This is a major release and contains breaking changes.
Most important changes to be aware of for this release:
* All code is now namespaced. Though there is a full backward compatibility layer available and the old class names are still supported, using them will generate a deprecation notice (which can be silenced by plugins if they'd need to support multiple WP versions). See the [https://requests.ryanmccue.info/docs/upgrading.html upgrade guide] for more details.
* A lot of classes have been marked `final`. This should generally not affect userland code as care has been taken to not apply the `final` keyword to classes which are known to be extended in userland code.
* Extensive input validation has been added to Requests. When Requests is used as documented though, this will be unnoticable.
* A new `WpOrg\Requests\Requests::has_capabilities()` method has been introduced which can be used to address #37708.
* A new `WpOrg\Requests\Response::decode_body()` method has been introduced which may be usable to simplify some of the WP native wrapper code.
* Remaining PHP 8.0 compatibility fixed (support for named parameters).
* PHP 8.1 compatibility.
Release notes: https://github.com/WordPress/Requests/releases/tag/v2.0.0
For a full list of changes in this update, see the Requests GitHub:
https://github.com/WordPress/Requests/compare/v1.8.1...v2.0.0
This commit also resolves 2 blocking issues which previously caused the revert of [52244]:
* New Requests files are loaded into `wp-includes/Requests/src/`, matching the location of the library. In doing so, filesystems that are case-insensitive are not impacted (see #54582).
* Preload: During a Core update, the old Requests files are preloaded into memory before the update deletes the files. Preloading avoids fatal errors noted in #54562.
Follow-up to [50842], [51078], [52244], [52315], [52327], [52328].
Props jrf, schlessera, datagutten, wojsmol, dustinrue, soulseekah, szepeviktor. costdev, sergeybiryukov, peterwilsoncc, ironprogrammer, antonvlasenko, hellofromTonya, swissspidy, dd32, azaozz, TobiasBg, audrasjb.
Fixes#54504.
See #54582, #54562.
Built from https://develop.svn.wordpress.org/trunk@54997
git-svn-id: http://core.svn.wordpress.org/trunk@54530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.
This commit:
* Renames the `$echo` parameter to `$display` in:
* `wp_nonce_field()`
* `wp_referer_field()`
* `wp_original_referer_field()`
* Renames the `$string` parameter to `$input_string` in
* `_wp_json_convert_string()`
* `_wp_to_kebab_case()`
* Renames the `$list` parameter to `$input_list` in:
* `wp_parse_list()`
* `wp_parse_id_list()`
* `wp_parse_slug_list()`
* `wp_filter_object_list()`
* `wp_list_filter()`
* `wp_list_pluck()`
* `wp_list_sort()`
* Renames the `$array` parameter to `$input_array` in:
* `add_magic_quotes()`
* `wp_array_slice_assoc()`
* `_wp_array_get()`
* `_wp_array_set()`
* Renames the `$function` parameter to `$function_name` in:
* `_deprecated_function()`
* `_deprecated_argument()`
* `_doing_it_wrong()`
* Renames the `$class` parameter to `$class_name` in `_deprecated_constructor()`.
* Renames the `$default` parameter to `$default_value` in `apache_mod_loaded()`.
* Renames the `$var` parameter to `$value` in `wp_validate_boolean()`.
* Amends the `$input` parameter in `wp_parse_str()` for consistency.
Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242], [53243], [53245], [53246], [53257], [53269], [53270], [53271], [53272], [53273], [53274], [53275], [53276], [53277], [53281], [53283], [53284], [53285], [53287], [53364], [53365], [54927].
Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
Built from https://develop.svn.wordpress.org/trunk@54929
git-svn-id: http://core.svn.wordpress.org/trunk@54481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Includes minor formatting edits for consistency.
Follow-up to [53/tests], [12179], [12946], [35288], [37884], [38810], [38928], [46596], [48131], [52955], [53548], [53813], [53873], [54118], [54316], [54420], [54421], [54803].
See #56792.
Built from https://develop.svn.wordpress.org/trunk@54855
git-svn-id: http://core.svn.wordpress.org/trunk@54407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [53874] the optional `$locale` parameter was added to `load_textdomain()`. While most `load_textdomain()` calls in core were were updated, some were missed. Passing the original locale avoids the need to call `determine_locale()` by `load_textdomain()` which is used as a fallback.
Props ocean90, swissspidy, desrosj.
See #57060.
Built from https://develop.svn.wordpress.org/trunk@54797
git-svn-id: http://core.svn.wordpress.org/trunk@54349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Based on feedback from network storage configurations there was a noticed slowdown due to the usage of the `path_join()` function. This needs more time to find a workaround.
Follow-up to [53934].
Props mreishus, SergeyBiryukov, desrosj, mikeschroder.
Reverts [53934].
See #56924.
Built from https://develop.svn.wordpress.org/trunk@54712
git-svn-id: http://core.svn.wordpress.org/trunk@54264 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes a warning where `strip_tags()` expected its first parameter to be a string rather than an array. It contains the following changes:
- Removal of sanitize_callback to allow the REST API to handle the validation natively, this also causes the proper error to be output for `?slug[0][1]=2` that it's an invalid value.
- Ensure that `wp_parse_list()` only returns a single-dimensioned array, even if passed a multi-dimension array, which fits the functions expected use case and resolves warnings in code that expects the function to return a single-dimensioned array.
Props dd32, TimothyBlynJacobs.
Fixes#55838.
Built from https://develop.svn.wordpress.org/trunk@54476
git-svn-id: http://core.svn.wordpress.org/trunk@54035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset removes all instances of `_wp_http_referer` variable from the URL when creating a hidden input for `_wp_http_referer`. It prevents the hidden field from having an additional version of `_wp_http_referer` each time the form is submitted.
Props msolution, justinahinon, pbearne, mikeschroder, mukesh27, audrasjb, Clorith, chaion07, robinwpdeveloper, hztyfoon, davidbaumwald, costdev, adamsilverstein.
Fixes#54106.
Built from https://develop.svn.wordpress.org/trunk@54449
git-svn-id: http://core.svn.wordpress.org/trunk@54008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`realpath()` already checks if the file exists, and returns `false` on failure. The additional `file_exists()` check is not necessary and can be removed, improving the performance.
This commit simplifies the checks in two functions:
* `register_block_type_from_metadata()`
* `wp_json_file_decode()`
Note: In both of these cases, the values are passed through `wp_normalize_path()` after `realpath()`, so if the file does not exist, the `false` value gets converted to an empty string. The updated checks work both for `false` and `''` values.
Though this is a small tweak, it saves a lot of checks since one of the places we do this is when registering block styles, so it runs quite a few times on each page load.
Reference: [https://www.php.net/manual/en/function.realpath.php PHP Manual: realpath()].
Follow-up to [51599], [54132], [54290], [54291].
Props aristath.
Fixes#56654.
Built from https://develop.svn.wordpress.org/trunk@54309
git-svn-id: http://core.svn.wordpress.org/trunk@53868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the `apache_get_modules()` function is redeclared to return an empty array, `apache_mod_loaded()` would assume that no Apache modules are installed and activated, which may not be correct.
This commit improves the logic by using pre-existing `phpinfo()` fallback to check for loaded modules in that case.
Includes replacing a hardcoded number passed as a flag to `phpinfo()` with the `INFO_MODULES` predefined constant for clarity.
Follow-up to [7441], [7508], [29330].
Props engahmeds3ed, audrasjb, Clorith, SergeyBiryukov.
Fixes#56010.
Built from https://develop.svn.wordpress.org/trunk@54299
git-svn-id: http://core.svn.wordpress.org/trunk@53858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Global terms was a feature from the WordPress MU days where multisite and single site installs used different code bases.
In WordPress 3.0, WordPress MU was merged into one location and the UI [14854] and “on” switch [14880] for global terms were completely removed.
Even before this merge, global terms was bug infested and unreliable. After [14854]/[14880], the feature was no longer maintained and became increasingly broken as taxonomies progressed without it (term splitting and term meta do not work at all). At this point, the feature has not worked in 12+ years and there’s no hope for saving it.
This deprecates the remaining global terms related code and no-ops the functions.
Global terms, you don’t have to go home, but you can’t stay here.
Props scribu, wonderboymusic, SergeyBiryukov, nacin, pento, desrosj, johnjamesjacoby, johnbillion, dd32.
Fixes#21734.
Built from https://develop.svn.wordpress.org/trunk@54240
git-svn-id: http://core.svn.wordpress.org/trunk@53799 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes a bug where if the `timezone_string` is set to a timezone name which has since been deprecated, no option would be (pre-)selected in the generated dropdown list and when the form using the dropdown list is submitted, the “old”, originally saved value would be lost as the form would submit without a value being selected for the `timezone_string` field.
The fix is a little hacky: it basically checks ahead of generating the actual dropdown list whether the `$selected_zone` value would be recognized and set to “selected” and if not, verifies that the value ''is'' a valid but outdated timezone name and if so, adds an extra dropdown entry to the top of the list with the original value and sets this value to “selected”.
See the extensive write-up about this in ticket #56468.
Also see: [https://www.php.net/manual/en/datetimezone.listidentifiers.php PHP Manual: timezone_identifiers_list()].
Note: There are no pre-existing tests at all for this method and adding a complete set of tests for this method is outside the scope of this ticket, so this fix does not contain any tests.
Follow-up to [54207], [54217], [54227], [54229], [54230], [54232].
Props jrf, costdev, marcyoast.
See #56468.
Built from https://develop.svn.wordpress.org/trunk@54233
git-svn-id: http://core.svn.wordpress.org/trunk@53792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allows Classic / Hybrid themes to use block-based template parts without using complete block-based templates.
* Exposes the Site Editor's template parts UI
* Adds Appearance > "Template Parts" menu
* Enabled within the theme via adding a theme support for `'block-template-parts'`
{{{#!php
add_theme_support( 'block-template-parts' );
}}}
This is a backport from Gutenberg.[https://github.com/WordPress/gutenberg/pull/42729 See WordPress/gutenberg PR 42729].
Follow-up to [52330], [52069], [52178].
Props mamaduka, fabiankaegy, poena, scruffian, manfcarlo, bernhard-reiter, hellofromTonya.
See #56467.
Built from https://develop.svn.wordpress.org/trunk@54176
git-svn-id: http://core.svn.wordpress.org/trunk@53735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Following the update to replace the HTTP API internals with Requests library in WordPress 4.6, the return value of `wp_remote_retrieve_headers()` has changed from a simple array to an object which implements `ArrayAccess`.
Since `wp_get_http_headers()` directly returns the result of `wp_remote_retrieve_headers()`, its return value should reflect that change.
Includes:
* Updating the return value for the deprecated `wp_get_http()` function, which also directly returns the result of `wp_remote_retrieve_headers()`.
* Minor DocBlock formatting changes for some other HTTP API functions per the documentation standards.
Follow-up to [2416], [6390], [8092], [9013], [37428], [37989], [38730].
Props mhkuu.
See #54225, #55646.
Built from https://develop.svn.wordpress.org/trunk@54157
git-svn-id: http://core.svn.wordpress.org/trunk@53716 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `wp_guess_url`, the regex to check for wp-login.php in the URL is slightly too permissive, not escaping `.` in "wp-login.php". `.` is a token in regex that matches any character.
This change simply escapes the `.` and adds unit test coverage for `wp_guess_url`.
Props cfinke, ocean90, jrf, voldemortensen, jdgrimes, curdin, netweb, petitphp, SergeyBiryukov, costdev.
Fixes#36827.
Built from https://develop.svn.wordpress.org/trunk@54146
git-svn-id: http://core.svn.wordpress.org/trunk@53705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The existing filter `image_editor_output_format` receives an additional parameter `$size_name` which is populated whenever it controls the output format for a specific registered image size to create. Otherwise, it remains empty. In order to achieve this, a low level change has been added in bringing a new `$size_name` class property to the `WP_Image_Editor` base class, which is introduced in a backward compatible way that will not cause conflicts with custom implementations.
This parameter is then used in new logic inside the `wp_default_image_output_mapping()` callback function for the filter, controlling whether `image/jpeg` should map to `image/webp` output or not. By default, this is enabled for all WordPress core image sizes by default, and this list can be modified using a new `wp_image_sizes_with_additional_mime_type_support` filter, e.g. to remove core sizes or add custom sizes.
The customization per image size may be further enhanced by providing a more declarative API via a new parameter on the `add_image_size()` function.
Props eugenemanuilov, flixos90, adamsilverstein, joegrainger.
Fixes#56526.
See #55443, #56288.
Built from https://develop.svn.wordpress.org/trunk@54097
git-svn-id: http://core.svn.wordpress.org/trunk@53656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Remove the private delegation from the following cache priming functions for various object types:
- `_prime_post_caches()`
- `_prime_term_caches()`
- `_prime_comment_caches()`
- `_prime_network_caches()`
- `_prime_site_caches()`
- `_get_non_cached_ids() `
Plugins and themes are now encouraged to use these functions to improve the performance of their code by reducing the number of database queries.
Props robinwpdeveloper, desrosj, SergeyBiryukov, mukesh27, costdev.
Fixes#56386.
Built from https://develop.svn.wordpress.org/trunk@53944
git-svn-id: http://core.svn.wordpress.org/trunk@53503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, Windows paths in the `path_is_absolute` function resulted in incorrect URIs. This patch adjusts for forward slashes and adds tests for the `get_attached_file` function.
Props Whissi, SergeyBiryukov, desrosj, stevenlinx, birgire, davidbaumwald, costdev, peterwilsoncc, audrasjb, hellofromTonya, johnbillion.
Fixes#36308.
Built from https://develop.svn.wordpress.org/trunk@53934
git-svn-id: http://core.svn.wordpress.org/trunk@53493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Move the colon inside the `<strong>` tags in some `Error:` prefixes, to match other strings.
* Move the full stop at the end of some sentences outside of the `<strong>` tags used for individual phrases.
Follow-up to [11669], [23844], [53118], [53458], [53476].
Props NekoJonez, Presskopp.
Fixes#56027.
Built from https://develop.svn.wordpress.org/trunk@53700
git-svn-id: http://core.svn.wordpress.org/trunk@53259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the path starts with a slash, it will be considered absolute and returned as is earlier in the function.
It it's not absolute, then it does not start with a slash, so there is nothing to trim.
This change is covered by existing unit tests.
Follow-up to [6984], [53457].
Props karlijnbk.
See #55897.
Built from https://develop.svn.wordpress.org/trunk@53460
git-svn-id: http://core.svn.wordpress.org/trunk@53049 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`phpversion()` return value and `PHP_VERSION` constant value are identical, but the latter is several times faster because it is a direct constant value lookup compared to a function call.
Props ayeshrajans, jrf, mukesh27, costdev, hellofromTonya, SergeyBiryukov.
Fixes#55680.
Built from https://develop.svn.wordpress.org/trunk@53426
git-svn-id: http://core.svn.wordpress.org/trunk@53015 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replace error suppressing in `wp_filesize()` with a `file_exists()` check before calling the native PHP `filesize()` function.
Follow up to [52837].
Props Cybr, johnbillion, spacedmonkey, antpb, azouamauriac, ironprogrammer, mukesh27, costdev, audrasjb, dlh.
Fixes#55678.
See #49412.
Built from https://develop.svn.wordpress.org/trunk@53372
git-svn-id: http://core.svn.wordpress.org/trunk@52961 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.
This commit renames the `$function` parameter to `$callback` in `wp_die_*_handler` filters, which aims to make it easier to use a non-reserved parameter name for anyone utilizing these filters.
Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242].
Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #55327.
Built from https://develop.svn.wordpress.org/trunk@53243
git-svn-id: http://core.svn.wordpress.org/trunk@52832 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_list_pluck()` is used by WordPress to pluck items from a list. Of course, this requires a list. This validates the input of `wp_list_pluck()` to ensure it is a list.
This matches the behaviour of `wp_list_sort()` and `wp_filter_object_list()`.
Props marv2, davidbaumwald, mkox, SergeyBiryukov, dd32.
Fixes#54751.
Built from https://develop.svn.wordpress.org/trunk@53045
git-svn-id: http://core.svn.wordpress.org/trunk@52634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When using a block theme that declares Widgets support, it's better to not specify a menu order for the Widgets menu to avoid conflicts between menu items order.
Props Rufus87, ironprogrammer, audrasjb, hellofromTonya, davidbaumwald.
Fixes#54916.
Built from https://develop.svn.wordpress.org/trunk@53020
git-svn-id: http://core.svn.wordpress.org/trunk@52609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new location is next to the pre-existing `count_users()` function, along with other user-specific functions, and should be a more appropriate place in terms of consistency.
This affects:
* `get_user_count()`
* `wp_maybe_update_user_counts()`
* `wp_update_user_counts()`
* `wp_schedule_update_user_counts()`
* `wp_is_large_user_count()`
Follow-up to [53011], [53016].
See #38741.
Built from https://develop.svn.wordpress.org/trunk@53018
git-svn-id: http://core.svn.wordpress.org/trunk@52607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Currently in WordPress multisite there is a concept of large networks. The function `wp_is_large_network` is used to determine if a network has a large number of sites or users. If a network is marked as large, then
expensive queries to calculate user counts are not run on page load but deferred to scheduled events. However there are a number of places in a single site installation where this functionality would also be useful, as
expensive calls to count users and roles can make screens in the admin extremely slow.
In this change, the `get_user_count` function and related functionality around it is ported to be available in a single site context. This means that expensive calls to the `count_users` function are replaced with
calls to `get_user_count`. This change also includes a new function called `wp_is_large_user_count` and a filter of the same name, to mark if a site is large.
Props johnbillion, Spacedmonkey, Mista-Flo, lumpysimon, tharsheblows, obenland, miss_jwo, jrchamp, flixos90, macbookandrew, pento, desrosj, johnjamesjacoby, jb510, davidbaumwald, costdev.
Fixes#38741.
Built from https://develop.svn.wordpress.org/trunk@53011
git-svn-id: http://core.svn.wordpress.org/trunk@52600 1a063a9b-81f0-0310-95a4-ce76da25c4cd