This prevents non-image fileypes from returning a mime type of "application/octet-stream" when `exif_imagetype()` returns `false`.
Props blobfolio.
Fixes#40017.
Merges [40397] to the 4.7 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40403 602fd350-edb4-49c9-b593-d223f7449a82
Previously `update_blog_option()` would trigger an invalidation of that site's entire cache although these changes did not affect the content of
these caches. Furthermore changes to the special options `blogname`, `siteurl` and `post_count` should not invalidate the entire cache of that site, but only their respective site details cache. The option `home` now has the same behavior as it also belongs to the site details, but did not invalidate the cache at all previously.
Several new unit tests confirm these changes work as expected.
Fixes#40063.
Merges [40305] and [40333] to the 4.7 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40385 602fd350-edb4-49c9-b593-d223f7449a82
Prior to 4.7, term relationships - as set by `wp_set_object_terms()` or
`wp_remove_object_terms()` - did not affect the term query cache. The
introduction of the 'object_ids' parameter in 4.7 means that the query
cache must be aware of object-term relationships. As such, the
'last_changed' incrementor is now invalidated when term relationships
are modified.
This bug only reared its head when delaying term counting, because term
counting performs its own term query cache invalidation.
Merges [40353] to the 4.7 branch.
Props mboynes.
Fixes#40306.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40354 602fd350-edb4-49c9-b593-d223f7449a82
This prevents an additional 301 redirect when clicking on the nav menu item, and it also prevents a scenario where the auth cookie may not be passed
and cause an authentication error when navigating in the customizer.
Props dlh, swissspidy.
Fixes#40112.
Merges [40300] to the 4.7 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40338 602fd350-edb4-49c9-b593-d223f7449a82
Avoid a PHP Error when attempting to embed the parent post of an attachment, when the parent post ID is invalid. Instead check if the parent post
object exists before checking the read permission for the parent post.
Props GhostToast.
Fixes#39881.
Merges [40306] to the 4.7 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40337 602fd350-edb4-49c9-b593-d223f7449a82
The site's current timezone offset is an important piece of information for any REST API client that needs to manipulate dates. It has not been
previously available.
Expose both the `gmt_offset` (the site's current offset from UTC in hours) and `timezone_string` (which also provides information about daylight
savings time) via the "site info" endpoint (the base `/wp-json` response).
Also update the `wp-api-generated.js` fixture file with the changes to the default API responses.
Props sagarkbhatt.
Fixes#39854.
Merges [40238] to the 4.7 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40336 602fd350-edb4-49c9-b593-d223f7449a82
[38667] changed the way that the filter parameters are built. That
changeset didn't fully account for the pre-4.7 format of `$taxonomies`.
Merge of [40290] to the 4.7 branch.
Props ig_communitysites.
Fixes#40154.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40291 602fd350-edb4-49c9-b593-d223f7449a82
Overriding pluggable functions in the test suite is asking for trouble in the future. In addition, it means the test suite can't be guaranteed to behave the same as core.
This instead introduces a `send_auth_cookies` filter which can be hooked in during the test suite to prevent these functions from attempting to send cookie headers to the client.
Fixes#39367
Merges [40263] and [40264] to the 4.7 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40265 602fd350-edb4-49c9-b593-d223f7449a82
This skips time sensitive tests (copyright year and PHP/MySQL version requirements) when tests are run on branches on Travis.
Props netweb, jorbin
Fixes#39486
Merges [40241] to the 4.7 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40250 602fd350-edb4-49c9-b593-d223f7449a82
A `post_format` not used by the current theme, but supported by core is not a wrong/broken piece of information. It's just not used at this point in time. Therefore we should allow setting and retrieving any of the standard post formats supported in core, even if the current theme doesn't use them.
After this commit, a post's `format` value can survive a round trip through the API, which is a good general design principle for an API.
Merge of [40120] and [40121] to the 4.7 branch.
Props JPry, iseulde, davidakennedy, Drivingralle.
Fixes#39232.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40137 602fd350-edb4-49c9-b593-d223f7449a82
Previously, when getting posts from the API with `sticky=true`, if there were no sticky posts set, the query would return all posts as if the `sticky` argument was not set. In this situation, the query should return an empty array instead.
A `sticky=true` query that should return an empty array (in the previous situation, or with `include` and no intersecting post IDs) was also broken in that it would query the post with ID 1.
Finally, this commit significantly improves test coverage for the `sticky` filter argument, including direct testing of the `WHERE` clauses generated by `WP_Query`.
Merge of [40037] and [40122] to the 4.7 branch.
Props ryelle, jnylen0.
See #39079.
Fixes#39947.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40136 602fd350-edb4-49c9-b593-d223f7449a82
Due to inconsistencies in the way browsers handle Exif orientation data,
if a user manually rotates an image within WordPress, set the Exif orientation to
the default (1) so that the image displays with the same rotation/flip in every browser.
Props sanchothefat, triplejumper12, joemcgill, azaozz, markoheijnen, mikeschroder.
Merges [40123] and [40129] to the 4.7 branch.
Fixes#37140. See #14459.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40135 602fd350-edb4-49c9-b593-d223f7449a82
[39831] introduced more strict MIME type checking for uploads, which
resulted in unintetionally blocking several filetypes that were
previously valid. This change uses a more targeted approach to MIME
validation to restore previous behavior for most types.
Props blobfolio, iandunn, ipstenu, markoheijnen, xknown, joemcgill.
Merges [40124] and [40125] to the 4.7 branch.
Fixes#39550, #39552.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40134 602fd350-edb4-49c9-b593-d223f7449a82
Since support for PDF previews were added in [38949], it's possible
that the generated image file could overwrite an existing image file
with the same name. This uses wp_unique_filename() to avoid this
issue and adds a '-pdf' identifier on the end of filenames.
Props gitlost, desrosj, mikeschroder, joemcgill.
Merges [40130] and [40131] to the 4.7 branch.
Fixes#39875. See #31050.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40133 602fd350-edb4-49c9-b593-d223f7449a82
Add QUnit tests: verify that wp-api loads correctly, verify that the expected base models and collections exist and can be instantiated, verify that collections contain the correct models, verify that expected helper functions are in place for each collection.
The QUnit tests rely on two fixture files: `tests/qunit/fixtures/wp-api-generated.js` contains the data response from each core endpoint and is generated by running the PHPUnit `restapi-jsclient` group. `tests/qunit/fixtures/wp-api.js` maps the generated data to endpoint routes, and overrides `Backbone.ajax` to mock the responses for the tests.
Add PHPUnit tests in `tests/phpunit/tests/rest-api/rest-schema-setup.php`. First, verify that the API returns the expected routes via `server->get_routes()`. Then, the `test_build_wp_api_client_fixtures` test goes thru each endpoint and requests it from the API, tests that it returns data, and builds up the data for the mocked QUnit tests, saving the final results to `tests/qunit/fixtures/wp-api-generated.js`.
Add a new grunt task `restapi-jsclient` which runs the phpunit side data generation and the qunit tests together.
Props jnylen0, welcher, adamsilverstein, netweb, ocean90, rachelbaker.
Merges [40058], [40061], [40065], [40066], [40077], and [40104] to the 4.7 branch.
Fixes#39264.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40116 602fd350-edb4-49c9-b593-d223f7449a82
Internally, WordPress uses a special `post_date_gmt` value of `0000-00-00 00:00:00` to indicate that a draft's date is "floating" and should be updated whenever the post is saved. This makes it much more difficult for API clients to know the correct date of a draft post.
This commit provides a best guess at a `date_gmt` value for draft posts in this situation using the `date` field and the site's current timezone offset.
Props joehoyle, jnylen0.
Merges [40108] to the 4.7 branch.
Fixes#38883.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40115 602fd350-edb4-49c9-b593-d223f7449a82
This commit modifies the `rest_get_date_with_gmt` function to correctly parse local and UTC timestamps with or without timezone information.
It also ensures that the REST API can edit the dates of draft posts by setting the `edit_date` flag to `wp_update_post`.
Overall this commit ensures that post and comment dates can be set and updated as expected.
Props jnylen0.
Merges [40101] to the 4.7 branch.
Fixes#39256.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40114 602fd350-edb4-49c9-b593-d223f7449a82
DELETE was inadvertently omitted from the list of non-POST HTTP methods that should be able to accept body parameters. Parameters passed to DELETE requests as JSON are already parsed correctly; this commit fixes application/x-www-form-urlencoded parameters as well.
Props mnelson4.
Merges [40105] to the 4.7 branch.
Fixes#39933.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40113 602fd350-edb4-49c9-b593-d223f7449a82
It has been unintendedly possible to both view and edit users from a different site than the current site in multisite environments. Moreover, when passing roles to a user in an update request, that user would implicitly be added to the current site.
This changeset removes the incorrect behavior for now in order to be able to provide a proper REST API workflow for managing multisite users in the near future. Related unit tests have been adjusted as well.
Props jnylen0, jeremyfelt, johnjamesjacoby.
Merges [40106] to the 4.7 branch.
Fixes#39701.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40111 602fd350-edb4-49c9-b593-d223f7449a82
Keep bumping the date for the auto-draft to preserve it from garbage-collection via `wp_delete_auto_drafts()` after 7 days.
Props westonruter.
Merges [40041] to the 4.7 branch.
See #30937.
Fixes#39713.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40099 602fd350-edb4-49c9-b593-d223f7449a82
Changes `WP_Customize_Nav_Menus::insert_auto_draft_post()` so it can be invoked for a `post_type` that is not registered (yet).
Props westonruter.
Merges [39924] to the 4.7 branch.
See #38615, #38114.
Fixes#39610.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40098 602fd350-edb4-49c9-b593-d223f7449a82
Fixes bad conditions in `WP_Customize_Setting::get_root_value()` and `WP_Customize_Setting::set_root_value()`.
Props dlh, westonruter.
Amends [35007].
Merges [40036] to the 4.7 branch.
See #32103.
Fixes#36952.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40088 602fd350-edb4-49c9-b593-d223f7449a82
Partial revert of [38929].
This reverts the source code from the commit for #30210 to prevent valid but empty feeds from returning 404 file not found errors for the home and custom feeds.
The tests in the commit that remain applicable are retained.
Props pavelevap for reporting, stevenkword for initial patch, peterwilsoncc.
See #30210.
Merges [40030] to the 4.7 branch.
Fixes#39157.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40085 602fd350-edb4-49c9-b593-d223f7449a82
Previously the status for a Post (or other post_types) was only exposed under the `edit` context, which doesn't really make much sense considering we support querying by post status without authentication. Originally introduced in v2.0 beta 1: 69f617d749 without any explanation in the commit message.
Props dhanendran, jnylen0, rachelbaker.
Merges [40080] to the 4.7 branch.
Fixes#39466.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40081 602fd350-edb4-49c9-b593-d223f7449a82
The `post_author` field is a string internally, but we need to cast it to an integer in the REST API. This was already done for posts, but not for revisions. The field is already declared as an integer in both controllers.
Props jnylen0.
Merges [40063] to the 4.7 branch.
Fixes#39871.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40078 602fd350-edb4-49c9-b593-d223f7449a82
This changeset reverts [38381], which caused inconsistencies in the way the
REST API fetches posts and other objects.
Merge of [39992] to the 4.7 branch.
See #38792, #37738.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39993 602fd350-edb4-49c9-b593-d223f7449a82
Rather than repeating ourselves, unifying the access into a single method keeps everything tidy. While we're at it, add in additional schema handling for common parameters.
Merge of [39954] to the 4.7 branch.
See #38792.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39957 602fd350-edb4-49c9-b593-d223f7449a82
This also updates the test filename in
`WP_Test_REST_Attachments_Controller::test_create_item_default_filename_title()`
to accurately match the actual file name.
Merges [39848] to the 4.7 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39849 602fd350-edb4-49c9-b593-d223f7449a82
Only show users that have authored a post of a post type that has `show_in_rest` set to true.
Props rachelbaker, jnylen0.
Merges [39843] to 4.7 branch.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39844 602fd350-edb4-49c9-b593-d223f7449a82
[38740] incorrectly introduced logic that changed a comment's page when
'comment_order' was set to 'desc'. This is in violation of the design
of the comment pagination system: a comment's page is designed not to
change when 'comment_order' or 'default_comment_page' are changed.
See #31101.
Merges [39663] to the 4.7 branch.
Props rachelbaker.
Fixes#39280.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39664 602fd350-edb4-49c9-b593-d223f7449a82
The logic in WP_REST_Request->sanitize_params() added in [39091] did not account for `null` or `false` being the sanitization_callback preventing overriding `rest_parse_request_arg()`. This fixes that oversight, allowing the built in sanitization function to be bypassed. See #38593.
Merges [39563] to the 4.7 branch.
Props kkoppenhaver, rachelbaker, jnylen0.
Fixes#39042.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39642 602fd350-edb4-49c9-b593-d223f7449a82
This fixes an oversight in [39246], which added a hook for filtering the array of sizes used for PDF thumbnails, but failed to provide a way for sizes added through `add_image_size()` to be processed.
Merge of [39617] to the 4.7 branch.
Props gitlost.
Fixes#39231. See #38594.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39633 602fd350-edb4-49c9-b593-d223f7449a82
If `add_theme_support( 'post-formats' )` is called with no additional arguments, then `get_theme_support( 'post-formats' )` returns `true` rather than an array of supported formats. Avoid generating PHP warnings in this situation.
Merge of [39620] to the 4.7 branch.
Props dreamon11, ChopinBach.
Fixes#39293.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39630 602fd350-edb4-49c9-b593-d223f7449a82
In [38625], the functionality to search for attachments by filename was added via the `posts_clauses` filter and the `_filter_query_attachment_filenames()` function. This moves `_filter_query_attachment_filenames()` from `wp-admin/includes/post.php` to `wp-includes/post.php` so that it can be applied in the same manner in the REST API media endpoint.
Merge of [39598] to the 4.7 branch.
Props jblz, tyxla.
Fixes#39092.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39629 602fd350-edb4-49c9-b593-d223f7449a82
In general, updates that don't actually change anything should succeed. [39371] added tests for other object types, and this commit fixes empty updates for comments and adds the missing test.
Merges [39597] to the 4.7 branch.
Props jnylen0.
Fixes#38700.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39628 602fd350-edb4-49c9-b593-d223f7449a82
When plugins don't disable the `backupGlobals` PHPUnit option in their own tests, `$wpdb` is backed up and restored between classes of tests. The serialisation process used for this broke the database connection. This previously wasn't a problem, as it was reconnecting before each test.
[38398] introduced some changes that required the connection to be available in `setUpBeforeClass()`, earlier than in was previously reconnecting. This didn't cause warnings in Core, but it did cause warnings for plugins that don't disable the `backupGlobals` option.
The database connection now reconnects in `setUpBeforeClass()`. This change also fixes a few Core tests that weren't calling `parent::setUpBeforeClass()` or `parent::tearDown()` correctly.
Merges [39626] to the 4.7 branch.
Fixes#39327.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39627 602fd350-edb4-49c9-b593-d223f7449a82
Currently, `attachment` is the only post type exposed via the REST API that
does not support password protection, but it's possible for other post types to
remove password support.
Props jnylen0.
Merges [39595] to the 4.7 branch.
Fixes#38977.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39610 602fd350-edb4-49c9-b593-d223f7449a82
It's fairly common for clients to send `Content-Type: application/json` with an
empty body. While technically not valid JSON, we've historically supported
this behaviour, so it shouldn't cause an error.
Props JPry, jnylen0.
Merges [39594] to the 4.7 branch.
Fixes#39150.
git-svn-id: https://develop.svn.wordpress.org/branches/4.7@39609 602fd350-edb4-49c9-b593-d223f7449a82