.com/my-plugin/`
* `my-custom-plugin-name`
`Update URI: false` also works, and unless there is code handling the `false` hostname, the plugin will never get an update notification.
If the header is present, the WordPress.org API will currently only return updates for the plugin if it matches the following format:
* `https://wordpress.org/plugins/{$slug}/`
* `w.org/plugin/{$slug}`
If the header has any other value, the API will not return a result and will ignore the plugin for update purposes.
Props dd32, DavidAnderson, meloniq, markjaquith, DrewAPicture, mweichert, design_dolphin, filosofo, sean212, nhuja, JeroenReumkens, infolu, dingdang, joyously, earnjam, williampatton, grapplerulrich, markparnell, apedog, afragen, miqrogroove, rmccue, crazycoders, jdgrimes, damonganto, joostdevalk, jorbin, georgestephanis, khromov, GeekStreetWP, jb510, Rarst, juliobox, Ipstenu, mikejolley, Otto42, gMagicScott, TJNowell, GaryJ, knutsp, mordauk, nvartolomei, aspexi, chriscct7, benoitchantre, ryno267, lev0, gregorlove, dougwollison, SergeyBiryukov.
See #14179, #23318, #32101.
Built from https://develop.svn.wordpress.org/trunk@50921
git-svn-id: http://core.svn.wordpress.org/trunk@50530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replace infinitely autoloading behavior on scroll with a user-controlled load more button. Fix a long standing accessibility issue in the media library. Infinite scroll poses a wide range of problems for accessibility, usability, and performance.
This change modifies the library to load 40 items in the initial view, with a load more button to load the next 40 items and a button to move focus from the load more region to the first of the most recently added items.
The text for communicating the jump target was broadly discussed, agreeing that the text incorporated here would most concisely and clearly convey the purpose of the button, and any further detail is learnable from use.
Props afercia, adamsilverstein, joedolson, audrasjb, francina
Fixes#50105. See #40330.
Built from https://develop.svn.wordpress.org/trunk@50829
git-svn-id: http://core.svn.wordpress.org/trunk@50438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change introduces the `delete_theme` and `deleted_theme` action hooks, which fire immediately before and after an attempt to delete a theme, respectively.
Props scottconnerly, ptahdunbar, pbiron, vetyst, desrosj.
Fixes#16401.
Built from https://develop.svn.wordpress.org/trunk@50826
git-svn-id: http://core.svn.wordpress.org/trunk@50435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds additional information to the Media Handling section of the Site Health Info page. When ImageMagick is used as the site’s image editor, a full list of file formats supported will now be shown. This will help site owners debug any issues they encounter as support for newer, more modern image formats is added (such as WebP in [50810]).
Additionally, the version of Imagick installed. This will help site owners debug issues with generating images on the PHP side.
Some variables have also been renamed to more accurately represent what is being stored.
Props Clorith, desrosj.
Fixes#53022.
Built from https://develop.svn.wordpress.org/trunk@50817
git-svn-id: http://core.svn.wordpress.org/trunk@50426 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add support for uploading, editing and saving WebP images when supported by the server.
Add 'image/webp' to supported mime types. Correctly identify WebP images and sizes even when PHP doesn't support WebP. Resize uploaded WebP files (when supported) and use for front end markup.
Props markoheijne, blobfolio, Clorith, joemcgill, atjn, desrosj, spacedmonkey, marylauc, mikeschroder, hellofromtonya, flixos90.
Fixes#35725.
Built from https://develop.svn.wordpress.org/trunk@50810
git-svn-id: http://core.svn.wordpress.org/trunk@50419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
