When the posts page is on the front page or within a front page section, the heading hierarchy for the individual post titles needs to be adjusted accordingly.
Props joedolson, celloexpressions, davidakennedy.
Fixes#40264.
Built from https://develop.svn.wordpress.org/trunk@40458
git-svn-id: http://core.svn.wordpress.org/trunk@40334 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As a general rule, this means the fastest test jobs now run first because each subsequent version of PHP is faster than the previous. When a committer is patiently waiting for a Travis build to complete, they are at least more likely to see unexpected failures earlier than they otherwise would.
In addition, this updates the JavaScript test job to run on PHP 7.1.
Props netweb
See #39705
Built from https://develop.svn.wordpress.org/trunk@40434
git-svn-id: http://core.svn.wordpress.org/trunk@40332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix an issue where legacy JavaScript for SWFUpload still used jQuery's
deprecated `live` event which no longer works - switch to using `on`.
This JavaScript is still used by some plugins and themes.
Props MMDeveloper.
Fixes#39886.
Built from https://develop.svn.wordpress.org/trunk@40431
git-svn-id: http://core.svn.wordpress.org/trunk@40329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids a couple of expensive queries that attempt to determine whether the media library contains any audio or video items, and also makes the UI for creating playlists more discoverable.
[40382] and [40421] added filters to allow overriding this behavior; this commit changes the default value of the filters to always show these UI buttons and never run the expensive queries. The old behavior can still be restored using the filters if desired.
Props sboisvert, adamsilverstein, joemcgill, jnylen0.
Fixes#31071.
Built from https://develop.svn.wordpress.org/trunk@40430
git-svn-id: http://core.svn.wordpress.org/trunk@40328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As a follow-up to [40382], this commit makes the following improvements:
- Make the filter names more specific.
- Fix the inline documentation (use `@param` instead of `@return).
- Use `null ===` instead of `is_null` to avoid extra function calls.
- Rename the `$has_audio` and `$has_video` variables now that they actually represent something slightly different.
See #31071.
Built from https://develop.svn.wordpress.org/trunk@40421
git-svn-id: http://core.svn.wordpress.org/trunk@40319 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Toolbar search field, when the Toolbar is displayed on the frontend, might
inherit CSS properties from the active Theme stylesheet. For example, this
happened with Twenty Seventeen that sets `display: block;` on all the input
fields. Thus, there's the need to reset some CSS properties to avoid inheritance.
Props @sagarprajapati.
Fixes#40313.
Built from https://develop.svn.wordpress.org/trunk@40418
git-svn-id: http://core.svn.wordpress.org/trunk@40316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When using `is_super_admin()` in a non-multisite environment, the function is supposed to check for administrator capabilities. The process of querying all users and filtering them with that function can be optimized by only querying users with the administrator role instead.
Fixes#40406. See #37616.
Built from https://develop.svn.wordpress.org/trunk@40406
git-svn-id: http://core.svn.wordpress.org/trunk@40313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this change, a mix of `is_super_admin()` calls and `manage_network` capability checks was used to determine whether the current user could upgrade the network. With this changeset a dedicated capability is introduced that allows more granular handling.
Props dhanendran for the original patch.
Fixes#39205. See #37616.
Built from https://develop.svn.wordpress.org/trunk@40404
git-svn-id: http://core.svn.wordpress.org/trunk@40311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[40295] removed the restriction of a minimum amount of characters for new site names, which could cause unexpected behavior. That changeset is reverted here with the exception of the removal of the `is_super_admin()` check, which can safely be omitted. A new filter for the minimum site name length will be introduced later to be able to modify that behavior.
See #39676, #37616.
Built from https://develop.svn.wordpress.org/trunk@40391
git-svn-id: http://core.svn.wordpress.org/trunk@40298 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`setup_network` is a new meta capability that brings more granular control over the permissions to setup a multisite environment. In a non-multisite environment it falls back to `manage_options` while in a multisite it falls back to `manage_network_options`. The introduction of this capability furthermore allows replacing an `is_super_admin()` check.
Props ashokkumar24 for the original patch.
Fixes#39206. See #37616.
Built from https://develop.svn.wordpress.org/trunk@40390
git-svn-id: http://core.svn.wordpress.org/trunk@40297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are a couple of queries that do a full table scan of attachment posts to support features of the media library. Pending a more complete solution, allow overriding these queries via filters.
Props sboisvert, jnylen0.
See #31071.
Built from https://develop.svn.wordpress.org/trunk@40382
git-svn-id: http://core.svn.wordpress.org/trunk@40289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Accounts for HTTPS links (port 443) where [40318] only accounted for HTTP links (port 80). Addresses issue in IE11 where the default port number is unexpectedly included on `link.host` for links dynamically created by scripts.
Props mattwiebe.
Amends [40318], [38890].
See #38409.
Fixes#40198.
Built from https://develop.svn.wordpress.org/trunk@40381
git-svn-id: http://core.svn.wordpress.org/trunk@40288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `get_user_count()` function returns the number of active users on a network, which is stored in a `user_count` network option. Since `get_network_option()` supports retrieving options from other networks than the current one, `get_user_count()` can now make use of that feature.
Fixes#37866.
Built from https://develop.svn.wordpress.org/trunk@40371
git-svn-id: http://core.svn.wordpress.org/trunk@40278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `get_blog_count()` function used to support an `$id` parameter for the network ID prior to WordPress 3.1. This parameter has not been used since the introduction of `get_site_option()` and was later deprecated in [25113]. With `get_network_option()` however it is possible to support the parameter again, now properly renamed as `$network_id`.
A unit test has for the parameter has been added as well. Another unit test in the same class was adjusted to work properly with multiple networks existing.
Fixes#37865.
Built from https://develop.svn.wordpress.org/trunk@40370
git-svn-id: http://core.svn.wordpress.org/trunk@40277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Enable connecting to multiple wp-api `endpoints`. Calling `wp.api.init` with a new `apiRoot` will parse the new endpoint's schema and store a new set of models and collections. A collection of connected endpoints is stored in `wp.api.endpoints`.
Props lucasstark.
Fixes#39683.
Built from https://develop.svn.wordpress.org/trunk@40364
git-svn-id: http://core.svn.wordpress.org/trunk@40271 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For better accessibility, expandable panels should be placed immediately after
the control that expands them. This change moves the Media Library inline
uploader up, right after the "Add New" button, also introducing consistency with
the Plugin and Theme uploaders.
Adds a proper ARIA role on the button and an `aria-expanded` attribute to give
better feedback to assistive technologies users about the uploader's expanded state.
Improves the focus handling when closing the uploader, improves the focus style
and color contrast ratio of the uploader "close" button.
Props mantismamita, karmatosed, adamsilverstein, afercia.
Fixes#37188.
Built from https://develop.svn.wordpress.org/trunk@40359
git-svn-id: http://core.svn.wordpress.org/trunk@40266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
After [40059] the CSS class `button-link` uses `text-align: left` by default.
This change now requires to limit as much as possible the use of `button-link`
to controls that should really look like links and to explicitly set
`text-align: center` in a few other cases.
Fixes#39983.
Built from https://develop.svn.wordpress.org/trunk@40358
git-svn-id: http://core.svn.wordpress.org/trunk@40265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to 4.7, term relationships - as set by `wp_set_object_terms()` or
`wp_remove_object_terms()` - did not affect the term query cache. The
introduction of the 'object_ids' parameter in 4.7 means that the query
cache must be aware of object-term relationships. As such, the
'last_changed' incrementor is now invalidated when term relationships
are modified.
This bug only reared its head when delaying term counting, because term
counting performs its own term query cache invalidation.
Props mboynes.
Fixes#40306.
Built from https://develop.svn.wordpress.org/trunk@40353
git-svn-id: http://core.svn.wordpress.org/trunk@40260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A couple of REST API tests had an assertion `assertNotInstanceOf( 'WP_Error', $response );` which will never be true.
Since these assertions are invalid, and also made redundant by the response status check, we can just remove them.
Props dlh.
Fixes#40270.
Built from https://develop.svn.wordpress.org/trunk@40350
git-svn-id: http://core.svn.wordpress.org/trunk@40257 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In previous iterations of `WP_Site`, there was concern that not all properties would be available when storing a site's details in cache. When introduced in [37918], an `ms_loaded` check was added to address this concern. Any properties that are still `false` after `ms_loaded` really are `false` and can be cached as such.
Props flixos90.
Fixes#40247.
Built from https://develop.svn.wordpress.org/trunk@40344
git-svn-id: http://core.svn.wordpress.org/trunk@40251 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [31349], core `varchar` column key lengths were changed from 255 to 191 to support the 767 byte index size limit on standard utf8mb4 MySQL installs. This changes the DB schema tests to match.
Props caseypatrickdriscoll, clarinetlord.
Fixes#35958.
Built from https://develop.svn.wordpress.org/trunk@40339
git-svn-id: http://core.svn.wordpress.org/trunk@40246 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This extends the existing behavior which only showed a message only when there were no widget areas rendered in the preview. The number of non-rendered widget areas is indicated. Also removes needles deletion of `wp.customize.Widgets.data.l10n` property which hindered plugins.
See #33567, #33052.
Fixes#39087.
Built from https://develop.svn.wordpress.org/trunk@40312
git-svn-id: http://core.svn.wordpress.org/trunk@40219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Avoid a PHP Error when attempting to embed the parent post of an attachment, when the parent post ID is invalid. Instead check if the parent post object exists before checking the read permission for the parent post.
Props GhostToast.
Fixes#39881.
Built from https://develop.svn.wordpress.org/trunk@40306
git-svn-id: http://core.svn.wordpress.org/trunk@40213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously `update_blog_option()` would trigger an invalidation of that site's entire cache although these changes did not affect the content of these caches. Furthermore changes to the special options `blogname`, `siteurl` and `post_count` should not invalidate the entire cache of that site, but only their respective site details cache. The option `home` now has the same behavior as it also belongs to the site details, but did not invalidate the cache at all previously.
Several new unit tests confirm these changes work as expected.
Fixes#40063.
Built from https://develop.svn.wordpress.org/trunk@40305
git-svn-id: http://core.svn.wordpress.org/trunk@40212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Exclude 'node_modules' directories from paths searched in `WP_Theme::scandir()`. Introduces the `theme_scandir_exclusions` filter to allow sites to exclude any other paths like `bower_components` or `vendor` from being searched for template files.
Props lukasbesch, dd32, swisspidy, rachelbaker.
Fixes#38292.
Built from https://develop.svn.wordpress.org/trunk@40301
git-svn-id: http://core.svn.wordpress.org/trunk@40208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This prevents an additional 301 redirect when clicking on the nav menu item, and it also prevents a scenario where the auth cookie may not be passed and cause an authentication error when navigating in the customizer.
Props dlh, swissspidy.
Fixes#40112.
Built from https://develop.svn.wordpress.org/trunk@40300
git-svn-id: http://core.svn.wordpress.org/trunk@40207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It is sometimes desirable to support shorter site names than 4 characters, therefore that restriction should be removed. It is still possible to manually enforce it by using the `wpmu_validate_blog_signup` filter.
As a result of this change, another `is_super_admin()` call gets removed which affects the ongoing efforts of working on a network-wide role system.
Props milindmore22.
Fixes#39676. See #37616.
Built from https://develop.svn.wordpress.org/trunk@40295
git-svn-id: http://core.svn.wordpress.org/trunk@40202 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to [38677], `get_term_by()` would always return false if
an empty string were passed as the queried 'name' or 'slug'. The
refactor to use `get_terms()` broke this behavior; inappropriately
imprecise `empty()` checks caused the 'name' or 'slug' clause to be
discarded altogether when fetching terms, resulting in an incorrect
term being returned from the function.
We fix the regression by special-casing truly empty values passed
to `get_term_by()`, and ensuring that `WP_Term_Query` is properly
able to handle `0` and `'0'` term queries.
Props sstoqnov.
Fixes#21760.
Built from https://develop.svn.wordpress.org/trunk@40293
git-svn-id: http://core.svn.wordpress.org/trunk@40200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The time chosen for `test_empty_post_date_gmt_shimmed_using_post_date` falls within US daylight savings time. This may cause the test to fail depending on whether the current locale has DST.
The fix is to specify a numeric `gmt_offset` rather than a `timezone_string`.
Unprops jnylen0.
Fixes#40136.
Built from https://develop.svn.wordpress.org/trunk@40284
git-svn-id: http://core.svn.wordpress.org/trunk@40196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Historically, it has been possible to call `get_term_by()` within
a 'get_terms' filter callback. Since `get_term_by()` was refactored
to use `get_terms()` internally [38677], callbacks of this nature
have resulted in infinite loops.
As a workaround, we introduce a 'suppress_filter' option to `get_terms()`,
and use it when calling the function from within `get_term_by()`.
Props ocean90.
See #21760.
Built from https://develop.svn.wordpress.org/trunk@40275
git-svn-id: http://core.svn.wordpress.org/trunk@40192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change moves to specifying the PHPUnit version for all PHP versions, and fixes an issue where the Composer global bin directory is not at `~/.composer/vendor/bin` on the boxes that are used for HHVM builds.
See #40100
Built from https://develop.svn.wordpress.org/trunk@40269
git-svn-id: http://core.svn.wordpress.org/trunk@40188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Overriding pluggable functions in the test suite is asking for trouble in the future. In addition, it means the test suite can't be guaranteed to behave the same as core.
This instead introduces a `send_auth_cookies` filter which can be hooked in during the test suite to prevent these functions from attempting to send cookie headers to the client.
Fixes#39367
Built from https://develop.svn.wordpress.org/trunk@40263
git-svn-id: http://core.svn.wordpress.org/trunk@40183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The site's current timezone offset is an important piece of information for any REST API client that needs to manipulate dates. It has not been previously available.
Expose both the `gmt_offset` (the site's current offset from UTC in hours) and `timezone_string` (which also provides information about daylight savings time) via the "site info" endpoint (the base `/wp-json` response).
Also update the `wp-api-generated.js` fixture file with the changes to the default API responses.
Props sagarkbhatt.
Fixes#39854.
Built from https://develop.svn.wordpress.org/trunk@40238
git-svn-id: http://core.svn.wordpress.org/trunk@40168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit adds some missing test cases for combinations of `orderby` and other parameters (`post_parent__in` and `post_name__in`).
Followup to [40056] for `orderby` and `post__in`.
The interaction of these parameters is perhaps counterintuitive because `orderby` does not affect the returned results. This is overall probably the best design, and it's now better tested and documented.
Props fibonaccina.
See #39055.
Built from https://develop.svn.wordpress.org/trunk@40237
git-svn-id: http://core.svn.wordpress.org/trunk@40167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Terms with duplicate names are not allowed at the same level of a
taxonomy hierarchy. The name lookup introduced in [34809] did not
properly account for the 'parent' parameter, with the result that
the duplicate-name restriction was tighter than intended (terms
with duplicate names could not be created at different levels of
a single hierarchy).
Props mikejolley.
Fixes#39984.
Built from https://develop.svn.wordpress.org/trunk@40145
git-svn-id: http://core.svn.wordpress.org/trunk@40084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_insert_term()` does not allow for terms with the same name to exist
at the same hierarchy level, unless the second term has a unique slug.
When this logic was refactored in [31792] and [34809], a bug was
introduced whereby it was possible to bypass the no-same-named-sibling
check in cases where the first term had a non-auto-generated slug
(ie, where the name was 'Foo' but the slug something other than 'foo',
such that the second term would get the non-matching slug 'foo').
This changeset fixes this issue by ensuring that the duplicate name
check runs both in cases where there's an actual slug clash *and* in
cases where no explicit `slug` has been provided to `wp_insert_term()`.
The result is a more reliable error condition:
`wp_insert_term( 'Foo' ... )` will always fail if there's a sibling
'Foo', regardless of the sibling's slug.
Props mikejolley.
See #39984.
Built from https://develop.svn.wordpress.org/trunk@40144
git-svn-id: http://core.svn.wordpress.org/trunk@40083 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since support for PDF previews were added in [38949], it's possible
that the generated image file could overwrite an existing image file
with the same name. This uses `wp_unique_filename()` to avoid this
issue and adds a '-pdf' identifier on the end of filenames.
Props gitlost, derosj, mikeschroder, joemcgill.
Fixes#39875. See #31050.
Built from https://develop.svn.wordpress.org/trunk@40130
git-svn-id: http://core.svn.wordpress.org/trunk@40067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [40123], `WP_Image_Editor_Imagick` started using
`Imagick::setImageOrientation` and `Imagick::ORIENTATION_TOPLEFT`,
but had no equivalent feature check.
While they were introduced more than 9 years ago, it's important
to double-check everything is available before using with Imagick.
Fixes#37140.
Built from https://develop.svn.wordpress.org/trunk@40129
git-svn-id: http://core.svn.wordpress.org/trunk@40066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A few of the multisite tests were failing after [40124] because
multisite filters `upload_mimes` with the `check_upload_mimes()`
function to reduce the set of allowed MIME types. This fixes those
errors by skipping the tests for adding additional MIME types and
only tests file types assumed to be allowed.
See #39550.
Built from https://develop.svn.wordpress.org/trunk@40125
git-svn-id: http://core.svn.wordpress.org/trunk@40062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[39831] introduced more strict MIME type checking for uploads, which
resulted in unintetionally blocking several filetypes that were
previously valid. This change uses a more targeted approach to MIME
validation to restore previous behavior for most types.
Props blobfolio, iandunn, ipstenu, markoheijnen, xknown, joemcgill.
Fixes#39550, #39552.
Built from https://develop.svn.wordpress.org/trunk@40124
git-svn-id: http://core.svn.wordpress.org/trunk@40061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Due to inconsistencies in the way browsers handle Exif orientation data,
if a user manually rotates an image within WordPress, set the Exif orientation to
the default (1) so that the image displays with the same rotation/flip in every browser.
Props sanchothefat, triplejumper12, joemcgill, azaozz, markoheijnen, mikeschroder.
See #14459.
Fixes#37140.
Built from https://develop.svn.wordpress.org/trunk@40123
git-svn-id: http://core.svn.wordpress.org/trunk@40060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, when getting posts from the API with `sticky=true`, if there were no sticky posts set, the query would return all posts as if the `sticky` argument was not set. In this situation, the query should return an empty array instead.
A `sticky=true` query that should return an empty array (in the previous situation, or with `include` and no intersecting post IDs) was also broken in that it would query the post with ID 1.
Finally, this commit significantly improves test coverage for the `sticky` filter argument, including direct testing of the `WHERE` clauses generated by `WP_Query`.
Props ryelle.
Fixes#39947.
Built from https://develop.svn.wordpress.org/trunk@40122
git-svn-id: http://core.svn.wordpress.org/trunk@40059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A `post_format` not used by the current theme, but supported by core is not a wrong/broken piece of information. It's just not used at this point in time. Therefore we should allow setting and retrieving any of the standard post formats supported in core, even if the current theme doesn't use them.
After this commit, a post's `format` value can survive a round trip through the API, which is a good general design principle for an API.
Props JPry, iseulde, davidakennedy, Drivingralle.
Fixes#39232.
Built from https://develop.svn.wordpress.org/trunk@40120
git-svn-id: http://core.svn.wordpress.org/trunk@40057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add QUnit tests for the parsing of custom namespace routes. Add a custom schema fixture based on the `wp-js-widgets` plugin. Test that the client can parse the widget namespace in the schema and correctly construct the expected group of models and collections. Also includes a small unrelated QUnit fix to ensure nav-menu test passes when it is loaded without its tests executing as well as a small jshint fix, adding a missing semicolon since [40107].
Props jnylen0.
Fixes#39561.
Built from https://develop.svn.wordpress.org/trunk@40109
git-svn-id: http://core.svn.wordpress.org/trunk@40046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Internally, WordPress uses a special `post_date_gmt` value of `0000-00-00 00:00:00` to indicate that a draft's date is "floating" and should be updated whenever the post is saved. This makes it much more difficult for API clients to know the correct date of a draft post.
This commit provides a best guess at a `date_gmt` value for draft posts in this situation using the `date` field and the site's current timezone offset.
Props joehoyle.
Fixes#38883.
Built from https://develop.svn.wordpress.org/trunk@40108
git-svn-id: http://core.svn.wordpress.org/trunk@40045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Enable history support for the new theme screen, including navigating theme details and closing the details modal. Theme selection is now also bookmark-able, so linking to a URL like `/wp-admin/theme-install.php?theme=twentyseventeen` correctly opens the theme preview.
Props dd32.
Fixes#36613.
Built from https://develop.svn.wordpress.org/trunk@40107
git-svn-id: http://core.svn.wordpress.org/trunk@40044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It has been unintendedly possible to both view and edit users from a different site than the current site in multisite environments. Moreover, when passing roles to a user in an update request, that user would implicitly be added to the current site.
This changeset removes the incorrect behavior for now in order to be able to provide a proper REST API workflow for managing multisite users in the near future. Related unit tests have been adjusted as well.
Props jnylen0, jeremyfelt, johnjamesjacoby.
Fixes#39701.
Built from https://develop.svn.wordpress.org/trunk@40106
git-svn-id: http://core.svn.wordpress.org/trunk@40043 1a063a9b-81f0-0310-95a4-ce76da25c4cd
DELETE was inadvertently omitted from the list of non-POST HTTP methods that should be able to accept body parameters. Parameters passed to DELETE requests as JSON are already parsed correctly; this commit fixes `application/x-www-form-urlencoded` parameters as well.
Props mnelson4.
Fixes#39933.
Built from https://develop.svn.wordpress.org/trunk@40105
git-svn-id: http://core.svn.wordpress.org/trunk@40042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit modifies the `rest_get_date_with_gmt` function to correctly parse local and UTC timestamps with or without timezone information.
It also ensures that the REST API can edit the dates of draft posts by setting the `edit_date` flag to `wp_update_post`.
Overall this commit ensures that post and comment dates can be set and updated as expected.
Fixes#39256.
Built from https://develop.svn.wordpress.org/trunk@40101
git-svn-id: http://core.svn.wordpress.org/trunk@40038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously the status for a Post (or other post_types) was only exposed under the `edit` context, which doesn't really make much sense considering we support querying by post status without authentication. Originally introduced in v2.0 beta 1: 69f617d749 without any explanation in the commit message.
Props dhanendran, jnylen0, rachelbaker.
Fixes#39466.
Built from https://develop.svn.wordpress.org/trunk@40080
git-svn-id: http://core.svn.wordpress.org/trunk@40017 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are a couple of changes to the generated API schemas between single-site and multisite mode - for example, the `url` and `email` settings are not present in the settings endpoint (see #39005).
To avoid unexpected changes to the `wp-api-generated.js` fixture file, skip generating the client test fixtures when running the test suite in multisite mode.
See #39264.
Built from https://develop.svn.wordpress.org/trunk@40077
git-svn-id: http://core.svn.wordpress.org/trunk@40014 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix parsing of custom namespace routes. Transform class names, removing dashes and capitalizing each word/route part so a route path of `widgets/recent-posts` becomes a collection with the name `WidgetsRecentPosts`. Correct parent route part when routes are longer than expected, reversing parse direction.
Props westonruter, jazbek.
Fixes#39561.
Built from https://develop.svn.wordpress.org/trunk@40074
git-svn-id: http://core.svn.wordpress.org/trunk@40011 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Follow-up to [40065] - `JSON_*` constants are differently unsupported in PHP 5.2 and 5.3, which caused other, more different failures.
Also bring back `JSON_UNESCAPED_SLASHES` because the generated output looks nicer this way.
Fixes#39264.
Built from https://develop.svn.wordpress.org/trunk@40066
git-svn-id: http://core.svn.wordpress.org/trunk@40003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Remove `JSON_UNESCAPED_SLASHES` from the `wp_json_encode` call - this constant is not supported in PHP < 5.4, and we don't polyfill it either.
Also make the PHPUnit test suite correctly exit with a non-zero exit code when `wp-tests-config.php` is not present. This was causing `grunt restapi-jsclient` to incorrectly proceed to its second step even when the first step failed with this error.
Props ocean90.
Fixes#39264.
Built from https://develop.svn.wordpress.org/trunk@40065
git-svn-id: http://core.svn.wordpress.org/trunk@40002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `post_author` field is a string internally, but we need to cast it to an integer in the REST API. This was already done for posts, but not for revisions. The field is already declared as an integer in both controllers.
Fixes#39871.
Built from https://develop.svn.wordpress.org/trunk@40063
git-svn-id: http://core.svn.wordpress.org/trunk@40000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a data normalization pass when generating data fixtures for the REST API endpoints. Ensures that the `wp-api-generated.js` fixture won't change between test runs. Set more default properties and use fixed values for any properties that can't be easily controlled (object IDs and derivatives like link). Generate the fixture file with JSON_PRETTY_PRINT so that future diffs are easier to follow.
Props jnylen0, netweb.
Fixes#39264.
Built from https://develop.svn.wordpress.org/trunk@40061
git-svn-id: http://core.svn.wordpress.org/trunk@39998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a debounce wrapper to the media grid search handler. The search callback is now fired after a 300 ms typing pause.
Remove redundant handlers for 'search' and 'change', preventing multiple/duplicate search callbacks.
Props certainstrings, joemcgill, Kelderic, batmoo.
Fixes#38911.
Built from https://develop.svn.wordpress.org/trunk@40060
git-svn-id: http://core.svn.wordpress.org/trunk@39997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add QUnit tests: verify that wp-api loads correctly, verify that the expected base models and collections exist and can be instantiated, verify that collections contain the correct models, verify that expected helper functions are in place for each collection.
The QUnit tests rely on two fixture files: `tests/qunit/fixtures/wp-api-generated.js` contains the data response from each core endpoint and is generated by running the PHPUnit `restapi-jsclient` group. `tests/qunit/fixtures/wp-api.js` maps the generated data to endpoint routes, and overrides `Backbone.ajax` to mock the responses for the tests.
Add PHPUnit tests in `tests/phpunit/tests/rest-api/rest-schema-setup.php`. First, verify that the API returns the expected routes via `server->get_routes()`. Then, the `test_build_wp_api_client_fixtures` test goes thru each endpoint and requests it from the API, tests that it returns data, and builds up the data for the mocked QUnit tests, saving the final results to `tests/qunit/fixtures/wp-api-generated.js`.
Add a new grunt task `restapi-jsclient` which runs the phpunit side data generation and the qunit tests together.
Props jnylen0, welcher.
Fixes#39264.
Built from https://develop.svn.wordpress.org/trunk@40058
git-svn-id: http://core.svn.wordpress.org/trunk@39995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates `.button-link` adding color and underline to make link-like buttons look
like links by default. Introduces `.button-link-delete` as a modifier, stackable
CSS class for red button-links.
Props Cheffheid, afercia.
See #34242.
Fixes#35126.
Built from https://develop.svn.wordpress.org/trunk@40052
git-svn-id: http://core.svn.wordpress.org/trunk@39989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit adds tests for `orderby=relevance` combined with a search term in the REST API.
It also improves tests for the `orderby` parameter in `WP_REST_Posts_Controller` by looking at the generated SQL query instead of creating a bunch of carefully arranged test objects. This should be much more robust, and we can use this approach in other places (such as #39055).
Fixes#39079.
Built from https://develop.svn.wordpress.org/trunk@40037
git-svn-id: http://core.svn.wordpress.org/trunk@39974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Partial revert of [38929].
This reverts the source code from the commit for #30210 to prevent valid but empty feeds from returning 404 file not found errors for the home and custom feeds.
The tests in the commit that remain applicable are retained.
Props pavelevap for reporting, stevenkword for initial patch.
See #30210.
Fixes#39157.
Built from https://develop.svn.wordpress.org/trunk@40030
git-svn-id: http://core.svn.wordpress.org/trunk@39967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The category is not shown in the preview. And because of how `themename_categorized_blog()` function in each theme returns false for 1 or fewer categories, and in this case it won't show the new category.
The patch uses `is_preview()` to fix that in Twenty Fourteen, Fifteen and Seventeen.
Props lancewillett.
Fixes#39531.
Built from https://develop.svn.wordpress.org/trunk@40023
git-svn-id: http://core.svn.wordpress.org/trunk@39960 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The line of code throwing the error was introduced in WordPress 4.5 in r37040 "Customize: Require opt-in for selective refresh of widgets". Since `is_customize_preview()` was introduced in 4.0.0 and Twenty Fourteen should work from WordPress 3.6 and up, this caused the issue.
The patch adds an `is_customize_preview` function if it's missing.
Props adamsilverstein.
Fixes#39407.
Built from https://develop.svn.wordpress.org/trunk@40022
git-svn-id: http://core.svn.wordpress.org/trunk@39959 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix a JavaScript error when the media edit screen is loaded directly via a url such as `/wp-admin/post.php?post={post_id}&action=edit&image-editor`. Add a check in `imgLoaded` for `this.hold.sizer` which is set up during initialization and required for the cropping tool. Call `init` if this is undefined.
Props NoseGraze.
Fixes#38138.
Built from https://develop.svn.wordpress.org/trunk@40020
git-svn-id: http://core.svn.wordpress.org/trunk@39957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Enqueues the style along with the `customize-preview` script in the manager instead of via the `widgets` and `nav_menus` components, ensuring that the stylesheet is loaded for users who cannot manage widgets or nav menus.
Props dlh.
See #27403.
Fixes#39498.
Built from https://develop.svn.wordpress.org/trunk@39951
git-svn-id: http://core.svn.wordpress.org/trunk@39888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously the menu items would all be displayed solely based on the `manage_network` capability. This change provides parity with the network admin menu.
Unit tests for the network admin menu functionality of `wp_admin_bar_my_sites_menu()` have been added.
Props chandrapatel.
Fixes#39082.
Built from https://develop.svn.wordpress.org/trunk@39948
git-svn-id: http://core.svn.wordpress.org/trunk@39885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The checks were introduced in [22256] to prevent user settings to be set for super admins that were not a member of the current site. However the latter should apply to any kind of user, so the `is_super_admin()` check is redundant. Furthermore, removing these checks is necessary for the ongoing effort to get rid of `is_super_admin()` checks in general.
Props chandrapatel for initial patch.
Fixes#39199. See #37616.
Built from https://develop.svn.wordpress.org/trunk@39932
git-svn-id: http://core.svn.wordpress.org/trunk@39869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The strings addressing the network administrator in `wp-signup.php` were still using the old terminology of blogs and sites. Furthermore concatenation of the strings has been removed to make them i18n-friendly.
Props jignesh.nakrani, SergeyBiryukov.
Fixes#39611.
Built from https://develop.svn.wordpress.org/trunk@39929
git-svn-id: http://core.svn.wordpress.org/trunk@39866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fire a `menu-item-added` event after a menu item is added to the DOM. Fire a `menu-removing-item` event before a menu item is removed from the DOM. Enables hooking into and responding to menu changes.
Props welcher, adamsilverstein.
Fixes#31218.
Built from https://develop.svn.wordpress.org/trunk@39928
git-svn-id: http://core.svn.wordpress.org/trunk@39865 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When hitting the index, untrailingslashit() would make the REST route empty, which would then use the fallback inside WP_REST_Server. This isn't a problem most of the time, but WP_REST_Server contains a fallback to PATH_INFO. Combined with PATH_INFO permalinks, this would give a 404 on the API index, as it attempts to look up a route for "/wp-json/".
Props ccprog.
Fixes#39432.
Built from https://develop.svn.wordpress.org/trunk@39923
git-svn-id: http://core.svn.wordpress.org/trunk@39860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If index lengths change in table definitions, we don't recreate the index - instead, we throw a database error, as `dbDelta()` tries to create a new index with the same name.
It's better to leave the index as is, MySQL doesn't have an efficient process for resizing indices, and dropping/creating is a slow process which we don't want to trigger automatically.
Fixes#34870.
Built from https://develop.svn.wordpress.org/trunk@39921
git-svn-id: http://core.svn.wordpress.org/trunk@39858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `$user_total` member of `WP_User_Query`, and corresponding `get_total()` method, have always been documented as returning an `int`. `$user_total`, however, is populated by `$wpdb->get_var()`, which returns
a string (containing an integer value). Casting the return value from `get_var()` as an `int` rectifies this discrepency.
Props runciters.
Fixes#39297.
Built from https://develop.svn.wordpress.org/trunk@39915
git-svn-id: http://core.svn.wordpress.org/trunk@39852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add test coverage for requests of a single user resource for authors of post types registered as:
- public = true, show_in_rest = true: success without auth.
- public = true, show_in_rest = false: fail without auth.
- public = false, show_in_rest = true: success without auth.
- public = false, show_in_rest = false: fail without auth.
See #38878.
Fixes#39546.
Built from https://develop.svn.wordpress.org/trunk@39913
git-svn-id: http://core.svn.wordpress.org/trunk@39850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a new function `wp_get_image_mime()` which is used by
`wp_check_filetype_and_ext()` to validate image files using
`exif_imagetype()` if available instead of `getimagesize()`.
`getimagesize()` is less performant than `exif_imagetype()` and is
dependent on GD. If `exif_imagetype()` is not available, it falls back to
`getimagesize()` as before.
If `wp_check_filetype_and_ext()` can't validate the filetype, we now return
`false` for ext/MIME values.
See #11946.
Built from https://develop.svn.wordpress.org/trunk@39831
git-svn-id: http://core.svn.wordpress.org/trunk@39769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When installing and using database-saved salts, wp_create_nonce() causes database errors as wp_salt() attempts to insert into the not-yet-created options table. Since authentication isn't available during installation, we can safely skip creating a nonce.
Props nullvariable, pento, dd32.
Fixes#39047.
Built from https://develop.svn.wordpress.org/trunk@39684
git-svn-id: http://core.svn.wordpress.org/trunk@39624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
SimplePie can set the Content-Type header automatically with the correct charset for convenience, but we already force the charset to match the site's, making it redundant at best. At worst, SimplePie incorrectly overrides the content-type for non-HTML content (such as API requests).
Props dlh, stevenkword.
Fixes#39066.
Built from https://develop.svn.wordpress.org/trunk@39681
git-svn-id: http://core.svn.wordpress.org/trunk@39621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[38740] incorrectly introduced logic that changed a comment's page when
'comment_order' was set to 'desc'. This is in violation of the design
of the comment pagination system: a comment's page is designed not to
change when 'comment_order' or 'default_comment_page' are changed.
See #31101.
Props rachelbaker.
Fixes#39280.
Built from https://develop.svn.wordpress.org/trunk@39663
git-svn-id: http://core.svn.wordpress.org/trunk@39603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`terms` values are passed through `sanitize_term_field()` with the 'db'
flag, which add slashes. Because `terms` are subsequently run through
`esc_sql()`, these slashes must be removed. See [36348], which added
a similar step to sanitization in `get_terms()`.
Props bcworkz.
Fixes#39315.
Built from https://develop.svn.wordpress.org/trunk@39662
git-svn-id: http://core.svn.wordpress.org/trunk@39602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change avoids a PHP fatal error that can be encountered when the specified (or generated) source email is an invalid address, such as `wordpress@_`, it makes no effort to set a valid source, only avoid the fatal error.
See #25239 for correcting the email address.
Fixes#39360.
Built from https://develop.svn.wordpress.org/trunk@39655
git-svn-id: http://core.svn.wordpress.org/trunk@39595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replaces the "doesn't" contraction with "does not" to be consistent with similar strings in `WP_Error` messages when a specified term or parent term is missing in `WP_REST_Terms_Controller`.
Props ramiy, ocean90.
Fixes#39176.
Built from https://develop.svn.wordpress.org/trunk@39648
git-svn-id: http://core.svn.wordpress.org/trunk@39588 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Includes a new `supports` property in the response object and schema for the `/types` endpoints for users with the `edit_posts` capability for the given post type. The `supports` property returns an object of the features the given post type *supports*.
Props timmydcrawford, tyxla.
Fixes#39033.
Built from https://develop.svn.wordpress.org/trunk@39647
git-svn-id: http://core.svn.wordpress.org/trunk@39587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduced in [38674], the `wp_update_comment_data` filter took place after the `$data` was sliced and prepared for the database update statement. The location of the filter assumed the result of anyone applying it would not change the data type or make structural modifications or additions to the $data array. 😅
This moves the `wp_update_comment_data` filter to take place before the `$data` is sliced and prepared for the database update statement.
Props dshanske for initial patch.
Fixes#39380.
Built from https://develop.svn.wordpress.org/trunk@39640
git-svn-id: http://core.svn.wordpress.org/trunk@39580 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `term_exists()` check is not needed because of existing dupe
checks in `wp_insert_term()`. Furthermore, `term_exists()` conflates
term names and sanitized slugs, so incorrectly marks terms like
'C' and 'C+' as duplicates of one another.
Props garyc40, SergeyBiryukov, kovshenin, MikeHansenMe.
Fixes#16567.
Built from https://develop.svn.wordpress.org/trunk@39637
git-svn-id: http://core.svn.wordpress.org/trunk@39577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This addresses a major bug. Incorrectly setting the `$content_width` causes media embeds to end up with the wrong aspect ratio, among other issues. This fix uses `template_redirect`, to ensure conditional theme tags can be used. It also defines a default value at `after_theme_setup` so that plugins have something to work with at `init`.
Props sstoqnov, laurelfulford, obenland.
Fixes#39272.
Built from https://develop.svn.wordpress.org/trunk@39635
git-svn-id: http://core.svn.wordpress.org/trunk@39575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When plugins don't disable the `backupGlobals` PHPUnit option in their own tests, `$wpdb` is backed up and restored between classes of tests. The serialisation process used for this broke the database connection. This previously wasn't a problem, as it was reconnecting before each test.
[38398] introduced some changes that required the connection to be available in `setUpBeforeClass()`, earlier than in was previously reconnecting. This didn't cause warnings in Core, but it did cause warnings for plugins that don't disable the `backupGlobals` option.
The database connection now reconnects in `setUpBeforeClass()`. This change also fixes a few Core tests that weren't calling `parent::setUpBeforeClass()` or `parent::tearDown()` correctly.
Fixes#39327.
Built from https://develop.svn.wordpress.org/trunk@39626
git-svn-id: http://core.svn.wordpress.org/trunk@39566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also fix logic for `focus-control-for-setting` handler to focus on the first control (lowest `priority` value) associated with a given setting instead of the last control encountered when iterating over all controls, as this ensures the first control in a `nav_menu` section is focused rather than the last one.
Props westonruter, sirbrillig.
See #27403.
Fixes#39101.
Built from https://develop.svn.wordpress.org/trunk@39622
git-svn-id: http://core.svn.wordpress.org/trunk@39562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `rest_{$taxonomy}_collection_params` filter in 4.7 is incorrectly using
single quotes instead of double quotes, which means it is not working correctly
as a dynamic filter. This fixes the quotes around the filter name, and also
updates the docblocks for the other 3 similar filters for better conformance to
the documentation standards.
Props shazahm1hotmailcom, JPry, jnylen0.
Fixes#39300.
Built from https://develop.svn.wordpress.org/trunk@39621
git-svn-id: http://core.svn.wordpress.org/trunk@39561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If `add_theme_support( 'post-formats' )` is called with no additional
arguments, then `get_theme_support( 'post-formats' )` returns `true` rather
than an array of supported formats. Avoid generating PHP warnings in this
situation.
Props dreamon11, ChopinBach.
Fixes#39293.
Built from https://develop.svn.wordpress.org/trunk@39620
git-svn-id: http://core.svn.wordpress.org/trunk@39560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Correct setup for the `model` attribute of `wp.api.collections` objects. Set the collection model as a function that returns a new model of the underlying type, instead of setting it as the model prototype. Fixes an issue where models for fetched collections weren't set up properly and didn't have the expected mixin methods such as `getCategories` available.
Props jesseenterprises.
Fixes#39070.
Built from https://develop.svn.wordpress.org/trunk@39603
git-svn-id: http://core.svn.wordpress.org/trunk@39543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [38625], the functionality to search for attachments by filename was added
via the `posts_clauses` filter and the `_filter_query_attachment_filenames()`
function. This moves `_filter_query_attachment_filenames()` from
`wp-admin/includes/post.php` to `wp-includes/post.php` so that it can be
applied in the same manner in the REST API media endpoint.
Props jblz, tyxla.
Fixes#39092.
Built from https://develop.svn.wordpress.org/trunk@39598
git-svn-id: http://core.svn.wordpress.org/trunk@39538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It's fairly common for clients to send `Content-Type: application/json` with an
empty body. While technically not valid JSON, we've historically supported
this behaviour, so it shouldn't cause an error.
Props JPry.
Fixes#39150.
Built from https://develop.svn.wordpress.org/trunk@39594
git-svn-id: http://core.svn.wordpress.org/trunk@39534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`get_category_link()` is a wrapper for `get_term_link()`. Using the
unwrapped function makes more sense semantically (it's taxonomy-
agnostic) and it's also more parsimonious (the `WP_Error` check in
`get_category_link()` is redundant with similar checks just before
in `get_term_link()`).
Props keesiemeijer.
Fixes#17069.
Built from https://develop.svn.wordpress.org/trunk@39593
git-svn-id: http://core.svn.wordpress.org/trunk@39533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Site administrators should not be able to remove themselves from a site. This moves the enforcement of this rule from `wp-admin/users.php` to `remove_user_from_blog()` via the `remove_user` capability, which furthermore allows us to get rid of two additional clauses and their `is_super_admin()` checks in `wp-admin/users.php`. A unit test for the new behavior has been added.
Fixes#39063. See #37616.
Built from https://develop.svn.wordpress.org/trunk@39588
git-svn-id: http://core.svn.wordpress.org/trunk@39528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously an option containing an object would trigger an SQL `UPDATE` on all calls to `update_option`, even if the old and new values were identical. This was due to the old and new values having differing resource IDs.
This change compares the old and new values as serialized data to remove the resource ID from the comparison.
Props salcode, bradyvercher, peterwilsoncc.
Fixes#38903.
Built from https://develop.svn.wordpress.org/trunk@39564
git-svn-id: http://core.svn.wordpress.org/trunk@39504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The logic in WP_REST_Request->sanitize_params() added in [39091] did not account for `null` or `false` being the sanitization_callback preventing overriding `rest_parse_request_arg()`. This fixes that oversight, allowing the built in sanitization function to be bypassed. See #38593.
Props kkoppenhaver, rachelbaker, jnylen0.
Fixes#39042.
Built from https://develop.svn.wordpress.org/trunk@39563
git-svn-id: http://core.svn.wordpress.org/trunk@39503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The super admin on multisite as well as the administrator on non-multisite both have this capability already. For custom post types using different capabilities this change ensures that only users with that capability have permissions.
Fixes#39059. See #37616.
Built from https://develop.svn.wordpress.org/trunk@39539
git-svn-id: http://core.svn.wordpress.org/trunk@39479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When sections of the media modal are hidden out of view, their controls may be
still focusable and actionable. This completely hides these sections to avoid
unnecessary tab stops and potential confusion for assistive technology users.
Props SergeyBiryukov, afercia.
Fixes#30599.
Built from https://develop.svn.wordpress.org/trunk@39529
git-svn-id: http://core.svn.wordpress.org/trunk@39469 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds `srcset` and `sizes` to the about page images, including
art direction, via `<picture>` for the lead Twenty Seventeen image.
This also replaces URLs for all images and feature videos to their
CDN locations on s.w.org.
Props helen, pento, joemcgill.
Fixes#38616.
Built from https://develop.svn.wordpress.org/trunk@39514
git-svn-id: http://core.svn.wordpress.org/trunk@39454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The ultimate `post_name` is stored in postmeta until the post is published. The `get_page_by_path()` function does not exclude `auto-draft` posts. Revert changes to `wp_unique_post_slug()` from [39411] which excluded `auto-draft` posts.
Props westonruter, dlh for testing, helen for testing.
See #38114, #38928.
Fixes#39078.
Built from https://develop.svn.wordpress.org/trunk@39506
git-svn-id: http://core.svn.wordpress.org/trunk@39446 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Bump version numbers and update readme files for themes with changes. Also updates description for Twenty Seventeen and removes version number for HTML5 shiv for easier updates in the future.
Props davidakennedy.
Fixes#38858.
Built from https://develop.svn.wordpress.org/trunk@39496
git-svn-id: http://core.svn.wordpress.org/trunk@39436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the theme's CSS feature query for `object-fit` overrode styles it shouldn't have on interior pages.
This moves the feature query farther down in the stylesheet so it takes precedence in the cascade in supported browsers, and applies the appropriate selector for the interior pages. In browsers that don't support feature queries or `object-fit`, the fallback styles are still applied. The problem was that the rules had the same specificity, so this way, the cascade takes over properly. The transforms and position changes for fallbacks are still needed in browsers that don't support `object-fit` and feature queries.
Props peterwilsoncc, davidakennedy.
Fixes#39073.
Built from https://develop.svn.wordpress.org/trunk@39495
git-svn-id: http://core.svn.wordpress.org/trunk@39435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Extend the check in 'rest_allow_anonymous_comments' to accept any falsy value
(previously this was an explicit check for `false`).
One possible failure case is that a plugin developer forgets to include a
return value for some code path in their callback for this filter, leading to a
value of `null` which is currently treated like `true`.
Props joehoyle, jnylen0.
Fixes#39010.
Built from https://develop.svn.wordpress.org/trunk@39487
git-svn-id: http://core.svn.wordpress.org/trunk@39427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The theme uses a hack to help the video header and header image fill the available space. This centers around `max-width: 1000%;`. It causes visual issues (zooming of the header video or image) for all users though.
This fixes that with CSS Features Queries. The hack remains for browsers that don't support Feature Queries and `object-fit`. Browsers that do support both get a better experience with a more reliable styling of the video and image header container.
Props laurelfulford, peterwilsoncc.
Fixes#39035.
Built from https://develop.svn.wordpress.org/trunk@39483
git-svn-id: http://core.svn.wordpress.org/trunk@39423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `siteurl` setting is registered and made available to the REST API. On a multisite installation, this setting is not configurable from the General Settings screen, but due to the above it is configurable from the REST API.
Props peterwilsoncc.
Fixes#39005.
Built from https://develop.svn.wordpress.org/trunk@39468
git-svn-id: http://core.svn.wordpress.org/trunk@39408 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the `require_name_email` option is true, creating a comment with an empty string for the author name or email should not be accepted. Both values can be an empty string on update.
Props flixos90, hnle, dd32, rachelbaker, jnylen0, ChopinBach, joehoyle, pento.
Fixes#38971.
Built from https://develop.svn.wordpress.org/trunk@39444
git-svn-id: http://core.svn.wordpress.org/trunk@39384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- `'orderby' => 'include'` requires an array of post_ids via the `include` collection param.
`'orderby' => 'id'` and `'orderby' => 'slug'` need map the correct WP_Query equivalents.
Props flixos90, hnle, dd32, rachelbaker, joehoyle, pento.
Fixes#38971.
Built from https://develop.svn.wordpress.org/trunk@39440
git-svn-id: http://core.svn.wordpress.org/trunk@39380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In wp-admin, users are removed from individual sites rather than deleted. A user can only be deleted from the network admin.
Until support for a `PUT` request that removes a user's site and content associations is available, `DELETE` requests are disabled to avoid possible issues with lost content.
Props jnylen0, rachelbaker.
Fixes#38962.
Built from https://develop.svn.wordpress.org/trunk@39438
git-svn-id: http://core.svn.wordpress.org/trunk@39378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When deleting a user through the WordPress admin, a specific decision is presented - whether to assign all of the user's posts to another user, or to delete all of the posts.
This change requires `reassign` as a parameter in the corresponding REST API endpoint, so that content isn't accidentally lost.
Props jeremyfelt.
Fixes#39000.
Built from https://develop.svn.wordpress.org/trunk@39426
git-svn-id: http://core.svn.wordpress.org/trunk@39366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This simplifies the line `$( siteNavigation.closest( '.main-navigation' ), this ).toggleClass( 'toggled-on' );` to `$( siteNavContain ).toggleClass( 'toggled-on' );`, since `this` is the clicked button, so the extra context isn't needed.
Props afercia, laurelfulford.
Fixes#38992.
Built from https://develop.svn.wordpress.org/trunk@39419
git-svn-id: http://core.svn.wordpress.org/trunk@39359 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that a standard header is shown on the front page whenever
a header video is set without a header image if the video doesn't load,
e.g., on mobile sizes or if the JS doesn't fire.
This adds a new class, `.has-header-video` that is added whenever the
`wp-custom-header-video-loaded` event is fired, which is then used to style
the custom headers along with `.has-header-image` whenever a header image
is available. This also changes the class name on the custom header media
wrapping `div` from `.custom-header-image` to `.custom-header-media`.
Props laurelfulford, joemcgill.
Fixes#38995.
Built from https://develop.svn.wordpress.org/trunk@39413
git-svn-id: http://core.svn.wordpress.org/trunk@39353 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Updates `wp_unique_post_slug()` to ignore `auto-draft` posts. Prevents publishing multiple posts that have the same slugs from starter content.
* Fixes fatal error when attempting to save an header_image setting from a non-admin context.
* Fixes substituting attachment symbols in options and theme mods.
* Fixes applying starter content for header images and background images.
See #38114.
Fixes#38928.
Built from https://develop.svn.wordpress.org/trunk@39411
git-svn-id: http://core.svn.wordpress.org/trunk@39351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Also moves checks from `customize_save` Ajax handler to the underlying `WP_Customize_Manager::save_changeset_post()` call which plugins may invoke directly.
* Ensures that `customize_save_response` filter is always passed an array, with error code available as `code`.
Props utkarshpatel, westonruter, sayedwp.
See #30937.
Fixes#38943.
Built from https://develop.svn.wordpress.org/trunk@39409
git-svn-id: http://core.svn.wordpress.org/trunk@39349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change the capability check used in `WP_REST_Terms_Controller` when creating a new term is attempted, from `manage_terms` to `edit_terms`. This matches the behavior within the WordPress admin. See #35614.
Props johnbillion, rmccue, rachelbaker, helen, jorbin, SergeyBiryukov.
Fixes#38958.
Built from https://develop.svn.wordpress.org/trunk@39402
git-svn-id: http://core.svn.wordpress.org/trunk@39342 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the `check_username()` and `check_password()` callbacks in the Users controller cast the provided request value to a string. The `rest_sanitize_value_from_schema()` function was being used incorrectly which was causing unintended request parsing.
In `rest_sanitize_request_arg()` do not pass nonexistent third parameter for the `rest_sanitize_value_from_schema()` function.
Props jnylen0, joehoyle, rachelbaker, ocean90.
Fixes#38984.
Built from https://develop.svn.wordpress.org/trunk@39400
git-svn-id: http://core.svn.wordpress.org/trunk@39340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes a regression in the media library after [38949], which caused
small images (< thumbnail size) to not display within the media library.
Accounts for images that have no intermediate sizes
in `wp_prepare_attachment_for_js()`.
Adds test.
Fixes#38965.
Props joemcgill, clorith, mikeschroder.
Built from https://develop.svn.wordpress.org/trunk@39396
git-svn-id: http://core.svn.wordpress.org/trunk@39336 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Show default labels for nav menu item as placeholders in a control's label field instead of showing blank.
* Store empty string as label instead of copying default labels.
* Prevent labels for post type archive items from being dropped in preview.
* Also ensure that the item type label is displayed on nav menu item controls for settings that are loaded from an existing changeset.
Amends [38618].
See #38015.
Fixes#38955.
Built from https://develop.svn.wordpress.org/trunk@39393
git-svn-id: http://core.svn.wordpress.org/trunk@39333 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The API should allow updates that don't actually change anything. This allows
clients to, for example, accidentally send the same request twice without
encountering unexpected errors. This currently works for posts, terms, and
users, so this commit adds test cases accordingly.
See #38700 for issues preventing this from working for comments.
Fixes#38975.
Built from https://develop.svn.wordpress.org/trunk@39371
git-svn-id: http://core.svn.wordpress.org/trunk@39311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes typo in args passed to `get_term_link()` which caused a fatal error due to this call returning a `WP_Error` which was set to `url`. Also fixes never-satisfiable condition for obtaining post type archive URL. Also ensures that `WP_Error` never leaks through as `url` by setting it to an empty string. Adds missing unit tests.
Amends [38991].
See #38114.
Fixes#38945.
Built from https://develop.svn.wordpress.org/trunk@39365
git-svn-id: http://core.svn.wordpress.org/trunk@39305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Moves logic from `WP_Customize_Custom_CSS_Setting::update()` into a re-usable `wp_update_custom_css_post()` function, useful for future REST API endpoint, WP-CLI command, or plugin migrations.
* Renames `customize_update_custom_css_post_content_args` filter to `update_custom_css_data` and improves the naming of the parameters. Instead of passing `post_content` and `post_content_filtered` the filtered array now contains `css` and `preprocessed` respectively.
* The second context param for the `update_custom_css_data` filter is now an array of the original args passed to `wp_update_custom_css_post()` and there is now no more `$setting` arg since it isn't necessarily being called in the customizer context.
Props westonruter, georgestephanis.
See #35395.
Fixes#38672.
Built from https://develop.svn.wordpress.org/trunk@39350
git-svn-id: http://core.svn.wordpress.org/trunk@39290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Core requires the post password to view and create comments on password protected posts, so we must support a “password” param on the comments endpoint when fetch comments for a specific post and creating a comment on a password protected post.
Props flixos90, jnylen0.
Fixes#38692.
Built from https://develop.svn.wordpress.org/trunk@39349
git-svn-id: http://core.svn.wordpress.org/trunk@39289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Brings consistency to the `rest_insert_*` actions. Also includes some shuffling and clean-up as well including:
- Ensure we are passing the most current `$post` and `$user` objects to the `update_additional_fields_for_object()` callbacks.
- Changes the function signature of `handle_status_param()` in the Comments controller to accept just the comment_id as the 2nd parameter, instead of a full WP_Comment object. Only the comment_id is needed in the method, this avoids having to include another `get_comment()` call.
- Renames a variable in the `create_item()` method of the Posts controller from `$post` -> `$prepared_post` to be more explicit.
- Minor fixes/clarifications to the rest_insert_* hook docs
Props rachelbaker, joehoyle
Fixes#38905.
Built from https://develop.svn.wordpress.org/trunk@39348
git-svn-id: http://core.svn.wordpress.org/trunk@39288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Featured image support means that attachments can now be imported. Media can be sideloaded from within theme or plugin directories. Like other posts, attachments are auto-drafts until customizer changes are published, and are not duplicated when they already exist in the customized state. Attachment IDs can be used for any number of purposes, much like post IDs. Twenty Seventeen now includes 3 images used as featured images to best showcase the multi-section homepage setup.
As featured image IDs are stored in post meta, it also made sense to add support for page templates. Twenty Seventeen does not include any such templates, but the functionality can be quite important for displaying themes to their best effect.
props westonruter, helen, flixos90.
fixes#38615.
Built from https://develop.svn.wordpress.org/trunk@39346
git-svn-id: http://core.svn.wordpress.org/trunk@39286 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This bug occurred in any language where text wraps character-by-character, since those languages don't delimit words with spaces. In Japanese, Chinese and Korean, etc., it was possible for the label to be displayed vertically.
Props tg29359, afercia, odysseygate.
Fixes#38876.
Built from https://develop.svn.wordpress.org/trunk@39341
git-svn-id: http://core.svn.wordpress.org/trunk@39281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This makes a few adjustments to CSS to bring them inline with WordPress
CSS coding standards including:
* Font weights should be defined using numeric values
* Do not pad parentheses with spaces
This also fixes a couple of typos to inline comments.
Props netweb for initial patch.
Fixes#38901.
Built from https://develop.svn.wordpress.org/trunk@39340
git-svn-id: http://core.svn.wordpress.org/trunk@39280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When a custom header image was set but custom CSS was not, `wp_get_custom_css_post()` was generating an UPDATE query on every frontend request.
In theme options the header image meta data is stored as an object. In `update_option()` this hits an edge case as the resource IDs of the old and new values never match.
This changes the logic of `wp_get_custom_css_post()` to ensure `set_theme_mod()` is only called when the custom CSS has changed.
Props bradyvercher, helen.
Fixes#38866.
Built from https://develop.svn.wordpress.org/trunk@39338
git-svn-id: http://core.svn.wordpress.org/trunk@39278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Invalid nav menu items are exported as settings in the customize controls since it `is_admin()`, but any such `nav_menu_item` settings are excluded from the preview since it's the frontend. Selective refresh for nav menus needs to ignore the syncing of any such `nav_menu_item` settings that are `_invalid` since they are never rendered, and when a nav menu only contains invalid items, an infinite fallback refresh can ensue.
Fixes#38890.
Built from https://develop.svn.wordpress.org/trunk@39333
git-svn-id: http://core.svn.wordpress.org/trunk@39273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, if no translation files exist for a text domain, `_load_textdomain_just_in_time()` went through the entire process each time it was called. This results in an increased call to `get_locale()` and its `locale` filter.
This change splits the logic into `_get_path_to_translation()` and `_get_path_to_translation_from_lang_dir()`. The former, which is used by `_load_textdomain_just_in_time()`, caches the result of the latter. It also removes some non-working code from `WP_Locale_Switcher::load_translations()`.
Props jrf, swissspidy, sharkomatic, ocean90.
Fixes#37997.
Built from https://develop.svn.wordpress.org/trunk@39330
git-svn-id: http://core.svn.wordpress.org/trunk@39270 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adding a brand new anonymous comment method is a potential conduit for spam. Since it's still useful functionality, we're now hiding it behind a filter to allow plugins and themes to turn it on if they do want it.
Props helen, rachelbaker, joehoyle.
Fixes#38855.
Built from https://develop.svn.wordpress.org/trunk@39327
git-svn-id: http://core.svn.wordpress.org/trunk@39267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes support for the skin tone modifier on emoji involving two or more people. This functionality is opposed by Apple and Google, so there is unlikely to be an input mechanism for such emoji, they oppose it on the grounds that they "...do not think a mechanism should be supported that only permits depiction of multi-person groups (or elements) in which each person has the same skin tone."
See their official notification for further details: http://www.unicode.org/L2/L2016/16332-remove-multi-emb.pdf
This change does not require a CDN update, as no emoji were altered or added, only removed.
See #38113.
Built from https://develop.svn.wordpress.org/trunk@39319
git-svn-id: http://core.svn.wordpress.org/trunk@39259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
After [39187], WordPress started loading only the first page of a PDF.
This is appropriate for performance, but made it impossible to
write plugins that read other pages without overriding `load()`.
Introduces `WP_Image_Editor_Imagick->pdf_setup()`, to allow an override
to change WordPress' rendering DPI defaults or which pages are loaded.
Fixes#38832. See #38522, #31050.
Props markoheijnen, joemcgill, mikeschroder.
Built from https://develop.svn.wordpress.org/trunk@39303
git-svn-id: http://core.svn.wordpress.org/trunk@39243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Users without the moderate_comments capability can no longer set the `author_ip` property directly, and instead receive a `WP_Error` if they attempt to do so. Otherwise, the `author_ip property` is populated from `$_SERVER['REMOTE_ADDR']` if present and a valid IP value. Finally, fallback to 127.0.0.1 as a last resort.
Props dd32, rachelbaker, joehoyle.
Fixes#38819.
Built from https://develop.svn.wordpress.org/trunk@39302
git-svn-id: http://core.svn.wordpress.org/trunk@39242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
