Coding Standards: Use strict comparison in `wp-includes/post-template.php`.

Follow-up to [5017], [5018], [6228], [13494], [15582], [23653], [44941].

Props aristath, poena, afercia, SergeyBiryukov.
See #60700.
Built from https://develop.svn.wordpress.org/trunk@58277


git-svn-id: http://core.svn.wordpress.org/trunk@57737 1a063a9b-81f0-0310-95a4-ce76da25c4cd

readme.html

@@ -47,17 +47,17 @@
 </ol>
 
 <h2>Migrating from other systems</h2>
-<p>WordPress can <a href="https://wordpress.org/documentation/article/importing-content/">import from a number of systems</a>. First you need to get WordPress installed and working as described above, before using <a href="wp-admin/import.php">our import tools</a>.</p>
+<p>WordPress can <a href="https://developer.wordpress.org/advanced-administration/wordpress/import/">import from a number of systems</a>. First you need to get WordPress installed and working as described above, before using <a href="wp-admin/import.php">our import tools</a>.</p>
 
 <h2>System Requirements</h2>
 <ul>
-	<li><a href="https://secure.php.net/">PHP</a> version <strong>7.0</strong> or greater.</li>
+	<li><a href="https://www.php.net/">PHP</a> version <strong>7.2.24</strong> or greater.</li>
 	<li><a href="https://www.mysql.com/">MySQL</a> version <strong>5.5.5</strong> or greater.</li>
 </ul>
 
 <h3>Recommendations</h3>
 <ul>
-	<li><a href="https://secure.php.net/">PHP</a> version <strong>7.4</strong> or greater.</li>
+	<li><a href="https://www.php.net/">PHP</a> version <strong>7.4</strong> or greater.</li>
 	<li><a href="https://www.mysql.com/">MySQL</a> version <strong>8.0</strong> or greater OR <a href="https://mariadb.org/">MariaDB</a> version <strong>10.4</strong> or greater.</li>
 	<li>The <a href="https://httpd.apache.org/docs/2.2/mod/mod_rewrite.html">mod_rewrite</a> Apache module.</li>
 	<li><a href="https://wordpress.org/news/2016/12/moving-toward-ssl/">HTTPS</a> support.</li>

wp-admin/about.php

@@ -66,34 +66,22 @@ require_once ABSPATH . 'wp-admin/admin-header.php';
 			</div>
 			<div class="column is-vertically-aligned-center">
 				<h3><?php _e( 'Add and manage fonts across your site' ); ?></h3>
-				<p><?php _e( 'The new Font Library puts you in control of an essential piece of your site&#8217;s design—typography—without coding or extra steps. Effortlessly install, remove, and activate local and Google Fonts across your site regardless of your active theme. The ability to include custom typography collections gives site creators and publishers even more choice.' ); ?></p>
+				<p><?php _e( 'The new Font Library puts you in control of an essential piece of your site&#8217;s design—typography—without coding or extra steps. Effortlessly install, remove, and activate local and Google Fonts across your site for any block theme. The ability to include custom typography collections gives site creators and publishers even more choice.' ); ?></p>
 			</div>
 		</div>
 
 		<div class="about__section has-2-columns">
 			<div class="column is-vertically-aligned-center">
-				<h3><?php _e( 'Override specific content in synced patterns' ); ?></h3>
-				<p><?php _e( 'Keep your design consistent while bringing more flexibility to the content within. Choose to override content for Paragraph, Image, Heading, and Button blocks and make specified changes in each instance of a synced pattern. Use it for templated pieces with recurring elements to frame unique content, like recipes, testimonials, or case studies. You can expect more blocks to gain this option in future releases.' ); ?></p>
+				<h3><?php _e( 'Get more details from your style revisions' ); ?></h3>
+				<p><?php _e( 'Work through creative projects with a more comprehensive picture of what&#8217;s been done—and what you can fall back on. Get details like time stamps, quick summaries, and a paginated list of total revisions. View revisions from the Style Book to see changes outside of what you&#8217;re working on. Revisions are also now available for templates and template parts.' ); ?></p>
 			</div>
-			<div class="column is-vertically-aligned-center">
-				<div class="about__image">
-					<img src="https://s.w.org/images/core/6.5/2-patterns-override-content.webp" alt="" height="436" width="436" />
-				</div>
-			</div>
-		</div>
-
-		<div class="about__section has-2-columns">
 			<div class="column is-vertically-aligned-center">
 				<div class="about__image">
 					<img src="https://s.w.org/images/core/6.5/3-style-revisions.webp" alt="" height="436" width="436" />
 				</div>
 			</div>
-			<div class="column is-vertically-aligned-center">
-				<h3><?php _e( 'Get more details from your style revisions' ); ?></h3>
-				<p><?php _e( 'Work through creative projects with a more comprehensive picture of what&#8217;s been done—and what you can fall back on. Get details like time stamps, quick summaries, and a paginated list of total revisions. View revisions from the Style Book to see changes outside of what you&#8217;re working on. Revisions are also now available for templates and template parts.' ); ?></p>
-			</div>
 		</div>
-		
+
 		<div class="about__section has-3-columns">
 			<div class="column">
 				<div class="about__image">
@@ -124,7 +112,7 @@ require_once ABSPATH . 'wp-admin/admin-header.php';
 					<img src="https://s.w.org/images/core/6.5/7-data-views.webp" alt="" height="270" width="270" />
 				</div>
 				<h3 class="is-smaller-heading" style="margin-bottom:calc(var(--gap) / 4);"><?php _e( 'Discover new Data Views' ); ?></h3>
-				<p><?php _e( 'Make fast, informed changes with data views for pages, templates, patterns, and template parts. Arrange data in a table or grid view and enjoy a new UI for toggling fields and making bulk changes.' ); ?></p>
+				<p><?php _e( 'Find and organize your data however you like with data views for pages, templates, patterns, and template parts. Arrange it in a table or grid view with the option to toggle fields and make bulk changes.' ); ?></p>
 			</div>
 			<div class="column">
 				<div class="about__image">
@@ -187,7 +175,15 @@ require_once ABSPATH . 'wp-admin/admin-header.php';
 					</svg>
 				</div>
 				<h3 style="margin-top:calc(var(--gap) * 0.75);margin-bottom:calc(var(--gap) * 0.5)"><?php _e( 'Explore improvements to the plugin experience' ); ?></h3>
-				<p><?php _e( 'There&#8217;s now an easier way to manage plugin dependencies. Plugin authors can supply a new <code>Requires Plugins</code> header with a comma-separated list of required plugin slugs, presenting users with links to install and activate those plugins first.' ); ?></p>
+				<p>
+					<?php
+					printf(
+						/* translators: %s: Requires Plugins */
+						__( 'There&#8217;s now an easier way to manage plugin dependencies. Plugin authors can supply a new %s header with a comma-separated list of required plugin slugs, presenting users with links to install and activate those plugins first.' ),
+						'<code lang="en">Requires Plugins</code>'
+					);
+					?>
+				</p>
 			</div>
 		</div>
 
@@ -204,7 +200,7 @@ require_once ABSPATH . 'wp-admin/admin-header.php';
 					</svg>
 				</div>
 				<h3 style="margin-top:calc(var(--gap) * 0.75);margin-bottom:calc(var(--gap) * 0.5)"><?php _e( 'Performance updates' ); ?></h3>
-				<p><?php _e( 'This release includes 110+ performance updates, with an impressive increase in speed and efficiency across the Post Editor and Site Editor. Loading, input processing, and Site Editor navigation each see an increase in speed between two to six times faster than before. Translated sites see up to 25% improvement in load time for this release.' ); ?></p>
+				<p><?php _e( 'This release includes 110+ performance updates, with an impressive increase in speed and efficiency across the Post Editor and Site Editor. Loading is over two times faster than in 6.4, with input processing speed up to five times faster than the previous release. Translated sites see up to 25% improvement in load time for this release.' ); ?></p>
 			</div>
 			<div class="column">
 				<div class="about__image">
@@ -260,7 +256,7 @@ require_once ABSPATH . 'wp-admin/admin-header.php';
 					printf(
 						/* translators: 1: WordPress Field Guide link, 2: WordPress version number. */
 						__( 'Explore the <a href="%1$s">WordPress %2$s Field Guide</a>. Learn about the changes in this release with detailed developer notes to help you build with WordPress.' ),
-						( '#' ),
+						esc_url( __( 'https://make.wordpress.org/core/wordpress-6-5-field-guide/' ) ),
 						'6.5'
 					);
 					?>

wp-admin/admin-post.php

@@ -29,7 +29,7 @@ nocache_headers();
 /** This action is documented in wp-admin/admin.php */
 do_action( 'admin_init' );
 
-$action = ! empty( $_REQUEST['action'] ) ? $_REQUEST['action'] : '';
+$action = ! empty( $_REQUEST['action'] ) ? sanitize_text_field( $_REQUEST['action'] ) : '';
 
 // Reject invalid parameters.
 if ( ! is_scalar( $action ) ) {

wp-admin/async-upload.php

@@ -64,12 +64,12 @@ if ( isset( $_REQUEST['attachment_id'] ) && (int) $_REQUEST['attachment_id'] &&
 					?>
 					<div class="filename new">
 						<span class="media-list-title"><strong><?php echo esc_html( wp_html_excerpt( $title, 60, '&hellip;' ) ); ?></strong></span>
-						<span class="media-list-subtitle"><?php echo wp_basename( $file ); ?></span>
+						<span class="media-list-subtitle"><?php echo esc_html( wp_basename( $file ) ); ?></span>
 					</div>
 				</div>
 				<div class="attachment-tools">
 					<span class="media-item-copy-container copy-to-clipboard-container edit-attachment">
-						<button type="button" class="button button-small copy-attachment-url" data-clipboard-text="<?php echo $file_url; ?>"><?php _e( 'Copy URL to clipboard' ); ?></button>
+						<button type="button" class="button button-small copy-attachment-url" data-clipboard-text="<?php echo esc_url( $file_url ); ?>"><?php _e( 'Copy URL to clipboard' ); ?></button>
 						<span class="success hidden" aria-hidden="true"><?php _e( 'Copied!' ); ?></span>
 					</span>
 					<?php

wp-admin/comment.php

@@ -16,7 +16,8 @@ $submenu_file = 'edit-comments.php';
  * @global string $action
  */
 global $action;
-wp_reset_vars( array( 'action' ) );
+
+$action = ! empty( $_REQUEST['action'] ) ? sanitize_text_field( $_REQUEST['action'] ) : '';
 
 if ( isset( $_POST['deletecomment'] ) ) {
 	$action = 'deletecomment';

wp-admin/css/about-rtl.css

@@ -514,6 +514,10 @@
 	display: none !important;
 }
 
+.about__container code {
+	font-size: inherit;
+}
+
 .about__section {
 	font-size: 1.125rem;
 	line-height: 1.55;
@@ -582,7 +586,7 @@
 .privacy-php .about__header-title h1,
 .contribute-php .about__header-title h1 {
 	/* Fluid font size scales on browser size 960px - 1200px. */
-	font-size: clamp(2rem, 10vw - 3rem, 4rem);
+	font-size: clamp(2rem, 20vw - 9rem, 4rem);
 }
 
 .about__header-text {
@@ -652,7 +656,7 @@
 	.privacy-php .about__header-title h1,
 	.contribute-php .about__header-title h1 {
 		/* Fluid font size scales on browser size 600px - 960px. */
-		font-size: clamp(3rem, 6.67vw - 0.5rem, 4.5rem);
+		font-size: clamp(2rem, 20vw - 9rem, 4rem);
 	}
 
 	.about__header-navigation .nav-tab {
@@ -1277,24 +1281,6 @@
 	margin: 0.6em 0;
 }
 
-.freedoms-php .column .freedoms-image {
-	background-image: url('../images/freedoms.png');
-	background-size: 100%;
-	padding-top: 100%;
-}
-
-.freedoms-php .column:nth-of-type(2) .freedoms-image {
-	background-position: 100% 34%;
-}
-
-.freedoms-php .column:nth-of-type(3) .freedoms-image {
-	background-position: 100% 66%;
-}
-
-.freedoms-php .column:nth-of-type(4) .freedoms-image {
-	background-position: 100% 100%;
-}
-
 /*------------------------------------------------------------------------------
   x.5.0 - Legacy About Styles: Media Queries
 ------------------------------------------------------------------------------*/

wp-admin/css/about.css

@@ -513,6 +513,10 @@
 	display: none !important;
 }
 
+.about__container code {
+	font-size: inherit;
+}
+
 .about__section {
 	font-size: 1.125rem;
 	line-height: 1.55;
@@ -581,7 +585,7 @@
 .privacy-php .about__header-title h1,
 .contribute-php .about__header-title h1 {
 	/* Fluid font size scales on browser size 960px - 1200px. */
-	font-size: clamp(2rem, 10vw - 3rem, 4rem);
+	font-size: clamp(2rem, 20vw - 9rem, 4rem);
 }
 
 .about__header-text {
@@ -651,7 +655,7 @@
 	.privacy-php .about__header-title h1,
 	.contribute-php .about__header-title h1 {
 		/* Fluid font size scales on browser size 600px - 960px. */
-		font-size: clamp(3rem, 6.67vw - 0.5rem, 4.5rem);
+		font-size: clamp(2rem, 20vw - 9rem, 4rem);
 	}
 
 	.about__header-navigation .nav-tab {
@@ -1276,24 +1280,6 @@
 	margin: 0.6em 0;
 }
 
-.freedoms-php .column .freedoms-image {
-	background-image: url('../images/freedoms.png');
-	background-size: 100%;
-	padding-top: 100%;
-}
-
-.freedoms-php .column:nth-of-type(2) .freedoms-image {
-	background-position: 0 34%;
-}
-
-.freedoms-php .column:nth-of-type(3) .freedoms-image {
-	background-position: 0 66%;
-}
-
-.freedoms-php .column:nth-of-type(4) .freedoms-image {
-	background-position: 0 100%;
-}
-
 /*------------------------------------------------------------------------------
   x.5.0 - Legacy About Styles: Media Queries
 ------------------------------------------------------------------------------*/

wp-admin/css/common-rtl.css

@@ -1091,7 +1091,9 @@ th.action-links {
 
 .wp-filter .search-form {
 	float: left;
-	margin: 10px 0;
+	display: flex;
+	align-items: center;
+	column-gap: .5rem;
 }
 
 .wp-filter .search-form input[type="search"] {
@@ -1120,7 +1122,6 @@ th.action-links {
 .wp-filter .search-form.search-plugins .wp-filter-search,
 .no-js .wp-filter .search-form.search-plugins .button {
 	display: inline-block;
-	margin-top: 10px;
 	vertical-align: top;
 }
 
@@ -1361,6 +1362,11 @@ th.action-links {
 		position: relative;
 		max-width: 100%;
 	}
+	.wp-filter .search-form {
+		margin: 11px 0;
+		flex-wrap: wrap;
+		row-gap: 10px;
+	}
 }
 
 @media only screen and (max-width: 782px) {
@@ -4133,7 +4139,6 @@ img {
 	}
 
 	.wp-filter .search-form input[type="search"] {
-		width: 100%;
 		font-size: 1rem;
 	}
 
@@ -4187,6 +4192,10 @@ img {
 	.nav-tab-active:focus:active {
 		border-bottom: 1px solid #c3c4c7;
 	}
+
+	.wp-filter .search-form.search-plugins label {
+		width: 100%;
+	}
 }
 
 @media screen and (max-width: 480px) {

wp-admin/css/common.css

@@ -1090,7 +1090,9 @@ th.action-links {
 
 .wp-filter .search-form {
 	float: right;
-	margin: 10px 0;
+	display: flex;
+	align-items: center;
+	column-gap: .5rem;
 }
 
 .wp-filter .search-form input[type="search"] {
@@ -1119,7 +1121,6 @@ th.action-links {
 .wp-filter .search-form.search-plugins .wp-filter-search,
 .no-js .wp-filter .search-form.search-plugins .button {
 	display: inline-block;
-	margin-top: 10px;
 	vertical-align: top;
 }
 
@@ -1360,6 +1361,11 @@ th.action-links {
 		position: relative;
 		max-width: 100%;
 	}
+	.wp-filter .search-form {
+		margin: 11px 0;
+		flex-wrap: wrap;
+		row-gap: 10px;
+	}
 }
 
 @media only screen and (max-width: 782px) {
@@ -4132,7 +4138,6 @@ img {
 	}
 
 	.wp-filter .search-form input[type="search"] {
-		width: 100%;
 		font-size: 1rem;
 	}
 
@@ -4186,6 +4191,10 @@ img {
 	.nav-tab-active:focus:active {
 		border-bottom: 1px solid #c3c4c7;
 	}
+
+	.wp-filter .search-form.search-plugins label {
+		width: 100%;
+	}
 }
 
 @media screen and (max-width: 480px) {

wp-admin/css/customize-controls-rtl.css

@@ -1083,14 +1083,24 @@ p.customize-section-description {
 	float: right;
 }
 
-#available-menu-items .accordion-section-content .new-content-item,
-.customize-control-dropdown-pages .new-content-item {
+#available-menu-items .accordion-section-content .new-content-item-wrapper,
+.customize-control-dropdown-pages .new-content-item-wrapper {
 	width: calc(100% - 30px);
 	padding: 8px 15px;
 	position: absolute;
 	bottom: 0;
 	z-index: 10;
 	background: #f0f0f1;
+}
+
+.customize-control-dropdown-pages .new-content-item-wrapper {
+	width: 100%;
+	padding: 0;
+	position: static;
+}
+
+#available-menu-items .accordion-section-content .new-content-item,
+.customize-control-dropdown-pages .new-content-item {
 	display: flex;
 }
 
@@ -1100,6 +1110,14 @@ p.customize-section-description {
 	position: relative;
 }
 
+.customize-control-dropdown-pages .new-content-item-wrapper .new-content-item {
+	padding: 0;
+}
+
+.customize-control-dropdown-pages .new-content-item-wrapper .new-content-item label {
+	line-height: 1.6;
+}
+
 #available-menu-items .new-content-item .create-item-input,
 .customize-control-dropdown-pages .new-content-item .create-item-input {
 	flex-grow: 10;
@@ -1816,11 +1834,6 @@ p.customize-section-description {
 	bottom: 0;
 }
 
-.themes-filter-bar .feature-filter-toggle {
-	float: left;
-	margin: 3px 25px 3px 0;
-}
-
 .themes-filter-bar .feature-filter-toggle:before {
 	content: "\f111";
 	margin: 0 0 0 5px;
@@ -1881,12 +1894,6 @@ p.customize-section-description {
 	animation: .6s themes-fade-in 1;
 }
 
-.control-panel-themes .filter-themes-count {
-	position: relative;
-	float: left;
-	line-height: 2.6;
-}
-
 .control-panel-themes .filter-themes-count .themes-displayed {
 	font-weight: 600;
 	color: #50575e;
@@ -2098,6 +2105,28 @@ p.customize-section-description {
 	box-sizing: border-box;
 	border-bottom: 1px solid #dcdcde;
 }
+.customize-preview-header.themes-filter-bar,
+.customize-preview-header.themes-filter-bar .search-form {
+	display: flex;
+	align-items: center;
+	gap: 10px;
+	flex-wrap: wrap;
+}
+
+.customize-preview-header.themes-filter-bar .search-form-input {
+	position: relative;
+}
+
+.customize-preview-header .filter-themes-wrapper {
+	display: grid;
+	align-items: center;
+	gap: 10px;
+	grid-template-columns: auto 1fr;
+}
+
+.customize-preview-header .filter-themes-wrapper .filter-themes-count {
+	justify-self: end;
+}
 
 @media screen and (min-width: 1670px) {
 	.customize-preview-header.themes-filter-bar {
@@ -2110,6 +2139,9 @@ p.customize-section-description {
 .themes-filter-bar .themes-filter-container {
 	margin: 0;
 	padding: 0;
+	display: flex;
+	align-items: center;
+	gap: 10px;
 }
 
 .themes-filter-bar .wp-filter-search {
@@ -2118,11 +2150,10 @@ p.customize-section-description {
 	max-width: 100%;
 	width: 40%;
 	min-width: 300px;
-	position: absolute;
-	top: 6px;
-	right: 25px;
 	height: 32px;
 	margin: 1px 0;
+	top: 0;
+	right: 0;
 }
 
 /* Unstick the filter bar on short windows/screens. This breakpoint is based on the
@@ -2156,18 +2187,31 @@ p.customize-section-description {
 	}
 }
 
-@media screen and (max-width: 900px) {
+@media screen and (max-width: 960px) {
 	.customize-preview-header.themes-filter-bar {
-		height: 86px;
-		padding-top: 46px;
+		height: 96px;
 	}
+}
 
+@media screen and (max-width: 900px) {
 	.themes-filter-bar .wp-filter-search {
-		width: calc(100% - 50px);
+		width: 100%;
 		margin: 0;
 		min-width: 200px;
 	}
 
+	.customize-preview-header.themes-filter-bar,
+	.customize-preview-header.themes-filter-bar .search-form
+	.themes-filter-bar .themes-filter-container {
+		display: grid;
+		gap: 4px;
+	}
+
+	.customize-preview-header.themes-filter-bar .search-form-input {
+		display: flex;
+		flex-grow: 1;
+	}
+
 	.filter-drawer {
 		top: 86px;
 	}
@@ -2581,7 +2625,7 @@ body.adding-widget .add-new-widget:before,
 }
 
 #available-widgets-list {
-	top: 60px;
+	top: 82px;
 	position: absolute;
 	overflow: auto;
 	bottom: 0;
@@ -2625,7 +2669,7 @@ body.adding-widget .add-new-widget:before,
 #available-widgets-filter .search-icon {
 	display: block;
 	position: absolute;
-	top: 15px; /* 13 container padding +1 input margin +1 input border */
+	bottom: 15px; /* 13 container padding +1 input margin +1 input border */
 	right: 16px;
 	width: 30px;
 	height: 30px;
@@ -2635,9 +2679,9 @@ body.adding-widget .add-new-widget:before,
 }
 
 #available-widgets-filter .clear-results,
-#available-menu-items-search .clear-results {
+#available-menu-items-search .accordion-section-title .clear-results {
 	position: absolute;
-	top: 15px; /* 13 container padding +1 input margin +1 input border */
+	top: 36px; /* 13 container padding +1 input margin +1 input border */
 	left: 16px;
 	width: 30px;
 	height: 30px;
@@ -2696,8 +2740,8 @@ body.adding-widget .add-new-widget:before,
 
 .themes-filter-bar .search-icon {
 	position: absolute;
-	top: 7px;
-	right: 26px;
+	top: 2px;
+	right: 2px;
 	z-index: 1;
 	color: #646970;
 	height: 30px;
@@ -2815,8 +2859,8 @@ body.adding-widget .add-new-widget:before,
 		margin-top: 12px;
 	}
 
-	.wp-core-ui .themes-filter-bar .feature-filter-toggle {
-		margin: 3px 25px 3px 0;
+	.customize-preview-header.themes-filter-bar .search-icon {
+		top: 6px;
 	}
 }
 
@@ -2953,22 +2997,18 @@ body.adding-widget .add-new-widget:before,
 	}
 
 	#available-widgets-list {
-		top: 130px;
+		top: 152px;
 	}
 
-	#available-menu-items-search .clear-results,
-	#available-menu-items-search .search-icon {
-		top: 85px; /* 70 section title height + 13 container padding +1 input margin +1 input border */
+	#available-menu-items-search .clear-results {
+		top: 36px;
+		left: 16px;
 	}
 
 	.reorder,
 	.reordering .reorder-done {
 		padding: 8px;
 	}
-
-	.wp-core-ui .themes-filter-bar .feature-filter-toggle {
-		margin: 0;
-	}
 }
 
 @media screen and (max-width: 600px) {

wp-admin/css/customize-controls.css

@@ -1082,14 +1082,24 @@ p.customize-section-description {
 	float: left;
 }
 
-#available-menu-items .accordion-section-content .new-content-item,
-.customize-control-dropdown-pages .new-content-item {
+#available-menu-items .accordion-section-content .new-content-item-wrapper,
+.customize-control-dropdown-pages .new-content-item-wrapper {
 	width: calc(100% - 30px);
 	padding: 8px 15px;
 	position: absolute;
 	bottom: 0;
 	z-index: 10;
 	background: #f0f0f1;
+}
+
+.customize-control-dropdown-pages .new-content-item-wrapper {
+	width: 100%;
+	padding: 0;
+	position: static;
+}
+
+#available-menu-items .accordion-section-content .new-content-item,
+.customize-control-dropdown-pages .new-content-item {
 	display: flex;
 }
 
@@ -1099,6 +1109,14 @@ p.customize-section-description {
 	position: relative;
 }
 
+.customize-control-dropdown-pages .new-content-item-wrapper .new-content-item {
+	padding: 0;
+}
+
+.customize-control-dropdown-pages .new-content-item-wrapper .new-content-item label {
+	line-height: 1.6;
+}
+
 #available-menu-items .new-content-item .create-item-input,
 .customize-control-dropdown-pages .new-content-item .create-item-input {
 	flex-grow: 10;
@@ -1815,11 +1833,6 @@ p.customize-section-description {
 	bottom: 0;
 }
 
-.themes-filter-bar .feature-filter-toggle {
-	float: right;
-	margin: 3px 0 3px 25px;
-}
-
 .themes-filter-bar .feature-filter-toggle:before {
 	content: "\f111";
 	margin: 0 5px 0 0;
@@ -1880,12 +1893,6 @@ p.customize-section-description {
 	animation: .6s themes-fade-in 1;
 }
 
-.control-panel-themes .filter-themes-count {
-	position: relative;
-	float: right;
-	line-height: 2.6;
-}
-
 .control-panel-themes .filter-themes-count .themes-displayed {
 	font-weight: 600;
 	color: #50575e;
@@ -2097,6 +2104,28 @@ p.customize-section-description {
 	box-sizing: border-box;
 	border-bottom: 1px solid #dcdcde;
 }
+.customize-preview-header.themes-filter-bar,
+.customize-preview-header.themes-filter-bar .search-form {
+	display: flex;
+	align-items: center;
+	gap: 10px;
+	flex-wrap: wrap;
+}
+
+.customize-preview-header.themes-filter-bar .search-form-input {
+	position: relative;
+}
+
+.customize-preview-header .filter-themes-wrapper {
+	display: grid;
+	align-items: center;
+	gap: 10px;
+	grid-template-columns: auto 1fr;
+}
+
+.customize-preview-header .filter-themes-wrapper .filter-themes-count {
+	justify-self: end;
+}
 
 @media screen and (min-width: 1670px) {
 	.customize-preview-header.themes-filter-bar {
@@ -2109,6 +2138,9 @@ p.customize-section-description {
 .themes-filter-bar .themes-filter-container {
 	margin: 0;
 	padding: 0;
+	display: flex;
+	align-items: center;
+	gap: 10px;
 }
 
 .themes-filter-bar .wp-filter-search {
@@ -2117,11 +2149,10 @@ p.customize-section-description {
 	max-width: 100%;
 	width: 40%;
 	min-width: 300px;
-	position: absolute;
-	top: 6px;
-	left: 25px;
 	height: 32px;
 	margin: 1px 0;
+	top: 0;
+	left: 0;
 }
 
 /* Unstick the filter bar on short windows/screens. This breakpoint is based on the
@@ -2155,18 +2186,31 @@ p.customize-section-description {
 	}
 }
 
-@media screen and (max-width: 900px) {
+@media screen and (max-width: 960px) {
 	.customize-preview-header.themes-filter-bar {
-		height: 86px;
-		padding-top: 46px;
+		height: 96px;
 	}
+}
 
+@media screen and (max-width: 900px) {
 	.themes-filter-bar .wp-filter-search {
-		width: calc(100% - 50px);
+		width: 100%;
 		margin: 0;
 		min-width: 200px;
 	}
 
+	.customize-preview-header.themes-filter-bar,
+	.customize-preview-header.themes-filter-bar .search-form
+	.themes-filter-bar .themes-filter-container {
+		display: grid;
+		gap: 4px;
+	}
+
+	.customize-preview-header.themes-filter-bar .search-form-input {
+		display: flex;
+		flex-grow: 1;
+	}
+
 	.filter-drawer {
 		top: 86px;
 	}
@@ -2580,7 +2624,7 @@ body.adding-widget .add-new-widget:before,
 }
 
 #available-widgets-list {
-	top: 60px;
+	top: 82px;
 	position: absolute;
 	overflow: auto;
 	bottom: 0;
@@ -2624,7 +2668,7 @@ body.adding-widget .add-new-widget:before,
 #available-widgets-filter .search-icon {
 	display: block;
 	position: absolute;
-	top: 15px; /* 13 container padding +1 input margin +1 input border */
+	bottom: 15px; /* 13 container padding +1 input margin +1 input border */
 	left: 16px;
 	width: 30px;
 	height: 30px;
@@ -2634,9 +2678,9 @@ body.adding-widget .add-new-widget:before,
 }
 
 #available-widgets-filter .clear-results,
-#available-menu-items-search .clear-results {
+#available-menu-items-search .accordion-section-title .clear-results {
 	position: absolute;
-	top: 15px; /* 13 container padding +1 input margin +1 input border */
+	top: 36px; /* 13 container padding +1 input margin +1 input border */
 	right: 16px;
 	width: 30px;
 	height: 30px;
@@ -2695,8 +2739,8 @@ body.adding-widget .add-new-widget:before,
 
 .themes-filter-bar .search-icon {
 	position: absolute;
-	top: 7px;
-	left: 26px;
+	top: 2px;
+	left: 2px;
 	z-index: 1;
 	color: #646970;
 	height: 30px;
@@ -2814,8 +2858,8 @@ body.adding-widget .add-new-widget:before,
 		margin-top: 12px;
 	}
 
-	.wp-core-ui .themes-filter-bar .feature-filter-toggle {
-		margin: 3px 0 3px 25px;
+	.customize-preview-header.themes-filter-bar .search-icon {
+		top: 6px;
 	}
 }
 
@@ -2952,22 +2996,18 @@ body.adding-widget .add-new-widget:before,
 	}
 
 	#available-widgets-list {
-		top: 130px;
+		top: 152px;
 	}
 
-	#available-menu-items-search .clear-results,
-	#available-menu-items-search .search-icon {
-		top: 85px; /* 70 section title height + 13 container padding +1 input margin +1 input border */
+	#available-menu-items-search .clear-results {
+		top: 36px;
+		right: 16px;
 	}
 
 	.reorder,
 	.reordering .reorder-done {
 		padding: 8px;
 	}
-
-	.wp-core-ui .themes-filter-bar .feature-filter-toggle {
-		margin: 0;
-	}
 }
 
 @media screen and (max-width: 600px) {

wp-admin/css/customize-nav-menus-rtl.css

@@ -558,7 +558,7 @@
 
 #available-menu-items .accordion-section-title .no-items,
 #available-menu-items .cannot-expand .accordion-section-title .spinner,
-#available-menu-items .cannot-expand .accordion-section-title > button {
+#available-menu-items .cannot-expand .accordion-section-title > button:not(#available-menu-items-search button.is-visible) {
 	display: none;
 }
 
@@ -582,7 +582,7 @@
 }
 
 #available-menu-items .accordion-section-content .available-menu-items-list {
-	margin: 0 0 45px;
+	margin: 0 0 64px;
 	padding: 1px 15px 15px;
 }
 
@@ -681,7 +681,7 @@
 
 #available-menu-items-search .spinner {
 	position: absolute;
-	top: 20px; /* 13 container padding +1 input margin +6 ( ( 32 input height - 20 spinner height ) / 2 ) */
+	bottom: 20px; /* 13 container padding +1 input margin +6 ( ( 32 input height - 20 spinner height ) / 2 ) */
 	left: 21px;
 	margin: 0 !important;
 }
@@ -690,7 +690,7 @@
 #available-menu-items #available-menu-items-search .accordion-section-content {
 	position: absolute;
 	right: 0;
-	top: 60px; /* below title div / search input */
+	top: 75px; /* below title div / search input */
 	bottom: 0; /* 100% height that still triggers lazy load */
 	max-height: none;
 	width: 100%;
@@ -879,6 +879,6 @@ li.assigned-to-menu-location .add-new-menu-item {
 
 @media screen and (max-width: 640px) {
 	#available-menu-items #available-menu-items-search .accordion-section-content {
-		top: 130px;
+		top: 146px;
 	}
 }

wp-admin/css/customize-nav-menus.css

@@ -557,7 +557,7 @@
 
 #available-menu-items .accordion-section-title .no-items,
 #available-menu-items .cannot-expand .accordion-section-title .spinner,
-#available-menu-items .cannot-expand .accordion-section-title > button {
+#available-menu-items .cannot-expand .accordion-section-title > button:not(#available-menu-items-search button.is-visible) {
 	display: none;
 }
 
@@ -581,7 +581,7 @@
 }
 
 #available-menu-items .accordion-section-content .available-menu-items-list {
-	margin: 0 0 45px;
+	margin: 0 0 64px;
 	padding: 1px 15px 15px;
 }
 
@@ -680,7 +680,7 @@
 
 #available-menu-items-search .spinner {
 	position: absolute;
-	top: 20px; /* 13 container padding +1 input margin +6 ( ( 32 input height - 20 spinner height ) / 2 ) */
+	bottom: 20px; /* 13 container padding +1 input margin +6 ( ( 32 input height - 20 spinner height ) / 2 ) */
 	right: 21px;
 	margin: 0 !important;
 }
@@ -689,7 +689,7 @@
 #available-menu-items #available-menu-items-search .accordion-section-content {
 	position: absolute;
 	left: 0;
-	top: 60px; /* below title div / search input */
+	top: 75px; /* below title div / search input */
 	bottom: 0; /* 100% height that still triggers lazy load */
 	max-height: none;
 	width: 100%;
@@ -878,6 +878,6 @@ li.assigned-to-menu-location .add-new-menu-item {
 
 @media screen and (max-width: 640px) {
 	#available-menu-items #available-menu-items-search .accordion-section-content {
-		top: 130px;
+		top: 146px;
 	}
 }

wp-admin/css/edit-rtl.css

@@ -1272,13 +1272,23 @@ label.post-format-icon {
 	margin: 0;
 }
 
+.categorydiv,
+.customlinkdiv,
+.posttypediv,
+.taxonomydiv {
+	max-height: inherit;
+	height: 100%;
+}
+
 .wp-tab-panel,
 .categorydiv div.tabs-panel,
 .customlinkdiv div.tabs-panel,
 .posttypediv div.tabs-panel,
 .taxonomydiv div.tabs-panel {
 	min-height: 42px;
-	max-height: 200px;
+	/* Allow space for content after tab panels in nav menu editor. */
+	max-height: calc( 100% - 75px );
+	height: 100%;
 	overflow: auto;
 	padding: 0 0.9em;
 	border: solid 1px #dcdcde;

wp-admin/css/edit.css

@@ -1271,13 +1271,23 @@ label.post-format-icon {
 	margin: 0;
 }
 
+.categorydiv,
+.customlinkdiv,
+.posttypediv,
+.taxonomydiv {
+	max-height: inherit;
+	height: 100%;
+}
+
 .wp-tab-panel,
 .categorydiv div.tabs-panel,
 .customlinkdiv div.tabs-panel,
 .posttypediv div.tabs-panel,
 .taxonomydiv div.tabs-panel {
 	min-height: 42px;
-	max-height: 200px;
+	/* Allow space for content after tab panels in nav menu editor. */
+	max-height: calc( 100% - 75px );
+	height: 100%;
 	overflow: auto;
 	padding: 0 0.9em;
 	border: solid 1px #dcdcde;

wp-admin/css/forms-rtl.css

@@ -721,8 +721,13 @@ fieldset label,
 }
 
 p.search-box {
+	display: flex;
+	flex-wrap: wrap;
+	align-items: center;
+	column-gap: 0.5rem;
+	position: relative;
 	float: left;
-	margin: 0;
+	margin: 11px 0;
 }
 
 .network-admin.themes-php p.search-box {

wp-admin/css/forms.css

@@ -720,8 +720,13 @@ fieldset label,
 }
 
 p.search-box {
+	display: flex;
+	flex-wrap: wrap;
+	align-items: center;
+	column-gap: 0.5rem;
+	position: relative;
 	float: right;
-	margin: 0;
+	margin: 11px 0;
 }
 
 .network-admin.themes-php p.search-box {

wp-admin/css/list-tables-rtl.css

@@ -905,7 +905,7 @@ tr:hover .row-actions,
 
 tr.inline-edit-row td {
 	padding: 0;
-	/* Prevents the focus style on .inline-edit-wrapper from being cutted-off */
+	/* Prevents the focus style on .inline-edit-wrapper from being cut-off */
 	position: relative;
 }
 

wp-admin/css/list-tables.css

@@ -904,7 +904,7 @@ tr:hover .row-actions,
 
 tr.inline-edit-row td {
 	padding: 0;
-	/* Prevents the focus style on .inline-edit-wrapper from being cutted-off */
+	/* Prevents the focus style on .inline-edit-wrapper from being cut-off */
 	position: relative;
 }
 

wp-admin/css/media-rtl.css

@@ -586,15 +586,9 @@ border color while dragging a file over the uploader drop area */
 }
 
 .media-frame-content .media-search-input-label {
-	margin: 0 0 0 .2em;
 	vertical-align: baseline;
 }
 
-.media-frame.mode-grid .media-search-input-label {
-	position: static;
-	margin: 0 0 0 .5em;
-}
-
 .attachments-browser .media-toolbar-secondary > .media-button {
 	margin-left: 10px;
 }
@@ -908,7 +902,7 @@ border color while dragging a file over the uploader drop area */
 }
 
 .imgedit-settings {
-	max-width: 400px; /* Prevent reflow when help info is expanded. */
+	max-width: 240px; /* Prevent reflow when help info is expanded. */
 }
 
 .imgedit-group-controls > * {
@@ -1125,7 +1119,7 @@ border color while dragging a file over the uploader drop area */
 .imgedit-panel-tools > .imgedit-menu {
 	display: flex;
 	column-gap: 4px;
-	align-items: start;
+	align-items: flex-start;
 	flex-wrap: wrap;
 }
 
@@ -1374,6 +1368,12 @@ audio, video {
 		width: 100%;
 		margin-bottom: 20px;
 		display: flex;
+		flex-wrap: nowrap;
+		column-gap: 0;
+	}
+
+	.wp-filter p.search-box #media-search-input {
+		width: 100%;
 	}
 
 }

wp-admin/css/media.css

@@ -585,15 +585,9 @@ border color while dragging a file over the uploader drop area */
 }
 
 .media-frame-content .media-search-input-label {
-	margin: 0 .2em 0 0;
 	vertical-align: baseline;
 }
 
-.media-frame.mode-grid .media-search-input-label {
-	position: static;
-	margin: 0 .5em 0 0;
-}
-
 .attachments-browser .media-toolbar-secondary > .media-button {
 	margin-right: 10px;
 }
@@ -907,7 +901,7 @@ border color while dragging a file over the uploader drop area */
 }
 
 .imgedit-settings {
-	max-width: 400px; /* Prevent reflow when help info is expanded. */
+	max-width: 240px; /* Prevent reflow when help info is expanded. */
 }
 
 .imgedit-group-controls > * {
@@ -1124,7 +1118,7 @@ border color while dragging a file over the uploader drop area */
 .imgedit-panel-tools > .imgedit-menu {
 	display: flex;
 	column-gap: 4px;
-	align-items: start;
+	align-items: flex-start;
 	flex-wrap: wrap;
 }
 
@@ -1373,6 +1367,12 @@ audio, video {
 		width: 100%;
 		margin-bottom: 20px;
 		display: flex;
+		flex-wrap: nowrap;
+		column-gap: 0;
+	}
+
+	.wp-filter p.search-box #media-search-input {
+		width: 100%;
 	}
 
 }

wp-admin/css/nav-menus-rtl.css

@@ -22,6 +22,7 @@ ul.add-menu-item-tabs li {
 
 #nav-menu-meta .accordion-section-content {
 	padding: 18px 13px;
+	resize: vertical;
 }
 
 #nav-menu-meta .button-controls {
@@ -49,6 +50,8 @@ ul.add-menu-item-tabs li {
 #menu-settings-column .inside {
 	clear: both;
 	margin: 10px 0 0;
+	height: 100%;
+	max-height: inherit;
 }
 
 .metabox-holder-disabled .postbox,

wp-admin/css/nav-menus.css

@@ -21,6 +21,7 @@ ul.add-menu-item-tabs li {
 
 #nav-menu-meta .accordion-section-content {
 	padding: 18px 13px;
+	resize: vertical;
 }
 
 #nav-menu-meta .button-controls {
@@ -48,6 +49,8 @@ ul.add-menu-item-tabs li {
 #menu-settings-column .inside {
 	clear: both;
 	margin: 10px 0 0;
+	height: 100%;
+	max-height: inherit;
 }
 
 .metabox-holder-disabled .postbox,

wp-admin/customize.php

@@ -84,8 +84,10 @@ if ( $wp_customize->changeset_post_id() ) {
 	}
 }
 
+$url       = ! empty( $_REQUEST['url'] ) ? sanitize_text_field( $_REQUEST['url'] ) : '';
+$return    = ! empty( $_REQUEST['return'] ) ? sanitize_text_field( $_REQUEST['return'] ) : '';
+$autofocus = ! empty( $_REQUEST['autofocus'] ) ? sanitize_text_field( $_REQUEST['autofocus'] ) : '';
 
-wp_reset_vars( array( 'url', 'return', 'autofocus' ) );
 if ( ! empty( $url ) ) {
 	$wp_customize->set_preview_url( wp_unslash( $url ) );
 }

wp-admin/edit-form-advanced.php

@@ -377,7 +377,7 @@ if ( 'post' === $post_type ) {
 	'</li>';
 
 	if ( current_theme_supports( 'post-formats' ) && post_type_supports( 'post', 'post-formats' ) ) {
-		$publish_box .= '<li>' . __( '<strong>Format</strong> &mdash; Post Formats designate how your theme will display a specific post. For example, you could have a <em>standard</em> blog post with a title and paragraphs, or a short <em>aside</em> that omits the title and contains a short text blurb. Your theme could enable all or some of 10 possible formats. <a href="https://wordpress.org/documentation/article/post-formats/#supported-formats">Learn more about each post format</a>.' ) . '</li>';
+		$publish_box .= '<li>' . __( '<strong>Format</strong> &mdash; Post Formats designate how your theme will display a specific post. For example, you could have a <em>standard</em> blog post with a title and paragraphs, or a short <em>aside</em> that omits the title and contains a short text blurb. Your theme could enable all or some of 10 possible formats. <a href="https://developer.wordpress.org/advanced-administration/wordpress/post-formats/#supported-formats">Learn more about each post format</a>.' ) . '</li>';
 	}
 
 	if ( current_theme_supports( 'post-thumbnails' ) && post_type_supports( 'post', 'thumbnail' ) ) {

wp-admin/edit-tag-form.php

@@ -44,11 +44,7 @@ if ( 'category' === $taxonomy ) {
 	do_action_deprecated( 'edit_tag_form_pre', array( $tag ), '3.0.0', '{$taxonomy}_pre_edit_form' );
 }
 
-/**
- * Use with caution, see https://developer.wordpress.org/reference/functions/wp_reset_vars/
- */
-wp_reset_vars( array( 'wp_http_referer' ) );
-
+$wp_http_referer = ! empty( $_REQUEST['wp_http_referer'] ) ? sanitize_text_field( $_REQUEST['wp_http_referer'] ) : '';
 $wp_http_referer = remove_query_arg( array( 'action', 'message', 'tag_ID' ), $wp_http_referer );
 
 // Also used by Edit Tags.

wp-admin/erase-personal-data.php

@@ -55,8 +55,8 @@ get_current_screen()->add_help_tab(
 		'title'   => __( 'Plugin Data' ),
 		'content' =>
 					'<p>' . __( 'Many plugins may collect or store personal data either in the WordPress database or remotely. Any Erase Personal Data request should delete data from plugins as well.' ) . '</p>' .
-					'<p>' . __( 'If you are a plugin author, you can <a href="https://developer.wordpress.org/plugins/privacy/adding-the-personal-data-eraser-to-your-plugin/" target="_blank">learn more about how to add support for the Personal Data Eraser to a plugin here</a>.' ) . '</p>' .
-					$privacy_policy_guide,
+					$privacy_policy_guide .
+					'<p>' . __( 'If you are a plugin author, you can learn more about <a href="https://developer.wordpress.org/plugins/privacy/adding-the-personal-data-eraser-to-your-plugin/">how to add the Personal Data Eraser to a plugin</a>.' ) . '</p>',
 	)
 );
 

wp-admin/export-personal-data.php

@@ -55,8 +55,8 @@ get_current_screen()->add_help_tab(
 		'title'   => __( 'Plugin Data' ),
 		'content' =>
 					'<p>' . __( 'Many plugins may collect or store personal data either in the WordPress database or remotely. Any Export Personal Data request should include data from plugins as well.' ) . '</p>' .
-					'<p>' . __( 'Plugin authors can <a href="https://developer.wordpress.org/plugins/privacy/adding-the-personal-data-exporter-to-your-plugin/" target="_blank">learn more about how to add the Personal Data Exporter to a plugin here</a>.' ) . '</p>' .
-					$privacy_policy_guide,
+					$privacy_policy_guide .
+					'<p>' . __( 'If you are a plugin author, you can learn more about <a href="https://developer.wordpress.org/plugins/privacy/adding-the-personal-data-exporter-to-your-plugin/">how to add the Personal Data Exporter to a plugin</a>.' ) . '</p>',
 	)
 );
 

wp-admin/export.php

@@ -129,11 +129,11 @@ require_once ABSPATH . 'wp-admin/admin-header.php';
 /**
  * Creates the date options fields for exporting a given post type.
  *
+ * @since 3.1.0
+ *
  * @global wpdb      $wpdb      WordPress database abstraction object.
  * @global WP_Locale $wp_locale WordPress date and time locale object.
  *
- * @since 3.1.0
- *
  * @param string $post_type The post type. Default 'post'.
  */
 function export_date_options( $post_type = 'post' ) {
@@ -238,8 +238,8 @@ function export_date_options( $post_type = 'post' ) {
 		<select name="post_status" id="post-status">
 			<option value="0"><?php _e( 'All' ); ?></option>
 			<?php
-			$post_stati = get_post_stati( array( 'internal' => false ), 'objects' );
-			foreach ( $post_stati as $status ) :
+			$post_statuses = get_post_stati( array( 'internal' => false ), 'objects' );
+			foreach ( $post_statuses as $status ) :
 				?>
 			<option value="<?php echo esc_attr( $status->name ); ?>"><?php echo esc_html( $status->label ); ?></option>
 			<?php endforeach; ?>
@@ -289,7 +289,7 @@ function export_date_options( $post_type = 'post' ) {
 		<label for="page-status" class="label-responsive"><?php _e( 'Status:' ); ?></label>
 		<select name="page_status" id="page-status">
 			<option value="0"><?php _e( 'All' ); ?></option>
-			<?php foreach ( $post_stati as $status ) : ?>
+			<?php foreach ( $post_statuses as $status ) : ?>
 			<option value="<?php echo esc_attr( $status->name ); ?>"><?php echo esc_html( $status->label ); ?></option>
 			<?php endforeach; ?>
 		</select>

wp-admin/includes/ajax-actions.php

@@ -192,7 +192,7 @@ function wp_ajax_wp_compression_test() {
 		if ( is_multisite() ) {
 			update_site_option( 'can_compress_scripts', 0 );
 		} else {
-			update_option( 'can_compress_scripts', 0, 'yes' );
+			update_option( 'can_compress_scripts', 0, 'on' );
 		}
 		wp_die( 0 );
 	}
@@ -231,7 +231,7 @@ function wp_ajax_wp_compression_test() {
 			if ( is_multisite() ) {
 				update_site_option( 'can_compress_scripts', 0 );
 			} else {
-				update_option( 'can_compress_scripts', 0, 'yes' );
+				update_option( 'can_compress_scripts', 0, 'on' );
 			}
 		} elseif ( 'yes' === $_GET['test'] ) {
 			check_ajax_referer( 'update_can_compress_scripts' );
@@ -239,7 +239,7 @@ function wp_ajax_wp_compression_test() {
 			if ( is_multisite() ) {
 				update_site_option( 'can_compress_scripts', 1 );
 			} else {
-				update_option( 'can_compress_scripts', 1, 'yes' );
+				update_option( 'can_compress_scripts', 1, 'on' );
 			}
 		}
 	}
@@ -274,7 +274,7 @@ function wp_ajax_imgedit_preview() {
  *
  * @since 3.1.0
  *
- * @global WP_Embed $wp_embed
+ * @global WP_Embed $wp_embed WordPress Embed object.
  */
 function wp_ajax_oembed_cache() {
 	$GLOBALS['wp_embed']->cache_oembed( $_GET['post'] );
@@ -3381,7 +3381,7 @@ function wp_ajax_send_attachment_to_editor() {
  * @since 3.5.0
  *
  * @global WP_Post  $post     Global post object.
- * @global WP_Embed $wp_embed
+ * @global WP_Embed $wp_embed WordPress Embed object.
  */
 function wp_ajax_send_link_to_editor() {
 	global $post, $wp_embed;
@@ -3733,8 +3733,8 @@ function wp_ajax_query_themes() {
  *
  * @since 4.0.0
  *
- * @global WP_Post    $post       Global post object.
- * @global WP_Embed   $wp_embed   Embed API instance.
+ * @global WP_Post    $post          Global post object.
+ * @global WP_Embed   $wp_embed      WordPress Embed object.
  * @global WP_Scripts $wp_scripts
  * @global int        $content_width
  */

wp-admin/includes/class-bulk-plugin-upgrader-skin.php

@@ -23,10 +23,16 @@ class Bulk_Plugin_Upgrader_Skin extends Bulk_Upgrader_Skin {
 	 * The Plugin_Upgrader::bulk_upgrade() method will fill this in
 	 * with info retrieved from the get_plugin_data() function.
 	 *
+	 * @since 3.0.0
 	 * @var array Plugin data. Values will be empty if not supplied by the plugin.
 	 */
 	public $plugin_info = array();
 
+	/**
+	 * Sets up the strings used in the update process.
+	 *
+	 * @since 3.0.0
+	 */
 	public function add_strings() {
 		parent::add_strings();
 		/* translators: 1: Plugin name, 2: Number of the plugin, 3: Total number of plugins being updated. */
@@ -34,6 +40,10 @@ class Bulk_Plugin_Upgrader_Skin extends Bulk_Upgrader_Skin {
 	}
 
 	/**
+	 * Performs an action before a bulk plugin update.
+	 *
+	 * @since 3.0.0
+	 *
 	 * @param string $title
 	 */
 	public function before( $title = '' ) {
@@ -41,6 +51,10 @@ class Bulk_Plugin_Upgrader_Skin extends Bulk_Upgrader_Skin {
 	}
 
 	/**
+	 * Performs an action following a bulk plugin update.
+	 *
+	 * @since 3.0.0
+	 *
 	 * @param string $title
 	 */
 	public function after( $title = '' ) {
@@ -49,6 +63,9 @@ class Bulk_Plugin_Upgrader_Skin extends Bulk_Upgrader_Skin {
 	}
 
 	/**
+	 * Displays the footer following the bulk update process.
+	 *
+	 * @since 3.0.0
 	 */
 	public function bulk_footer() {
 		parent::bulk_footer();

wp-admin/includes/class-bulk-theme-upgrader-skin.php

@@ -24,10 +24,16 @@ class Bulk_Theme_Upgrader_Skin extends Bulk_Upgrader_Skin {
 	 * with info retrieved from the Theme_Upgrader::theme_info() method,
 	 * which in turn calls the wp_get_theme() function.
 	 *
+	 * @since 3.0.0
 	 * @var WP_Theme|false The theme's info object, or false.
 	 */
 	public $theme_info = false;
 
+	/**
+	 * Sets up the strings used in the update process.
+	 *
+	 * @since 3.0.0
+	 */
 	public function add_strings() {
 		parent::add_strings();
 		/* translators: 1: Theme name, 2: Number of the theme, 3: Total number of themes being updated. */
@@ -35,6 +41,10 @@ class Bulk_Theme_Upgrader_Skin extends Bulk_Upgrader_Skin {
 	}
 
 	/**
+	 * Performs an action before a bulk theme update.
+	 *
+	 * @since 3.0.0
+	 *
 	 * @param string $title
 	 */
 	public function before( $title = '' ) {
@@ -42,6 +52,10 @@ class Bulk_Theme_Upgrader_Skin extends Bulk_Upgrader_Skin {
 	}
 
 	/**
+	 * Performs an action following a bulk theme update.
+	 *
+	 * @since 3.0.0
+	 *
 	 * @param string $title
 	 */
 	public function after( $title = '' ) {
@@ -50,6 +64,9 @@ class Bulk_Theme_Upgrader_Skin extends Bulk_Upgrader_Skin {
 	}
 
 	/**
+	 * Displays the footer following the bulk update process.
+	 *
+	 * @since 3.0.0
 	 */
 	public function bulk_footer() {
 		parent::bulk_footer();

wp-admin/includes/class-bulk-upgrader-skin.php

@@ -16,13 +16,30 @@
  * @see WP_Upgrader_Skin
  */
 class Bulk_Upgrader_Skin extends WP_Upgrader_Skin {
-	public $in_loop = false;
+
 	/**
+	 * Whether the bulk update process has started.
+	 *
+	 * @since 3.0.0
+	 * @var bool
+	 */
+	public $in_loop = false;
+
+	/**
+	 * Stores an error message about the update.
+	 *
+	 * @since 3.0.0
 	 * @var string|false
 	 */
 	public $error = false;
 
 	/**
+	 * Constructor.
+	 *
+	 * Sets up the generic skin for the Bulk Upgrader classes.
+	 *
+	 * @since 3.0.0
+	 *
 	 * @param array $args
 	 */
 	public function __construct( $args = array() ) {
@@ -36,6 +53,9 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Sets up the strings used in the update process.
+	 *
+	 * @since 3.0.0
 	 */
 	public function add_strings() {
 		$this->upgrader->strings['skin_upgrade_start'] = __( 'The update process is starting. This process may take a while on some hosts, so please be patient.' );
@@ -49,6 +69,9 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Displays a message about the update.
+	 *
+	 * @since 3.0.0
 	 * @since 5.9.0 Renamed `$string` (a PHP reserved keyword) to `$feedback` for PHP 8 named parameter support.
 	 *
 	 * @param string $feedback Message data.
@@ -77,18 +100,27 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Displays the header before the update process.
+	 *
+	 * @since 3.0.0
 	 */
 	public function header() {
 		// Nothing. This will be displayed within an iframe.
 	}
 
 	/**
+	 * Displays the footer following the update process.
+	 *
+	 * @since 3.0.0
 	 */
 	public function footer() {
 		// Nothing. This will be displayed within an iframe.
 	}
 
 	/**
+	 * Displays an error message about the update.
+	 *
+	 * @since 3.0.0
 	 * @since 5.9.0 Renamed `$error` to `$errors` for PHP 8 named parameter support.
 	 *
 	 * @param string|WP_Error $errors Errors.
@@ -113,18 +145,28 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Displays the header before the bulk update process.
+	 *
+	 * @since 3.0.0
 	 */
 	public function bulk_header() {
 		$this->feedback( 'skin_upgrade_start' );
 	}
 
 	/**
+	 * Displays the footer following the bulk update process.
+	 *
+	 * @since 3.0.0
 	 */
 	public function bulk_footer() {
 		$this->feedback( 'skin_upgrade_end' );
 	}
 
 	/**
+	 * Performs an action before a bulk update.
+	 *
+	 * @since 3.0.0
+	 *
 	 * @param string $title
 	 */
 	public function before( $title = '' ) {
@@ -137,6 +179,10 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Performs an action following a bulk update.
+	 *
+	 * @since 3.0.0
+	 *
 	 * @param string $title
 	 */
 	public function after( $title = '' ) {
@@ -172,6 +218,9 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Resets the properties used in the update process.
+	 *
+	 * @since 3.0.0
 	 */
 	public function reset() {
 		$this->in_loop = false;
@@ -179,6 +228,9 @@ class Bulk_Upgrader_Skin extends WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Flushes all output buffers.
+	 *
+	 * @since 3.0.0
 	 */
 	public function flush_output() {
 		wp_ob_end_flush_all();

wp-admin/includes/class-file-upload-upgrader.php

@@ -72,7 +72,24 @@ class File_Upload_Upgrader {
 			if ( 'pluginzip' === $form || 'themezip' === $form ) {
 				if ( ! wp_zip_file_is_valid( $file['file'] ) ) {
 					wp_delete_file( $file['file'] );
-					wp_die( __( 'Incompatible Archive.' ) );
+
+					if ( 'pluginzip' === $form ) {
+						$plugins_page = sprintf(
+							'<a href="%s">%s</a>',
+							self_admin_url( 'plugin-install.php' ),
+							__( 'Return to the Plugin Installer' )
+						);
+						wp_die( __( 'Incompatible Archive.' ) . '<br />' . $plugins_page );
+					}
+
+					if ( 'themezip' === $form ) {
+						$themes_page = sprintf(
+							'<a href="%s" target="_parent">%s</a>',
+							self_admin_url( 'theme-install.php' ),
+							__( 'Return to the Theme Installer' )
+						);
+						wp_die( __( 'Incompatible Archive.' ) . '<br />' . $themes_page );
+					}
 				}
 			}
 

wp-admin/includes/class-language-pack-upgrader-skin.php

@@ -22,6 +22,12 @@ class Language_Pack_Upgrader_Skin extends WP_Upgrader_Skin {
 	public $display_footer_actions = true;
 
 	/**
+	 * Constructor.
+	 *
+	 * Sets up the language pack upgrader skin.
+	 *
+	 * @since 3.7.0
+	 *
 	 * @param array $args
 	 */
 	public function __construct( $args = array() ) {
@@ -41,6 +47,9 @@ class Language_Pack_Upgrader_Skin extends WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Performs an action before a language pack update.
+	 *
+	 * @since 3.7.0
 	 */
 	public function before() {
 		$name = $this->upgrader->get_name_for_update( $this->language_update );
@@ -52,6 +61,9 @@ class Language_Pack_Upgrader_Skin extends WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Displays an error message about the update.
+	 *
+	 * @since 3.7.0
 	 * @since 5.9.0 Renamed `$error` to `$errors` for PHP 8 named parameter support.
 	 *
 	 * @param string|WP_Error $errors Errors.
@@ -63,12 +75,18 @@ class Language_Pack_Upgrader_Skin extends WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Performs an action following a language pack update.
+	 *
+	 * @since 3.7.0
 	 */
 	public function after() {
 		echo '</div>';
 	}
 
 	/**
+	 * Displays the footer following the bulk update process.
+	 *
+	 * @since 3.7.0
 	 */
 	public function bulk_footer() {
 		$this->decrement_update_count( 'translation' );

wp-admin/includes/class-language-pack-upgrader.php

@@ -332,26 +332,34 @@ class Language_Pack_Upgrader extends WP_Upgrader {
 		// Check that the folder contains a valid language.
 		$files = $wp_filesystem->dirlist( $remote_source );
 
-		// Check to see if a .po and .mo exist in the folder.
-		$po = false;
-		$mo = false;
+		// Check to see if the expected files exist in the folder.
+		$po  = false;
+		$mo  = false;
+		$php = false;
 		foreach ( (array) $files as $file => $filedata ) {
 			if ( str_ends_with( $file, '.po' ) ) {
 				$po = true;
 			} elseif ( str_ends_with( $file, '.mo' ) ) {
 				$mo = true;
+			} elseif ( str_ends_with( $file, '.l10n.php' ) ) {
+				$php = true;
 			}
 		}
 
+		if ( $php ) {
+			return $source;
+		}
+
 		if ( ! $mo || ! $po ) {
 			return new WP_Error(
 				'incompatible_archive_pomo',
 				$this->strings['incompatible_archive'],
 				sprintf(
-					/* translators: 1: .po, 2: .mo */
-					__( 'The language pack is missing either the %1$s or %2$s files.' ),
+					/* translators: 1: .po, 2: .mo, 3: .l10n.php */
+					__( 'The language pack is missing either the %1$s, %2$s, or %3$s files.' ),
 					'<code>.po</code>',
-					'<code>.mo</code>'
+					'<code>.mo</code>',
+					'<code>.l10n.php</code>'
 				)
 			);
 		}

wp-admin/includes/class-pclzip.php

@@ -48,7 +48,7 @@
   // 0 : PclZip Class integrated error handling
   // 1 : PclError external library error handling. By enabling this
   //     you must ensure that you have included PclError library.
-  // [2,...] : reserved for futur use
+  // [2,...] : reserved for future use
   if (!defined('PCLZIP_ERROR_EXTERNAL')) {
     define( 'PCLZIP_ERROR_EXTERNAL', 0 );
   }
@@ -166,7 +166,7 @@
   define( 'PCLZIP_CB_POST_EXTRACT', 78002 );
   define( 'PCLZIP_CB_PRE_ADD', 78003 );
   define( 'PCLZIP_CB_POST_ADD', 78004 );
-  /* For futur use
+  /* For future use
   define( 'PCLZIP_CB_PRE_LIST', 78005 );
   define( 'PCLZIP_CB_POST_LIST', 78006 );
   define( 'PCLZIP_CB_PRE_DELETE', 78007 );
@@ -1364,12 +1364,12 @@
   // Function : privCheckFormat()
   // Description :
   //   This method check that the archive exists and is a valid zip archive.
-  //   Several level of check exists. (futur)
+  //   Several level of check exists. (future)
   // Parameters :
   //   $p_level : Level of check. Default 0.
   //              0 : Check the first bytes (magic codes) (default value))
-  //              1 : 0 + Check the central directory (futur)
-  //              2 : 1 + Check each file header (futur)
+  //              1 : 0 + Check the central directory (future)
+  //              2 : 1 + Check each file header (future)
   // Return Values :
   //   true on success,
   //   false on error, the error code is set.
@@ -1748,7 +1748,7 @@
         case PCLZIP_CB_POST_EXTRACT :
         case PCLZIP_CB_PRE_ADD :
         case PCLZIP_CB_POST_ADD :
-        /* for futur use
+        /* for future use
         case PCLZIP_CB_PRE_DELETE :
         case PCLZIP_CB_POST_DELETE :
         case PCLZIP_CB_PRE_LIST :

wp-admin/includes/class-plugin-installer-skin.php

@@ -24,6 +24,12 @@ class Plugin_Installer_Skin extends WP_Upgrader_Skin {
 	private $is_downgrading = false;
 
 	/**
+	 * Constructor.
+	 *
+	 * Sets up the plugin installer skin.
+	 *
+	 * @since 2.8.0
+	 *
 	 * @param array $args
 	 */
 	public function __construct( $args = array() ) {
@@ -293,13 +299,13 @@ class Plugin_Installer_Skin extends WP_Upgrader_Skin {
 				$warning = sprintf(
 					/* translators: %s: Documentation URL. */
 					__( 'You are uploading an older version of a current plugin. You can continue to install the older version, but be sure to <a href="%s">back up your database and files</a> first.' ),
-					__( 'https://wordpress.org/documentation/article/wordpress-backups/' )
+					__( 'https://developer.wordpress.org/advanced-administration/security/backup/' )
 				);
 			} else {
 				$warning = sprintf(
 					/* translators: %s: Documentation URL. */
 					__( 'You are updating a plugin. Be sure to <a href="%s">back up your database and files</a> first.' ),
-					__( 'https://wordpress.org/documentation/article/wordpress-backups/' )
+					__( 'https://developer.wordpress.org/advanced-administration/security/backup/' )
 				);
 			}
 

wp-admin/includes/class-theme-installer-skin.php

@@ -24,6 +24,12 @@ class Theme_Installer_Skin extends WP_Upgrader_Skin {
 	private $is_downgrading = false;
 
 	/**
+	 * Constructor.
+	 *
+	 * Sets up the theme installer skin.
+	 *
+	 * @since 2.8.0
+	 *
 	 * @param array $args
 	 */
 	public function __construct( $args = array() ) {
@@ -328,13 +334,13 @@ class Theme_Installer_Skin extends WP_Upgrader_Skin {
 				$warning = sprintf(
 					/* translators: %s: Documentation URL. */
 					__( 'You are uploading an older version of the active theme. You can continue to install the older version, but be sure to <a href="%s">back up your database and files</a> first.' ),
-					__( 'https://wordpress.org/documentation/article/wordpress-backups/' )
+					__( 'https://developer.wordpress.org/advanced-administration/security/backup/' )
 				);
 			} else {
 				$warning = sprintf(
 					/* translators: %s: Documentation URL. */
 					__( 'You are updating a theme. Be sure to <a href="%s">back up your database and files</a> first.' ),
-					__( 'https://wordpress.org/documentation/article/wordpress-backups/' )
+					__( 'https://developer.wordpress.org/advanced-administration/security/backup/' )
 				);
 			}
 

wp-admin/includes/class-wp-automatic-updater.php

@@ -446,6 +446,32 @@ class WP_Automatic_Updater {
 			$allow_relaxed_file_ownership = true;
 		}
 
+		$is_debug = WP_DEBUG && WP_DEBUG_LOG;
+		if ( 'plugin' === $type ) {
+			$was_active = is_plugin_active( $upgrader_item );
+			if ( $is_debug ) {
+				error_log( '    Upgrading plugin ' . var_export( $item->slug, true ) . '...' );
+			}
+		}
+
+		if ( 'theme' === $type && $is_debug ) {
+			error_log( '    Upgrading theme ' . var_export( $item->theme, true ) . '...' );
+		}
+
+		/*
+		 * Enable maintenance mode before upgrading the plugin or theme.
+		 *
+		 * This avoids potential non-fatal errors being detected
+		 * while scraping for a fatal error if some files are still
+		 * being moved.
+		 *
+		 * While these checks are intended only for plugins,
+		 * maintenance mode is enabled for all upgrade types as any
+		 * update could contain an error or warning, which could cause
+		 * the scrape to miss a fatal error in the plugin update.
+		 */
+		$upgrader->maintenance_mode( true );
+
 		// Boom, this site's about to get a whole new splash of paint!
 		$upgrade_result = $upgrader->upgrade(
 			$upgrader_item,
@@ -460,6 +486,17 @@ class WP_Automatic_Updater {
 			)
 		);
 
+		/*
+		 * After WP_Upgrader::upgrade() completes, maintenance mode is disabled.
+		 *
+		 * Re-enable maintenance mode while attempting to detect fatal errors
+		 * and potentially rolling back.
+		 *
+		 * This avoids errors if the site is visited while fatal errors exist
+		 * or while files are still being moved.
+		 */
+		$upgrader->maintenance_mode( true );
+
 		// If the filesystem is unavailable, false is returned.
 		if ( false === $upgrade_result ) {
 			$upgrade_result = new WP_Error( 'fs_unavailable', __( 'Could not access filesystem.' ) );
@@ -486,6 +523,98 @@ class WP_Automatic_Updater {
 			}
 		}
 
+		$is_debug = WP_DEBUG && WP_DEBUG_LOG;
+
+		if ( 'theme' === $type && $is_debug ) {
+			error_log( '    Theme ' . var_export( $item->theme, true ) . ' has been upgraded.' );
+		}
+
+		if ( 'plugin' === $type ) {
+			if ( $is_debug ) {
+				error_log( '    Plugin ' . var_export( $item->slug, true ) . ' has been upgraded.' );
+				if ( is_plugin_inactive( $upgrader_item ) ) {
+					error_log( '    ' . var_export( $upgrader_item, true ) . ' is inactive and will not be checked for fatal errors.' );
+				}
+			}
+
+			if ( $was_active && ! is_wp_error( $upgrade_result ) ) {
+
+				/*
+				 * The usual time limit is five minutes. However, as a loopback request
+				 * is about to be performed, increase the time limit to account for this.
+				 */
+				if ( function_exists( 'set_time_limit' ) ) {
+					set_time_limit( 10 * MINUTE_IN_SECONDS );
+				}
+
+				/*
+				 * Avoids a race condition when there are 2 sequential plugins that have
+				 * fatal errors. It seems a slight delay is required for the loopback to
+				 * use the updated plugin code in the request. This can cause the second
+				 * plugin's fatal error checking to be inaccurate, and may also affect
+				 * subsequent plugin checks.
+				 */
+				sleep( 2 );
+
+				if ( $this->has_fatal_error() ) {
+					$upgrade_result = new WP_Error();
+					$temp_backup    = array(
+						array(
+							'dir'  => 'plugins',
+							'slug' => $item->slug,
+							'src'  => WP_PLUGIN_DIR,
+						),
+					);
+
+					$backup_restored = $upgrader->restore_temp_backup( $temp_backup );
+					if ( is_wp_error( $backup_restored ) ) {
+						$upgrade_result->add(
+							'plugin_update_fatal_error_rollback_failed',
+							sprintf(
+								/* translators: %s: The plugin's slug. */
+								__( "The update for '%s' contained a fatal error. The previously installed version could not be restored." ),
+								$item->slug
+							)
+						);
+
+						$upgrade_result->merge_from( $backup_restored );
+					} else {
+						$upgrade_result->add(
+							'plugin_update_fatal_error_rollback_successful',
+							sprintf(
+								/* translators: %s: The plugin's slug. */
+								__( "The update for '%s' contained a fatal error. The previously installed version has been restored." ),
+								$item->slug
+							)
+						);
+
+						$backup_deleted = $upgrader->delete_temp_backup( $temp_backup );
+						if ( is_wp_error( $backup_deleted ) ) {
+							$upgrade_result->merge_from( $backup_deleted );
+						}
+					}
+
+					/*
+					 * Should emails not be working, log the message(s) so that
+					 * the log file contains context for the fatal error,
+					 * and whether a rollback was performed.
+					 *
+					 * `trigger_error()` is not used as it outputs a stack trace
+					 * to this location rather than to the fatal error, which will
+					 * appear above this entry in the log file.
+					 */
+					if ( $is_debug ) {
+						error_log( '    ' . implode( "\n", $upgrade_result->get_error_messages() ) );
+					}
+				} elseif ( $is_debug ) {
+					error_log( '    The update for ' . var_export( $item->slug, true ) . ' has no fatal errors.' );
+				}
+			}
+		}
+
+		// All processes are complete. Allow visitors to browse the site again.
+		$upgrader->maintenance_mode( false );
+
 		$this->update_results[ $type ][] = (object) array(
 			'item'     => $item,
 			'result'   => $upgrade_result,
@@ -514,6 +643,12 @@ class WP_Automatic_Updater {
 			return;
 		}
 
+		$is_debug = WP_DEBUG && WP_DEBUG_DISPLAY;
+
+		if ( $is_debug ) {
+			error_log( 'Automatic updates starting...' );
+		}
+
 		// Don't automatically run these things, as we'll handle it ourselves.
 		remove_action( 'upgrader_process_complete', array( 'Language_Pack_Upgrader', 'async_upgrade' ), 20 );
 		remove_action( 'upgrader_process_complete', 'wp_version_check' );
@@ -524,22 +659,43 @@ class WP_Automatic_Updater {
 		wp_update_plugins(); // Check for plugin updates.
 		$plugin_updates = get_site_transient( 'update_plugins' );
 		if ( $plugin_updates && ! empty( $plugin_updates->response ) ) {
+			if ( $is_debug ) {
+				error_log( '  Automatic plugin updates starting...' );
+			}
+
 			foreach ( $plugin_updates->response as $plugin ) {
 				$this->update( 'plugin', $plugin );
 			}
+
 			// Force refresh of plugin update information.
 			wp_clean_plugins_cache();
+
+			if ( $is_debug ) {
+				error_log( '  Automatic plugin updates complete.' );
+			}
 		}
 
 		// Next, those themes we all love.
 		wp_update_themes();  // Check for theme updates.
 		$theme_updates = get_site_transient( 'update_themes' );
 		if ( $theme_updates && ! empty( $theme_updates->response ) ) {
+			if ( $is_debug ) {
+				error_log( '  Automatic theme updates starting...' );
+			}
+
 			foreach ( $theme_updates->response as $theme ) {
 				$this->update( 'theme', (object) $theme );
 			}
 			// Force refresh of theme update information.
 			wp_clean_themes_cache();
+
+			if ( $is_debug ) {
+				error_log( '  Automatic theme updates complete.' );
+			}
+		}
+
+		if ( $is_debug ) {
+			error_log( 'Automatic updates complete.' );
 		}
 
 		// Next, process any core update.
@@ -1163,7 +1319,7 @@ class WP_Automatic_Updater {
 
 			// List failed plugin updates.
 			if ( ! empty( $failed_updates['plugin'] ) ) {
-				$body[] = __( 'These plugins failed to update:' );
+				$body[] = __( 'The following plugins failed to update. If there was a fatal error in the update, the previously installed version has been restored.' );
 
 				foreach ( $failed_updates['plugin'] as $item ) {
 					$body_message = '';
@@ -1551,4 +1707,91 @@ Thanks! -- The WordPress Team"
 
 		wp_mail( $email['to'], wp_specialchars_decode( $email['subject'] ), $email['body'], $email['headers'] );
 	}
+
+	/**
+	 * Performs a loopback request to check for potential fatal errors.
+	 *
+	 * Fatal errors cannot be detected unless maintenance mode is enabled.
+	 *
+	 * @since 6.6.0
+	 *
+	 * @global int $upgrading The Unix timestamp marking when upgrading WordPress began.
+	 *
+	 * @return bool Whether a fatal error was detected.
+	 */
+	protected function has_fatal_error() {
+		global $upgrading;
+
+		$maintenance_file = ABSPATH . '.maintenance';
+		if ( ! file_exists( $maintenance_file ) ) {
+			return false;
+		}
+
+		require $maintenance_file;
+		if ( ! is_int( $upgrading ) ) {
+			return false;
+		}
+
+		$scrape_key   = md5( $upgrading );
+		$scrape_nonce = (string) $upgrading;
+		$transient    = 'scrape_key_' . $scrape_key;
+		set_transient( $transient, $scrape_nonce, 30 );
+
+		$cookies       = wp_unslash( $_COOKIE );
+		$scrape_params = array(
+			'wp_scrape_key'   => $scrape_key,
+			'wp_scrape_nonce' => $scrape_nonce,
+		);
+		$headers       = array(
+			'Cache-Control' => 'no-cache',
+		);
+
+		/** This filter is documented in wp-includes/class-wp-http-streams.php */
+		$sslverify = apply_filters( 'https_local_ssl_verify', false );
+
+		// Include Basic auth in the loopback request.
+		if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
+			$headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
+		}
+
+		// Time to wait for loopback request to finish.
+		$timeout = 50; // 50 seconds.
+
+		$is_debug = WP_DEBUG && WP_DEBUG_DISPLAY;
+		if ( $is_debug ) {
+			error_log( '    Scraping home page...' );
+		}
+
+		$needle_start = "###### wp_scraping_result_start:$scrape_key ######";
+		$needle_end   = "###### wp_scraping_result_end:$scrape_key ######";
+		$url          = add_query_arg( $scrape_params, home_url( '/' ) );
+		$response     = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );
+
+		if ( is_wp_error( $response ) ) {
+			if ( $is_debug ) {
+				error_log( 'Loopback request failed: ' . $response->get_error_message() );
+			}
+			return true;
+		}
+
+		// If this outputs `true` in the log, it means there were no fatal errors detected.
+		if ( $is_debug ) {
+			error_log( var_export( substr( $response['body'], strpos( $response['body'], '###### wp_scraping_result_start:' ) ), true ) );
+		}
+
+		$body                   = wp_remote_retrieve_body( $response );
+		$scrape_result_position = strpos( $body, $needle_start );
+		$result                 = null;
+
+		if ( false !== $scrape_result_position ) {
+			$error_output = substr( $body, $scrape_result_position + strlen( $needle_start ) );
+			$error_output = substr( $error_output, 0, strpos( $error_output, $needle_end ) );
+			$result       = json_decode( trim( $error_output ), true );
+		}
+
+		delete_transient( $transient );
+
+		// Only fatal errors will result in a 'type' key.
+		return isset( $result['type'] );
+	}
 }

wp-admin/includes/class-wp-comments-list-table.php

@@ -237,7 +237,7 @@ class WP_Comments_List_Table extends WP_List_Table {
 		$status_links = array();
 		$num_comments = ( $post_id ) ? wp_count_comments( $post_id ) : wp_count_comments();
 
-		$stati = array(
+		$statuses = array(
 			/* translators: %s: Number of comments. */
 			'all'       => _nx_noop(
 				'All <span class="count">(%s)</span>',
@@ -282,7 +282,7 @@ class WP_Comments_List_Table extends WP_List_Table {
 		);
 
 		if ( ! EMPTY_TRASH_DAYS ) {
-			unset( $stati['trash'] );
+			unset( $statuses['trash'] );
 		}
 
 		$link = admin_url( 'edit-comments.php' );
@@ -291,7 +291,7 @@ class WP_Comments_List_Table extends WP_List_Table {
 			$link = add_query_arg( 'comment_type', $comment_type, $link );
 		}
 
-		foreach ( $stati as $status => $label ) {
+		foreach ( $statuses as $status => $label ) {
 			if ( 'mine' === $status ) {
 				$current_user_id    = get_current_user_id();
 				$num_comments->mine = get_comments(

wp-admin/includes/class-wp-links-list-table.php

@@ -50,7 +50,10 @@ class WP_Links_List_Table extends WP_List_Table {
 	public function prepare_items() {
 		global $cat_id, $s, $orderby, $order;
 
-		wp_reset_vars( array( 'action', 'cat_id', 'link_id', 'orderby', 'order', 's' ) );
+		$cat_id  = ! empty( $_REQUEST['cat_id'] ) ? absint( $_REQUEST['cat_id'] ) : 0;
+		$orderby = ! empty( $_REQUEST['orderby'] ) ? sanitize_text_field( $_REQUEST['orderby'] ) : '';
+		$order   = ! empty( $_REQUEST['order'] ) ? sanitize_text_field( $_REQUEST['order'] ) : '';
+		$s       = ! empty( $_REQUEST['s'] ) ? sanitize_text_field( $_REQUEST['s'] ) : '';
 
 		$args = array(
 			'hide_invisible' => 0,

wp-admin/includes/class-wp-ms-themes-list-table.php

@@ -99,7 +99,9 @@ class WP_MS_Themes_List_Table extends WP_List_Table {
 	public function prepare_items() {
 		global $status, $totals, $page, $orderby, $order, $s;
 
-		wp_reset_vars( array( 'orderby', 'order', 's' ) );
+		$orderby = ! empty( $_REQUEST['orderby'] ) ? sanitize_text_field( $_REQUEST['orderby'] ) : '';
+		$order   = ! empty( $_REQUEST['order'] ) ? sanitize_text_field( $_REQUEST['order'] ) : '';
+		$s       = ! empty( $_REQUEST['s'] ) ? sanitize_text_field( $_REQUEST['s'] ) : '';
 
 		$themes = array(
 			/**

wp-admin/includes/class-wp-plugin-install-list-table.php

@@ -92,7 +92,7 @@ class WP_Plugin_Install_List_Table extends WP_List_Table {
 
 		global $tabs, $tab, $paged, $type, $term;
 
-		wp_reset_vars( array( 'tab' ) );
+		$tab = ! empty( $_REQUEST['tab'] ) ? sanitize_text_field( $_REQUEST['tab'] ) : '';
 
 		$paged = $this->get_pagenum();
 

wp-admin/includes/class-wp-plugins-list-table.php

@@ -90,7 +90,8 @@ class WP_Plugins_List_Table extends WP_List_Table {
 	public function prepare_items() {
 		global $status, $plugins, $totals, $page, $orderby, $order, $s;
 
-		wp_reset_vars( array( 'orderby', 'order' ) );
+		$orderby = ! empty( $_REQUEST['orderby'] ) ? sanitize_text_field( $_REQUEST['orderby'] ) : '';
+		$order   = ! empty( $_REQUEST['order'] ) ? sanitize_text_field( $_REQUEST['order'] ) : '';
 
 		/**
 		 * Filters the full array of plugins to list in the Plugins list table.
@@ -452,8 +453,8 @@ class WP_Plugins_List_Table extends WP_List_Table {
 		}
 		?>
 		<p class="search-box">
-			<label class="screen-reader-text" for="<?php echo esc_attr( $input_id ); ?>"><?php echo $text; ?>:</label>
-			<input type="search" id="<?php echo esc_attr( $input_id ); ?>" class="wp-filter-search" name="s" value="<?php _admin_search_query(); ?>" placeholder="<?php esc_attr_e( 'Search installed plugins...' ); ?>" />
+			<label for="<?php echo esc_attr( $input_id ); ?>"><?php echo $text; ?></label>
+			<input type="search" id="<?php echo esc_attr( $input_id ); ?>" class="wp-filter-search" name="s" value="<?php _admin_search_query(); ?>" />
 			<?php submit_button( $text, 'hide-if-js', '', false, array( 'id' => 'search-submit' ) ); ?>
 		</p>
 		<?php

wp-admin/includes/class-wp-site-health.php

@@ -1283,120 +1283,6 @@ class WP_Site_Health {
 		return $result;
 	}
 
-	/**
-	 * Tests if the database server is capable of using utf8mb4.
-	 *
-	 * @since 5.2.0
-	 *
-	 * @return array The test results.
-	 */
-	public function get_test_utf8mb4_support() {
-		if ( ! $this->mysql_server_version ) {
-			$this->prepare_sql_data();
-		}
-
-		$result = array(
-			'label'       => __( 'UTF8MB4 is supported' ),
-			'status'      => 'good',
-			'badge'       => array(
-				'label' => __( 'Performance' ),
-				'color' => 'blue',
-			),
-			'description' => sprintf(
-				'<p>%s</p>',
-				__( 'UTF8MB4 is the character set WordPress prefers for database storage because it safely supports the widest set of characters and encodings, including Emoji, enabling better support for non-English languages.' )
-			),
-			'actions'     => '',
-			'test'        => 'utf8mb4_support',
-		);
-
-		if ( ! $this->is_mariadb ) {
-			if ( version_compare( $this->mysql_server_version, '5.5.3', '<' ) ) {
-				$result['status'] = 'recommended';
-
-				$result['label'] = __( 'utf8mb4 requires a MySQL update' );
-
-				$result['description'] .= sprintf(
-					'<p>%s</p>',
-					sprintf(
-						/* translators: %s: Version number. */
-						__( 'WordPress&#8217; utf8mb4 support requires MySQL version %s or greater. Please contact your server administrator.' ),
-						'5.5.3'
-					)
-				);
-			} else {
-				$result['description'] .= sprintf(
-					'<p>%s</p>',
-					__( 'Your MySQL version supports utf8mb4.' )
-				);
-			}
-		} else { // MariaDB introduced utf8mb4 support in 5.5.0.
-			if ( version_compare( $this->mysql_server_version, '5.5.0', '<' ) ) {
-				$result['status'] = 'recommended';
-
-				$result['label'] = __( 'utf8mb4 requires a MariaDB update' );
-
-				$result['description'] .= sprintf(
-					'<p>%s</p>',
-					sprintf(
-						/* translators: %s: Version number. */
-						__( 'WordPress&#8217; utf8mb4 support requires MariaDB version %s or greater. Please contact your server administrator.' ),
-						'5.5.0'
-					)
-				);
-			} else {
-				$result['description'] .= sprintf(
-					'<p>%s</p>',
-					__( 'Your MariaDB version supports utf8mb4.' )
-				);
-			}
-		}
-
-		// phpcs:ignore WordPress.DB.RestrictedFunctions.mysql_mysqli_get_client_info
-		$mysql_client_version = mysqli_get_client_info();
-
-		/*
-		 * libmysql has supported utf8mb4 since 5.5.3, same as the MySQL server.
-		 * mysqlnd has supported utf8mb4 since 5.0.9.
-		 */
-		if ( str_contains( $mysql_client_version, 'mysqlnd' ) ) {
-			$mysql_client_version = preg_replace( '/^\D+([\d.]+).*/', '$1', $mysql_client_version );
-			if ( version_compare( $mysql_client_version, '5.0.9', '<' ) ) {
-				$result['status'] = 'recommended';
-
-				$result['label'] = __( 'utf8mb4 requires a newer client library' );
-
-				$result['description'] .= sprintf(
-					'<p>%s</p>',
-					sprintf(
-						/* translators: 1: Name of the library, 2: Number of version. */
-						__( 'WordPress&#8217; utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ),
-						'mysqlnd',
-						'5.0.9'
-					)
-				);
-			}
-		} else {
-			if ( version_compare( $mysql_client_version, '5.5.3', '<' ) ) {
-				$result['status'] = 'recommended';
-
-				$result['label'] = __( 'utf8mb4 requires a newer client library' );
-
-				$result['description'] .= sprintf(
-					'<p>%s</p>',
-					sprintf(
-						/* translators: 1: Name of the library, 2: Number of version. */
-						__( 'WordPress&#8217; utf8mb4 support requires MySQL client library (%1$s) version %2$s or newer. Please contact your server administrator.' ),
-						'libmysql',
-						'5.5.3'
-					)
-				);
-			}
-		}
-
-		return $result;
-	}
-
 	/**
 	 * Tests if the site can communicate with WordPress.org.
 	 *
@@ -1489,7 +1375,7 @@ class WP_Site_Health {
 			'actions'     => sprintf(
 				'<p><a href="%s" target="_blank" rel="noopener">%s<span class="screen-reader-text"> %s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
 				/* translators: Documentation explaining debugging in WordPress. */
-				esc_url( __( 'https://wordpress.org/documentation/article/debugging-in-wordpress/' ) ),
+				esc_url( __( 'https://developer.wordpress.org/advanced-administration/debug/debug-wordpress/' ) ),
 				__( 'Learn more about debugging in WordPress.' ),
 				/* translators: Hidden accessibility text. */
 				__( '(opens in a new tab)' )
@@ -1953,10 +1839,18 @@ class WP_Site_Health {
 			$result['description'] = __( 'Could not determine available disk space for updates.' );
 			$result['status']      = 'recommended';
 		} elseif ( $available_space < 20 * MB_IN_BYTES ) {
-			$result['description'] = __( 'Available disk space is critically low, less than 20 MB available. Proceed with caution, updates may fail.' );
+			$result['description'] = sprintf(
+				/* translators: %s: Available disk space in MB or GB. */
+				__( 'Available disk space is critically low, less than %s available. Proceed with caution, updates may fail.' ),
+				size_format( 20 * MB_IN_BYTES )
+			);
 			$result['status']      = 'critical';
 		} elseif ( $available_space < 100 * MB_IN_BYTES ) {
-			$result['description'] = __( 'Available disk space is low, less than 100 MB available.' );
+			$result['description'] = sprintf(
+				/* translators: %s: Available disk space in MB or GB. */
+				__( 'Available disk space is low, less than %s available.' ),
+				size_format( 100 * MB_IN_BYTES )
+			);
 			$result['status']      = 'recommended';
 		}
 
@@ -2504,7 +2398,7 @@ class WP_Site_Health {
 			'label'       => '',
 			'actions'     => sprintf(
 				'<p><a href="%1$s" target="_blank" rel="noopener noreferrer">%2$s<span class="screen-reader-text"> %3$s</span><span aria-hidden="true" class="dashicons dashicons-external"></span></a></p>',
-				__( 'https://wordpress.org/documentation/article/optimization/#Caching' ),
+				__( 'https://developer.wordpress.org/advanced-administration/performance/optimization/#caching' ),
 				__( 'Learn more about page cache' ),
 				/* translators: Hidden accessibility text. */
 				__( '(opens in a new tab)' )
@@ -2613,7 +2507,7 @@ class WP_Site_Health {
 		$action_url = apply_filters(
 			'site_status_persistent_object_cache_url',
 			/* translators: Localized Support reference. */
-			__( 'https://wordpress.org/documentation/article/optimization/#persistent-object-cache' )
+			__( 'https://developer.wordpress.org/advanced-administration/performance/optimization/#persistent-object-cache' )
 		);
 
 		$result = array(
@@ -2739,10 +2633,6 @@ class WP_Site_Health {
 					'label' => __( 'Database Server version' ),
 					'test'  => 'sql_server',
 				),
-				'utf8mb4_support'              => array(
-					'label' => __( 'MySQL utf8mb4 support' ),
-					'test'  => 'utf8mb4_support',
-				),
 				'ssl_support'                  => array(
 					'label' => __( 'Secure communication' ),
 					'test'  => 'ssl_support',
@@ -3443,12 +3333,12 @@ class WP_Site_Health {
 	 * @since 6.1.0
 	 *
 	 * @return WP_Error|array {
-	 *    Page cache detail or else a WP_Error if unable to determine.
+	 *     Page cache detail or else a WP_Error if unable to determine.
 	 *
-	 *    @type string   $status                 Page cache status. Good, Recommended or Critical.
-	 *    @type bool     $advanced_cache_present Whether page cache plugin is available or not.
-	 *    @type string[] $headers                Client caching response headers detected.
-	 *    @type float    $response_time          Response time of site.
+	 *     @type string   $status                 Page cache status. Good, Recommended or Critical.
+	 *     @type bool     $advanced_cache_present Whether page cache plugin is available or not.
+	 *     @type string[] $headers                Client caching response headers detected.
+	 *     @type float    $response_time          Response time of site.
 	 * }
 	 */
 	private function get_page_cache_detail() {

wp-admin/includes/class-wp-theme-install-list-table.php

@@ -36,7 +36,8 @@ class WP_Theme_Install_List_Table extends WP_Themes_List_Table {
 		require ABSPATH . 'wp-admin/includes/theme-install.php';
 
 		global $tabs, $tab, $paged, $type, $theme_field_defaults;
-		wp_reset_vars( array( 'tab' ) );
+
+		$tab = ! empty( $_REQUEST['tab'] ) ? sanitize_text_field( $_REQUEST['tab'] ) : '';
 
 		$search_terms  = array();
 		$search_string = '';

wp-admin/includes/class-wp-upgrader-skin.php

@@ -20,7 +20,6 @@ class WP_Upgrader_Skin {
 	 * Holds the upgrader data.
 	 *
 	 * @since 2.8.0
-	 *
 	 * @var WP_Upgrader
 	 */
 	public $upgrader;
@@ -29,7 +28,6 @@ class WP_Upgrader_Skin {
 	 * Whether header is done.
 	 *
 	 * @since 2.8.0
-	 *
 	 * @var bool
 	 */
 	public $done_header = false;
@@ -38,7 +36,6 @@ class WP_Upgrader_Skin {
 	 * Whether footer is done.
 	 *
 	 * @since 2.8.0
-	 *
 	 * @var bool
 	 */
 	public $done_footer = false;
@@ -47,7 +44,6 @@ class WP_Upgrader_Skin {
 	 * Holds the result of an upgrade.
 	 *
 	 * @since 2.8.0
-	 *
 	 * @var string|bool|WP_Error
 	 */
 	public $result = false;
@@ -56,7 +52,6 @@ class WP_Upgrader_Skin {
 	 * Holds the options of an upgrade.
 	 *
 	 * @since 2.8.0
-	 *
 	 * @var array
 	 */
 	public $options = array();
@@ -82,6 +77,8 @@ class WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Sets the relationship between the skin being used and the upgrader.
+	 *
 	 * @since 2.8.0
 	 *
 	 * @param WP_Upgrader $upgrader
@@ -94,6 +91,8 @@ class WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Sets up the strings used in the update process.
+	 *
 	 * @since 3.0.0
 	 */
 	public function add_strings() {
@@ -141,6 +140,8 @@ class WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Displays the header before the update process.
+	 *
 	 * @since 2.8.0
 	 */
 	public function header() {
@@ -153,6 +154,8 @@ class WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Displays the footer following the update process.
+	 *
 	 * @since 2.8.0
 	 */
 	public function footer() {
@@ -164,6 +167,8 @@ class WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Displays an error message about the update.
+	 *
 	 * @since 2.8.0
 	 *
 	 * @param string|WP_Error $errors Errors.
@@ -186,6 +191,8 @@ class WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Displays a message about the update.
+	 *
 	 * @since 2.8.0
 	 * @since 5.9.0 Renamed `$string` (a PHP reserved keyword) to `$feedback` for PHP 8 named parameter support.
 	 *
@@ -218,7 +225,7 @@ class WP_Upgrader_Skin {
 	public function before() {}
 
 	/**
-	 * Performs and action following an update.
+	 * Performs an action following an update.
 	 *
 	 * @since 2.8.0
 	 */
@@ -262,11 +269,15 @@ class WP_Upgrader_Skin {
 	}
 
 	/**
+	 * Displays the header before the bulk update process.
+	 *
 	 * @since 3.0.0
 	 */
 	public function bulk_header() {}
 
 	/**
+	 * Displays the footer following the bulk update process.
+	 *
 	 * @since 3.0.0
 	 */
 	public function bulk_footer() {}

wp-admin/includes/class-wp-upgrader.php

@@ -196,6 +196,7 @@ class WP_Upgrader {
 		/* translators: %s: Directory name. */
 		$this->strings['fs_no_folder'] = __( 'Unable to locate needed folder (%s).' );
 
+		$this->strings['no_package']           = __( 'Package not available.' );
 		$this->strings['download_failed']      = __( 'Download failed.' );
 		$this->strings['installing_package']   = __( 'Installing the latest version…' );
 		$this->strings['no_files']             = __( 'The package contains no files.' );
@@ -527,7 +528,10 @@ class WP_Upgrader {
 			set_time_limit( 300 );
 		}
 
-		if ( empty( $source ) || empty( $destination ) ) {
+		if (
+			( ! is_string( $source ) || '' === $source || trim( $source ) !== $source ) ||
+			( ! is_string( $destination ) || '' === $destination || trim( $destination ) !== $destination )
+		) {
 			return new WP_Error( 'bad_request', $this->strings['bad_request'] );
 		}
 		$this->skin->feedback( 'installing_package' );
@@ -897,6 +901,7 @@ class WP_Upgrader {
 		$this->skin->set_result( $result );
 
 		if ( is_wp_error( $result ) ) {
+			// An automatic plugin update will have already performed its rollback.
 			if ( ! empty( $options['hook_extra']['temp_backup'] ) ) {
 				$this->temp_restores[] = $options['hook_extra']['temp_backup'];
 
@@ -905,8 +910,12 @@ class WP_Upgrader {
 				 * Actions running on `shutdown` are immune to PHP timeouts,
 				 * so in case the failure was due to a PHP timeout,
 				 * it will still be able to properly restore the previous version.
+				 *
+				 * Zero arguments are accepted as a string can sometimes be passed
+				 * internally during actions, causing an error because
+				 * `WP_Upgrader::restore_temp_backup()` expects an array.
 				 */
-				add_action( 'shutdown', array( $this, 'restore_temp_backup' ) );
+				add_action( 'shutdown', array( $this, 'restore_temp_backup' ), 10, 0 );
 			}
 			$this->skin->error( $result );
 
@@ -979,15 +988,25 @@ class WP_Upgrader {
 	 */
 	public function maintenance_mode( $enable = false ) {
 		global $wp_filesystem;
+
+		if ( ! $wp_filesystem ) {
+			require_once ABSPATH . 'wp-admin/includes/file.php';
+			WP_Filesystem();
+		}
+
 		$file = $wp_filesystem->abspath() . '.maintenance';
 		if ( $enable ) {
-			$this->skin->feedback( 'maintenance_start' );
+			if ( ! wp_doing_cron() ) {
+				$this->skin->feedback( 'maintenance_start' );
+			}
 			// Create maintenance file to signal that we are upgrading.
 			$maintenance_string = '<?php $upgrading = ' . time() . '; ?>';
 			$wp_filesystem->delete( $file );
 			$wp_filesystem->put_contents( $file, $maintenance_string, FS_CHMOD_FILE );
 		} elseif ( ! $enable && $wp_filesystem->exists( $file ) ) {
-			$this->skin->feedback( 'maintenance_end' );
+			if ( ! wp_doing_cron() ) {
+				$this->skin->feedback( 'maintenance_end' );
+			}
 			$wp_filesystem->delete( $file );
 		}
 	}
@@ -1012,7 +1031,7 @@ class WP_Upgrader {
 		$lock_option = $lock_name . '.lock';
 
 		// Try to lock.
-		$lock_result = $wpdb->query( $wpdb->prepare( "INSERT IGNORE INTO `$wpdb->options` ( `option_name`, `option_value`, `autoload` ) VALUES (%s, %s, 'no') /* LOCK */", $lock_option, time() ) );
+		$lock_result = $wpdb->query( $wpdb->prepare( "INSERT IGNORE INTO `$wpdb->options` ( `option_name`, `option_value`, `autoload` ) VALUES (%s, %s, 'off') /* LOCK */", $lock_option, time() ) );
 
 		if ( ! $lock_result ) {
 			$lock_result = get_option( $lock_option );
@@ -1129,17 +1148,33 @@ class WP_Upgrader {
 	 * Restores the plugin or theme from temporary backup.
 	 *
 	 * @since 6.3.0
+	 * @since 6.6.0 Added the `$temp_backups` parameter.
 	 *
 	 * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
 	 *
+	 * @param array[] $temp_backups {
+	 *     Optional. An array of temporary backups.
+	 *
+	 *     @type array ...$0 {
+	 *         Information about the backup.
+	 *
+	 *         @type string $dir  The temporary backup location in the upgrade-temp-backup directory.
+	 *         @type string $slug The item's slug.
+	 *         @type string $src  The directory where the original is stored. For example, `WP_PLUGIN_DIR`.
+	 *     }
+	 * }
 	 * @return bool|WP_Error True on success, false on early exit, otherwise WP_Error.
 	 */
-	public function restore_temp_backup() {
+	public function restore_temp_backup( array $temp_backups = array() ) {
 		global $wp_filesystem;
 
 		$errors = new WP_Error();
 
-		foreach ( $this->temp_restores as $args ) {
+		if ( empty( $temp_backups ) ) {
+			$temp_backups = $this->temp_restores;
+		}
+
+		foreach ( $temp_backups as $args ) {
 			if ( empty( $args['slug'] ) || empty( $args['src'] ) || empty( $args['dir'] ) ) {
 				return false;
 			}
@@ -1182,17 +1217,33 @@ class WP_Upgrader {
 	 * Deletes a temporary backup.
 	 *
 	 * @since 6.3.0
+	 * @since 6.6.0 Added the `$temp_backups` parameter.
 	 *
 	 * @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
 	 *
+	 * @param array[] $temp_backups {
+	 *     Optional. An array of temporary backups.
+	 *
+	 *     @type array ...$0 {
+	 *         Information about the backup.
+	 *
+	 *         @type string $dir  The temporary backup location in the upgrade-temp-backup directory.
+	 *         @type string $slug The item's slug.
+	 *         @type string $src  The directory where the original is stored. For example, `WP_PLUGIN_DIR`.
+	 *     }
+	 * }
 	 * @return bool|WP_Error True on success, false on early exit, otherwise WP_Error.
 	 */
-	public function delete_temp_backup() {
+	public function delete_temp_backup( array $temp_backups = array() ) {
 		global $wp_filesystem;
 
 		$errors = new WP_Error();
 
-		foreach ( $this->temp_backups as $args ) {
+		if ( empty( $temp_backups ) ) {
+			$temp_backups = $this->temp_backups;
+		}
+
+		foreach ( $temp_backups as $args ) {
 			if ( empty( $args['slug'] ) || empty( $args['dir'] ) ) {
 				return false;
 			}

wp-admin/includes/export.php

@@ -401,7 +401,7 @@ function export_wp( $args = array() ) {
 	 *
 	 * @param int[] $post_ids Optional. Array of post IDs to filter the query by.
 	 */
-	function wxr_authors_list( array $post_ids = null ) {
+	function wxr_authors_list( ?array $post_ids = null ) {
 		global $wpdb;
 
 		if ( ! empty( $post_ids ) ) {

wp-admin/includes/file.php

@@ -326,7 +326,7 @@ function wp_print_file_editor_templates() {
 					printf(
 						/* translators: %s: Documentation URL. */
 						__( 'You need to make this file writable before you can save your changes. See <a href="%s">Changing File Permissions</a> for more information.' ),
-						__( 'https://wordpress.org/documentation/article/changing-file-permissions/' )
+						__( 'https://developer.wordpress.org/advanced-administration/server/file-permissions/' )
 					);
 					?>
 				</p>
@@ -1089,7 +1089,7 @@ function _wp_handle_upload( &$file, $overrides, $time, $action ) {
  * @param array|false $overrides Optional. An associative array of names => values
  *                               to override default variables. Default false.
  *                               See _wp_handle_upload() for accepted values.
- * @param string      $time      Optional. Time formatted in 'yyyy/mm'. Default null.
+ * @param string|null $time      Optional. Time formatted in 'yyyy/mm'. Default null.
  * @return array See _wp_handle_upload() for return value.
  */
 function wp_handle_upload( &$file, $overrides = false, $time = null ) {
@@ -1120,7 +1120,7 @@ function wp_handle_upload( &$file, $overrides = false, $time = null ) {
  * @param array|false $overrides Optional. An associative array of names => values
  *                               to override default variables. Default false.
  *                               See _wp_handle_upload() for accepted values.
- * @param string      $time      Optional. Time formatted in 'yyyy/mm'. Default null.
+ * @param string|null $time      Optional. Time formatted in 'yyyy/mm'. Default null.
  * @return array See _wp_handle_upload() for return value.
  */
 function wp_handle_sideload( &$file, $overrides = false, $time = null ) {
@@ -1155,7 +1155,7 @@ function wp_handle_sideload( &$file, $overrides = false, $time = null ) {
 function download_url( $url, $timeout = 300, $signature_verification = false ) {
 	// WARNING: The file is not automatically deleted, the script must delete or move the file.
 	if ( ! $url ) {
-		return new WP_Error( 'http_no_url', __( 'Invalid URL Provided.' ) );
+		return new WP_Error( 'http_no_url', __( 'No URL Provided.' ) );
 	}
 
 	$url_path     = parse_url( $url, PHP_URL_PATH );
@@ -2249,7 +2249,7 @@ function WP_Filesystem( $args = false, $context = false, $allow_relaxed_file_own
  * The return value can be overridden by defining the `FS_METHOD` constant in `wp-config.php`,
  * or filtering via {@see 'filesystem_method'}.
  *
- * @link https://wordpress.org/documentation/article/editing-wp-config-php/#wordpress-upgrade-constants
+ * @link https://developer.wordpress.org/advanced-administration/wordpress/wp-config/#wordpress-upgrade-constants
  *
  * Plugins may define a custom transport handler, See WP_Filesystem().
  *
@@ -2664,7 +2664,7 @@ function request_filesystem_credentials( $form_post, $type = '', $error = false,
 	<p class="request-filesystem-credentials-action-buttons">
 		<?php wp_nonce_field( 'filesystem-credentials', '_fs_nonce', false, true ); ?>
 		<button class="button cancel-button" data-js-action="close" type="button"><?php _e( 'Cancel' ); ?></button>
-		<?php submit_button( __( 'Proceed' ), '', 'upgrade', false ); ?>
+		<?php submit_button( __( 'Proceed' ), 'primary', 'upgrade', false ); ?>
 	</p>
 </div>
 </form>

wp-admin/includes/image-edit.php

@@ -159,8 +159,8 @@ function wp_image_editor( $post_id, $msg = false ) {
 							<label for="imgedit-scale-height-<?php echo $post_id; ?>" class="screen-reader-text"><?php _e( 'scale height' ); ?></label>
 							<input type="number" step="1" min="0" max="<?php echo isset( $meta['height'] ) ? $meta['height'] : ''; ?>" aria-describedby="imgedit-scale-warn-<?php echo $post_id; ?>" id="imgedit-scale-height-<?php echo $post_id; ?>" onkeyup="imageEdit.scaleChanged(<?php echo $post_id; ?>, 0, this)" onblur="imageEdit.scaleChanged(<?php echo $post_id; ?>, 0, this)" value="<?php echo isset( $meta['height'] ) ? $meta['height'] : 0; ?>" />
 							<button id="imgedit-scale-button" type="button" onclick="imageEdit.action(<?php echo "$post_id, '$nonce'"; ?>, 'scale')" class="button button-primary"><?php esc_html_e( 'Scale' ); ?></button>
-							<span class="imgedit-scale-warn" id="imgedit-scale-warn-<?php echo $post_id; ?>"><span class="dashicons dashicons-warning" aria-hidden="true"></span><?php esc_html_e( 'Images cannot be scaled to a size larger than the original.' ); ?></span>
 							</div>
+							<span class="imgedit-scale-warn" id="imgedit-scale-warn-<?php echo $post_id; ?>"><span class="dashicons dashicons-warning" aria-hidden="true"></span><?php esc_html_e( 'Images cannot be scaled to a size larger than the original.' ); ?></span>
 						</fieldset>
 						</div>
 					</div>

wp-admin/includes/media.php

@@ -1664,7 +1664,8 @@ function get_media_item( $attachment_id, $args = null ) {
 	$meta       = wp_get_attachment_metadata( $post->ID );
 
 	if ( isset( $meta['width'], $meta['height'] ) ) {
-		$media_dims .= "<span id='media-dims-$post->ID'>{$meta['width']}&nbsp;&times;&nbsp;{$meta['height']}</span> ";
+		/* translators: 1: A number of pixels wide, 2: A number of pixels tall. */
+		$media_dims .= "<span id='media-dims-$post->ID'>" . sprintf( __( '%1$s by %2$s pixels' ), $meta['width'], $meta['height'] ) . '</span>';
 	}
 
 	/**
@@ -3240,7 +3241,8 @@ function edit_form_image_editor( $post ) {
 		printf(
 			/* translators: 1: Link to tutorial, 2: Additional link attributes, 3: Accessibility text. */
 			__( '<a href="%1$s" %2$s>Learn how to describe the purpose of the image%3$s</a>. Leave empty if the image is purely decorative.' ),
-			esc_url( 'https://www.w3.org/WAI/tutorials/images/decision-tree' ),
+			/* translators: Localized tutorial, if one exists. W3C Web Accessibility Initiative link has list of existing translations. */
+			esc_url( __( 'https://www.w3.org/WAI/tutorials/images/decision-tree/' ) ),
 			'target="_blank" rel="noopener"',
 			sprintf(
 				'<span class="screen-reader-text"> %s</span>',
@@ -3306,7 +3308,8 @@ function attachment_submitbox_metadata() {
 	$meta       = wp_get_attachment_metadata( $attachment_id );
 
 	if ( isset( $meta['width'], $meta['height'] ) ) {
-		$media_dims .= "<span id='media-dims-$attachment_id'>{$meta['width']}&nbsp;&times;&nbsp;{$meta['height']}</span> ";
+		/* translators: 1: A number of pixels wide, 2: A number of pixels tall. */
+		$media_dims .= "<span id='media-dims-$attachment_id'>" . sprintf( __( '%1$s by %2$s pixels' ), $meta['width'], $meta['height'] ) . '</span>';
 	}
 	/** This filter is documented in wp-admin/includes/media.php */
 	$media_dims = apply_filters( 'media_meta', $media_dims, $post );
@@ -3441,6 +3444,9 @@ function attachment_submitbox_metadata() {
 							echo ' ' . strtoupper( esc_html( $meta['bitrate_mode'] ) );
 						}
 						break;
+					case 'length_formatted':
+						echo human_readable_duration( $meta['length_formatted'] );
+						break;
 					default:
 						echo esc_html( $meta[ $key ] );
 						break;

wp-admin/includes/meta-boxes.php

@@ -1679,13 +1679,15 @@ function register_and_do_post_meta_boxes( $post ) {
 		add_meta_box( 'commentstatusdiv', __( 'Discussion' ), 'post_comment_status_meta_box', null, 'normal', 'core', array( '__back_compat_meta_box' => true ) );
 	}
 
-	$stati = get_post_stati( array( 'public' => true ) );
-	if ( empty( $stati ) ) {
-		$stati = array( 'publish' );
-	}
-	$stati[] = 'private';
+	$statuses = get_post_stati( array( 'public' => true ) );
 
-	if ( in_array( get_post_status( $post ), $stati, true ) ) {
+	if ( empty( $statuses ) ) {
+		$statuses = array( 'publish' );
+	}
+
+	$statuses[] = 'private';
+
+	if ( in_array( get_post_status( $post ), $statuses, true ) ) {
 		/*
 		 * If the post type support comments, or the post has comments,
 		 * allow the Comments meta box.

wp-admin/includes/misc.php

@@ -556,7 +556,7 @@ function wp_print_plugin_file_tree( $tree, $label = '', $level = 2, $size = 1, $
 }
 
 /**
- * Flushes rewrite rules if siteurl, home or page_on_front changed.
+ * Flushes rewrite rules if `siteurl`, `home` or `page_on_front` changed.
  *
  * @since 2.1.0
  *
@@ -575,13 +575,12 @@ function update_home_siteurl( $old_value, $value ) {
 	}
 }
 
-
 /**
- * Resets global variables based on $_GET and $_POST.
+ * Resets global variables based on `$_GET` and `$_POST`.
  *
  * This function resets global variables based on the names passed
- * in the $vars array to the value of $_POST[$var] or $_GET[$var] or ''
- * if neither is defined.
+ * in the `$vars` array to the value of `$_POST[$var]` or `$_GET[$var]` or an
+ * empty string if neither is defined.
  *
  * @since 2.0.0
  *
@@ -755,7 +754,7 @@ function set_screen_options() {
 				/**
 				 * Filters a screen option value before it is set.
 				 *
-				 * The filter can also be used to modify non-standard [items]_per_page
+				 * The filter can also be used to modify non-standard `[items]_per_page`
 				 * settings. See the parent function for a full list of standard options.
 				 *
 				 * Returning false from the filter will skip saving the current option.
@@ -1305,7 +1304,7 @@ function wp_refresh_metabox_loader_nonces( $response, $data ) {
 }
 
 /**
- * Adds the latest Heartbeat and REST-API nonce to the Heartbeat response.
+ * Adds the latest Heartbeat and REST API nonce to the Heartbeat response.
  *
  * @since 5.0.0
  *
@@ -1399,11 +1398,11 @@ function wp_admin_canonical_url() {
 	$filtered_url = remove_query_arg( $removable_query_args, $current_url );
 
 	/**
-	 * Filters the admin canonical url value.
+	 * Filters the admin canonical URL value.
 	 *
 	 * @since 6.5.0
 	 *
-	 * @param string $filtered_url The admin canonical url value.
+	 * @param string $filtered_url The admin canonical URL value.
 	 */
 	$filtered_url = apply_filters( 'wp_admin_canonical_url', $filtered_url );
 	?>
@@ -1647,8 +1646,8 @@ function wp_check_php_version() {
 
 	$response['is_lower_than_future_minimum'] = false;
 
-	// The minimum supported PHP version will be updated to 7.2. Check if the current version is lower.
-	if ( version_compare( $version, '7.2', '<' ) ) {
+	// The minimum supported PHP version will be updated to 7.4 in the future. Check if the current version is lower.
+	if ( version_compare( $version, '7.4', '<' ) ) {
 		$response['is_lower_than_future_minimum'] = true;
 
 		// Force showing of warnings.

wp-admin/includes/ms.php

@@ -1169,6 +1169,6 @@ function get_site_screen_help_tab_args() {
  */
 function get_site_screen_help_sidebar_content() {
 	return '<p><strong>' . __( 'For more information:' ) . '</strong></p>' .
-		'<p>' . __( '<a href="https://wordpress.org/documentation/article/network-admin-sites-screen/">Documentation on Site Management</a>' ) . '</p>' .
+		'<p>' . __( '<a href="https://developer.wordpress.org/advanced-administration/multisite/admin/#network-admin-sites-screen">Documentation on Site Management</a>' ) . '</p>' .
 		'<p>' . __( '<a href="https://wordpress.org/support/forum/multisite/">Support forums</a>' ) . '</p>';
 }

wp-admin/includes/network.php

@@ -33,8 +33,9 @@ function network_domain_check() {
  * @return bool Whether subdomain installation is allowed
  */
 function allow_subdomain_install() {
-	$domain = preg_replace( '|https?://([^/]+)|', '$1', get_option( 'home' ) );
-	if ( parse_url( get_option( 'home' ), PHP_URL_PATH ) || 'localhost' === $domain || preg_match( '|^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$|', $domain ) ) {
+	$home   = get_option( 'home' );
+	$domain = parse_url( $home, PHP_URL_HOST );
+	if ( parse_url( $home, PHP_URL_PATH ) || 'localhost' === $domain || preg_match( '|^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$|', $domain ) ) {
 		return false;
 	}
 
@@ -148,26 +149,8 @@ function network_step1( $errors = false ) {
 		die();
 	}
 
-	$hostname  = get_clean_basedomain();
-	$has_ports = strstr( $hostname, ':' );
-	if ( ( false !== $has_ports && ! in_array( $has_ports, array( ':80', ':443' ), true ) ) ) {
-		wp_admin_notice(
-			'<strong>' . __( 'Error:' ) . '</strong> ' . __( 'You cannot install a network of sites with your server address.' ),
-			array(
-				'additional_classes' => array( 'error' ),
-			)
-		);
-
-		echo '<p>' . sprintf(
-			/* translators: %s: Port number. */
-			__( 'You cannot use port numbers such as %s.' ),
-			'<code>' . $has_ports . '</code>'
-		) . '</p>';
-		echo '<a href="' . esc_url( admin_url() ) . '">' . __( 'Go to Dashboard' ) . '</a>';
-		echo '</div>';
-		require_once ABSPATH . 'wp-admin/admin-footer.php';
-		die();
-	}
+	// Strip standard port from hostname.
+	$hostname = preg_replace( '/(?::80|:443)$/', '', get_clean_basedomain() );
 
 	echo '<form method="post">';
 
@@ -694,7 +677,7 @@ define( 'BLOG_ID_CURRENT_SITE', 1 );
 		printf(
 			/* translators: %s: Documentation URL. */
 			__( 'It seems your network is running with Nginx web server. <a href="%s">Learn more about further configuration</a>.' ),
-			__( 'https://wordpress.org/documentation/article/nginx/' )
+			__( 'https://developer.wordpress.org/advanced-administration/server/web-server/nginx/' )
 		);
 		echo '</p></li>';
 

wp-admin/includes/plugin-install.php

@@ -320,6 +320,8 @@ function install_search_form( $deprecated = true ) {
 	?>
 	<form class="search-form search-plugins" method="get">
 		<input type="hidden" name="tab" value="search" />
+		<label for="search-plugins"><?php _e( 'Search Plugins' ); ?></label>
+		<input type="search" name="s" id="search-plugins" value="<?php echo esc_attr( $term ); ?>" class="wp-filter-search" />
 		<label class="screen-reader-text" for="typeselector">
 			<?php
 			/* translators: Hidden accessibility text. */
@@ -331,13 +333,6 @@ function install_search_form( $deprecated = true ) {
 			<option value="author"<?php selected( 'author', $type ); ?>><?php _e( 'Author' ); ?></option>
 			<option value="tag"<?php selected( 'tag', $type ); ?>><?php _ex( 'Tag', 'Plugin Installer' ); ?></option>
 		</select>
-		<label class="screen-reader-text" for="search-plugins">
-			<?php
-			/* translators: Hidden accessibility text. */
-			_e( 'Search Plugins' );
-			?>
-		</label>
-		<input type="search" name="s" id="search-plugins" value="<?php echo esc_attr( $term ); ?>" class="wp-filter-search" placeholder="<?php esc_attr_e( 'Search plugins...' ); ?>" />
 		<?php submit_button( __( 'Search Plugins' ), 'hide-if-js', false, false, array( 'id' => 'search-submit' ) ); ?>
 	</form>
 	<?php
@@ -917,7 +912,7 @@ function install_plugin_information() {
  * }
  * @param bool         $compatible_php   The result of a PHP compatibility check.
  * @param bool         $compatible_wp    The result of a WP compatibility check.
- * @return string $button The markup for the dependency row button.
+ * @return string The markup for the dependency row button.
  */
 function wp_get_plugin_action_button( $name, $data, $compatible_php, $compatible_wp ) {
 	$button           = '';
@@ -948,7 +943,7 @@ function wp_get_plugin_action_button( $name, $data, $compatible_php, $compatible
 	$all_plugin_dependencies_active    = $active_plugin_dependencies_count === $plugin_dependencies_count;
 
 	sprintf(
-		'<a class="install-now button" data-slug="%s" href="%s" aria-label="%s" data-name="%s">%s</a>',
+		'<a class="install-now button" data-slug="%s" href="%s" aria-label="%s" data-name="%s" role="button">%s</a>',
 		esc_attr( $data->slug ),
 		esc_url( $status['url'] ),
 		/* translators: %s: Plugin name and version. */
@@ -963,7 +958,7 @@ function wp_get_plugin_action_button( $name, $data, $compatible_php, $compatible
 				if ( $status['url'] ) {
 					if ( $compatible_php && $compatible_wp && $all_plugin_dependencies_installed && ! empty( $data->download_link ) ) {
 						$button = sprintf(
-							'<a class="install-now button" data-slug="%s" href="%s" aria-label="%s" data-name="%s">%s</a>',
+							'<a class="install-now button" data-slug="%s" href="%s" aria-label="%s" data-name="%s" role="button">%s</a>',
 							esc_attr( $data->slug ),
 							esc_url( $status['url'] ),
 							/* translators: %s: Plugin name and version. */
@@ -984,7 +979,7 @@ function wp_get_plugin_action_button( $name, $data, $compatible_php, $compatible
 				if ( $status['url'] ) {
 					if ( $compatible_php && $compatible_wp ) {
 						$button = sprintf(
-							'<a class="update-now button aria-button-if-js" data-plugin="%s" data-slug="%s" href="%s" aria-label="%s" data-name="%s">%s</a>',
+							'<a class="update-now button aria-button-if-js" data-plugin="%s" data-slug="%s" href="%s" aria-label="%s" data-name="%s" role="button">%s</a>',
 							esc_attr( $status['file'] ),
 							esc_attr( $data->slug ),
 							esc_url( $status['url'] ),
@@ -1031,7 +1026,7 @@ function wp_get_plugin_action_button( $name, $data, $compatible_php, $compatible
 						}
 
 						$button = sprintf(
-							'<a href="%1$s" data-name="%2$s" data-slug="%3$s" data-plugin="%4$s" class="button button-primary activate-now" aria-label="%5$s">%6$s</a>',
+							'<a href="%1$s" data-name="%2$s" data-slug="%3$s" data-plugin="%4$s" class="button button-primary activate-now" aria-label="%5$s" role="button">%6$s</a>',
 							esc_url( $activate_url ),
 							esc_attr( $name ),
 							esc_attr( $data->slug ),

wp-admin/includes/plugin.php

@@ -319,10 +319,8 @@ function get_plugins( $plugin_folder = '' ) {
 
 					closedir( $plugins_subdir );
 				}
-			} else {
-				if ( str_ends_with( $file, '.php' ) ) {
-					$plugin_files[] = $file;
-				}
+			} elseif ( str_ends_with( $file, '.php' ) ) {
+				$plugin_files[] = $file;
 			}
 		}
 

wp-admin/includes/post.php

@@ -1084,7 +1084,7 @@ function get_post_meta_by_id( $mid ) {
  *
  * @global wpdb $wpdb WordPress database abstraction object.
  *
- * @param int $postid A post ID.
+ * @param int $post_id A post ID.
  * @return array[] {
  *     Array of meta data arrays for the given post ID.
  *
@@ -1098,7 +1098,7 @@ function get_post_meta_by_id( $mid ) {
  *     }
  * }
  */
-function has_meta( $postid ) {
+function has_meta( $post_id ) {
 	global $wpdb;
 
 	return $wpdb->get_results(
@@ -1106,7 +1106,7 @@ function has_meta( $postid ) {
 			"SELECT meta_key, meta_value, meta_id, post_id
 			FROM $wpdb->postmeta WHERE post_id = %d
 			ORDER BY meta_key,meta_id",
-			$postid
+			$post_id
 		),
 		ARRAY_A
 	);
@@ -1139,7 +1139,7 @@ function update_meta( $meta_id, $meta_key, $meta_value ) {
  * @since 2.3.0
  * @access private
  *
- * @param int|object $post Post ID or post object.
+ * @param int|WP_Post $post Post ID or post object.
  * @return void|int|WP_Error Void if nothing fixed. 0 or WP_Error on update failure. The post ID on update success.
  */
 function _fix_attachment_links( $post ) {
@@ -1199,9 +1199,9 @@ function _fix_attachment_links( $post ) {
  * @return string[] An array of all the statuses for the supplied post type.
  */
 function get_available_post_statuses( $type = 'post' ) {
-	$stati = wp_count_posts( $type );
+	$statuses = wp_count_posts( $type );
 
-	return array_keys( get_object_vars( $stati ) );
+	return array_keys( get_object_vars( $statuses ) );
 }
 
 /**
@@ -1217,9 +1217,11 @@ function wp_edit_posts_query( $q = false ) {
 	if ( false === $q ) {
 		$q = $_GET;
 	}
-	$q['m']     = isset( $q['m'] ) ? (int) $q['m'] : 0;
-	$q['cat']   = isset( $q['cat'] ) ? (int) $q['cat'] : 0;
-	$post_stati = get_post_stati();
+
+	$q['m']   = isset( $q['m'] ) ? (int) $q['m'] : 0;
+	$q['cat'] = isset( $q['cat'] ) ? (int) $q['cat'] : 0;
+
+	$post_statuses = get_post_stati();
 
 	if ( isset( $q['post_type'] ) && in_array( $q['post_type'], get_post_types(), true ) ) {
 		$post_type = $q['post_type'];
@@ -1231,7 +1233,7 @@ function wp_edit_posts_query( $q = false ) {
 	$post_status      = '';
 	$perm             = '';
 
-	if ( isset( $q['post_status'] ) && in_array( $q['post_status'], $post_stati, true ) ) {
+	if ( isset( $q['post_status'] ) && in_array( $q['post_status'], $post_statuses, true ) ) {
 		$post_status = $q['post_status'];
 		$perm        = 'readable';
 	}
@@ -1461,7 +1463,7 @@ function get_sample_permalink( $post, $title = null, $name = null ) {
 	$original_filter = $post->filter;
 
 	// Hack: get_permalink() would return plain permalink for drafts, so we will fake that our post is published.
-	if ( in_array( $post->post_status, array( 'draft', 'pending', 'future' ), true ) ) {
+	if ( in_array( $post->post_status, array( 'auto-draft', 'draft', 'pending', 'future' ), true ) ) {
 		$post->post_status = 'publish';
 		$post->post_name   = sanitize_title( $post->post_name ? $post->post_name : $post->post_title, $post->ID );
 	}

wp-admin/includes/schema.php

@@ -594,9 +594,9 @@ function populate_options( array $options = array() ) {
 		}
 
 		if ( in_array( $option, $fat_options, true ) ) {
-			$autoload = 'no';
+			$autoload = 'off';
 		} else {
-			$autoload = 'yes';
+			$autoload = 'on';
 		}
 
 		if ( ! empty( $insert ) ) {

wp-admin/includes/update-core.php

@@ -753,6 +753,18 @@ $_old_files = array(
 	'wp-includes/navigation-fallback.php',
 	'wp-includes/blocks/navigation/view-modal.min.js',
 	'wp-includes/blocks/navigation/view-modal.js',
+	// 6.5
+	'wp-includes/ID3/license.commercial.txt',
+	'wp-includes/blocks/query/style-rtl.min.css',
+	'wp-includes/blocks/query/style.min.css',
+	'wp-includes/blocks/query/style-rtl.css',
+	'wp-includes/blocks/query/style.css',
+	'wp-admin/images/about-header-privacy.svg',
+	'wp-admin/images/about-header-about.svg',
+	'wp-admin/images/about-header-credits.svg',
+	'wp-admin/images/about-header-freedoms.svg',
+	'wp-admin/images/about-header-contribute.svg',
+	'wp-admin/images/about-header-background.svg',
 );
 
 /**

wp-admin/includes/update.php

@@ -923,48 +923,14 @@ function wp_print_admin_notice_templates() {
 		<div <# if ( data.id ) { #>id="{{ data.id }}"<# } #> class="notice {{ data.className }}"><p>{{{ data.message }}}</p></div>
 	</script>
 	<script id="tmpl-wp-bulk-updates-admin-notice" type="text/html">
-		<div id="{{ data.id }}" class="{{ data.className }} notice <# if ( data.errors ) { #>notice-error<# } else { #>notice-success<# } #>">
+		<div id="{{ data.id }}" class="{{ data.className }} notice <# if ( data.errorMessage ) { #>notice-error<# } else { #>notice-success<# } #>">
 			<p>
-				<# if ( data.successes ) { #>
-					<# if ( 1 === data.successes ) { #>
-						<# if ( 'plugin' === data.type ) { #>
-							<?php
-							/* translators: %s: Number of plugins. */
-							printf( __( '%s plugin successfully updated.' ), '{{ data.successes }}' );
-							?>
-						<# } else { #>
-							<?php
-							/* translators: %s: Number of themes. */
-							printf( __( '%s theme successfully updated.' ), '{{ data.successes }}' );
-							?>
-						<# } #>
-					<# } else { #>
-						<# if ( 'plugin' === data.type ) { #>
-							<?php
-							/* translators: %s: Number of plugins. */
-							printf( __( '%s plugins successfully updated.' ), '{{ data.successes }}' );
-							?>
-						<# } else { #>
-							<?php
-							/* translators: %s: Number of themes. */
-							printf( __( '%s themes successfully updated.' ), '{{ data.successes }}' );
-							?>
-						<# } #>
-					<# } #>
+				<# if ( data.successMessage ) { #>
+					{{{ data.successMessage }}}
 				<# } #>
-				<# if ( data.errors ) { #>
+				<# if ( data.errorMessage ) { #>
 					<button class="button-link bulk-action-errors-collapsed" aria-expanded="false">
-						<# if ( 1 === data.errors ) { #>
-							<?php
-							/* translators: %s: Number of failed updates. */
-							printf( __( '%s update failed.' ), '{{ data.errors }}' );
-							?>
-						<# } else { #>
-							<?php
-							/* translators: %s: Number of failed updates. */
-							printf( __( '%s updates failed.' ), '{{ data.errors }}' );
-							?>
-						<# } #>
+						{{{ data.errorMessage }}}
 						<span class="screen-reader-text">
 							<?php
 							/* translators: Hidden accessibility text. */
@@ -975,7 +941,7 @@ function wp_print_admin_notice_templates() {
 					</button>
 				<# } #>
 			</p>
-			<# if ( data.errors ) { #>
+			<# if ( data.errorMessages ) { #>
 				<ul class="bulk-action-errors hidden">
 					<# _.each( data.errorMessages, function( errorMessage ) { #>
 						<li>{{ errorMessage }}</li>

wp-admin/includes/upgrade.php

@@ -147,7 +147,7 @@ if ( ! function_exists( 'wp_install_defaults' ) ) :
 	 *
 	 * @global wpdb       $wpdb         WordPress database abstraction object.
 	 * @global WP_Rewrite $wp_rewrite   WordPress rewrite component.
-	 * @global string     $table_prefix
+	 * @global string     $table_prefix The database table prefix.
 	 *
 	 * @param int $user_id User ID.
 	 */

wp-admin/js/customize-controls.js

@@ -1799,7 +1799,7 @@
 						section.closeDetails();
 					} else {
 
-						// Escape from the inifinite scroll list.
+						// Escape from the infinite scroll list.
 						section.headerContainer.find( '.customize-themes-section-title' ).focus();
 					}
 					event.stopPropagation(); // Prevent section from being collapsed.
@@ -1917,7 +1917,7 @@
 			section.contentContainer.on( 'click', '.feature-filter-toggle', function( e ) {
 				var $themeContainer = $( '.customize-themes-full-container' ),
 					$filterToggle = $( e.currentTarget );
-				section.filtersHeight = $filterToggle.parent().next( '.filter-drawer' ).height();
+				section.filtersHeight = $filterToggle.parents( '.themes-filter-bar' ).next( '.filter-drawer' ).height();
 
 				if ( 0 < $themeContainer.scrollTop() ) {
 					$themeContainer.animate( { scrollTop: 0 }, 400 );
@@ -1932,7 +1932,7 @@
 					.attr( 'aria-expanded', function( i, attr ) {
 						return 'true' === attr ? 'false' : 'true';
 					})
-					.parent().next( '.filter-drawer' ).slideToggle( 180, 'linear' );
+					.parents( '.themes-filter-bar' ).next( '.filter-drawer' ).slideToggle( 180, 'linear' );
 
 				if ( $filterToggle.hasClass( 'open' ) ) {
 					var marginOffset = 1018 < window.innerWidth ? 50 : 76;
@@ -3739,7 +3739,7 @@
 		ready: function() {
 			var control = this, newItem;
 			if ( 'dropdown-pages' === control.params.type && control.params.allow_addition ) {
-				newItem = control.container.find( '.new-content-item' );
+				newItem = control.container.find( '.new-content-item-wrapper' );
 				newItem.hide(); // Hide in JS to preserve flex display when showing.
 				control.container.on( 'click', '.add-new-toggle', function( e ) {
 					$( e.currentTarget ).slideUp( 180 );
@@ -4085,7 +4085,7 @@
 			}
 
 			toggle = control.container.find( '.add-new-toggle' );
-			container = control.container.find( '.new-content-item' );
+			container = control.container.find( '.new-content-item-wrapper' );
 			input = control.container.find( '.create-item-input' );
 			title = input.val();
 			select = control.container.find( 'select' );
@@ -7199,7 +7199,7 @@
 			} ) );
 
 			/**
-			 * Return whether the pubish settings section should be active.
+			 * Return whether the publish settings section should be active.
 			 *
 			 * @return {boolean} Is section active.
 			 */

wp-admin/js/customize-widgets.js

@@ -388,7 +388,7 @@
 		},
 
 		/**
-		 * Adds keyboard accessiblity to the panel.
+		 * Adds keyboard accessibility to the panel.
 		 */
 		keyboardAccessible: function( event ) {
 			var isEnter = ( event.which === 13 ),

wp-admin/js/dashboard.js

@@ -92,7 +92,7 @@ jQuery( function($) {
 				setTimeout( function(){
 					// Request the widget content.
 					p.load( ajaxurl + '?action=dashboard-widgets&widget=' + id + '&pagenow=' + pagenow, '', function() {
-						// Hide the parent and slide it out for visual fancyness.
+						// Hide the parent and slide it out for visual fanciness.
 						p.hide().slideDown('normal', function(){
 							$(this).css('display', '');
 						});

wp-admin/js/editor-expand.js

@@ -1552,7 +1552,7 @@
 				// Bind and unbind based on the distraction free writing focus.
 				$document.on( 'dfw-on.focus', mceBind ).on( 'dfw-off.focus', mceUnbind );
 
-				// Focuse the editor when it is the target of the click event.
+				// Focus the editor when it is the target of the click event.
 				editor.on( 'click', function( event ) {
 					if ( event.target === editor.getDoc().documentElement ) {
 						editor.focus();

wp-admin/js/editor.js

@@ -265,7 +265,7 @@ window.wp = window.wp || {};
 		}
 
 		/**
-		 * Gets a list of unique shortcodes or shortcode-look-alikes in the content.
+		 * Gets a list of unique shortcodes or shortcode-lookalikes in the content.
 		 *
 		 * @param {string} content The content we want to scan for shortcodes.
 		 */
@@ -561,7 +561,7 @@ window.wp = window.wp || {};
 		 * By default TinyMCE wraps loose inline tags in a `<p>`.
 		 * When removing selection markers an empty `<p>` may be left behind, remove it.
 		 *
-		 * @param {Object} $marker The marker to be removed from the editor DOM, wrapped in an instnce of `editor.$`
+		 * @param {Object} $marker The marker to be removed from the editor DOM, wrapped in an instance of `editor.$`
 		 */
 		function removeSelectionMarker( $marker ) {
 			var $markerParent = $marker.parent();

wp-admin/js/theme-plugin-editor.js

@@ -191,7 +191,7 @@ wp.themePluginEditor = (function( $ ) {
 			return;
 		}
 
-		// Scroll ot the line that has the error.
+		// Scroll to the line that has the error.
 		if ( component.lintErrors.length ) {
 			component.instance.codemirror.setCursor( component.lintErrors[0].from.line );
 			return;

wp-admin/js/theme.js

@@ -926,7 +926,7 @@ themes.view.Preview = themes.view.Details.extend({
 
 		currentPreviewDevice = this.$el.data( 'current-preview-device' );
 		if ( currentPreviewDevice ) {
-			self.tooglePreviewDeviceButtons( currentPreviewDevice );
+			self.togglePreviewDeviceButtons( currentPreviewDevice );
 		}
 
 		themes.router.navigate( themes.router.baseUrl( themes.router.themePath + this.model.get( 'id' ) ), { replace: false } );
@@ -988,10 +988,10 @@ themes.view.Preview = themes.view.Details.extend({
 			.addClass( 'preview-' + device )
 			.data( 'current-preview-device', device );
 
-		this.tooglePreviewDeviceButtons( device );
+		this.togglePreviewDeviceButtons( device );
 	},
 
-	tooglePreviewDeviceButtons: function( newDevice ) {
+	togglePreviewDeviceButtons: function( newDevice ) {
 		var $devices = $( '.wp-full-overlay-footer .devices' );
 
 		$devices.find( 'button' )

wp-admin/js/updates.js

@@ -2637,41 +2637,16 @@
 		} );
 
 		/**
-		 * Click handler for plugin activations in plugin activation view.
+		 * Click handler for plugin activations in plugin activation modal view.
 		 *
 		 * @since 6.5.0
+		 * @since 6.5.4 Redirect the parent window to the activation URL.
 		 *
 		 * @param {Event} event Event interface.
 		 */
-		$pluginFilter.on( 'click', '.activate-now', function( event ) {
-			var $activateButton = $( event.target );
-
+		$document.on( 'click', '#plugin-information-footer .activate-now', function( event ) {
 			event.preventDefault();
-
-			if ( $activateButton.hasClass( 'activating-message' ) || $activateButton.hasClass( 'button-disabled' ) ) {
-				return;
-			}
-
-			$activateButton
-				.removeClass( 'activate-now button-primary' )
-				.addClass( 'activating-message' )
-				.attr(
-					'aria-label',
-					sprintf(
-						/* translators: %s: Plugin name. */
-						_x( 'Activating %s', 'plugin' ),
-						$activateButton.data( 'name' )
-					)
-				)
-				.text( __( 'Activating...' ) );
-
-			wp.updates.activatePlugin(
-				{
-					name: $activateButton.data( 'name' ),
-					slug: $activateButton.data( 'slug' ),
-					plugin: $activateButton.data( 'plugin' )
-				}
-			);
+			window.parent.location.href = $( event.target ).attr( 'href' );
 		});
 
 		/**
@@ -2938,13 +2913,41 @@
 
 				wp.updates.adminNotice = wp.template( 'wp-bulk-updates-admin-notice' );
 
+				var successMessage = null;
+
+				if ( success ) {
+					if ( 'plugin' === response.update ) {
+						successMessage = sprintf(
+							/* translators: %s: Number of plugins. */
+							_n( '%s plugin successfully updated.', '%s plugins successfully updated.', success ),
+							success
+						);
+					} else {
+						successMessage = sprintf(
+							/* translators: %s: Number of themes. */
+							_n( '%s theme successfully updated.', '%s themes successfully updated.', success ),
+							success
+						);
+					}
+				}
+
+				var errorMessage = null;
+
+				if ( error ) {
+					errorMessage = sprintf(
+						/* translators: %s: Number of failed updates. */
+						_n( '%s update failed.', '%s updates failed.', error ),
+						error
+					);
+				}
+
 				wp.updates.addAdminNotice( {
 					id:            'bulk-action-notice',
 					className:     'bulk-action-notice',
-					successes:     success,
-					errors:        error,
-					errorMessages: errorMessages,
-					type:          response.update
+					successMessage: successMessage,
+					errorMessage:   errorMessage,
+					errorMessages:  errorMessages,
+					type:           response.update
 				} );
 
 				$bulkActionNotice = $( '#bulk-action-notice' ).on( 'click', 'button', function() {

wp-admin/js/user-profile.js

@@ -5,6 +5,7 @@
 /* global ajaxurl, pwsL10n, userProfileL10n */
 (function($) {
 	var updateLock = false,
+		isSubmitting = false,
 		__ = wp.i18n.__,
 		$pass1Row,
 		$pass1,
@@ -15,6 +16,8 @@
 		$submitButtons,
 		$submitButton,
 		currentPass,
+		$form,
+		originalFormContent,
 		$passwordWrapper;
 
 	function generatePassword() {
@@ -454,6 +457,12 @@
 
 		bindPasswordForm();
 		bindPasswordResetLink();
+		$submitButtons.on( 'click', function() {
+			isSubmitting = true;
+		});
+
+		$form = $( '#your-profile, #createuser' );
+		originalFormContent = $form.serialize();
 	});
 
 	$( '#destroy-sessions' ).on( 'click', function( e ) {
@@ -481,7 +490,10 @@
 		if ( true === updateLock ) {
 			return __( 'Your new password has not been saved.' );
 		}
-	} );
+		if ( originalFormContent !== $form.serialize() && ! isSubmitting ) {
+			return __( 'The changes you made will be lost if you navigate away from this page.' );
+		}
+	});
 
 	/*
 	 * We need to generate a password as soon as the Reset Password page is loaded,

wp-admin/link-add.php

@@ -17,7 +17,9 @@ if ( ! current_user_can( 'manage_links' ) ) {
 $title       = __( 'Add New Link' );
 $parent_file = 'link-manager.php';
 
-wp_reset_vars( array( 'action', 'cat_id', 'link_id' ) );
+$action  = ! empty( $_REQUEST['action'] ) ? sanitize_text_field( $_REQUEST['action'] ) : '';
+$cat_id  = ! empty( $_REQUEST['cat_id'] ) ? absint( $_REQUEST['cat_id'] ) : 0;
+$link_id = ! empty( $_REQUEST['link_id'] ) ? absint( $_REQUEST['link_id'] ) : 0;
 
 wp_enqueue_script( 'link' );
 wp_enqueue_script( 'xfn' );

wp-admin/link.php

@@ -12,7 +12,9 @@
 /** Load WordPress Administration Bootstrap */
 require_once __DIR__ . '/admin.php';
 
-wp_reset_vars( array( 'action', 'cat_id', 'link_id' ) );
+$action  = ! empty( $_REQUEST['action'] ) ? sanitize_text_field( $_REQUEST['action'] ) : '';
+$cat_id  = ! empty( $_REQUEST['cat_id'] ) ? absint( $_REQUEST['cat_id'] ) : 0;
+$link_id = ! empty( $_REQUEST['link_id'] ) ? absint( $_REQUEST['link_id'] ) : 0;
 
 if ( ! current_user_can( 'manage_links' ) ) {
 	wp_link_manager_disabled_message();

wp-admin/load-scripts.php

@@ -45,7 +45,26 @@ wp_default_scripts( $wp_scripts );
 wp_default_packages_vendor( $wp_scripts );
 wp_default_packages_scripts( $wp_scripts );
 
-if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $wp_version ) {
+$etag = "WP:{$wp_version};";
+
+foreach ( $load as $handle ) {
+	if ( ! array_key_exists( $handle, $wp_scripts->registered ) ) {
+		continue;
+	}
+
+	$ver   = $wp_scripts->registered[ $handle ]->ver ? $wp_scripts->registered[ $handle ]->ver : $wp_version;
+	$etag .= "{$handle}:{$ver};";
+}
+
+/*
+ * This is not intended to be cryptographically secure, just a fast way to get
+ * a fixed length string based on the script versions. As this file does not
+ * load the full WordPress environment, it is not possible to use the salted
+ * wp_hash() function.
+ */
+$etag = 'W/"' . md5( $etag ) . '"';
+
+if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $etag ) {
 	header( "$protocol 304 Not Modified" );
 	exit;
 }
@@ -59,7 +78,7 @@ foreach ( $load as $handle ) {
 	$out .= get_file( $path ) . "\n";
 }
 
-header( "Etag: $wp_version" );
+header( "Etag: $etag" );
 header( 'Content-Type: application/javascript; charset=UTF-8' );
 header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + $expires_offset ) . ' GMT' );
 header( "Cache-Control: public, max-age=$expires_offset" );

wp-admin/load-styles.php

@@ -48,7 +48,26 @@ $out            = '';
 $wp_styles = new WP_Styles();
 wp_default_styles( $wp_styles );
 
-if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $wp_version ) {
+$etag = "WP:{$wp_version};";
+
+foreach ( $load as $handle ) {
+	if ( ! array_key_exists( $handle, $wp_styles->registered ) ) {
+		continue;
+	}
+
+	$ver   = $wp_styles->registered[ $handle ]->ver ? $wp_styles->registered[ $handle ]->ver : $wp_version;
+	$etag .= "{$handle}:{$ver};";
+}
+
+/*
+ * This is not intended to be cryptographically secure, just a fast way to get
+ * a fixed length string based on the script versions. As this file does not
+ * load the full WordPress environment, it is not possible to use the salted
+ * wp_hash() function.
+ */
+$etag = 'W/"' . md5( $etag ) . '"';
+
+if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $etag ) {
 	header( "$protocol 304 Not Modified" );
 	exit;
 }
@@ -84,7 +103,7 @@ foreach ( $load as $handle ) {
 	}
 }
 
-header( "Etag: $wp_version" );
+header( "Etag: $etag" );
 header( 'Content-Type: text/css; charset=UTF-8' );
 header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + $expires_offset ) . ' GMT' );
 header( "Cache-Control: public, max-age=$expires_offset" );

wp-admin/media.php

@@ -15,7 +15,7 @@ require_once __DIR__ . '/admin.php';
 $parent_file  = 'upload.php';
 $submenu_file = 'upload.php';
 
-wp_reset_vars( array( 'action' ) );
+$action = ! empty( $_REQUEST['action'] ) ? sanitize_text_field( $_REQUEST['action'] ) : '';
 
 switch ( $action ) {
 	case 'editattachment':

wp-admin/menu.php

@@ -206,7 +206,7 @@ if ( ! is_multisite() && current_user_can( 'update_themes' ) ) {
 if ( wp_is_block_theme() ) {
 	$submenu['themes.php'][6] = array( _x( 'Editor', 'site editor menu item' ), 'edit_theme_options', 'site-editor.php' );
 } else {
-	$submenu['themes.php'][6] = array( __( 'Patterns', 'site editor menu item' ), 'edit_theme_options', 'edit.php?post_type=wp_block' );
+	$submenu['themes.php'][6] = array( _x( 'Patterns', 'patterns menu item' ), 'edit_theme_options', 'edit.php?post_type=wp_block' );
 }
 
 if ( ! wp_is_block_theme() && current_theme_supports( 'block-template-parts' ) ) {

wp-admin/network.php

@@ -65,7 +65,7 @@ $network_help = '<p>' . __( 'This screen allows you to configure a network as ha
 	'<p>' . __( 'Once you add this code and refresh your browser, multisite should be enabled. This screen, now in the Network Admin navigation menu, will keep an archive of the added code. You can toggle between Network Admin and Site Admin by clicking on the Network Admin or an individual site name under the My Sites dropdown in the Toolbar.' ) . '</p>' .
 	'<p>' . __( 'The choice of subdirectory sites is disabled if this setup is more than a month old because of permalink problems with &#8220;/blog/&#8221; from the main site. This disabling will be addressed in a future version.' ) . '</p>' .
 	'<p><strong>' . __( 'For more information:' ) . '</strong></p>' .
-	'<p>' . __( '<a href="https://wordpress.org/documentation/article/create-a-network/">Documentation on Creating a Network</a>' ) . '</p>' .
+	'<p>' . __( '<a href="https://developer.wordpress.org/advanced-administration/multisite/create-network/">Documentation on Creating a Network</a>' ) . '</p>' .
 	'<p>' . __( '<a href="https://wordpress.org/documentation/article/tools-network-screen/">Documentation on the Network Screen</a>' ) . '</p>';
 
 get_current_screen()->add_help_tab(
@@ -78,7 +78,7 @@ get_current_screen()->add_help_tab(
 
 get_current_screen()->set_help_sidebar(
 	'<p><strong>' . __( 'For more information:' ) . '</strong></p>' .
-	'<p>' . __( '<a href="https://wordpress.org/documentation/article/create-a-network/">Documentation on Creating a Network</a>' ) . '</p>' .
+	'<p>' . __( '<a href="https://developer.wordpress.org/advanced-administration/multisite/create-network/">Documentation on Creating a Network</a>' ) . '</p>' .
 	'<p>' . __( '<a href="https://wordpress.org/documentation/article/tools-network-screen/">Documentation on the Network Screen</a>' ) . '</p>' .
 	'<p>' . __( '<a href="https://wordpress.org/support/forums/">Support forums</a>' ) . '</p>'
 );