Commit Graph

2229 Commits

Author SHA1 Message Date
Boone Gorges
12c72a7906 Query: Allow the prefix used for search term exclusion to be filtered.
[38792] allowed `WP_Query`'s hyphen-as-exclusion-prefix feature to be
disabled via filter. A more general solution is to allow the prefix to
be filtered; returning an empty value from a filter callback works to
disable the feature.

Props dlh.
Fixes #38099.

git-svn-id: https://develop.svn.wordpress.org/trunk@38844 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 18:41:22 +00:00
Boone Gorges
993d6fb898 Tests: Skip strip_invalid_text() test for big5 charset on MariaDB.
MariaDB doesn't support the tested configuration.

Props ocean90.
Fixes #33171.

git-svn-id: https://develop.svn.wordpress.org/trunk@38843 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 18:29:28 +00:00
Gary Pendergast
dad515b2a8 Tests: Fix ajax tests that fail when Twenty Seventeen is the default theme.
There are some tests who's outcome can be affected by the default theme, so we need to ensure the Twenty Seventeen functionality is unhooked while the tests are running.

See #38372.



git-svn-id: https://develop.svn.wordpress.org/trunk@38842 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 10:47:23 +00:00
John Blackbourn
29cfd0b336 oEmbed: Remove the oEmbed provider unit tests.
This reverts [38454] along with its follow-up commits, [38512], [38514], and [38692]. These tests are currently not pass
ing, and maybe they never will. The tests are in a group which does not run by default without a flag, making them quest
ionably useful.

We can re-visit this at a later date.

See #32360


git-svn-id: https://develop.svn.wordpress.org/trunk@38840 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 09:15:10 +00:00
Gary Pendergast
b0e625bfdf Tests: Fix tests that don't pass when Twenty Seventeen is the default theme.
There are some tests who's outcome can be affected by the default theme, so we need to ensure the Twenty Seventeen functionality is unhooked while the tests are running.

See #38372.



git-svn-id: https://develop.svn.wordpress.org/trunk@38838 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 09:06:11 +00:00
Rachel Baker
5a33080de0 REST API: Fix comment option leak causing another test failure.
Set the 'comment_whitelist' option back to the default when tearing down wpAllowComment tests.

See #38373.

git-svn-id: https://develop.svn.wordpress.org/trunk@38835 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 05:24:39 +00:00
Rachel Baker
72418d4bc1 REST API: Fix test failures.
- Fix leak in setup_notify_comment() test help by removing the comment_flood_filter.
- Correct uses of $term_taxonomy_id -> $term_id in Category and Tags routing.
- Temporarily remove the metadata tests for canola.jpg as that file does not have an exifdata.  Will need to update the test.

Props jorbin, rmccue, nacin
See #38373.

git-svn-id: https://develop.svn.wordpress.org/trunk@38834 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 05:12:26 +00:00
Rachel Baker
ede099a704 REST API: Introduce the Content API endpoints.
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.

Love your REST API, WordPress!  The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"

Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes #38373.

git-svn-id: https://develop.svn.wordpress.org/trunk@38832 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 02:54:12 +00:00
Weston Ruter
85c0921f91 Customize: Fix unit tests when twentyfifteen is WP_DEFAULT_THEME instead of twentysixteen.
Use an inactive core theme for previewing theme switch instead of assuming `twentysixteen` is installed and active and `twentyfifteen` is not.

See #30937.


git-svn-id: https://develop.svn.wordpress.org/trunk@38830 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-19 19:38:27 +00:00
Weston Ruter
76226c9b41 Customize: Introduce custom CSS for extending theme styles.
* Custom CSS is associated with a given theme and is displayed in an inline `style` element at the `wp_head` hook after the `wp_print_styles` is called so that it overrides any enqueued stylesheets.
* A `wp_get_custom_css()` function is used for accessing the CSS associated with the current theme (or another theme) and a `wp_get_custom_css` filter for manipulating it.
* CSS is managed in customizer via a new "Additional CSS" section with a single `textarea` control. 
* `WP_Customize_Section::$description_hidden` is introduced for hiding extended descriptions in customizer sections behind a help toggle as done with panels.
* CSS is stored in a `custom_css` post type with the theme (stylesheet) slug as the `post_name`.
* `WP_Customize_Custom_CSS_Setting` is introduced to handle validation of CSS, previewing, and persisting the CSS to the `custom_css` post type.
* The `custom_css` setting is tied to a new `unfiltered_css` capability which maps to `unfiltered_html` by default.
* Escaping the message in the notification template is removed to allow markup (`code` tags) to be rendered.

See https://make.wordpress.org/core/2016/10/11/feature-proposal-better-theme-customizations-via-custom-css-with-live-previews/

Props johnregan3, celloexpressions, folletto, westonruter.
Fixes #35395.


git-svn-id: https://develop.svn.wordpress.org/trunk@38829 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-19 18:14:21 +00:00
Pascal Birchler
752708b84f Resource Hints: Allow passing custom attributes to resource hints.
[37920] introduced resource hints that allow browsers to prefetch specific pages or render them in the background. With this change, the `as`, `crossorigin`, `pr`, and `type` attributes can be passed in addition to the URLs/hosts.

Props peterwilsoncc, swissspidy.
Fixes #38121.

git-svn-id: https://develop.svn.wordpress.org/trunk@38826 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-19 09:28:22 +00:00
Weston Ruter
8a79cdc107 Customize: Introduce a new experience for discovering, installing, and previewing themes within the customizer.
Unify the theme-browsing and theme-customization experiences by introducing a comprehensive theme browser and installer directly accessible in the customizer. Replaces the customizer theme switcher with a full-screen panel for discovering/browsing and installing themes available on WordPress.org. Themes can now be installed and previewed directly in the customizer without entering the wp-admin context.

For details, see https://make.wordpress.org/core/2016/10/03/feature-proposal-a-new-experience-for-discovering-installing-and-previewing-themes-in-the-customizer/

Fixes #37661, #34843.
Props celloexpressions, folletto, westonruter, karmatosed, afercia.


git-svn-id: https://develop.svn.wordpress.org/trunk@38813 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-19 03:19:13 +00:00
Joe McGill
788bb093f2 Media: Remove alt fallbacks to improve accessibility.
This removes the fallbacks in `wp_get_attachment_image()` and in
`wp.media.string.props` which attempt to generate an `alt` value
from the image caption or title if an `alt` attribute isn't explicitly
set.

This allows for image HTML to be generated that contains an empty `alt`
value, i.e., `alt=""` which is much preferable for screen readers than
reading redundant content in the case of a caption, or when reading the
image title, which is often generated from the filename and not helpful
as `alt` text.

Props odie2, joedolson, rianrietveld, afercia, iamjolly, joemcgill.
Fixes #34635.

git-svn-id: https://develop.svn.wordpress.org/trunk@38812 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-19 03:05:51 +00:00
Weston Ruter
83b059aa19 Customize: Implement customized state persistence with changesets.
Includes infrastructure developed in the Customize Snapshots feature plugin.

See https://make.wordpress.org/core/2016/10/12/customize-changesets-technical-design-decisions/

Props westonruter, valendesigns, utkarshpatel, stubgo, lgedeon, ocean90, ryankienstra, mihai2u, dlh, aaroncampbell, jonathanbardo, jorbin.
See #28721.
See #31089.
Fixes #30937.
Fixes #31517.
Fixes #30028.
Fixes #23225.
Fixes #34142.
Fixes #36485.


git-svn-id: https://develop.svn.wordpress.org/trunk@38810 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-18 20:04:36 +00:00
Gary Pendergast
2ba32a2d48 Charset: Allow _canonical_charset() to handle mixed-case strings.
Add improved unit tests, and collect existing unit tests together.

Props pbearne.
Fixes #38337.



git-svn-id: https://develop.svn.wordpress.org/trunk@38809 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-17 23:53:20 +00:00
Pascal Birchler
b9894d3295 Date/Time: Remove some legacy logic in date_i18n().
Since there's no difference between using `date()` and `gmdate()` in WordPress, we can simply use the former in `date_i18n()` to reduce its complexity.

Adds tests.

Props jdgrimes for initial patch.
Fixes #37910.

git-svn-id: https://develop.svn.wordpress.org/trunk@38804 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-17 08:09:11 +00:00
John Blackbourn
d3dd6046d5 Role/Capability: Disregard the order of capabilities when testing that single site and multisite capability tests match.
See #38191


git-svn-id: https://develop.svn.wordpress.org/trunk@38802 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-16 23:35:33 +00:00
Boone Gorges
e9ef25d9f6 Query: Allow the hyphen-prefix-for-search-exclusion feature to be disabled by filter.
WordPress 4.4 introduced "hyphen exclusion" for search terms, so that
"foo -bar" would return posts containing "foo" AND not containing "bar".
The new filter 'wp_query_use_hyphen_for_exclusion' allows developers
to disable this feature when it's known that their content will contain
semantically important leading hyphens.

Props chriseverson, choongsavvii.
Fixes #38099.

git-svn-id: https://develop.svn.wordpress.org/trunk@38792 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-14 20:05:40 +00:00
Rachel Baker
a94f468051 REST API: Support sites with index-style permalinks in get_rest_url().
Support the index-style permalinks (http://example.com/index.php/postName) when registering the REST API rewrite rules and within the `get_rest_url()` function. This allows sites that do not have mod_rewrite support to have almost pretty urls and have access to their REST API endpoints.

Props kraftbj.
Fixes #38182.

git-svn-id: https://develop.svn.wordpress.org/trunk@38790 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-14 19:29:08 +00:00
John Blackbourn
3083effa52 Users: Use the role name instead of the role display name when fetching the list of users with no role. This avoids false positives when dealing with user roles that, for example, contain spaces in the display name.
Props procodewp, choongsavvii
Fixes #38234


git-svn-id: https://develop.svn.wordpress.org/trunk@38787 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-14 12:04:50 +00:00
Jeremy Felt
ee259e073a Multisite: Maintain switched state in site icon/logo functions.
Adjusts `get_custom_logo()`, `get_site_icon_url()`, and `has_custom_logo()` so that when called in a switched state, the original switched stack is not adjusted.

Props achbed, flixos90.
Fixes #38253.


git-svn-id: https://develop.svn.wordpress.org/trunk@38786 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-13 22:27:15 +00:00
Gary Pendergast
595c76de1a KSES: Deprecate wp_kses_js_entities().
This function was originally introduced to fix an XSS attack in Netscape 4, which never affected any other browsers, or later versions of Netscape.

I'm willing to go out on a limb, and say that we've officially dropped security support for Netscape 4.

Props dmsnell, desrosj.
Fixes #33848.



git-svn-id: https://develop.svn.wordpress.org/trunk@38785 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-13 22:24:27 +00:00
Boone Gorges
7e8e642ead Taxonomy: Cache results of term count queries.
Fixes #38295.

git-svn-id: https://develop.svn.wordpress.org/trunk@38784 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-12 15:29:03 +00:00
Boone Gorges
eb12311afb Comments: Abstract die() calls from comment submission routine.
Since 4.4, comment submission has been mostly abstracted into a function,
rather than being processed inline in wp-comments-post.php. This change
made it easier to write automated tests against the bulk of the comment
submission process. `wp_allow_comment()` remained untestable, however:
when a comment failed one of its checks (flooding, duplicates, etc),
`die()` or `wp_die()` would be called directly. This shortcoming posed
problems for any application attempting to use WP's comment verification
functions in an abstract way - from PHPUnit to the REST API.

The current changeset introduces a new parameter, `$avoid_die`, to the
`wp_new_comment()` stack. When set to `true`, `wp_new_comment()` and
`wp_allow_comment()` will return `WP_Error` objects when a comment check
fails. When set to `false` - the default, for backward compatibility -
a failed check will result in a `die()` or `wp_die()`, as appropriate.

Prior to this changeset, default comment flood checks took place in the
function `check_comment_flood_db()`, which was hooked to the
'check_comment_flood' action. This design allowed the default comment
flood routine to be bypassed or replaced using `remove_action()`.
In order to maintain backward compatibility with this usage, while
simultaneously converting the comment flood logic into something that
returns a value rather than calling `die()` directly,
`check_comment_flood_db()` has been changed into a wrapper function for
a call to `add_filter()`; this, in turn, adds the *actual* comment flood
check to a new filter, 'wp_is_comment_flood'. Note that direct calls
to `check_comment_flood_db()` will no longer do anything in isolation.

Props websupporter, rachelbaker.
Fixes #36901.

git-svn-id: https://develop.svn.wordpress.org/trunk@38778 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-11 03:42:28 +00:00
Boone Gorges
5fef526cca Taxonomy: Better error handling when fetching object terms from cache.
Since [37573], `get_object_term_cache()` has expected term IDs to be
stored in the taxonomy relationship cache. The function would then
reach directly into the 'terms' cache to fetch the data corresponding
to a given term, before returning a `WP_Term` object. This caused
problems when, for one reason or another, term data was cached
inconsistently:

* If the 'terms' cache is empty for a given term ID, despite the earlier call to `_prime_term_caches()`, `get_term()` would return an error object.
* If the array of cached term IDs contains an invalid ID, `get_term()` would return an error object.

We avoid these errors by no longer touching the 'terms' cache directly,
but running term IDs through `get_term()` and allowing that function to
reference the cache (and database, as needed). If `get_term()` returns
an error object for any of the cached term IDs, `get_object_term_cache()`
will return that error object alone. This change ensures that upstream
functions, like `get_the_terms()`, return `WP_Error` objects in a
predictable fashion.

Props dd32, michalzuber.
Fixes #37291.

git-svn-id: https://develop.svn.wordpress.org/trunk@38776 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-11 01:55:58 +00:00
Andrew Ozz
7b3132214e TiinyMCE: update to 4.4.3, changelog: https://www.tinymce.com/docs/changelog/#version443-september12016
Fixes #38081, #38245, #37507, #37808 and #38000.

git-svn-id: https://develop.svn.wordpress.org/trunk@38773 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-11 00:09:03 +00:00
Rachel Baker
08b94111cb REST API: Remove reference to the plugin in infrastructure activation test.
Also adds class exists checks for WP_REST_Request and WP_REST_Response.

Props kraftbj.
Fixes #38279.

git-svn-id: https://develop.svn.wordpress.org/trunk@38771 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-10 21:48:02 +00:00
John Blackbourn
0842857b5c Role/Capability: Add tests for all user roles that check custom capabilities that do not have any form of handling (eg. in a map_meta_cap filter).
See #38191


git-svn-id: https://develop.svn.wordpress.org/trunk@38769 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-10 14:39:35 +00:00
Gary Pendergast
6774e27ae7 General: Restore usage of $wpdb, instead of $this->db.
Hiding the `$wpdb` global behind a property decreases the readability of the code, as well as causing irrelevant output when dumping an object.

Reverts [38275], [38278], [38279], [38280], [38387].
See #37699.



git-svn-id: https://develop.svn.wordpress.org/trunk@38768 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-10 06:37:02 +00:00
Weston Ruter
f4779221a3 Customize: Ensure customize_validate_{$setting->id} filters apply on input post values for WP_Customize_Setting subclasses that neglect to apply the filter themselves.
Fixes #37638.


git-svn-id: https://develop.svn.wordpress.org/trunk@38765 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-09 20:07:16 +00:00
John Blackbourn
b4f01bb97f Build/Test Tools: Continue eliminating randomness in tests.
See [38762]
See #37371


git-svn-id: https://develop.svn.wordpress.org/trunk@38763 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-09 01:29:04 +00:00
John Blackbourn
c91be6f1fe Build/Test Tools: Begin eliminating unnecessary randomness in tests.
Although unlikely, clashes in randomly generated strings could cause unexpected failures. In addition, most randomness is entirely unnecessary, is bad practice, and increases test time (however small it may be).

See #37371


git-svn-id: https://develop.svn.wordpress.org/trunk@38762 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-09 01:11:14 +00:00
John Blackbourn
b45f2feada Build/Test Tools: Revert [38759]. PHPUnit's @requires syntax was introduced in PHPUnit 3.7, but the tests for PHP 5.2 use PHPUnit 3.6 because it's the latest version that supports PHP 5.2.
Fixes #38256


git-svn-id: https://develop.svn.wordpress.org/trunk@38761 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-08 22:42:12 +00:00
John Blackbourn
471103de31 Media: Correct the hostname used in the wp_get_attachment_metadata() test.
See #36246


git-svn-id: https://develop.svn.wordpress.org/trunk@38760 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-08 12:04:39 +00:00
John Blackbourn
b3d15125a6 Build/Test Tools: Make use of PHPUnit's @requires notation.
Fixes #38256


git-svn-id: https://develop.svn.wordpress.org/trunk@38759 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-08 01:19:11 +00:00
John Blackbourn
3fad194f64 HTTP API: Remove an unnecessary duplicate HTTP request in the HTTP tests.
See #30017


git-svn-id: https://develop.svn.wordpress.org/trunk@38758 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-08 01:02:40 +00:00
John Blackbourn
8f5999fe47 HTTP API: Convert the POST redirect test to use a dataProvider in order for its speed to be more accurately measured.
See #38237


git-svn-id: https://develop.svn.wordpress.org/trunk@38757 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-08 00:29:20 +00:00
John Blackbourn
1271cbd258 Themes: Remove paged.php from the theme template hierarchy.
The position of this template within the hierarchy is of so little use that zero themes in the WordPress.org theme directory make use of it. It's second only to `index.php` in the hierarchy, meaning that any archive template such as `category.php` or `archive.php` will be chosen before it.

Fixes #38162
Props ryankienstra for initial patch


git-svn-id: https://develop.svn.wordpress.org/trunk@38755 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-07 21:02:39 +00:00
swissspidy
b2f60b5419 Taxonomy: Introduce WP_Taxonomy and use it in register_taxonomy() and unregister_taxonomy().
This changes the global `$wp_taxonomies` to an array of `WP_Taxonomy ` objects. `WP_Taxonomy ` includes methods to handle rewrite rules and hooks.
Each taxonomy argument becomes a property of `WP_Taxonomy`. Introducing such a class makes further improvements in the future much more feasible.

Props boonebgorges for review.
Fixes #36224. See #36217.

git-svn-id: https://develop.svn.wordpress.org/trunk@38747 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-07 17:11:02 +00:00
Pascal Birchler
f683e9aae1 Menus: Do not show trashed posts in nav menus.
Trashed posts cannot be accessed by site visitors and thus should not be visible on the front end. By marking menu items of trashed posts as invalid, they are excluded from the output.

Props solarissmoke, swissspidy.
Fixes #19038.

git-svn-id: https://develop.svn.wordpress.org/trunk@38744 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-07 16:49:19 +00:00
Rachel Baker
9dd9880600 Comments: Account for the comment_order option in get_page_of_comment().
Use the value of the `comment_order` setting to determine the date_query key to pass to `WP_Comment_Query`.
Fixes a bug where sites that had comments ordered "newest" first would have the incorrect page number returned.

Props tyxla, boonebgorges.
Fixes #31101.

git-svn-id: https://develop.svn.wordpress.org/trunk@38740 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-06 17:41:51 +00:00
Rachel Baker
57a80e2c84 Comments: Improve check for previous comments for authenticated users in check_comment().
When the 'comment_whitelist' option is enabled and the commenter is an authenticated user, query for the existence of an approved comment with a matching `user_id`.  This allows authenticated users that have changed their email address to bypass having their comment held for moderation.

Props voldemortensen, rachelbaker.
Fixes #28603.

git-svn-id: https://develop.svn.wordpress.org/trunk@38738 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-06 15:50:55 +00:00
joemcgill
2eade6230d Media: Better handling of JOINs when searching filenames.
Following [38625], any media searches that already included JOINs,
e.g., `tax_queries`, would get trampled when we joined the post meta
table to search for filenames. This preserves existing JOINs and
also only applies the `_filter_query_attachment_filenames()` filter
when a search query is being performed.

Props flixos90, joemcgill.
Fixes #22744.

git-svn-id: https://develop.svn.wordpress.org/trunk@38733 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-05 19:50:02 +00:00
John Blackbourn
48e2bde86b Role/capability: Add more complete capability and role assertions to existing user capability tests. Also reuses one more user account fixtures.
Fixes #38236
See #38235


git-svn-id: https://develop.svn.wordpress.org/trunk@38732 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-05 17:17:02 +00:00
John Blackbourn
7581f3cc25 Role/Capability: Reuse some user account fixtures in the user capability tests.
See #38235


git-svn-id: https://develop.svn.wordpress.org/trunk@38731 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-05 16:56:32 +00:00
Peter Wilson
3d2f8ba836 HTTP API: Simplify wp_parse_url() to ensure consistent results.
[38694] revealed some URL formats were been parsed incorrectly, including those used by Google Fonts. This change simplifies the function to use placeholder values which cause PHP's parsing to behave consistently.

Props jrf, peterwilsoncc.
Fixes #36356.


git-svn-id: https://develop.svn.wordpress.org/trunk@38726 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-04 20:32:40 +00:00
Gary Pendergast
f881c4e646 Emoji: Update some failing unit tests.
The changes in [38717] weren't reflected in the associated unit tests.

See #38113.



git-svn-id: https://develop.svn.wordpress.org/trunk@38724 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-04 10:37:59 +00:00
boonebgorges
3b6202a4d2 Query: Add nicename and login params to user query.
New parameters are: `login`, `login__in`, `login__not_in`, `nicename`,
`nicename__in`, `nicename__not_in`.

`login__in` and `nicename__in` are also now valid values for the
'orderby' parameter.

Props ryanplas.
Fixes #36624.

git-svn-id: https://develop.svn.wordpress.org/trunk@38715 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-04 02:26:26 +00:00
Sergey Biryukov
0a23c4d206 Unit Tests: Remove unused variable in Tests_oEmbed::dataShouldNotMatchOembedRegex().
Props jrf.
See #38187.

git-svn-id: https://develop.svn.wordpress.org/trunk@38714 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-04 00:50:09 +00:00
Gary Pendergast
7e4e9f1ce7 Shortcodes: Add a do_shortcode_tag filter.
The addition of the `pre_do_shortcode_tag` in [38506] allows plugins to short-circuit the shortcode execution process, which is particularly helpful for caching expensive shortcodes.

The `do_shortcode_tag` is the corresponding part of that system - when a shortcode hasn't been executed previously, there needs to be a clean method of populating the cache.

Props flixos90.
Fixes #32790.



git-svn-id: https://develop.svn.wordpress.org/trunk@38713 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-04 00:38:45 +00:00
Konstantin Obenland
e3becde640 Tests: Add newly introduced theme to theme list.
Introduced in [38710].

See #37924.



git-svn-id: https://develop.svn.wordpress.org/trunk@38712 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-03 18:44:19 +00:00
Konstantin Obenland
ab087dadfc Themes: Account for uppercase chars when managing themes.
Fixes a bug where the UI wasn't updated after deleting/updating a theme.

Also introduces unit tests for theme management ajax handlers. For now they're
focused on `wp_ajax_update_theme()` but they can include tests for other
handlers as well.

Props chrisjean for initial patch.
Fixes #37924.
 


git-svn-id: https://develop.svn.wordpress.org/trunk@38710 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-03 18:12:57 +00:00
Pascal Birchler
bcf50fedcd Toolbar: Be more strict about adding a 'View Posts' link to the toolbar.
After [38634], this adjusts the behaviour to remove redundancy by not displaying the link if the latest posts are shown on the front page. In that scenario, the 'Visit Site' link already points to the latest posts.

Fixes #34113.

git-svn-id: https://develop.svn.wordpress.org/trunk@38708 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-03 08:37:27 +00:00
Pascal Birchler
f231e7233d I18N: Introduce a user-specific language setting.
By enabling the user to select their preferred locale when editing the profile, we allow for greater personalization of the WordPress admin and therefore a better user experience.

The back end will be displayed in the user's individual locale while the locale used on the front end equals the one set for the whole site. If the user didn't specify a locale, the site's locale will be used as a fallback. The new `locale` property of the `WP_User` class can be used to retrieve the user's locale setting.

Props ocean90, ipm-frommen, swissspidy.
Fixes #29783.

git-svn-id: https://develop.svn.wordpress.org/trunk@38705 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-03 07:03:41 +00:00
Peter Wilson
fe0ba53c44 Meta: Improve ID casting when getting, updating or deleting meta data.
Blindly casting IDs to absolute integers in `get_metadata_by_mid()`, `update_metadata_by_mid()` and `delete_metadata_by_mid()` can cause unexpected behaviour when a floating or negative number is passed.

Fixes #37746.


git-svn-id: https://develop.svn.wordpress.org/trunk@38699 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-01 06:27:27 +00:00
John Blackbourn
17ef6d8cfa Taxonomy: Introduce more fine grained capabilities for managing taxonomy terms.
This introduces the singular `edit_term`, `delete_term`, and `assign_term` meta capabilities for terms, and switches the base capability name for tags from `manage_categories` to `manage_post_tags` and the corresponding `edit_post_tags`, `delete_post_tags`, and `assign_post_tags`.

All of these capabilities ultimately map to `manage_categories` so by default there is no change in the behaviour of the capabilities for categories, tags, or custom taxonomies. The `map_meta_cap` filter and the `capabilities` argument when registering a taxonomy now allow for control over editing, deleting, and assigning individual terms, as well as a separation of capabilities for tags from those of categories.

Fixes #35614
Props johnjamesjacoby for feedback


git-svn-id: https://develop.svn.wordpress.org/trunk@38698 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 22:39:32 +00:00
John Blackbourn
ad6ef7c110 Role/Capability: Introduce tests that assert the primitive and meta capability tests test the correct capabilities.
Fixes #38191


git-svn-id: https://develop.svn.wordpress.org/trunk@38697 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 22:11:47 +00:00
John Blackbourn
ec49d4d3d1 Role/Capability: Correct some meta capabilities that were incorrectly listed as primitive capabilities in the role and capability tests.
See #38191


git-svn-id: https://develop.svn.wordpress.org/trunk@38696 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 22:10:27 +00:00
John Blackbourn
e0f4a218fb HTTP API: Add a $component parameter to wp_parse_url() to give it parity with PHP's parse_url() function.
Fixes #36356
Props jrf


git-svn-id: https://develop.svn.wordpress.org/trunk@38694 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 21:46:43 +00:00
Dominik Schilling (ocean90)
41fc5ba881 Embeds: Add oEmbed support for User, List and Like Twitter timelines.
Props earnjam.
Fixes #38003.

git-svn-id: https://develop.svn.wordpress.org/trunk@38693 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 21:42:01 +00:00
Dominik Schilling (ocean90)
f603891a41 Embeds: Update the oEmbed provider test suite.
* Dailymotion: Use an URL for an existing video.
* Facebook: Remove URLs which don't exist and update provider map for [38691].

See #32360.

git-svn-id: https://develop.svn.wordpress.org/trunk@38692 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 21:01:36 +00:00
Joe Hoyle
2da297eeaf Options: Add Unit tests for register_setting.
Test `register_setting` with old and new style of arguments.

Props rmccue.
Fixes #37885.


git-svn-id: https://develop.svn.wordpress.org/trunk@38690 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 20:23:33 +00:00
Dominik Schilling (ocean90)
a245ff9c54 Add 'urn' to the list of URI protocols whitelisted by default.
Props geekysoft, jorbin.
Fixes #37300.

git-svn-id: https://develop.svn.wordpress.org/trunk@38686 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 13:14:54 +00:00
Dominik Schilling (ocean90)
5273c469d8 Add test for each whitelisted URI protocol in wp_allowed_protocols().
Move test from [25301] to the new file.

Fixes #38198.

git-svn-id: https://develop.svn.wordpress.org/trunk@38685 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 13:12:00 +00:00
Sergey Biryukov
335cb0223f Embeds: Escape periods in oEmbed regex.
Props jrf.
Fixes #38187.

git-svn-id: https://develop.svn.wordpress.org/trunk@38684 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 11:24:08 +00:00
Jeremy Felt
824a10a8a6 Multisite: Ensure a consistent WP_Site return from get_site_by_path().
It is possible to short circuit `get_site_by_path()` using the `pre_get_site_by_path` filter. When this happens and a standard site object is provided, we can make sure it is upgraded to a proper `WP_Site` object before passing it on.

Props flixos90.
Fixes #37053.


git-svn-id: https://develop.svn.wordpress.org/trunk@38681 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 04:09:45 +00:00
Boone Gorges
8f30d56cdc Tests: Move get_the_excerpt() tests to their own file.
See #36934. Fixes #38196.


git-svn-id: https://develop.svn.wordpress.org/trunk@38679 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 03:23:05 +00:00
Boone Gorges
c4c80d3dd4 Tests: Reset post-related globals after each test.
Globals like `$pages` were leaking between tests, resulting in various
bits of weirdness.

Globals will kill WordPress. Globals are killing WordPress.

See #38196.

git-svn-id: https://develop.svn.wordpress.org/trunk@38678 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 03:15:36 +00:00
Dominik Schilling (ocean90)
907b5fc527 Taxonomy: Use WP_Term_Query in get_term_by().
`WP_Term_Query` already supports querying terms by 'slug', 'name', and 'term_taxonomy_id'. Its additional arguments allow us to generate nearly the same SQL queries as before.
This change has one yuge benefit: the term queries are now cached. 

Add tests to increase coverage of `get_term_by()`.

Props spacedmonkey, boonebgorges, johnjamesjacoby, pento, ocean90.
Fixes #21760.

git-svn-id: https://develop.svn.wordpress.org/trunk@38677 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-29 22:35:32 +00:00
Andrea Fercia
ee7f970ffa Administration: Improve the usage of the button CSS classes.
Introduces some consistency in the usage of the button CSS classes, fixes the
focus style for accessibility and responsiveness of the buttons.

- Adds the `button` class to all primary buttons make them responsive
- Removes all `secondary-button` classes and replaces it with button when needed. `button-secondary` shouldn't be used and exists just for backward compatibility reasons
- Replaces classes inside `submit_button()` with a shorthand for some buttons, and use an empty string for the default `button` class. Passing `button` is unnecessary
- Adjusts `get_submit_button()` to remove empty items

Props iseulde, dimchik, chris_d2d, mhowell, afercia.
Fixes #27314, #37138, #37448.


git-svn-id: https://develop.svn.wordpress.org/trunk@38672 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-28 19:53:07 +00:00
Boone Gorges
b9e342c2f4 Set default value of 'max_depth' in get_comment_reply_link().
Introduced in [8878].

Props d4z_c0nf.
Fixes #38170.

git-svn-id: https://develop.svn.wordpress.org/trunk@38669 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-28 04:19:46 +00:00
Boone Gorges
81ecd4da98 Taxonomy: Use WP_Term_Query when querying for object terms.
The new 'object_ids' parameter for `WP_Term_Query` allows queries for
terms that "belong to" a given object. This change makes it possible
to use `WP_Term_Query` inside of `wp_get_object_terms()`, rather than
assembling a SQL query.

The refactor has a couple of benefits:
* Less redundancy.
* Better consistency in accepted arguments between the term query functions. See #31105.
* Less redundancy.
* Object term queries are now cached. The `get_object_term_cache()` cache remains, and will be a somewhat less fragile secondary cache in front of the query cache (which is subject to frequent invalidation).
* Less redundancy.

A small breaking change: Previously, if a non-hierarchical taxonomy had
terms that had a non-zero 'parent' (perhaps because of a direct SQL
query), `wp_get_object_terms()` would respect the 'parent' argument.
This is in contrast to `WP_Term_Query` and `get_terms()`, which have
always rejected 'parent' queries for non-hierarchical taxonomies. For
consistency, the behavior of `get_terms()` is being applied across the
board: passing 'parent' for a non-hierarchical taxonomy will result in
an empty result set (since the cached taxonomy hierarchy will be empty).

Props flixos90, boonebgorges.
See #37198.

git-svn-id: https://develop.svn.wordpress.org/trunk@38667 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-28 03:54:36 +00:00
Dominik Schilling (ocean90)
736edc7c91 Toolbar: Split tests added in [38660] and add a multisite specific test.
See #37949.

git-svn-id: https://develop.svn.wordpress.org/trunk@38663 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-27 20:10:31 +00:00
Dominik Schilling (ocean90)
2f4105d524 Toolbar: Don't run the test from [38660] for multisite.
See #37949.

git-svn-id: https://develop.svn.wordpress.org/trunk@38661 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-27 19:37:23 +00:00
Dominik Schilling (ocean90)
0bab64c370 Toolbar: Update links to the about page if current user can't access the dashboard of the current site.
Add missing focus styling for menu items with an icon.

Fixes #37949.

git-svn-id: https://develop.svn.wordpress.org/trunk@38660 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-27 19:00:35 +00:00
Jeremy Felt
8fcec07595 Multisite: Use get_sites() instead of a database lookup in get_id_from_blogname().
Because queries generated via `get_sites()` are cached, we can remove the `get_id_from_blogname` cache key.

Props flixos90.
Fixes #38175.


git-svn-id: https://develop.svn.wordpress.org/trunk@38659 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-27 18:17:23 +00:00
Jeremy Felt
1f143d995b Multisite: Handle get_id_from_blogname() lookups when the network domain has www..
Previously, if a network's domain started with `www.` in a subdomain configuration, a slug lookup with `get_id_from_blogname()` would not match an existing site. A similar lookup in a subdirectory configuration would work fine.

This strips `www.` from the network's domain in a subdomain configuration during the lookup and returns the site as expected.

Adds tests which would previously fail in a subdomain configuration, but now pass in both configurations.

Props igmoweb, flixos90.
Fixes #34450.


git-svn-id: https://develop.svn.wordpress.org/trunk@38658 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-27 17:56:53 +00:00
Dominik Schilling (ocean90)
a1e9fbfc14 Multisite: Allow to set the site language of a new site to English.
An empty string in `WPLANG` is used to define the site language as `en_US`. The `! empty()` check didn't catch this case so that `wpmu_create_blog()` fell back to the network setting.

Fixes #36918.

git-svn-id: https://develop.svn.wordpress.org/trunk@38655 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-26 18:38:32 +00:00
John Blackbourn
fa48bfa1d2 Built/Test Tools: Unify the way the permastructure is set when used in conjunction with re-registering the initial taxonomies. This ensure that rewrite rules for taxonomies are consistently available.
Fixes #35452


git-svn-id: https://develop.svn.wordpress.org/trunk@38654 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-26 17:01:48 +00:00
Boone Gorges
cf6f354fa8 Allow 'role' parameters to be passed to wp_dropdown_users().
`wp_dropdown_users()` contains a whitelist of function params that are
passed through to `get_users()`. `role`, `role__in`, and `role__not_in`
have now been added to this whitelist.

Props sillybean.
Fixes #38135.

git-svn-id: https://develop.svn.wordpress.org/trunk@38651 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-25 17:44:24 +00:00
Weston Ruter
f3e8e7735d Customize: Re-architect and harden panel/section UI logic.
Removes contents for sections and panels from being logically nested (in the DOM) in order to eliminate many issues related to using `margin-top` hacks. The element containing the link to expand the content element for panels and sections is now a sibling element to its content element: the content is removed from being nested at initialization. The content element is now available in a `contentContainer` property whereas the head element (containing the link to open the construct) is in a `headContainer` property. The existing `container` property is now a jQuery collection that contains both of these elements. Since the head element is no longer in an ancestor element to the `content` element, the `aria-owns` property is now used to maintain the relationship between the `headContainer` and the `contentContainer`. These changes are also accompanied by an improvement to the animation performance for the sliding panes.

Props delawski, celloexpressions.
Fixes #34391.
Fixes #34344.
Fixes #35947.


git-svn-id: https://develop.svn.wordpress.org/trunk@38648 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-23 22:22:09 +00:00
Sergey Biryukov
8bc6917cc3 I18N: Add support for Serbian crossed D in remove_accents().
Props Krstarica for the report.
Fixes #38078.

git-svn-id: https://develop.svn.wordpress.org/trunk@38646 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-23 00:06:24 +00:00
Pascal Birchler
acb43ecc0b Toolbar: Add a 'View Posts' link to the toolbar when on the post listing screen.
This adds a new link to visit the post type archive if the post type supports it. Also introduces a new `view_items` label to `get_post_type_labels()`.

Props paulwilde, akibjorklund, swissspidy.
Fixes #34113.

git-svn-id: https://develop.svn.wordpress.org/trunk@38634 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-20 20:01:55 +00:00
Joe McGill
4da705a7db Media: Make media library searchable by filename.
This applies a new private function, `_filter_query_attachment_filenames()`,
to the `post_clauses` filter hook during `wp_ajax_query_attachments()` and
`wp_edit_attachments_query_vars()` to include `_wp_attached_file` post meta
in search queries performed from the media library or in a `WP_Media_List_Table`.

Props wonderboymusic, DrewAPicture, joemcgill, swissspidy.
Fixes #22744.

git-svn-id: https://develop.svn.wordpress.org/trunk@38625 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-20 01:44:07 +00:00
Weston Ruter
7079459b77 Customize: Let static_front_page section be contextually active based on whether there are any published pages.
If there are no pages when the customizer is opened, the `static_front_page` section will be hidden. As soon as a page is created in the customizer session, the `static_front_page` section will be revealed. Previously the section would not be registered if there were no pages. Page stubs created via nav menus will appear in the `dropdown-pages` controls for `page_for_posts` and `page_on_front`, and such page stubs will thus cause the `static_front_page` section to appear. Plugins that facilitate page creation in the customizer by filtering `get_pages` will also cause the section to appear.

See #34923.
Fixes #38013.


git-svn-id: https://develop.svn.wordpress.org/trunk@38624 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-20 00:46:54 +00:00
Weston Ruter
87dc042623 Customize: Ensure nav menu items lacking a label use the title from the original object.
Use original title as placeholder for label and in control title. Prevent original title from overriding empty label in initial setting values.

Fixes #38015.


git-svn-id: https://develop.svn.wordpress.org/trunk@38618 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-17 21:49:49 +00:00
Aaron D. Campbell
6eb3e0bf5f Media: Improved media titles when created from filename.
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.

Props joemcgill.
Fixes #37989.



git-svn-id: https://develop.svn.wordpress.org/trunk@38614 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-17 05:41:27 +00:00
Joe Hoyle
433b4fbfba REST API: Enable sanitize_callback to return WP_Error.
Give developers the opportunity to reject incoming data without using the validation callback. It also enables us to do sanitization and validation in one function in instances where this could be useful.

Props websupporter, rmccue.
Fixes #37560.


git-svn-id: https://develop.svn.wordpress.org/trunk@38601 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-14 15:49:37 +00:00
Sergey Biryukov
4a2540a50e Media: Adjust test_video_shortcode_body() after [38597].
See #38040.

git-svn-id: https://develop.svn.wordpress.org/trunk@38598 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-13 14:08:24 +00:00
Gary Pendergast
61a95da031 Formatting: Add an extra line break before block elements in wpautop().
`wpautop()` considers double line breaks to be the separator between block level HTML elements. By adding two line breaks before a block element, this allows us to process the text before a block element correctly.

Fixes #4857.



git-svn-id: https://develop.svn.wordpress.org/trunk@38592 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-12 07:05:28 +00:00
Gary Pendergast
7511fe88cc Database: Normalise index names in dbDelta().
When comparing index definitions, normalise the index names to lower case, as they are not case sensitive within MySQL.

Fixes #34874.



git-svn-id: https://develop.svn.wordpress.org/trunk@38591 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-12 05:08:17 +00:00
Weston Ruter
d21f8b8869 Docs: Fix phpdoc and jsdoc typos introduced in [38584] and [38587], respectively.
See #33742.
See #20714.


git-svn-id: https://develop.svn.wordpress.org/trunk@38588 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-11 18:45:59 +00:00
Boone Gorges
6adcd15435 Query: Avoid PHP notice in get_queried_object() when query contains NOT EXISTS tax query.
Props johnjamesjacoby.
See #37962.

git-svn-id: https://develop.svn.wordpress.org/trunk@38585 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-09 19:36:22 +00:00
Weston Ruter
6c8c98fe5b Menus: Prevent non-published posts/pages from being returned in search results for adding as nav menu items.
Re-use the same query vars in searching as when listing posts. Aligns with behavior of nav menus in customizer.

Fixes #33742.
Props welcher, westonruter.


git-svn-id: https://develop.svn.wordpress.org/trunk@38584 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-09 04:59:01 +00:00
John Blackbourn
e7b058117a Themes: Add the non-encoded form of the queried item slug to the template hierarchy when the slug contains non-ASCII characters.
This affects category, tag, and custom taxonomy archives, and single posts, pages, and custom post types.

Fixes #37655


git-svn-id: https://develop.svn.wordpress.org/trunk@38583 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-09 00:47:17 +00:00
Gary Pendergast
40ebbc7713 Tests: Use add_filter() when it's available.
The `tests_add_filter()` helper function directly manipulates the `$wp_filter` global, instead of using `add_filter()`. We can use `add_filter()` when it's available, and fall back to manipulating `$wp_filter` when it isn't, relying on the `$wp_filter` bootstrap code at the top of `plugin.php` to handle conversion.

Props boonebgorges, dd32 and pento: WordPress Thought Leadership Triumvirate.
Fixes #17817.



git-svn-id: https://develop.svn.wordpress.org/trunk@38582 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-09 00:33:52 +00:00
Gary Pendergast
bafd8c92f2 Database: Fall back to utf8 when utf8mb4 isn't supported.
Sometimes, `DB_CHARSET` will be set to `utf8mb4`, even if the current setup doesn't support `utf8mb4`. After [38442], this can cause significant character set failures, causing the connection to fall back to `latin1`.

Instead of doing this, we now check that the connection supports `utf8mb4` before trying to use it, and fall back to `utf8` when we need to.

Fixes #37982 for trunk.


git-svn-id: https://develop.svn.wordpress.org/trunk@38580 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-08 23:48:05 +00:00
John Blackbourn
2aef21a55b Themes: Improve child theme file inheritance by introducing functions for locating and fetching the URL or path to files within child and parent themes.
The most useful function this introduces is `get_theme_file_uri()`, which returns the URL to the specified file in the child theme if it exists, and falls back to the URL to the specified file in the parent theme. This allows parent themes to reference files (including enqueuing CSS and JavaScript files) that can be overridden by the child theme simply by existing.

This change also introduces `get_theme_file_path()`, which is the file path equivalent of `get_theme_file_uri()`.

Finally, `get_parent_theme_file_uri()` and `get_parent_theme_file_path()` are also introduced, which allow a theme to specifically reference a file URL or file path in the parent theme. These can be used as replacements for `get_template_directory_uri()` and `get_template_directory()` respectively, for consistency.

Props johnbillion, georgestephanis, gma992.
Fixes #18302


git-svn-id: https://develop.svn.wordpress.org/trunk@38578 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-08 22:53:57 +00:00
Aaron Jorbin
57530f4b73 Permalinks: Ensure Pending Review Posts permalink posts link to the draft
[34670] made the displayed permalink clickable. For posts that were pending review, the permalink wasn't being properly generated so the link wouldn't go to the preview.

Props knutsp, enshrined.
Fixes #37423.



git-svn-id: https://develop.svn.wordpress.org/trunk@38572 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-08 04:04:22 +00:00
Gary Pendergast
61abf68e6d Hooks: Add the new class WP_Hook, and modify hook handling to make use of it.
Filters and actions have been the basis of WordPress' plugin functionality since time immemorial, they've always been a reliable method for acting upon the current state of WordPress, and will continue to be so.

Over the years, however, edge cases have cropped up. Particularly when it comes to recursively executing hooks, or a hook adding and removing itself, the existing implementation struggled to keep up with more complex use cases.

And so, we introduce `WP_Hook`. By changing `$wp_filter` from an array of arrays, to an array of objects, we reduce the complexity of the hook handling code, as the processing code (see `::apply_filters()`) only needs to be aware of itself, rather than the state of all hooks. At the same time, we're able te handle more complex use cases, as the object can more easily keep track of its own state than an array ever could.

Props jbrinley for the original architecture and design of this patch.
Props SergeyBiryukov, cheeserolls, Denis-de-Bernardy, leewillis77, wonderboymusic, nacin, jorbin, DrewAPicture, ocean90, dougwollison, khag7, pento, noplanman and aaroncampbell for their testing, suggestions, contributions, patch maintenance, cajoling and patience as we got through this.
Fixes #17817.



git-svn-id: https://develop.svn.wordpress.org/trunk@38571 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-08 03:54:13 +00:00
Peter Wilson
0c88ec217d Menus: Add white space option to wp_nav_menu() and wp_list_pages().
Adds an `item_spacing` option to the arguments array for the functions `wp_nav_menu()`, `wp_list_pages()`, and `wp_page_menu()`. `item_spacing` is a boolean accepting either `preserve` or `discard`.

Previously, certain CSS choices could result in a site's layout changing if `wp_nav_menu()` fell back to the default `wp_list_pages()` due to differences in the whitespace within the HTML. The new argument ensures a function outputs consistant HTML while maintaining backward compatibility.

Fixes #35206.


git-svn-id: https://develop.svn.wordpress.org/trunk@38523 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-06 09:05:45 +00:00
John Blackbourn
18654d2778 Role/Capability: Correct the multisite cap tests after [38521].
See #35614
See #32394


git-svn-id: https://develop.svn.wordpress.org/trunk@38522 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-05 12:08:39 +00:00
John Blackbourn
7dd2e5d4dc Role/Capability: Split meta and primitive capabilities in the helper functions in the roles and capability tests so primitive capability tests can be made more accurate.
See #35614
See #32394


git-svn-id: https://develop.svn.wordpress.org/trunk@38521 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-05 10:59:42 +00:00
John Blackbourn
470a9fa6e2 Taxonomy: Introduce some taxonomy capability tests in preparation for introducing more fine grained capabilities for terms.
See #35614


git-svn-id: https://develop.svn.wordpress.org/trunk@38516 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-03 02:15:00 +00:00
John Blackbourn
00c47125db Embeds: Clarify some assertion failure messages and correct a test URL for Twitter timelines.
See #32360


git-svn-id: https://develop.svn.wordpress.org/trunk@38514 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-02 22:52:48 +00:00
Weston Ruter
f5923b7fe8 Customize: Fix php warning due to WP_Customize_Manager::prepare_setting_validity_for_js() incorrectly assuming that WP_Error will only ever have arrays in its $error_data.
* Eliminates the server mutating the a `WP_Error`'s `$error_data` to merge-in a `$from_server` flag (since it may not be an array to begin with). Instead it defers to the client to add a `fromServer` param on any `Notification` instances created from server-sent errors.
* Ensures that notifications will be re-rendered if a notification's `message` changes but the `data` and `type` remain the same.
* Adds explicit support for the `Notification` class to have a `setting` property, ensuring that the property is set whereas previously it was dropped.

Fixes #37890.
Props westonruter, dlh.


git-svn-id: https://develop.svn.wordpress.org/trunk@38513 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-02 22:34:48 +00:00
John Blackbourn
84d26aac05 Embeds: Update the oEmbed provider test suite.
* Remove the manual flag for HTTPS support and replace it with a simple check on the URL format.
* Ensure `testOembedTestsCoverAllProviders()` actually fails when a new provider is added without a corresponding test.

See #32360


git-svn-id: https://develop.svn.wordpress.org/trunk@38512 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-02 21:35:51 +00:00
Aaron Jorbin
4484e2d2c3 Formatting: Allow KSES custom elements with hyphens
The W3C Custom Elements spec (http://www.w3.org/TR/custom-elements/#concepts) allows you to use your own custom DOM elements/tags. One of the main requirements is that the tag name "must contain a U+002D HYPHEN-MINUS character". This adjusts KSES to allow it.

Fixes #34105.
Props batmoo.



git-svn-id: https://develop.svn.wordpress.org/trunk@38511 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-02 04:16:00 +00:00
Aaron Jorbin
43ca412094 Toolbar: Add unit tests for edit links.
When there is no post ID, there should be no edit link. This adds unit tests for it.

Fixes #22247.
Props akibjorklund.


git-svn-id: https://develop.svn.wordpress.org/trunk@38508 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-02 03:51:01 +00:00
Gary Pendergast
4afafbde25 Database: Find the correct table names in DELETE queries with table aliases
Previously, `wpdb::get_table_from_query()` would not find the correct table name in the query `DELETE a FROM table a`, due to not recognising the table alias immediately after the `DELETE` as correct syntax.

Fixes #37660.



git-svn-id: https://develop.svn.wordpress.org/trunk@38507 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-02 00:18:49 +00:00
Gary Pendergast
6d59b289a9 Shortcodes: Add the pre_do_shortcode_tag filter.
This filter allows the shortcode generation process to be short-circuited, so expensive short codes can be cached and returned immediately.

Props ideag.
Fixes #37906.



git-svn-id: https://develop.svn.wordpress.org/trunk@38506 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-02 00:09:42 +00:00
Gary Pendergast
5b85aa163f Smilies: Add the smilies filter.
This new filter allows the smilies array to be modified with a filter, instead of having to directly access the global.

Props mte90, jorbin.
Fixes #35905.



git-svn-id: https://develop.svn.wordpress.org/trunk@38504 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-01 23:59:59 +00:00
Boone Gorges
78df32df4e Query: 'orderby=include' should support comma-separated lists.
[30052] assumed that 'include' would be an array.

Props TimothyBlynJacobs.
Fixes #37904.

git-svn-id: https://develop.svn.wordpress.org/trunk@38500 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-01 16:50:47 +00:00
John Blackbourn
f5bb93e4ac Role/Capability: Add two missing meta capabilities to the caps tests.
See #32394


git-svn-id: https://develop.svn.wordpress.org/trunk@38482 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-31 21:33:44 +00:00
Scott Taylor
cba0e2c8f7 Bootstrap: do not go gentle into that good night r38411, r38412, and parts of r38389.
See #36335.


git-svn-id: https://develop.svn.wordpress.org/trunk@38470 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-31 16:30:48 +00:00
John Blackbourn
84c2742175 HTTP API: Revert changes to wp_parse_url() while PHP 5.2 errors are investigated.
See #36356


git-svn-id: https://develop.svn.wordpress.org/trunk@38456 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-31 00:23:26 +00:00
Scott Taylor
7ca480cc4e OEmbed: add unit tests. @group external-oembed is not run by default.
Props johnbillion, wonderboymusic.
See #32360.


git-svn-id: https://develop.svn.wordpress.org/trunk@38454 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-30 18:54:53 +00:00
John Blackbourn
7734c6ac24 HTTP API: Separate the test for wp_parse_url() with -1 as its component into a separate test, so the remaining tests can use strict type checking. This helps avoid gotches with the potentially empty values (ie. null) that we're testing for.
See #36356


git-svn-id: https://develop.svn.wordpress.org/trunk@38453 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-30 18:30:51 +00:00
John Blackbourn
8a6568945a HTTP API: The tests for wp_parse_url() can't be strict on type because this causes the tests to fail on PHP 5.2 which, bizarrely, returns the results of parse_url() (when called with a $component parameter) in a different order to later PHP versions.
Fixes #36356


git-svn-id: https://develop.svn.wordpress.org/trunk@38452 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-30 17:48:06 +00:00
John Blackbourn
48f389015e HTTP API: Add a $component parameter to wp_parse_url() to give it parity with PHP's parse_url() function.
Fixes #36356
Props jrf


git-svn-id: https://develop.svn.wordpress.org/trunk@38449 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-30 16:35:33 +00:00
Pascal Birchler
19b838af8b Script Loader: Properly adjust tests missed in [38443].
See #37800.

git-svn-id: https://develop.svn.wordpress.org/trunk@38447 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-30 14:50:14 +00:00
Boone Gorges
2fc4e48d07 Comments: Don't do direct SQL query when fetching decendants.
The SQL query was built using the clauses compiled when querying for
top-level comments. But in cases where the top-level comment query
results are already in the cache, the SQL clauses are not built, and
so are unavailable for `fill_descendants()`. Instead, we call
`get_comments()`, using modified versions of the parameters passed
to the main `WP_Comment_Query` class.

Props Akeif, Rarst for testing.
Fixes #37696.

git-svn-id: https://develop.svn.wordpress.org/trunk@38446 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-30 14:48:00 +00:00
Boone Gorges
f80068e75b Tests: Require Basic_Object and Basic_Subclass files earlier in call stack.
This ensures compatibility with third-party tools using these classes
in their test suites, after [38285].

Props DylanAuty, Frank Klein, TimothyBlynJacobs.
Fixes #37523.

git-svn-id: https://develop.svn.wordpress.org/trunk@38445 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-30 14:32:04 +00:00
Boone Gorges
caf0e90b30 Tests: Add docblocks for Basic_Object and Basic_Subclass classes.
Props DylanAuty.
See #37523.

git-svn-id: https://develop.svn.wordpress.org/trunk@38444 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-30 14:31:56 +00:00
Boone Gorges
53016dd3aa Remove unnecessary uniqueness check in get_attachment_taxonomies().
Running the taxonomy array through `array_unique()` is unnecessary
when the function returns objects, because the associative keys already
ensure uniqueness.

This also fixes a bug when running `get_attachment_taxonomies()` in
HHVM, which doesn't like casting objects to strings for the purposes
of `array_unique()`.

Props swissspidy.
See #37368.

git-svn-id: https://develop.svn.wordpress.org/trunk@38437 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-30 03:06:06 +00:00
Weston Ruter
7105787ced Customize: Allow users to more seamlessly create page-based nav menus during customization.
Introduces the ability to create stubs for the various post types to add to a given menu. This eliminates the need to leave the customizer to first create the post in the admin and then return to managing menus. Only the title of the newly-created post can be supplied; the post content will be blank and will need to be provided in the normal edit post screen outside the customizer, unless a plugin enables a post editing in the customizer experience. When a post is created and added to a nav menu in the customizer, the newly created post that is added to a menu is given the `auto-draft` status, and if the changes are not published, the `auto-draft` post will be automatically deleted within 7 days via `wp_delete_auto_drafts()`. However, if the customizer changes are saved, then these nav menu item `auto-draft` post stubs will be transitioned to `publish`.

Includes portions of code from the Customize Posts <https://github.com/xwp/wp-customize-posts> and Front-end Editor <https://github.com/iseulde/wp-front-end-editor> plugins.

For more information, see https://make.wordpress.org/core/2016/06/16/feature-proposal-content-authorship-in-menus-with-live-preview/

Props celloexpressions, westonruter, valendesigns, afercia, melchoyce, mapk, iseulde, mrahmadawais.
Fixes #34923.


git-svn-id: https://develop.svn.wordpress.org/trunk@38436 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-29 22:58:32 +00:00
Joe McGill
142fefb269 Post Thumbnails: Prevent post thumbnail previews from spilling into other images.
After [38118], when previewing a page with a secondary loop, all post
thumbnails would be filtered to display the post thumbnail for the
page being previewed. This ensures `_wp_preview_post_thumbnail_filter()`
is only applied if the `$post_id` of the post meta being filtered is
equal to the post or page being previewed.

Props swisspidy, joemcgill.
Fixes #37697.

git-svn-id: https://develop.svn.wordpress.org/trunk@38433 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-29 12:24:09 +00:00
Dion Hulse
e916b9e14c HTTP: Accept non-string values in cookies, fixing a regression since 4.5.
Props swissspidy.
Fixes #37768 for trunk.


git-svn-id: https://develop.svn.wordpress.org/trunk@38430 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-29 02:41:56 +00:00
Dion Hulse
7f2a81061a HTTP: Handle an edgecase within the URI parsing library included in Requests, where if a double slash exists at the start of the path the URL is passed to cURL malformed.
Props flixos90 for initial patch.
Fixes #37733 for trunk.


git-svn-id: https://develop.svn.wordpress.org/trunk@38429 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-29 02:32:48 +00:00
John Blackbourn
a03376e798 Security: Trigger a _doing_it_wrong() when check_ajax_referer() is called without its first parameter. This brings it inline with check_admin_referer().
Fixes #36361


git-svn-id: https://develop.svn.wordpress.org/trunk@38420 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-28 17:14:52 +00:00
John Blackbourn
c786774d21 Themes: Introduce tests for the theme template hierarchy.
See #14310


git-svn-id: https://develop.svn.wordpress.org/trunk@38419 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-28 16:18:51 +00:00
John Blackbourn
58956ecf2d Permalinks: Correct an invalid peramstructure tag in a test.
Fixes #37858


git-svn-id: https://develop.svn.wordpress.org/trunk@38417 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-28 12:52:23 +00:00
Pascal Birchler
9701c29b90 Bootstrap: Fix failing external HTTP tests after [38411].
When testing the transports, the transport name needs to be capitalized for the class name to be correct (`WP_Http_Curl` vs. `WP_Http_curl` ).

See #36335.

git-svn-id: https://develop.svn.wordpress.org/trunk@38416 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-28 10:33:24 +00:00
John Blackbourn
7bb34dc5d9 Query: Add and improve tests for query conditionals on the front page and home page.
See #37851


git-svn-id: https://develop.svn.wordpress.org/trunk@38413 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-28 02:01:53 +00:00
Scott Taylor
4225e71a6b Bootstrap: after r38409 and r38410, revert r38402 which reverted r38399.
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.

See #36335.


git-svn-id: https://develop.svn.wordpress.org/trunk@38411 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-27 22:31:11 +00:00
John Blackbourn
551fa31b5a Media: Add a $wp_error parameter to wp_insert_attachment() to give it parity with wp_insert_post().
Fixes #37813
Props grapplerulrich, mrahmadawais


git-svn-id: https://develop.svn.wordpress.org/trunk@38408 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-27 17:24:58 +00:00
John Blackbourn
f59a3b54c8 Build/Test tools: Ensure the Tests_Query_Conditionals tests set up the environment correctly before re-registering initial taxonomies.
Fixes #37851


git-svn-id: https://develop.svn.wordpress.org/trunk@38407 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-27 17:02:54 +00:00
John Blackbourn
417de45c08 Build/Test Tools: Add support for is_front_page() to assertQueryTrue() and assert that all the tested conditions are supported by the method.
Fixes #37849


git-svn-id: https://develop.svn.wordpress.org/trunk@38405 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-27 15:27:35 +00:00
John Blackbourn
52acaaad50 Themes: Remove failing tests introduced in [38390].
See #14310


git-svn-id: https://develop.svn.wordpress.org/trunk@38403 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-27 14:52:56 +00:00
Dion Hulse
e353179ce5 Bootstrap: Revert [38399] as it's broken /build/ and subsequently core.svn.wordpress.org.
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.

See #36335


git-svn-id: https://develop.svn.wordpress.org/trunk@38402 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-27 14:36:42 +00:00
Peter Wilson
b8f88aa597 Unit tests: Enforce $args object in wp_nav_menu() & Walker_Nav_Menu.
WordPress always* passes $args to filters as an array of arugments. A exception is made in `wp_nav_menu()` and the associated walker where these are passed to filters as an object, this has been the case for seven years (since [13368]).

These new tests enforce the use of an object in these filters to ensure backward compatibility is maintained.

See #24587.


git-svn-id: https://develop.svn.wordpress.org/trunk@38400 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-27 11:27:17 +00:00
Scott Taylor
388690382c Bootstrap: Autoload classes using a Composer-generated PHP 5.2-compatible Autoloader.
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.

The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php

We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php

When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.

The future is now.

See #36335.


git-svn-id: https://develop.svn.wordpress.org/trunk@38399 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-27 09:15:01 +00:00
Scott Taylor
02319efa71 Unit Tests:
* Automatically delete objects that we were created during `wpSetUpBeforeClass` - posts, comments, terms (except 1), and user (except 1)
* The amount of leftover data between tests was breathtaking - use the new function: `_delete_all_data()`
* Commit database transactions for all `TestCase`s, not just those that implement `wpSetUpBeforeClass` and `wpTearDownAfterClass`
* The tests run 10-20 seconds faster now

See #37699.


git-svn-id: https://develop.svn.wordpress.org/trunk@38398 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-27 08:35:16 +00:00
johnbillion
8139765b1f Themes: Begin introducing unit tests for the expected theme template hierarchy. More to come.
See #14310


git-svn-id: https://develop.svn.wordpress.org/trunk@38390 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-26 22:19:16 +00:00
Scott Taylor
db0e1ed0af Unit Tests: after r38303, replace usage of global $_wp_additional_image_sizes with wp_get_additional_image_sizes().
See #37699.


git-svn-id: https://develop.svn.wordpress.org/trunk@38383 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-26 20:50:24 +00:00
John Blackbourn
e795f6da1d Build/Test Tools: Remove many unnecessary calls to rand_str() which can, in theory, fail at random. Static strings are much more appropriate.
See #37371


git-svn-id: https://develop.svn.wordpress.org/trunk@38382 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-26 20:21:30 +00:00
Boone Gorges
6eaa56f3d4 Don't improperly cast IDs when fetching post, user, or term objects.
Blindly casting passed IDs to integers can generate false positives
when the ID is cast to `1`.

Props deeptiboddapati.
Fixes #37738.

git-svn-id: https://develop.svn.wordpress.org/trunk@38381 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-26 19:08:23 +00:00
John Blackbourn
5e71c349af Role/Capability: Only users who can manage options should be able to trash/delete the page for posts or the front page, as they are the only users who can restore it or subsequently alter the "Front page displays" setting.
Fixes #37580
Props JakePT


git-svn-id: https://develop.svn.wordpress.org/trunk@38378 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-26 18:22:28 +00:00
Boone Gorges
ff0386b5c1 Use shared fixture in comment_exists() tests.
Props Frank Klein.
Fixes #37842.

git-svn-id: https://develop.svn.wordpress.org/trunk@38372 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-26 17:41:51 +00:00
Scott Taylor
a02d79cf73 Site Icon: There is no good reason for class-wp-site-icon.php to drop a global instance of itself whenever the file is loaded. The lone use of the global instance of WP_Site_Icon is in an AJAX action that provides virtually no way to override - the file is loaded immediately before the global is used.
Let us remove the `$wp_site_icon` global. I will fall on the sword if this comes back to bite us (waiting with bated breath).

See #37699.


git-svn-id: https://develop.svn.wordpress.org/trunk@38355 602fd350-edb4-49c9-b593-d223f7449a82
2016-08-25 19:08:38 +00:00