All users can edit their own profile, as this ability is not linked to an explicit capability. Technically, it should map to the `exist` capability, which will be addressed at a later date.
See #31518
git-svn-id: https://develop.svn.wordpress.org/trunk@38860 602fd350-edb4-49c9-b593-d223f7449a82
In addition to `wp_list_filter()` for filtering a list of objects, and `wp_list_pluck()` for plucking a certain field out of each object in a list, this new function can be used for sorting a list of objects by specific fields. These functions are now all contained within the new `WP_List_Util()` class and `wp_list_sort()` is used in various parts of core for sorting lists.
Props flixos90, DrewAPicture, jorbin.
Fixes#37128.
git-svn-id: https://develop.svn.wordpress.org/trunk@38859 602fd350-edb4-49c9-b593-d223f7449a82
New default themes require workarounds being added to several unit tests, as they often alter default WordPress behaviour. To avoid ongoing maintenance issues, this change switches to a minimal theme when running tests.
This change also removes the old workarounds for default themes.
Fixes#31550.
git-svn-id: https://develop.svn.wordpress.org/trunk@38858 602fd350-edb4-49c9-b593-d223f7449a82
This removes the use of several `global $wpdb` instances, as well as bringing the ping functions into line with other post-related functions, which will accept a post ID or `WP_Post` object.
Props dshanke.
Fixes#38202.
git-svn-id: https://develop.svn.wordpress.org/trunk@38852 602fd350-edb4-49c9-b593-d223f7449a82
This was previously fixed in [38837], but it wasn't really the correct answer, to fix it in the theme. So, [38837] is reverted in this commit, and the Twenty Seventeen actions causing problems are unhooked before tests are run.
See #38372.
git-svn-id: https://develop.svn.wordpress.org/trunk@38850 602fd350-edb4-49c9-b593-d223f7449a82
[38792] allowed `WP_Query`'s hyphen-as-exclusion-prefix feature to be
disabled via filter. A more general solution is to allow the prefix to
be filtered; returning an empty value from a filter callback works to
disable the feature.
Props dlh.
Fixes#38099.
git-svn-id: https://develop.svn.wordpress.org/trunk@38844 602fd350-edb4-49c9-b593-d223f7449a82
There are some tests who's outcome can be affected by the default theme, so we need to ensure the Twenty Seventeen functionality is unhooked while the tests are running.
See #38372.
git-svn-id: https://develop.svn.wordpress.org/trunk@38842 602fd350-edb4-49c9-b593-d223f7449a82
This reverts [38454] along with its follow-up commits, [38512], [38514], and [38692]. These tests are currently not pass
ing, and maybe they never will. The tests are in a group which does not run by default without a flag, making them quest
ionably useful.
We can re-visit this at a later date.
See #32360
git-svn-id: https://develop.svn.wordpress.org/trunk@38840 602fd350-edb4-49c9-b593-d223f7449a82
There are some tests who's outcome can be affected by the default theme, so we need to ensure the Twenty Seventeen functionality is unhooked while the tests are running.
See #38372.
git-svn-id: https://develop.svn.wordpress.org/trunk@38838 602fd350-edb4-49c9-b593-d223f7449a82
- Fix leak in setup_notify_comment() test help by removing the comment_flood_filter.
- Correct uses of $term_taxonomy_id -> $term_id in Category and Tags routing.
- Temporarily remove the metadata tests for canola.jpg as that file does not have an exifdata. Will need to update the test.
Props jorbin, rmccue, nacin
See #38373.
git-svn-id: https://develop.svn.wordpress.org/trunk@38834 602fd350-edb4-49c9-b593-d223f7449a82
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.
Love your REST API, WordPress! The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"
Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes#38373.
git-svn-id: https://develop.svn.wordpress.org/trunk@38832 602fd350-edb4-49c9-b593-d223f7449a82
Use an inactive core theme for previewing theme switch instead of assuming `twentysixteen` is installed and active and `twentyfifteen` is not.
See #30937.
git-svn-id: https://develop.svn.wordpress.org/trunk@38830 602fd350-edb4-49c9-b593-d223f7449a82
* Custom CSS is associated with a given theme and is displayed in an inline `style` element at the `wp_head` hook after the `wp_print_styles` is called so that it overrides any enqueued stylesheets.
* A `wp_get_custom_css()` function is used for accessing the CSS associated with the current theme (or another theme) and a `wp_get_custom_css` filter for manipulating it.
* CSS is managed in customizer via a new "Additional CSS" section with a single `textarea` control.
* `WP_Customize_Section::$description_hidden` is introduced for hiding extended descriptions in customizer sections behind a help toggle as done with panels.
* CSS is stored in a `custom_css` post type with the theme (stylesheet) slug as the `post_name`.
* `WP_Customize_Custom_CSS_Setting` is introduced to handle validation of CSS, previewing, and persisting the CSS to the `custom_css` post type.
* The `custom_css` setting is tied to a new `unfiltered_css` capability which maps to `unfiltered_html` by default.
* Escaping the message in the notification template is removed to allow markup (`code` tags) to be rendered.
See https://make.wordpress.org/core/2016/10/11/feature-proposal-better-theme-customizations-via-custom-css-with-live-previews/
Props johnregan3, celloexpressions, folletto, westonruter.
Fixes#35395.
git-svn-id: https://develop.svn.wordpress.org/trunk@38829 602fd350-edb4-49c9-b593-d223f7449a82
[37920] introduced resource hints that allow browsers to prefetch specific pages or render them in the background. With this change, the `as`, `crossorigin`, `pr`, and `type` attributes can be passed in addition to the URLs/hosts.
Props peterwilsoncc, swissspidy.
Fixes#38121.
git-svn-id: https://develop.svn.wordpress.org/trunk@38826 602fd350-edb4-49c9-b593-d223f7449a82
This removes the fallbacks in `wp_get_attachment_image()` and in
`wp.media.string.props` which attempt to generate an `alt` value
from the image caption or title if an `alt` attribute isn't explicitly
set.
This allows for image HTML to be generated that contains an empty `alt`
value, i.e., `alt=""` which is much preferable for screen readers than
reading redundant content in the case of a caption, or when reading the
image title, which is often generated from the filename and not helpful
as `alt` text.
Props odie2, joedolson, rianrietveld, afercia, iamjolly, joemcgill.
Fixes#34635.
git-svn-id: https://develop.svn.wordpress.org/trunk@38812 602fd350-edb4-49c9-b593-d223f7449a82
Since there's no difference between using `date()` and `gmdate()` in WordPress, we can simply use the former in `date_i18n()` to reduce its complexity.
Adds tests.
Props jdgrimes for initial patch.
Fixes#37910.
git-svn-id: https://develop.svn.wordpress.org/trunk@38804 602fd350-edb4-49c9-b593-d223f7449a82
WordPress 4.4 introduced "hyphen exclusion" for search terms, so that
"foo -bar" would return posts containing "foo" AND not containing "bar".
The new filter 'wp_query_use_hyphen_for_exclusion' allows developers
to disable this feature when it's known that their content will contain
semantically important leading hyphens.
Props chriseverson, choongsavvii.
Fixes#38099.
git-svn-id: https://develop.svn.wordpress.org/trunk@38792 602fd350-edb4-49c9-b593-d223f7449a82
Support the index-style permalinks (http://example.com/index.php/postName) when registering the REST API rewrite rules and within the `get_rest_url()` function. This allows sites that do not have mod_rewrite support to have almost pretty urls and have access to their REST API endpoints.
Props kraftbj.
Fixes#38182.
git-svn-id: https://develop.svn.wordpress.org/trunk@38790 602fd350-edb4-49c9-b593-d223f7449a82
Adjusts `get_custom_logo()`, `get_site_icon_url()`, and `has_custom_logo()` so that when called in a switched state, the original switched stack is not adjusted.
Props achbed, flixos90.
Fixes#38253.
git-svn-id: https://develop.svn.wordpress.org/trunk@38786 602fd350-edb4-49c9-b593-d223f7449a82
This function was originally introduced to fix an XSS attack in Netscape 4, which never affected any other browsers, or later versions of Netscape.
I'm willing to go out on a limb, and say that we've officially dropped security support for Netscape 4.
Props dmsnell, desrosj.
Fixes#33848.
git-svn-id: https://develop.svn.wordpress.org/trunk@38785 602fd350-edb4-49c9-b593-d223f7449a82
Since 4.4, comment submission has been mostly abstracted into a function,
rather than being processed inline in wp-comments-post.php. This change
made it easier to write automated tests against the bulk of the comment
submission process. `wp_allow_comment()` remained untestable, however:
when a comment failed one of its checks (flooding, duplicates, etc),
`die()` or `wp_die()` would be called directly. This shortcoming posed
problems for any application attempting to use WP's comment verification
functions in an abstract way - from PHPUnit to the REST API.
The current changeset introduces a new parameter, `$avoid_die`, to the
`wp_new_comment()` stack. When set to `true`, `wp_new_comment()` and
`wp_allow_comment()` will return `WP_Error` objects when a comment check
fails. When set to `false` - the default, for backward compatibility -
a failed check will result in a `die()` or `wp_die()`, as appropriate.
Prior to this changeset, default comment flood checks took place in the
function `check_comment_flood_db()`, which was hooked to the
'check_comment_flood' action. This design allowed the default comment
flood routine to be bypassed or replaced using `remove_action()`.
In order to maintain backward compatibility with this usage, while
simultaneously converting the comment flood logic into something that
returns a value rather than calling `die()` directly,
`check_comment_flood_db()` has been changed into a wrapper function for
a call to `add_filter()`; this, in turn, adds the *actual* comment flood
check to a new filter, 'wp_is_comment_flood'. Note that direct calls
to `check_comment_flood_db()` will no longer do anything in isolation.
Props websupporter, rachelbaker.
Fixes#36901.
git-svn-id: https://develop.svn.wordpress.org/trunk@38778 602fd350-edb4-49c9-b593-d223f7449a82
Since [37573], `get_object_term_cache()` has expected term IDs to be
stored in the taxonomy relationship cache. The function would then
reach directly into the 'terms' cache to fetch the data corresponding
to a given term, before returning a `WP_Term` object. This caused
problems when, for one reason or another, term data was cached
inconsistently:
* If the 'terms' cache is empty for a given term ID, despite the earlier call to `_prime_term_caches()`, `get_term()` would return an error object.
* If the array of cached term IDs contains an invalid ID, `get_term()` would return an error object.
We avoid these errors by no longer touching the 'terms' cache directly,
but running term IDs through `get_term()` and allowing that function to
reference the cache (and database, as needed). If `get_term()` returns
an error object for any of the cached term IDs, `get_object_term_cache()`
will return that error object alone. This change ensures that upstream
functions, like `get_the_terms()`, return `WP_Error` objects in a
predictable fashion.
Props dd32, michalzuber.
Fixes#37291.
git-svn-id: https://develop.svn.wordpress.org/trunk@38776 602fd350-edb4-49c9-b593-d223f7449a82
Hiding the `$wpdb` global behind a property decreases the readability of the code, as well as causing irrelevant output when dumping an object.
Reverts [38275], [38278], [38279], [38280], [38387].
See #37699.
git-svn-id: https://develop.svn.wordpress.org/trunk@38768 602fd350-edb4-49c9-b593-d223f7449a82
Although unlikely, clashes in randomly generated strings could cause unexpected failures. In addition, most randomness is entirely unnecessary, is bad practice, and increases test time (however small it may be).
See #37371
git-svn-id: https://develop.svn.wordpress.org/trunk@38762 602fd350-edb4-49c9-b593-d223f7449a82
The position of this template within the hierarchy is of so little use that zero themes in the WordPress.org theme directory make use of it. It's second only to `index.php` in the hierarchy, meaning that any archive template such as `category.php` or `archive.php` will be chosen before it.
Fixes#38162
Props ryankienstra for initial patch
git-svn-id: https://develop.svn.wordpress.org/trunk@38755 602fd350-edb4-49c9-b593-d223f7449a82
This changes the global `$wp_taxonomies` to an array of `WP_Taxonomy ` objects. `WP_Taxonomy ` includes methods to handle rewrite rules and hooks.
Each taxonomy argument becomes a property of `WP_Taxonomy`. Introducing such a class makes further improvements in the future much more feasible.
Props boonebgorges for review.
Fixes#36224. See #36217.
git-svn-id: https://develop.svn.wordpress.org/trunk@38747 602fd350-edb4-49c9-b593-d223f7449a82
Trashed posts cannot be accessed by site visitors and thus should not be visible on the front end. By marking menu items of trashed posts as invalid, they are excluded from the output.
Props solarissmoke, swissspidy.
Fixes#19038.
git-svn-id: https://develop.svn.wordpress.org/trunk@38744 602fd350-edb4-49c9-b593-d223f7449a82
Use the value of the `comment_order` setting to determine the date_query key to pass to `WP_Comment_Query`.
Fixes a bug where sites that had comments ordered "newest" first would have the incorrect page number returned.
Props tyxla, boonebgorges.
Fixes#31101.
git-svn-id: https://develop.svn.wordpress.org/trunk@38740 602fd350-edb4-49c9-b593-d223f7449a82
When the 'comment_whitelist' option is enabled and the commenter is an authenticated user, query for the existence of an approved comment with a matching `user_id`. This allows authenticated users that have changed their email address to bypass having their comment held for moderation.
Props voldemortensen, rachelbaker.
Fixes#28603.
git-svn-id: https://develop.svn.wordpress.org/trunk@38738 602fd350-edb4-49c9-b593-d223f7449a82
Following [38625], any media searches that already included JOINs,
e.g., `tax_queries`, would get trampled when we joined the post meta
table to search for filenames. This preserves existing JOINs and
also only applies the `_filter_query_attachment_filenames()` filter
when a search query is being performed.
Props flixos90, joemcgill.
Fixes#22744.
git-svn-id: https://develop.svn.wordpress.org/trunk@38733 602fd350-edb4-49c9-b593-d223f7449a82
[38694] revealed some URL formats were been parsed incorrectly, including those used by Google Fonts. This change simplifies the function to use placeholder values which cause PHP's parsing to behave consistently.
Props jrf, peterwilsoncc.
Fixes#36356.
git-svn-id: https://develop.svn.wordpress.org/trunk@38726 602fd350-edb4-49c9-b593-d223f7449a82
New parameters are: `login`, `login__in`, `login__not_in`, `nicename`,
`nicename__in`, `nicename__not_in`.
`login__in` and `nicename__in` are also now valid values for the
'orderby' parameter.
Props ryanplas.
Fixes#36624.
git-svn-id: https://develop.svn.wordpress.org/trunk@38715 602fd350-edb4-49c9-b593-d223f7449a82
The addition of the `pre_do_shortcode_tag` in [38506] allows plugins to short-circuit the shortcode execution process, which is particularly helpful for caching expensive shortcodes.
The `do_shortcode_tag` is the corresponding part of that system - when a shortcode hasn't been executed previously, there needs to be a clean method of populating the cache.
Props flixos90.
Fixes#32790.
git-svn-id: https://develop.svn.wordpress.org/trunk@38713 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a bug where the UI wasn't updated after deleting/updating a theme.
Also introduces unit tests for theme management ajax handlers. For now they're
focused on `wp_ajax_update_theme()` but they can include tests for other
handlers as well.
Props chrisjean for initial patch.
Fixes#37924.
git-svn-id: https://develop.svn.wordpress.org/trunk@38710 602fd350-edb4-49c9-b593-d223f7449a82
After [38634], this adjusts the behaviour to remove redundancy by not displaying the link if the latest posts are shown on the front page. In that scenario, the 'Visit Site' link already points to the latest posts.
Fixes#34113.
git-svn-id: https://develop.svn.wordpress.org/trunk@38708 602fd350-edb4-49c9-b593-d223f7449a82
By enabling the user to select their preferred locale when editing the profile, we allow for greater personalization of the WordPress admin and therefore a better user experience.
The back end will be displayed in the user's individual locale while the locale used on the front end equals the one set for the whole site. If the user didn't specify a locale, the site's locale will be used as a fallback. The new `locale` property of the `WP_User` class can be used to retrieve the user's locale setting.
Props ocean90, ipm-frommen, swissspidy.
Fixes#29783.
git-svn-id: https://develop.svn.wordpress.org/trunk@38705 602fd350-edb4-49c9-b593-d223f7449a82
Blindly casting IDs to absolute integers in `get_metadata_by_mid()`, `update_metadata_by_mid()` and `delete_metadata_by_mid()` can cause unexpected behaviour when a floating or negative number is passed.
Fixes#37746.
git-svn-id: https://develop.svn.wordpress.org/trunk@38699 602fd350-edb4-49c9-b593-d223f7449a82
This introduces the singular `edit_term`, `delete_term`, and `assign_term` meta capabilities for terms, and switches the base capability name for tags from `manage_categories` to `manage_post_tags` and the corresponding `edit_post_tags`, `delete_post_tags`, and `assign_post_tags`.
All of these capabilities ultimately map to `manage_categories` so by default there is no change in the behaviour of the capabilities for categories, tags, or custom taxonomies. The `map_meta_cap` filter and the `capabilities` argument when registering a taxonomy now allow for control over editing, deleting, and assigning individual terms, as well as a separation of capabilities for tags from those of categories.
Fixes#35614
Props johnjamesjacoby for feedback
git-svn-id: https://develop.svn.wordpress.org/trunk@38698 602fd350-edb4-49c9-b593-d223f7449a82
* Dailymotion: Use an URL for an existing video.
* Facebook: Remove URLs which don't exist and update provider map for [38691].
See #32360.
git-svn-id: https://develop.svn.wordpress.org/trunk@38692 602fd350-edb4-49c9-b593-d223f7449a82
It is possible to short circuit `get_site_by_path()` using the `pre_get_site_by_path` filter. When this happens and a standard site object is provided, we can make sure it is upgraded to a proper `WP_Site` object before passing it on.
Props flixos90.
Fixes#37053.
git-svn-id: https://develop.svn.wordpress.org/trunk@38681 602fd350-edb4-49c9-b593-d223f7449a82
Globals like `$pages` were leaking between tests, resulting in various
bits of weirdness.
Globals will kill WordPress. Globals are killing WordPress.
See #38196.
git-svn-id: https://develop.svn.wordpress.org/trunk@38678 602fd350-edb4-49c9-b593-d223f7449a82
`WP_Term_Query` already supports querying terms by 'slug', 'name', and 'term_taxonomy_id'. Its additional arguments allow us to generate nearly the same SQL queries as before.
This change has one yuge benefit: the term queries are now cached.
Add tests to increase coverage of `get_term_by()`.
Props spacedmonkey, boonebgorges, johnjamesjacoby, pento, ocean90.
Fixes#21760.
git-svn-id: https://develop.svn.wordpress.org/trunk@38677 602fd350-edb4-49c9-b593-d223f7449a82
Introduces some consistency in the usage of the button CSS classes, fixes the
focus style for accessibility and responsiveness of the buttons.
- Adds the `button` class to all primary buttons make them responsive
- Removes all `secondary-button` classes and replaces it with button when needed. `button-secondary` shouldn't be used and exists just for backward compatibility reasons
- Replaces classes inside `submit_button()` with a shorthand for some buttons, and use an empty string for the default `button` class. Passing `button` is unnecessary
- Adjusts `get_submit_button()` to remove empty items
Props iseulde, dimchik, chris_d2d, mhowell, afercia.
Fixes#27314, #37138, #37448.
git-svn-id: https://develop.svn.wordpress.org/trunk@38672 602fd350-edb4-49c9-b593-d223f7449a82
The new 'object_ids' parameter for `WP_Term_Query` allows queries for
terms that "belong to" a given object. This change makes it possible
to use `WP_Term_Query` inside of `wp_get_object_terms()`, rather than
assembling a SQL query.
The refactor has a couple of benefits:
* Less redundancy.
* Better consistency in accepted arguments between the term query functions. See #31105.
* Less redundancy.
* Object term queries are now cached. The `get_object_term_cache()` cache remains, and will be a somewhat less fragile secondary cache in front of the query cache (which is subject to frequent invalidation).
* Less redundancy.
A small breaking change: Previously, if a non-hierarchical taxonomy had
terms that had a non-zero 'parent' (perhaps because of a direct SQL
query), `wp_get_object_terms()` would respect the 'parent' argument.
This is in contrast to `WP_Term_Query` and `get_terms()`, which have
always rejected 'parent' queries for non-hierarchical taxonomies. For
consistency, the behavior of `get_terms()` is being applied across the
board: passing 'parent' for a non-hierarchical taxonomy will result in
an empty result set (since the cached taxonomy hierarchy will be empty).
Props flixos90, boonebgorges.
See #37198.
git-svn-id: https://develop.svn.wordpress.org/trunk@38667 602fd350-edb4-49c9-b593-d223f7449a82
Because queries generated via `get_sites()` are cached, we can remove the `get_id_from_blogname` cache key.
Props flixos90.
Fixes#38175.
git-svn-id: https://develop.svn.wordpress.org/trunk@38659 602fd350-edb4-49c9-b593-d223f7449a82
Previously, if a network's domain started with `www.` in a subdomain configuration, a slug lookup with `get_id_from_blogname()` would not match an existing site. A similar lookup in a subdirectory configuration would work fine.
This strips `www.` from the network's domain in a subdomain configuration during the lookup and returns the site as expected.
Adds tests which would previously fail in a subdomain configuration, but now pass in both configurations.
Props igmoweb, flixos90.
Fixes#34450.
git-svn-id: https://develop.svn.wordpress.org/trunk@38658 602fd350-edb4-49c9-b593-d223f7449a82
An empty string in `WPLANG` is used to define the site language as `en_US`. The `! empty()` check didn't catch this case so that `wpmu_create_blog()` fell back to the network setting.
Fixes#36918.
git-svn-id: https://develop.svn.wordpress.org/trunk@38655 602fd350-edb4-49c9-b593-d223f7449a82
`wp_dropdown_users()` contains a whitelist of function params that are
passed through to `get_users()`. `role`, `role__in`, and `role__not_in`
have now been added to this whitelist.
Props sillybean.
Fixes#38135.
git-svn-id: https://develop.svn.wordpress.org/trunk@38651 602fd350-edb4-49c9-b593-d223f7449a82
Removes contents for sections and panels from being logically nested (in the DOM) in order to eliminate many issues related to using `margin-top` hacks. The element containing the link to expand the content element for panels and sections is now a sibling element to its content element: the content is removed from being nested at initialization. The content element is now available in a `contentContainer` property whereas the head element (containing the link to open the construct) is in a `headContainer` property. The existing `container` property is now a jQuery collection that contains both of these elements. Since the head element is no longer in an ancestor element to the `content` element, the `aria-owns` property is now used to maintain the relationship between the `headContainer` and the `contentContainer`. These changes are also accompanied by an improvement to the animation performance for the sliding panes.
Props delawski, celloexpressions.
Fixes#34391.
Fixes#34344.
Fixes#35947.
git-svn-id: https://develop.svn.wordpress.org/trunk@38648 602fd350-edb4-49c9-b593-d223f7449a82
This adds a new link to visit the post type archive if the post type supports it. Also introduces a new `view_items` label to `get_post_type_labels()`.
Props paulwilde, akibjorklund, swissspidy.
Fixes#34113.
git-svn-id: https://develop.svn.wordpress.org/trunk@38634 602fd350-edb4-49c9-b593-d223f7449a82
This applies a new private function, `_filter_query_attachment_filenames()`,
to the `post_clauses` filter hook during `wp_ajax_query_attachments()` and
`wp_edit_attachments_query_vars()` to include `_wp_attached_file` post meta
in search queries performed from the media library or in a `WP_Media_List_Table`.
Props wonderboymusic, DrewAPicture, joemcgill, swissspidy.
Fixes#22744.
git-svn-id: https://develop.svn.wordpress.org/trunk@38625 602fd350-edb4-49c9-b593-d223f7449a82
If there are no pages when the customizer is opened, the `static_front_page` section will be hidden. As soon as a page is created in the customizer session, the `static_front_page` section will be revealed. Previously the section would not be registered if there were no pages. Page stubs created via nav menus will appear in the `dropdown-pages` controls for `page_for_posts` and `page_on_front`, and such page stubs will thus cause the `static_front_page` section to appear. Plugins that facilitate page creation in the customizer by filtering `get_pages` will also cause the section to appear.
See #34923.
Fixes#38013.
git-svn-id: https://develop.svn.wordpress.org/trunk@38624 602fd350-edb4-49c9-b593-d223f7449a82
Use original title as placeholder for label and in control title. Prevent original title from overriding empty label in initial setting values.
Fixes#38015.
git-svn-id: https://develop.svn.wordpress.org/trunk@38618 602fd350-edb4-49c9-b593-d223f7449a82
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.
Props joemcgill.
Fixes#37989.
git-svn-id: https://develop.svn.wordpress.org/trunk@38614 602fd350-edb4-49c9-b593-d223f7449a82
Give developers the opportunity to reject incoming data without using the validation callback. It also enables us to do sanitization and validation in one function in instances where this could be useful.
Props websupporter, rmccue.
Fixes#37560.
git-svn-id: https://develop.svn.wordpress.org/trunk@38601 602fd350-edb4-49c9-b593-d223f7449a82
`wpautop()` considers double line breaks to be the separator between block level HTML elements. By adding two line breaks before a block element, this allows us to process the text before a block element correctly.
Fixes#4857.
git-svn-id: https://develop.svn.wordpress.org/trunk@38592 602fd350-edb4-49c9-b593-d223f7449a82
When comparing index definitions, normalise the index names to lower case, as they are not case sensitive within MySQL.
Fixes#34874.
git-svn-id: https://develop.svn.wordpress.org/trunk@38591 602fd350-edb4-49c9-b593-d223f7449a82
Re-use the same query vars in searching as when listing posts. Aligns with behavior of nav menus in customizer.
Fixes#33742.
Props welcher, westonruter.
git-svn-id: https://develop.svn.wordpress.org/trunk@38584 602fd350-edb4-49c9-b593-d223f7449a82
This affects category, tag, and custom taxonomy archives, and single posts, pages, and custom post types.
Fixes#37655
git-svn-id: https://develop.svn.wordpress.org/trunk@38583 602fd350-edb4-49c9-b593-d223f7449a82
The `tests_add_filter()` helper function directly manipulates the `$wp_filter` global, instead of using `add_filter()`. We can use `add_filter()` when it's available, and fall back to manipulating `$wp_filter` when it isn't, relying on the `$wp_filter` bootstrap code at the top of `plugin.php` to handle conversion.
Props boonebgorges, dd32 and pento: WordPress Thought Leadership Triumvirate.
Fixes#17817.
git-svn-id: https://develop.svn.wordpress.org/trunk@38582 602fd350-edb4-49c9-b593-d223f7449a82
Sometimes, `DB_CHARSET` will be set to `utf8mb4`, even if the current setup doesn't support `utf8mb4`. After [38442], this can cause significant character set failures, causing the connection to fall back to `latin1`.
Instead of doing this, we now check that the connection supports `utf8mb4` before trying to use it, and fall back to `utf8` when we need to.
Fixes#37982 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@38580 602fd350-edb4-49c9-b593-d223f7449a82
The most useful function this introduces is `get_theme_file_uri()`, which returns the URL to the specified file in the child theme if it exists, and falls back to the URL to the specified file in the parent theme. This allows parent themes to reference files (including enqueuing CSS and JavaScript files) that can be overridden by the child theme simply by existing.
This change also introduces `get_theme_file_path()`, which is the file path equivalent of `get_theme_file_uri()`.
Finally, `get_parent_theme_file_uri()` and `get_parent_theme_file_path()` are also introduced, which allow a theme to specifically reference a file URL or file path in the parent theme. These can be used as replacements for `get_template_directory_uri()` and `get_template_directory()` respectively, for consistency.
Props johnbillion, georgestephanis, gma992.
Fixes#18302
git-svn-id: https://develop.svn.wordpress.org/trunk@38578 602fd350-edb4-49c9-b593-d223f7449a82
[34670] made the displayed permalink clickable. For posts that were pending review, the permalink wasn't being properly generated so the link wouldn't go to the preview.
Props knutsp, enshrined.
Fixes#37423.
git-svn-id: https://develop.svn.wordpress.org/trunk@38572 602fd350-edb4-49c9-b593-d223f7449a82
Filters and actions have been the basis of WordPress' plugin functionality since time immemorial, they've always been a reliable method for acting upon the current state of WordPress, and will continue to be so.
Over the years, however, edge cases have cropped up. Particularly when it comes to recursively executing hooks, or a hook adding and removing itself, the existing implementation struggled to keep up with more complex use cases.
And so, we introduce `WP_Hook`. By changing `$wp_filter` from an array of arrays, to an array of objects, we reduce the complexity of the hook handling code, as the processing code (see `::apply_filters()`) only needs to be aware of itself, rather than the state of all hooks. At the same time, we're able te handle more complex use cases, as the object can more easily keep track of its own state than an array ever could.
Props jbrinley for the original architecture and design of this patch.
Props SergeyBiryukov, cheeserolls, Denis-de-Bernardy, leewillis77, wonderboymusic, nacin, jorbin, DrewAPicture, ocean90, dougwollison, khag7, pento, noplanman and aaroncampbell for their testing, suggestions, contributions, patch maintenance, cajoling and patience as we got through this.
Fixes#17817.
git-svn-id: https://develop.svn.wordpress.org/trunk@38571 602fd350-edb4-49c9-b593-d223f7449a82
Adds an `item_spacing` option to the arguments array for the functions `wp_nav_menu()`, `wp_list_pages()`, and `wp_page_menu()`. `item_spacing` is a boolean accepting either `preserve` or `discard`.
Previously, certain CSS choices could result in a site's layout changing if `wp_nav_menu()` fell back to the default `wp_list_pages()` due to differences in the whitespace within the HTML. The new argument ensures a function outputs consistant HTML while maintaining backward compatibility.
Fixes#35206.
git-svn-id: https://develop.svn.wordpress.org/trunk@38523 602fd350-edb4-49c9-b593-d223f7449a82
* Eliminates the server mutating the a `WP_Error`'s `$error_data` to merge-in a `$from_server` flag (since it may not be an array to begin with). Instead it defers to the client to add a `fromServer` param on any `Notification` instances created from server-sent errors.
* Ensures that notifications will be re-rendered if a notification's `message` changes but the `data` and `type` remain the same.
* Adds explicit support for the `Notification` class to have a `setting` property, ensuring that the property is set whereas previously it was dropped.
Fixes#37890.
Props westonruter, dlh.
git-svn-id: https://develop.svn.wordpress.org/trunk@38513 602fd350-edb4-49c9-b593-d223f7449a82
* Remove the manual flag for HTTPS support and replace it with a simple check on the URL format.
* Ensure `testOembedTestsCoverAllProviders()` actually fails when a new provider is added without a corresponding test.
See #32360
git-svn-id: https://develop.svn.wordpress.org/trunk@38512 602fd350-edb4-49c9-b593-d223f7449a82
When there is no post ID, there should be no edit link. This adds unit tests for it.
Fixes#22247.
Props akibjorklund.
git-svn-id: https://develop.svn.wordpress.org/trunk@38508 602fd350-edb4-49c9-b593-d223f7449a82
Previously, `wpdb::get_table_from_query()` would not find the correct table name in the query `DELETE a FROM table a`, due to not recognising the table alias immediately after the `DELETE` as correct syntax.
Fixes#37660.
git-svn-id: https://develop.svn.wordpress.org/trunk@38507 602fd350-edb4-49c9-b593-d223f7449a82
This filter allows the shortcode generation process to be short-circuited, so expensive short codes can be cached and returned immediately.
Props ideag.
Fixes#37906.
git-svn-id: https://develop.svn.wordpress.org/trunk@38506 602fd350-edb4-49c9-b593-d223f7449a82
This new filter allows the smilies array to be modified with a filter, instead of having to directly access the global.
Props mte90, jorbin.
Fixes#35905.
git-svn-id: https://develop.svn.wordpress.org/trunk@38504 602fd350-edb4-49c9-b593-d223f7449a82
The SQL query was built using the clauses compiled when querying for
top-level comments. But in cases where the top-level comment query
results are already in the cache, the SQL clauses are not built, and
so are unavailable for `fill_descendants()`. Instead, we call
`get_comments()`, using modified versions of the parameters passed
to the main `WP_Comment_Query` class.
Props Akeif, Rarst for testing.
Fixes#37696.
git-svn-id: https://develop.svn.wordpress.org/trunk@38446 602fd350-edb4-49c9-b593-d223f7449a82
This ensures compatibility with third-party tools using these classes
in their test suites, after [38285].
Props DylanAuty, Frank Klein, TimothyBlynJacobs.
Fixes#37523.
git-svn-id: https://develop.svn.wordpress.org/trunk@38445 602fd350-edb4-49c9-b593-d223f7449a82
Running the taxonomy array through `array_unique()` is unnecessary
when the function returns objects, because the associative keys already
ensure uniqueness.
This also fixes a bug when running `get_attachment_taxonomies()` in
HHVM, which doesn't like casting objects to strings for the purposes
of `array_unique()`.
Props swissspidy.
See #37368.
git-svn-id: https://develop.svn.wordpress.org/trunk@38437 602fd350-edb4-49c9-b593-d223f7449a82
Introduces the ability to create stubs for the various post types to add to a given menu. This eliminates the need to leave the customizer to first create the post in the admin and then return to managing menus. Only the title of the newly-created post can be supplied; the post content will be blank and will need to be provided in the normal edit post screen outside the customizer, unless a plugin enables a post editing in the customizer experience. When a post is created and added to a nav menu in the customizer, the newly created post that is added to a menu is given the `auto-draft` status, and if the changes are not published, the `auto-draft` post will be automatically deleted within 7 days via `wp_delete_auto_drafts()`. However, if the customizer changes are saved, then these nav menu item `auto-draft` post stubs will be transitioned to `publish`.
Includes portions of code from the Customize Posts <https://github.com/xwp/wp-customize-posts> and Front-end Editor <https://github.com/iseulde/wp-front-end-editor> plugins.
For more information, see https://make.wordpress.org/core/2016/06/16/feature-proposal-content-authorship-in-menus-with-live-preview/
Props celloexpressions, westonruter, valendesigns, afercia, melchoyce, mapk, iseulde, mrahmadawais.
Fixes#34923.
git-svn-id: https://develop.svn.wordpress.org/trunk@38436 602fd350-edb4-49c9-b593-d223f7449a82
After [38118], when previewing a page with a secondary loop, all post
thumbnails would be filtered to display the post thumbnail for the
page being previewed. This ensures `_wp_preview_post_thumbnail_filter()`
is only applied if the `$post_id` of the post meta being filtered is
equal to the post or page being previewed.
Props swisspidy, joemcgill.
Fixes#37697.
git-svn-id: https://develop.svn.wordpress.org/trunk@38433 602fd350-edb4-49c9-b593-d223f7449a82
When testing the transports, the transport name needs to be capitalized for the class name to be correct (`WP_Http_Curl` vs. `WP_Http_curl` ).
See #36335.
git-svn-id: https://develop.svn.wordpress.org/trunk@38416 602fd350-edb4-49c9-b593-d223f7449a82
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.
See #36335.
git-svn-id: https://develop.svn.wordpress.org/trunk@38411 602fd350-edb4-49c9-b593-d223f7449a82
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.
See #36335
git-svn-id: https://develop.svn.wordpress.org/trunk@38402 602fd350-edb4-49c9-b593-d223f7449a82
WordPress always* passes $args to filters as an array of arugments. A exception is made in `wp_nav_menu()` and the associated walker where these are passed to filters as an object, this has been the case for seven years (since [13368]).
These new tests enforce the use of an object in these filters to ensure backward compatibility is maintained.
See #24587.
git-svn-id: https://develop.svn.wordpress.org/trunk@38400 602fd350-edb4-49c9-b593-d223f7449a82
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.
The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php
We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php
When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.
The future is now.
See #36335.
git-svn-id: https://develop.svn.wordpress.org/trunk@38399 602fd350-edb4-49c9-b593-d223f7449a82
* Automatically delete objects that we were created during `wpSetUpBeforeClass` - posts, comments, terms (except 1), and user (except 1)
* The amount of leftover data between tests was breathtaking - use the new function: `_delete_all_data()`
* Commit database transactions for all `TestCase`s, not just those that implement `wpSetUpBeforeClass` and `wpTearDownAfterClass`
* The tests run 10-20 seconds faster now
See #37699.
git-svn-id: https://develop.svn.wordpress.org/trunk@38398 602fd350-edb4-49c9-b593-d223f7449a82
Blindly casting passed IDs to integers can generate false positives
when the ID is cast to `1`.
Props deeptiboddapati.
Fixes#37738.
git-svn-id: https://develop.svn.wordpress.org/trunk@38381 602fd350-edb4-49c9-b593-d223f7449a82
Let us remove the `$wp_site_icon` global. I will fall on the sword if this comes back to bite us (waiting with bated breath).
See #37699.
git-svn-id: https://develop.svn.wordpress.org/trunk@38355 602fd350-edb4-49c9-b593-d223f7449a82
By adding the `$output` parameter to `get_attachment_taxonomies()`, the
function signature matches that of `get_object_taxonomies()`. The change
also allows for more consistent behavior when passing `output=objects`
to `get_object_taxonomies()` for the 'attachment' object type, since
the `$output` parameter is now passed through the function stack.
Props codemovement.pk.
See #37368.
git-svn-id: https://develop.svn.wordpress.org/trunk@38292 602fd350-edb4-49c9-b593-d223f7449a82
Previously, the 'p' query var was being run through `absint()`, which
caused unexpected results.
Props Akeif, kouratoras.
Fixes#33372.
git-svn-id: https://develop.svn.wordpress.org/trunk@38288 602fd350-edb4-49c9-b593-d223f7449a82
[38058] changed `wp_mail()` so that it used PHPMailer's `setFrom()`
method rather than setting the From and FromName headers directly. See
behavior of setting the `Sender` field. This causes `mail` to be
called with the `-f` flag, which causes outgoing email to fail on some
server environments.
Props Clorith, iandunn, DrewAPicture.
Fixes#37736.
git-svn-id: https://develop.svn.wordpress.org/trunk@38286 602fd350-edb4-49c9-b593-d223f7449a82
This change prevents an error object from being stored in the cache,
and prevents notices from being thrown when plucking term IDs to put
into the relationship cache.
See #32044, #36814.
Props rpayne7264.
Fixes#37721.
git-svn-id: https://develop.svn.wordpress.org/trunk@38277 602fd350-edb4-49c9-b593-d223f7449a82
* Allow to add/remove a featured image to `attachment:audio` and `attachment:video` post types, see [27657].
* Change conditionals to check for theme OR post type support.
* Add tests for #12922.
Broken in [37658].
Props flixos90, joemcgill, DrewAPicture, wonderboymusic.
See #12922.
Fixes#37658.
git-svn-id: https://develop.svn.wordpress.org/trunk@38263 602fd350-edb4-49c9-b593-d223f7449a82
`wp_resource_hints()` parses the URL for the `preconnect` and `dns-prefetch` relation types to ensure correct values for both. While protocol-relative URLs are supported for `dns-prefetch`, the double slash was lost for `preconnect`.
Props swissspidy, peterwilsoncc.
Props azaozz for review.
Fixes#37652.
git-svn-id: https://develop.svn.wordpress.org/trunk@38255 602fd350-edb4-49c9-b593-d223f7449a82
First added in [37588] and later modified in [38224], the idea was to ensure that filters/actions added before `advance-cache.php` would not disappear if `advance-cache.php` overloaded the filters/actions with code such as `$wp_filter = array()`. This is an edge case and one that there is no documented case of existing.
This restores the behavior from WordPress 4.5 and before. It is strongly encouraged that developers using `advance-cache.php` to use the Plugins API that is available before the loading of `advance-cache.php` rather than directly interacting with any of the globals.
Props azaozz, jorbin, dd32 for review, pento for review, westi for investigation, ipstenu for research.
See #36819.
git-svn-id: https://develop.svn.wordpress.org/trunk@38251 602fd350-edb4-49c9-b593-d223f7449a82
[37588] added methods to backup the plugin globals, for ensuring that advanced cache drop-ins don't overwrite hooks that've been added earlier in the load process.
The method for restoring the plugin globals wasn't compatible with the implementation of `WP_Hook` in #17817. `WP_Hook` implements `ArrayAccess`, so `_restore_plugin_globals()` was treating it as an array, and inadvertantly overwriting the `WP_Hook` object with a plain array.
To avoid having to re-write this code as part of #17817, we now use `add_filter()` to restore any hooks that were added by cache drop-ins, which `WP_Hook` correctly supports.
Props pento, jorbin.
See #36819.
git-svn-id: https://develop.svn.wordpress.org/trunk@38223 602fd350-edb4-49c9-b593-d223f7449a82
Before this change, when a bulk update was canceled due dismissing the FTP credentials modal, part of the actions didn't get canceled. This meant the "There is a new version of…” notices become blank and the updates you had checked became unchecked. Now, the notices remain and you are essentially returned to the screen you had before. Strings are also updated to improve ARIA usage.
Fixes#37563.
Props ocean90, swissspidy, obenland, afercia.
git-svn-id: https://develop.svn.wordpress.org/trunk@38221 602fd350-edb4-49c9-b593-d223f7449a82
The global `$current_blog` is not switched in `switch_to_blog()` and can
not be used to properly retrieve current switched site information.
See #37607.
git-svn-id: https://develop.svn.wordpress.org/trunk@38217 602fd350-edb4-49c9-b593-d223f7449a82
[37262] changed a check in `redirect_canonical()` so that it checked
categories in the object cache rather than querying the database. However,
the check was based on the identity of `WP_Term` objects, which in
certain cases can be augmented by the main WP query routine, causing
failures of the `in_array()` check. This caused unnecessary redirects
for URLs where `is_single()` is true, but the URL is different from the
post permalink, such as the `embed` endpoint.
`has_term()` also checks the cache, but does not sufer from this bug.
Props cmillerdev.
Fixes#36602.
git-svn-id: https://develop.svn.wordpress.org/trunk@38216 602fd350-edb4-49c9-b593-d223f7449a82
* "-1" is an invalid nonce error, show 'An error has occurred. Please reload the page and try again.'.
* "error" means that the connection to the server was lost, show 'Connection lost or the server is busy. Please try again later.'.
* Escape the message in `wp-updates-admin-notice` because the response may include HTML.
* Remove HTML tags in `wp.updates.isValidResponse()` to make PHP's error messages more readable.
Props azaozz for review.
Fixes#37583.
git-svn-id: https://develop.svn.wordpress.org/trunk@38205 602fd350-edb4-49c9-b593-d223f7449a82
* Latin small letter n preceded by apostrophe
* Latin capital letter Eng
* Latin small letter Eng
Props gitlost.
Fixes#37564.
git-svn-id: https://develop.svn.wordpress.org/trunk@38193 602fd350-edb4-49c9-b593-d223f7449a82
Requests has its own cookie object in form of `Requests_Cookie`. Therefore we have to convert `WP_Http_Cookie` objects to `Requests_Cookie`.
This introduces `WP_Http_Cookie::get_attributes()` to retrieve cookie attributes of a `WP_Http_Cookie` object and `WP_Http::normalize_cookies()` to convert the cookie objects.
Fixes#37437.
git-svn-id: https://develop.svn.wordpress.org/trunk@38164 602fd350-edb4-49c9-b593-d223f7449a82
* `preconnect` will be potentially pretty heavy on the CDN. With the Unicode 9.0 emoji update, almost all browsers will trigger the `preconnect`.
* `preconnect` only opens one connection, but `s.w.org` is HTTP/1.1, so the browser will use the preconnected connection for the first emoji, then it has to open new connections for subsequent emoji.
Also use the same URL as we use for the `emoji_svg_url` filter. This will print the hint for the correct CDN in case someone uses a custom CDN.
Props peterwilsoncc.
Fixes#37387.
git-svn-id: https://develop.svn.wordpress.org/trunk@38122 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a few accessibility issues, restores the "Search Results" tab and the search type selector, and improves compatibility with older browsers.
Props rahulsprajapati, swissspidy, adamsilverstein, ocean90
See #37233.
git-svn-id: https://develop.svn.wordpress.org/trunk@38119 602fd350-edb4-49c9-b593-d223f7449a82
When `IMAGE_EDIT_OVERWRITE` is set to true, edited image files are
supposed to be deleted when an image is restored to the original.
However, when an image was edited more than once, and then restored,
files created during previous edits were left behind.
Fixes this behavior by updating `wp_save_image()` to clean up
leftover images after each edit when `IMAGE_EDIT_OVERWRITE` is true.
Props bradt, chriscct7, joemcgill.
Fixes#32171.
git-svn-id: https://develop.svn.wordpress.org/trunk@38113 602fd350-edb4-49c9-b593-d223f7449a82
Externally hosted script and style dependencies trigger `dns-prefetch` hinting only when enqueued. This removed a bug in which hinting was added on registration.
Renames the function `wp_resource_hints_scripts_styles` to `wp_dependencies_unique_hosts` as the function provides the hosts, not the hinting.
Props swissspidy.
Fixes#37385.
git-svn-id: https://develop.svn.wordpress.org/trunk@38100 602fd350-edb4-49c9-b593-d223f7449a82
Prior to the introduction of `WP_Term_Query`, the 'orderby' clause
passed to the 'terms_clauses' filter was prefixed by `ORDER BY`. After
`WP_Term_Query`, this was not the case; `ORDER BY` was added after the
filter. As such, plugins filtering 'terms_clauses' and returning an
'orderby' clause beginning with `ORDER BY` resulted in invalid syntax
when `WP_Term_Query` prepended a second `ORDER BY` keyword to
the clause.
This changeset rearranges the way the 'orderby' clause is built so that
it will be passed to 'terms_clauses' in the previous format.
Fixes#37378.
git-svn-id: https://develop.svn.wordpress.org/trunk@38099 602fd350-edb4-49c9-b593-d223f7449a82
Registration is now based solely on object type, which allows the code around this to be simplified significantly.
In the process of making this adjustment:
* `register_meta()`, `unregister_meta_key()`, `get_registered_metadata()`, and `registered_meta_key_exists()` no longer return `WP_Error` objects.
* The recently introduced `wp_object_type_exists()` function and the restriction on object type has been removed.
Note: No guarantee of uniqueness is made across object subtypes. Registered meta keys should be uniquely prefixed to avoid conflict.
Fixes#35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@38095 602fd350-edb4-49c9-b593-d223f7449a82
This includes a new test in the emoji loader, to see if the browser supports rendering Unicode 9.0 emoji, as well as an update to `twemoji.js`, to load Unicode 9.0 twemoji images.
The default CDN location for loading Twemoji images has changed, moving to a versioned subdirectory. This allows updates without needing to purge the CDN.
Fixes#37361.
git-svn-id: https://develop.svn.wordpress.org/trunk@38087 602fd350-edb4-49c9-b593-d223f7449a82
When `$size` is passed to `image_get_intermediate_size()` as an array of width
and height values and an exact image size matching those values isn't available,
the function loops through the available attachment sizes and returns the
smallest image larger than the requested dimensions with the same aspect ratio.
The aspect ratio check is skipped for the 'thumbnail' size to provide a fallback
for small sizes when no other image option is available. This resulted in a poor
selection when the size requested was smaller than the 'thumbnail' dimensions
but a larger size matching the requested ratio existed.
This refactors the internals of `image_get_intermediate_size()` to ensure the
'thumbnail' size is only returned as a fallback to small sizes once all other
options have been considered, and makes the control flow easier to follow.
This also introduces a new helper function, `wp_image_matches_ratio()` for
testing whether the aspect ratios of two sets of dimensions match. This function
is also now used in `wp_calculate_image_srcset()` during the selection process.
Props flixos, joemcgill.
Fixes#34384, #34980.
git-svn-id: https://develop.svn.wordpress.org/trunk@38086 602fd350-edb4-49c9-b593-d223f7449a82
* Remove title attributes.
* Show "Install Now" and "Details" links if the importer isn't installed yet.
* Show a "Run Importer" link if the importer is installed. It also handles activation if the plugin isn't activated.
* Add `aria-label` attributes to each link.
* Unify the importer descriptions to make them independent from the plugin state. The API was changed in [meta3690].
* Adjust JavaScript callbacks for ajaxified importer installs.
Props afercia, swissspidy, ocean90.
See #24766.
Fixes#35191.
git-svn-id: https://develop.svn.wordpress.org/trunk@38075 602fd350-edb4-49c9-b593-d223f7449a82
Previously, `wp_mail()` implemented Reply-To as a generic header, using
PHPMailer's `addCustomHeader()`. As such, the email address portion of
the header was being incorrectly encoded when the name portion
contained UTF-8 characters. Switching to PHPMailer's more specific
`addReplyTo()` method fixes the issue.
For greater readability, the handling of all address-related headers
(To, CC, BCC, Reply-To) has been standardized.
Props szepe.viktor, iandunn, bpetty, stephenharris.
Fixes#21659.
git-svn-id: https://develop.svn.wordpress.org/trunk@38058 602fd350-edb4-49c9-b593-d223f7449a82
In some cases, images in the media library may contain spaces in
their filenames. This results in an invalid `srcset` attribute,
causing broken images on the front end. This change fixes the issue
by replacing spaces in URLs with URL encoded '%20' characters before
returning the `srcset` string.
Props underdude, joemcgill.
Fixes#36549.
git-svn-id: https://develop.svn.wordpress.org/trunk@38052 602fd350-edb4-49c9-b593-d223f7449a82
After [38047], also include the comment_content with html in the preg_match against blacklist keys to match urls.
Props ocean90.
Fixes#37208.
git-svn-id: https://develop.svn.wordpress.org/trunk@38048 602fd350-edb4-49c9-b593-d223f7449a82
Use `wp_kses()` to clean comment_content for preg_match against the blacklist_keys. Also includes some initial unit tests for `wp_blacklist_check()`.
Previously, if a blacklisted key was used in comment_content split by an html tag the regex in `wp_blacklist_check()` would not find a match. Example: Where "springfield" was a blacklisted word, if the content of a comment included `spring<i>field</i>" `wp_blacklist_check()` would not return true.
Props cfinke.
Fixes#37208.
git-svn-id: https://develop.svn.wordpress.org/trunk@38047 602fd350-edb4-49c9-b593-d223f7449a82
When using `register_meta()` with the function signature from 4.5 and earlier, the `auth_{$type}_meta_{$key}` and `sanitize_{$type}_meta_{$key}` filters are used. Any calls to `register_meta()` expecting this behavior should continue to work. The new filters, which take advantage of object subtypes, should not be added unless the proper `$args` array is passed.
See #35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@38041 602fd350-edb4-49c9-b593-d223f7449a82
If auth and/or sanitize callbacks are specified in the arguments for
`register_meta()`, filters are added to handle these callbacks. These
should be removed when calling `unregister_meta_key()` to avoid
unintentional filtering.
See #35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@38040 602fd350-edb4-49c9-b593-d223f7449a82
To enhance accessibility for items without a link you can now define `tabindex="0"`, which makes descendant dropdowns accessible.
Props joedolson, afercia, ocean90.
Fixes#32495.
git-svn-id: https://develop.svn.wordpress.org/trunk@38035 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a few accessibility issues, tweaks the design of the search form to match other Ajax search fields and improves compatibility with older browsers.
See #37230.
git-svn-id: https://develop.svn.wordpress.org/trunk@38033 602fd350-edb4-49c9-b593-d223f7449a82
40M isn't enough and can lead to an "out of memory" error. Change `test_wp_raise_memory_limit()` to test that `wp_raise_memory_limit()` doesn't *lower* the memory limit.
See [38015].
See #32075.
git-svn-id: https://develop.svn.wordpress.org/trunk@38016 602fd350-edb4-49c9-b593-d223f7449a82
* Don't lower memory limit if the current limit is greater than `WP_MAX_MEMORY_LIMIT`.
* Set `WP_MEMORY_LIMIT` and `WP_MAX_MEMORY_LIMIT` to current limit if the `memory_limit` setting can't be changed at runtime.
* Use `wp_convert_hr_to_bytes()` when parsing the value of the `memory_limit` setting because it can be a shorthand or an integer value.
* Introduce `wp_raise_memory_limit( $context )` to raise the PHP memory limit for memory intensive processes. This DRYs up some logic and includes the existing `admin_memory_limit` and `image_memory_limit` filters. The function can also be used for custom contexts, the `{$context}_memory_limit` filter allows to customize the limit.
* Introduce `wp_is_ini_value_changeable( $setting )` to determine whether a PHP ini value is changeable at runtime.
* Remove a `function_exists( 'memory_get_usage' )` check. Since PHP 5.2.1 support for memory limit is always enabled.
Related commits: [38011-38013]
Props jrf, A5hleyRich, swissspidy, ocean90.
Fixes#32075.
git-svn-id: https://develop.svn.wordpress.org/trunk@38015 602fd350-edb4-49c9-b593-d223f7449a82
This prevents false positives when the ID column's incrementor has exceeded the
hardcoded invalid ID.
Fixes#37308.
git-svn-id: https://develop.svn.wordpress.org/trunk@38005 602fd350-edb4-49c9-b593-d223f7449a82
When comment IDs are fetched from the cache rather than the database,
the subsequent `SELECT FOUND_ROWS()` query will not return the correct value.
To avoid unnecessary queries, we cache the results of the `found_comments`
query alongside the comment IDs.
Props spacedmonkey.
Fixes#37184.
git-svn-id: https://develop.svn.wordpress.org/trunk@38001 602fd350-edb4-49c9-b593-d223f7449a82
The array-compatibility object we started returning in r37428 unfortunately isn't enough like an array. In particular, `is_array()` checks fail, despite the object implementing ArrayAccess. Mea culpa.
This moves the WP_HTTP_Response object to a new http_response key in the array, and changes the value back to an actual array.
Fixes#37097.
See #33055.
git-svn-id: https://develop.svn.wordpress.org/trunk@37989 602fd350-edb4-49c9-b593-d223f7449a82
When enabled, the switch would override the theme's pseudo-plural `'% Comments'` string with a correct form of `_n( '%s Comment', '%s Comments', $number )`.
Historically, `comments_popup_link()` and `get_comments_number_text()` did not support plural forms and used a pseudo-plural style instead, so some locales were forced to come up with workarounds to display the number of comments in their language correctly.
This change should make those functions more i18n-friendly.
Fixes#13651.
git-svn-id: https://develop.svn.wordpress.org/trunk@37987 602fd350-edb4-49c9-b593-d223f7449a82
`arsort()` sorts the paths reverse-alphabetically while preserving the keys. It results in a longer path being listed before a shorter one with the same base directory(ies).
Props jdgrimes, ocean90.
Fixes#28441.
git-svn-id: https://develop.svn.wordpress.org/trunk@37983 602fd350-edb4-49c9-b593-d223f7449a82
Prevents displaying "Original:" without a title when adding a menu item without a title.
Props grapplerulrich, swissspidy.
Fixes#36729.
git-svn-id: https://develop.svn.wordpress.org/trunk@37953 602fd350-edb4-49c9-b593-d223f7449a82
Fixes mistake in the current behavior, where the sanitization callback ran before the validation callback. Now the validation callback will run before the sanitization.
Props schlessera, rachelbaker.
See #37247.
Fixes#37192.
git-svn-id: https://develop.svn.wordpress.org/trunk@37943 602fd350-edb4-49c9-b593-d223f7449a82
Reverses order where sanitization was being applied before validation originally in accordance with REST API logic.
Props westonruter, schlessera.
See #34893.
See #37192.
Fixes#37247.
git-svn-id: https://develop.svn.wordpress.org/trunk@37942 602fd350-edb4-49c9-b593-d223f7449a82
Resource hints allow browsers to prefetch specific pages or render them in the background to perform DNS lookups or to begin the connection handshake (DNS, TCP, TLS) in the background.
By default, `wp_resource_hints()` prints hints for "s.w.org" (the WordPress.org CDN) and for all scripts and styles which are enqueued from external hosts.
Use the `wp_resource_hints` filter to add custom domains and URLs for `dns-prefetch`, `preconnect`, `prefetch` or `prerender`.
Props voldemortensen, swissspidy.
Fixes#34292.
git-svn-id: https://develop.svn.wordpress.org/trunk@37920 602fd350-edb4-49c9-b593-d223f7449a82
This adds three new functions for getting/displaying attachment captions:
* `wp_get_attachment_caption` - Retrieves a caption for a specific attachment.
* `get_the_post_thumbnail_caption()` - Returns the post thumbnail caption.
* `the_post_thumbnail_caption()` - Displays the post thumbnail caption.
These are helpful for displaying a caption associated with an image directly
in a template, rather than using the caption shortcode.
This also introduces two new filters:
* `wp_get_attachment_caption` - Filters the value of `wp_get_attachment_caption()`.
* `the_post_thumbnail_caption` - Filters the display of the post thumbnail caption.
`the_post_thumbnail_caption()` is automatically filtered by `wptexturize()`,
`convert_smilies()`, and `convert_chars()` in `wp-includes/default-filters.php`.
Props flixos90, joemcgill.
Fixes#12235.
git-svn-id: https://develop.svn.wordpress.org/trunk@37915 602fd350-edb4-49c9-b593-d223f7449a82
The new format looks like "Sorry, you are not allowed to <action>.". This provides a consistent experience for all error messages related to missing permissions. It also reduces the number of similar strings and allows translators to provide a consistent style in their language.
Props ramiy, Presskopp.
Fixes#34521.
git-svn-id: https://develop.svn.wordpress.org/trunk@37914 602fd350-edb4-49c9-b593-d223f7449a82
The Link header allows clients to verify if a site has made the REST API available, as well as indicating how to access it.
Props danielbachhuber.
Fixes#35580.
git-svn-id: https://develop.svn.wordpress.org/trunk@37903 602fd350-edb4-49c9-b593-d223f7449a82
Provides a consistent way to query `$wpdb->site` for `WP_Network` objects based on domain, path, network ID, and (main) site ID.
Introduces and uses update_network_cache() and _prime_network_caches() to maintain a cached list of WP_Network objects for use in multiple queries.
Props flixos90.
See #32504.
git-svn-id: https://develop.svn.wordpress.org/trunk@37894 602fd350-edb4-49c9-b593-d223f7449a82