Commit Graph

38834 Commits

Author SHA1 Message Date
Andrew Ozz
3b3542fe15 Privacy: Add a setting to disable comment cookie consent.
Fixes #44373.
Built from https://develop.svn.wordpress.org/trunk@43469


git-svn-id: http://core.svn.wordpress.org/trunk@43296 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 09:08:26 +00:00
Andrew Ozz
cc1bfb1e55 Privacy: Don't replace comment author URL and email with anything.
Props TZ-Media, desrosj, birgire.
Fixes #44141.
Built from https://develop.svn.wordpress.org/trunk@43467


git-svn-id: http://core.svn.wordpress.org/trunk@43294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 09:00:25 +00:00
Gary Pendergast
46fa15291f Streams: Return early from wp_is_stream() for paths that aren't streams.
Some versions of PHP appear to have a memory leak that is occasionally triggered by calling `stream_get_wrappers()`. In order to avoid calling this, we can return early from `wp_is_stream()` when `$path` doesn't contain `://`.

Props pbiron, JPry, dontstealmyfish.
Fixes #44532.


Built from https://develop.svn.wordpress.org/trunk@43466


git-svn-id: http://core.svn.wordpress.org/trunk@43293 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 07:54:25 +00:00
Gary Pendergast
0e5e77a895 Privacy: Remove some unnecessary code comments.
[42967] introduced some WPCS-related comments, probably accidentally saved by an IDE.

Props burhandodhy.
Fixes #44590.


Built from https://develop.svn.wordpress.org/trunk@43465


git-svn-id: http://core.svn.wordpress.org/trunk@43292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 07:43:24 +00:00
Gary Pendergast
7c696fbed2 Editor: Use apply_filters_deprecated() for some deprecated filters.
The `htmledit_pre` and `richedit_pre` filters have been deprecated since 4.3.0, since before `apply_filters_deprecated()` existed. They're now correctly run using `apply_filters_deprecated()`.

Props sebastienthivinfocom, lbenicio, ianbelanger.
Fixes #44341.


Built from https://develop.svn.wordpress.org/trunk@43464


git-svn-id: http://core.svn.wordpress.org/trunk@43291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 07:38:24 +00:00
Gary Pendergast
c173331dc4 REST API: Fix some incorrect @since tags.
[43437] included some new methods, which were incorrectly tagged as being `@since 4.9.7`. This updates them to `4.9.8`.

Props danielbachhuber.
Fixes 44287.


Built from https://develop.svn.wordpress.org/trunk@43463


git-svn-id: http://core.svn.wordpress.org/trunk@43290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 07:27:25 +00:00
Gary Pendergast
17899c1932 REST API: Attachments controller should respect upload limits.
When the REST API is in use on WordPress multisite, the `WP_REST_Attachments_Controller` should respect the "Max upload file size" and "Site upload space" site options.

Props flixos90, danielbachhuber.
Fixes #43751.


Built from https://develop.svn.wordpress.org/trunk@43462


git-svn-id: http://core.svn.wordpress.org/trunk@43289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 07:22:29 +00:00
Sergey Biryukov
be92bbbbbb Docs: Change @since entry for add_inline_data action added in [42676] to 4.9.8.
See #36085.
Built from https://develop.svn.wordpress.org/trunk@43460


git-svn-id: http://core.svn.wordpress.org/trunk@43287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 15:27:25 +00:00
Sergey Biryukov
cf4f8d8737 Login and Registration: Set a better default value for $wp_error parameter in login_header().
To prevent someone from passing a string (which would not be added to a new `WP_Error` instance), check for `is_wp_error()` explicitly.

Props desrosj, chetan200891, spyderbytes, lbenicio, sebastien@thivinfo.com, abdullahramzan.
Fixes #44052.
Built from https://develop.svn.wordpress.org/trunk@43457


git-svn-id: http://core.svn.wordpress.org/trunk@43284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 14:10:26 +00:00
Sergey Biryukov
4faf05ca6a Privacy: Change @since entry for _wp_privacy_settings_filter_draft_page_titles() added in [43376] to 4.9.8.
See #44100.
Built from https://develop.svn.wordpress.org/trunk@43454


git-svn-id: http://core.svn.wordpress.org/trunk@43281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 13:48:25 +00:00
Sergey Biryukov
357a663899 Privacy: Change @since entry for user_request_confirmed_email_subject filter added in [43373] to 4.9.8.
See #44382.
Built from https://develop.svn.wordpress.org/trunk@43451


git-svn-id: http://core.svn.wordpress.org/trunk@43278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 12:12:25 +00:00
Andrew Ozz
26ca877782 TinyMCE: update to 4.8.0, changelog: https://www.tiny.cloud/docs/changelog/#version480july112018
Fixes #44134.
Built from https://develop.svn.wordpress.org/trunk@43447


git-svn-id: http://core.svn.wordpress.org/trunk@43274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 08:07:26 +00:00
Aaron Jorbin
691dc59ad3 Privacy: Silence is golden and invisible.
"Be more discrete." declared matt in [3155], and since then, "Silence is Golden" has been the calling card of placeholder index files. Historically, these have been php files, but [43012] changed that and added index.html files for privacy export generated folders.

The php silence files produce no visible content. This adds consistency with these new html files in that there will be no visible content. Silence will fall when the question is asked.

Fixes #44195.
Props audrasjb, rafsuntaskin, Ov3rfly, johnbillion, pento


Built from https://develop.svn.wordpress.org/trunk@43446


git-svn-id: http://core.svn.wordpress.org/trunk@43273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-15 23:39:27 +00:00
Gary Pendergast
7216f9e623 REST API: Update the test fixture generator following [43439]
As [43439] added data that contains object IDs, it can cause `wp-api-generated.js` to be unnecessarily regenerated.

Regenerating our list of fixtures that need normalising rectifies this.

See #44321.


Built from https://develop.svn.wordpress.org/trunk@43441


git-svn-id: http://core.svn.wordpress.org/trunk@43268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-13 04:46:25 +00:00
Gary Pendergast
fd6f50e86f REST API: Tweak permission checks for taxonomy and term endpoints
To match behaviour in the Classic Editor, we need to slightly loosen permissions on taxonomy and term endpoints. This allows users to create terms to assign to a post that they're editing.

Props danielbachhuber.
Fixes #44096.


Built from https://develop.svn.wordpress.org/trunk@43440


git-svn-id: http://core.svn.wordpress.org/trunk@43267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-13 04:24:25 +00:00
Gary Pendergast
2f803422fa REST API: Expose revision count and last revision ID on Post response
So that REST API clients can show appropriate UI for a post's revisions, it needs to know how many revisions the post has, and what the latest revision ID is.

Props kadamwhite, danielbachhuber, birgire, TimothyBlynJacobs.
Fixes #44321.


Built from https://develop.svn.wordpress.org/trunk@43439


git-svn-id: http://core.svn.wordpress.org/trunk@43266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-13 04:07:24 +00:00
Gary Pendergast
0ba364411d REST API: Declare user capabilities using JSON Hyper Schema's "targetSchema".
There are a variety of operations a WordPress user can only perform if they have the correct capabilities. A REST API client should only display UI for one of these operations if the WordPress user can perform the operation.

Rather than requiring REST API clients to calculate whether to display UI based on potentially complicated combinations of user capabilities, `targetSchema` allows us to expose a single flag to show whether the corresponding UI should be displayed.

This change also includes flags on post objects for the following actions:

- `action-publish`: The current user can publish this post.
- `action-sticky`: The current user can make this post sticky, and the post type supports sticking.
- `action-assign-author': The current user can change the author on this post.
- `action-assign-{$taxonomy}`: The current user can assign terms from the "$taxonomy" taxonomy to this post.
- `action-create-{$taxonomy}`: The current user can create terms int the "$taxonomy" taxonomy.

Props TimothyBlynJacobs, danielbachhuber.
Fixes #44287.


Built from https://develop.svn.wordpress.org/trunk@43437


git-svn-id: http://core.svn.wordpress.org/trunk@43264 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-11 06:23:27 +00:00
Sergey Biryukov
632d61cead Plugins: Disable "Install Now" button for plugins that require a higher version of PHP or WordPress.
Display a notice with an explanation and the steps required to resolve the issue.

Props afragen, schlessera, flixos90, nerrad, melchoyce, boemedia, hedgefield, joyously, johnalarcon, lakenh, afercia, acirujano, ibantxillo, SergeyBiryukov.
Fixes #43986.
Built from https://develop.svn.wordpress.org/trunk@43436


git-svn-id: http://core.svn.wordpress.org/trunk@43263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-09 13:45:25 +00:00
Felix Arntz
9768bde3c4 Privacy: Fix a further inconsistency of site name and URL usage in notification emails.
This is a follow-up to [43388].

Props desrosj.
Fixes #44396.

Built from https://develop.svn.wordpress.org/trunk@43435


git-svn-id: http://core.svn.wordpress.org/trunk@43262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-08 13:55:28 +00:00
John Blackbourn
60252611be Date/Time: Add support for the c and r shorthand formats in date_i18n().
Props Rarst, pbearne

Fixes #20973

Built from https://develop.svn.wordpress.org/trunk@43434


git-svn-id: http://core.svn.wordpress.org/trunk@43261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 23:10:25 +00:00
John Blackbourn
4c2fcf36a3 Media: Update the @since tag for wp_normalize_path() as this has been backported to th 3.9 (and all other) branches.
See #42837

Built from https://develop.svn.wordpress.org/trunk@43406


git-svn-id: http://core.svn.wordpress.org/trunk@43234 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 15:21:25 +00:00
John Blackbourn
c9dce0606b Media: Limit thumbnail file deletions to the same directory as the original file.
Built from https://develop.svn.wordpress.org/trunk@43392


git-svn-id: http://core.svn.wordpress.org/trunk@43220 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 14:32:25 +00:00
atimmer
44b8c2e36b Docs: Fix default values for customize/controls.js.
The old values cannot be parsed by JSDoc.

Props herregroen.
Fixes #44520.

Built from https://develop.svn.wordpress.org/trunk@43391


git-svn-id: http://core.svn.wordpress.org/trunk@43219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 14:07:24 +00:00
Felix Arntz
5f461574e8 Tests: Fix failing test after [43388].
Fixes #44396.

Built from https://develop.svn.wordpress.org/trunk@43390


git-svn-id: http://core.svn.wordpress.org/trunk@43218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 08:53:25 +00:00
Felix Arntz
46589d1578 Date/Time: Fix usage of $gmt parameter in date_i18n() and clarify its behavior.
The docs for `date_i18n()` and its filter now correctly state that the `$gmt` parameter is only taken into account if no timestamp is provided. Furthermore, a bug with that parameter is fixed, as it is now ensured that the timezone used with it is `UTC`.

Props Rarst.
Fixes #38771.

Built from https://develop.svn.wordpress.org/trunk@43389


git-svn-id: http://core.svn.wordpress.org/trunk@43217 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-04 23:43:25 +00:00
Felix Arntz
057b221af7 Privacy: Use consistent values for the site name and URL used in notification emails.
The functions `send_confirmation_on_profile_email()`, `_wp_privacy_send_request_confirmation_notification()`, `_wp_privacy_send_erasure_fulfillment_notification()`, and `wp_send_user_request()` all include a title and URL indicating the current site. However, so far they have dealt with those values inconsistently, sometimes using the site values, other times using the network values if in a multisite. This changeset ensures that only the current site is taken into account in all cases and that special characters in the site name are consistently decoded.

Props subrataemfluence, desrosj.
Fixes #44396.

Built from https://develop.svn.wordpress.org/trunk@43388


git-svn-id: http://core.svn.wordpress.org/trunk@43216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-03 17:00:25 +00:00
Felix Arntz
dc036d5333 Date/Time: Add support for gmt_offset to date_i18n().
Prior to this change, `date_i18n()` only supported the `timezone_string` option, causing incorrect timezones to appear in formatted dates on sites that still rely on the `gmt_offset` option.

Props Rarst.
Fixes #34835.

Built from https://develop.svn.wordpress.org/trunk@43387


git-svn-id: http://core.svn.wordpress.org/trunk@43215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-03 15:59:25 +00:00
Felix Arntz
b76a714bba Taxonomy: Introduce is_taxonomy_viewable().
This utility function allows for easy detection whether terms for a taxonomy are considered publicly viewable.

Props andizer.
Fixes #44466.

Built from https://develop.svn.wordpress.org/trunk@43386


git-svn-id: http://core.svn.wordpress.org/trunk@43214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-03 10:29:28 +00:00
Sergey Biryukov
efafeed66c Docs: Add missing backtick in delete_metadata() DocBlock.
Props dilipbheda, cliffpaulick.
Fixes #44433.
Built from https://develop.svn.wordpress.org/trunk@43385


git-svn-id: http://core.svn.wordpress.org/trunk@43213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-02 17:58:27 +00:00
Sergey Biryukov
99e3bb9077 Date/Time: Simplify mysql_to_rfc3339().
Erasing timezone with a regular expression is redundant, the date could be just formatted in the respective format instead.

Props Rarst.
Fixes #42542.
Built from https://develop.svn.wordpress.org/trunk@43384


git-svn-id: http://core.svn.wordpress.org/trunk@43212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:45:53 +00:00
Sergey Biryukov
67716d1367 Docs: Correct description for mysql_to_rfc3339().
Despite historical function name, the output does not conform to RFC3339 format, which must contain timezone.

Props Rarst.
See #42542.
Built from https://develop.svn.wordpress.org/trunk@43383


git-svn-id: http://core.svn.wordpress.org/trunk@43211 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:45:29 +00:00
Felix Arntz
76c25aa14b Multisite: Count users in a more performant way when listing sites in the network admin.
Props spacedmonkey.
Fixes #44368.

Built from https://develop.svn.wordpress.org/trunk@43382


git-svn-id: http://core.svn.wordpress.org/trunk@43210 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:45:03 +00:00
Felix Arntz
e350e822f8 Role/Capability: Rename upgrade_php capability to more suitable update_php.
This brings the name in line with user-facing language and similar names of existing related capabilities. Since the capability has not been part of any WordPress release, it can be renamed without any backward-compatibility implications.

Also missing props benhuberman for [43006].

Fixes #44457.

Built from https://develop.svn.wordpress.org/trunk@43381


git-svn-id: http://core.svn.wordpress.org/trunk@43209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:44:38 +00:00
Sergey Biryukov
b98ef36c97 Docs: Improve documentation for date_i18n()'s second argument.
Despite previously being labeled as a Unix timestamp, in reality it's a sum of Unix timestamp and timezone offset in seconds.

Props Rarst.
See #38771.
Built from https://develop.svn.wordpress.org/trunk@43380


git-svn-id: http://core.svn.wordpress.org/trunk@43208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:44:12 +00:00
Andrew Ozz
be6aa715fe Privacy: use wp_login_url() for the link in the user confirmation email.
Props desrosj, usmankhalid.
Fixes #44353.
Built from https://develop.svn.wordpress.org/trunk@43379


git-svn-id: http://core.svn.wordpress.org/trunk@43207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:43:47 +00:00
K. Adam White
a89c86c711 REST API: Support meta registration for specific object subtypes.
Introduce an `object_subtype` argument to the args array for `register_meta()` which can be used to limit meta registration to a single subtype (e.g. a custom post type or taxonomy, vs all posts or taxonomies).

Introduce `register_post_meta()` and `register_term_meta()` wrapper methods for `register_meta` to provide a convenient interface for the common case of registering meta for a specific taxonomy or post type. These methods work the way plugin developers have often expected `register_meta` to function, and should be used in place of direct `register_meta` where possible.

Props flixos90, tharsheblows, spacedmonkey.
Fixes #38323.


Built from https://develop.svn.wordpress.org/trunk@43378


git-svn-id: http://core.svn.wordpress.org/trunk@43206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:43:21 +00:00
Gary Pendergast
0db068da94 Emoji: Update Twemoji to version 11.0.
{U+01F9B9}

Props kraftbj,
Fixes #44339.


Built from https://develop.svn.wordpress.org/trunk@43377


git-svn-id: http://core.svn.wordpress.org/trunk@43205 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:42:55 +00:00
Andrew Ozz
7e9be993e6 Privacy: append (Draft) to draft page titles in the page drop-down on the Privacy Settings screen.
Props allendav, desrosj.
Fixes #44100.
Built from https://develop.svn.wordpress.org/trunk@43376


git-svn-id: http://core.svn.wordpress.org/trunk@43204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:42:29 +00:00
Andrew Ozz
3ce87b62f9 Privacy: add user request type to the admin notification email subject.
Props birgire, desrosj.
Fixes #44099.
Built from https://develop.svn.wordpress.org/trunk@43375


git-svn-id: http://core.svn.wordpress.org/trunk@43203 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:42:03 +00:00
Andrew Ozz
2afe7146c8 Privacy: on the Privacy Settings screen change view to preview when a draft page is selected for the privacy policy.
Props garrett-eclipse, desrosj.
Fixes #44131.
Built from https://develop.svn.wordpress.org/trunk@43374


git-svn-id: http://core.svn.wordpress.org/trunk@43202 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:41:37 +00:00
Andrew Ozz
ac269e570e Privacy: filter the email subject in _wp_privacy_send_request_confirmation_notification().
Props garrett-eclipse, birgire, desrosj.
Fixes #44382.
Built from https://develop.svn.wordpress.org/trunk@43373


git-svn-id: http://core.svn.wordpress.org/trunk@43201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:41:13 +00:00
Andrew Ozz
cefaaa0b51 Privacy: add esc_html to assertion in test_wp_comments_personal_data_exporter.
Props mermel, 1naveengiri.
Fixes #44113.
Built from https://develop.svn.wordpress.org/trunk@43371


git-svn-id: http://core.svn.wordpress.org/trunk@43199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:40:21 +00:00
Andrew Ozz
b363ace996 Privacy: do not show the comment cookies opt-in checkbox (on the front-end comments form) when comment cookies are disabled.
Props felipeelia, johnbillion.
Fixes #44342.
Built from https://develop.svn.wordpress.org/trunk@43370


git-svn-id: http://core.svn.wordpress.org/trunk@43198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:39:57 +00:00
John Blackbourn
ef97b99f66 Build/Test Tools: Introduce support for a WP_TESTS_CONFIG_FILE_PATH constant to override the test suite config file location.
This can be used in phpunit.xml:

{{{
<php>
	<const name="WP_TESTS_CONFIG_FILE_PATH" value="/path/to/wp-tests-config.php" />
</php>
}}}

Props clarinetlord

Fixes #39734

Built from https://develop.svn.wordpress.org/trunk@43369


git-svn-id: http://core.svn.wordpress.org/trunk@43197 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:39:31 +00:00
John Blackbourn
0aa2902436 Security: Harden the random aspect of the hash used for user profile and admin email address changes.
Props BjornW

Fixes #43771

Built from https://develop.svn.wordpress.org/trunk@43367


git-svn-id: http://core.svn.wordpress.org/trunk@43195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:38:43 +00:00
John Blackbourn
35ca5f61f8 Options, Meta APIs: Use the correct escaping function when outputting the meta box context.
Props khaihong, abdullahramzan, leanderiversen, aryamaaru, lbenicio, palmiak

Fixes #44274

Built from https://develop.svn.wordpress.org/trunk@43365


git-svn-id: http://core.svn.wordpress.org/trunk@43193 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:37:51 +00:00
Sergey Biryukov
593848e9dc Docs: Correct inline comment added in [43361] for consistency with other comments.
See #44142.
Built from https://develop.svn.wordpress.org/trunk@43363


git-svn-id: http://core.svn.wordpress.org/trunk@43191 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:37:00 +00:00
Sergey Biryukov
d35f9813f1 Docs: Add missing @return value for save_mod_rewrite_rules() and iis7_save_url_rewrite_rules().
See #44142.
Built from https://develop.svn.wordpress.org/trunk@43362


git-svn-id: http://core.svn.wordpress.org/trunk@43190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:36:35 +00:00
Sergey Biryukov
40cfcfc222 Privacy: Make sure wp_add_privacy_policy_content() does not cause a fatal error by unintentionally flushing rewrite rules outside of the admin context.
Add a `_doing_it_wrong()` message describing the correct usage of the function.

Props kraftbj, azaozz, SergeyBiryukov, YuriV.
Fixes #44142.
Built from https://develop.svn.wordpress.org/trunk@43361


git-svn-id: http://core.svn.wordpress.org/trunk@43189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:36:09 +00:00
atimmer
96bfb67e79 Docs: Improve JSDoc for emoji.js.
Props lisannekluitmans, hansjovisyoast, igorsch, nicollle.
Fixes #44367.

Built from https://develop.svn.wordpress.org/trunk@43360


git-svn-id: http://core.svn.wordpress.org/trunk@43188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:35:44 +00:00