Another chapter in the Storied Annals of Weird `in_array()` Behavior:
`in_array( 4, array( "4-cool-dudes" ) );` resolves to `true`, such that
`is_page( 4 )` was returning true for posts with the name `'4-cool-dudes'`.
We work around this behavior by ensuring that values passed to the `is_`
methods are cast to strings before the `in_array()` checks. ID checks still
work as expected; see #24674.
Props mikejolley, swissspidy, boonebgorges.
Fixes#35902.
git-svn-id: https://develop.svn.wordpress.org/trunk@36625 602fd350-edb4-49c9-b593-d223f7449a82
Ensures that intentional backslashes (e.g. "\o/") can be used in:
* Site title
* Site description
* Nav menu name
* Custom Menu widget title
* Tag Cloud widget title
* Text widget body if can't `unfiltered_html`
The latter three are also fixed on the widgets admin page.
Fixes#35898.
git-svn-id: https://develop.svn.wordpress.org/trunk@36622 602fd350-edb4-49c9-b593-d223f7449a82
Introduces `wp_authenticate_email_password()` which is hooked into `authenticate` after `wp_authenticate_username_password()`.
Props Denis-de-Bernardy, ericlewis, vhomenko, MikeHansenMe, swissspidy, ocean90.
Fixes#9568.
git-svn-id: https://develop.svn.wordpress.org/trunk@36617 602fd350-edb4-49c9-b593-d223f7449a82
`get_terms()` has historically required that a taxonomy be specified when
querying terms. This requirement is related to the fact that terms could
formerly be shared between taxonomies, making `$taxonomies` critical for
disambiguation. Since terms can no longer be shared as of 4.4, it'
s desirable to be able to query for terms regardless of what taxonomy they're in.
Because it's now optional to pass taxonomies, it's no longer necessary to have
`$taxonomies` as the first (and required) parameter for `get_terms()`. The new
function signature is `get_terms( $args )`, where 'taxonomy' can (optionally) be
passed as part of the `$args` array. This syntax is more consistent with
functions like `get_users()` and `get_posts()`.
We've maintained backward compatibility by always giving precedence to the old
argument format. If a second parameter is detected, or if it's detected that
the first parameter is a list of taxonomy names rather than an `$args` array,
`get_terms()` will parse the function arguments in the legacy fashion.
Props flixos90, swissspidy, DrewAPicture, boonebgorges.
Fixes#35495.
git-svn-id: https://develop.svn.wordpress.org/trunk@36614 602fd350-edb4-49c9-b593-d223f7449a82
Short-circuits components from initializing their hooks needlessly if current user lacks required capability.
Fixes#35895.
git-svn-id: https://develop.svn.wordpress.org/trunk@36611 602fd350-edb4-49c9-b593-d223f7449a82
Prevents slashes from being added when a user without `unfiltered_html` previews a nav menu item containing an apostrophe or some other slashable character, and prevents the loss of an intentional slash (e.g. "\o/") when saving a nav menu item, regardless of capability.
Fixes#35869.
git-svn-id: https://develop.svn.wordpress.org/trunk@36608 602fd350-edb4-49c9-b593-d223f7449a82
When determining a unique post slug, trashed posts are taken into account. Previously, new posts would add suffixes to their slugs (e.g. `about-2`) when a post in the trash had the desired slug (e.g. `about`).
To avoid this behavior, when a post is trashed its slug (i.e. `post_name`) is now suffixed with `-%trashed%`. The post's pre-trash slug is stored as post meta, and if the post is restored from trash, its desired slug is reapplied.
For existing trashed posts which don't have the `-%trashed%` suffix, the suffix is added when a post with its desired slug is created.
Props ocean90, boonebgorges, ryan, SergeyBiryukov, coffee2code, helen, williamsba1.
See #11863.
git-svn-id: https://develop.svn.wordpress.org/trunk@36607 602fd350-edb4-49c9-b593-d223f7449a82
The new `get_recipient()` and `get_sent()` methods greatly simplify the
syntax required when writing tests for `wp_mail()`.
Props welcher.
Fixes#34161.
git-svn-id: https://develop.svn.wordpress.org/trunk@36594 602fd350-edb4-49c9-b593-d223f7449a82
Comment and term meta lazyloading for `WP_Query` loops, introduced in 4.4,
depended on filter callback methods belonging to `WP_Query` objects. This meant
storing `WP_Query` objects in the `$wp_filter` global (via `add_filter()`),
requiring that PHP retain the objects in memory, even when the local variables
would typically be expunged during normal garbage collection. In cases where a
large number of `WP_Query` objects were instantiated on a single pageload,
and/or where the contents of the `WP_Query` objects were quite large, serious
performance issues could result.
We skirt this problem by moving metadata lazyloading out of `WP_Query`. The
new `WP_Metadata_Lazyloader` class acts as a lazyload queue. Query instances
register items whose metadata should be lazyloaded - such as post terms, or
comments - and a `WP_Metadata_Lazyloader` method will intercept comment and
term meta requests to perform the cache priming. Since `WP_Metadata_Lazyloader`
instances are far smaller than `WP_Query` (containing only object IDs), and
clean up after themselves far better than the previous `WP_Query` methods (bp
only running their callbacks a single time for a given set of queued objects),
the resource use is decreased dramatically.
See [36525] for an earlier step in this direction.
Props lpawlik, stevegrunwell, boonebgorges.
Fixes#35816.
git-svn-id: https://develop.svn.wordpress.org/trunk@36566 602fd350-edb4-49c9-b593-d223f7449a82
- Cache the output in non-persistent cache.
- Cache the result from `wp_mkdir_p()` in persistent cache (when present).
- Introduce `wp_get_upload_dir()` for use when not uploading files. It is equivalent to `wp_upload_dir()` but does not check for the existence or create the upload directory.
- Change tests to use the non-cached `_wp_upload_dir()`. They change options on the fly (should never be used in production) to simulate different environments.
- Introduce `_upload_dir_no_subdir()` and `_upload_dir_https()` to facilitate testing. These use the proper `upload_dir` filter to simulate different environments.
Props kovshenin, azaozz.
See #34359.
git-svn-id: https://develop.svn.wordpress.org/trunk@36565 602fd350-edb4-49c9-b593-d223f7449a82
Introduces language files in /tests/phpunit/data/language. Each file includes the header and 5 translations.
Props realloc for initial patch.
Fixes#35284.
git-svn-id: https://develop.svn.wordpress.org/trunk@36563 602fd350-edb4-49c9-b593-d223f7449a82
This prevents breaking plugins which are adding inline styles to the `wp-admin` handle after [36341].
Props dd32, ocean90.
Fixes#35229.
git-svn-id: https://develop.svn.wordpress.org/trunk@36550 602fd350-edb4-49c9-b593-d223f7449a82
In `get_translations_for_domain()` don't fill the global `$l10n` with `NOOP_Translations` instances, return a `NOOP_Translations` instance instead.
Props nacin, jrf.
Fixes#21319.
git-svn-id: https://develop.svn.wordpress.org/trunk@36538 602fd350-edb4-49c9-b593-d223f7449a82
HEAD callbacks can now be registered independently, with the GET
callback still used as a fallback.
Fixes#34841.
git-svn-id: https://develop.svn.wordpress.org/trunk@36535 602fd350-edb4-49c9-b593-d223f7449a82
CURIEs are Compact URIs, which provide a more usable way to use
custom relations in the API. The `wp` CURIE is registered by default
for `https://api.w.org/` URI relations.
Fixes#34729.
Props joehoyle.
git-svn-id: https://develop.svn.wordpress.org/trunk@36533 602fd350-edb4-49c9-b593-d223f7449a82
Introduces `WP_Customize_Manager::get_previewable_devices()` with a `customize_previewable_devices` filter to change the default device and which devices are available for previewing. This is a feature that was first pioneered on WordPress.com.
Props celloexpressions, folletto, valendesigns, westonruter, welcher, adamsilverstein, michaelarestad, Fab1en.
Fixes#31195.
git-svn-id: https://develop.svn.wordpress.org/trunk@36532 602fd350-edb4-49c9-b593-d223f7449a82
This allows using rest_do_request() outside of the API itself easily.
Props danielbachhuber, swissspidy.
git-svn-id: https://develop.svn.wordpress.org/trunk@36529 602fd350-edb4-49c9-b593-d223f7449a82
Taxonomies registered as `publicly_queryable` can be queried as taxonomy
archives.
If not provided explicitly, the value of `publicly_queryable` is inherited
from `public`.
Props Chouby.
Fixes#34491.
git-svn-id: https://develop.svn.wordpress.org/trunk@36525 602fd350-edb4-49c9-b593-d223f7449a82
The generator sequence was causing false positives when the search terms
('1' and '0') happened to match the current sequence number (eg,
'Post content 190').
Introduced in [36278].
See #31025.
git-svn-id: https://develop.svn.wordpress.org/trunk@36520 602fd350-edb4-49c9-b593-d223f7449a82
Multiple improvements to the RSS2 automated tests along with the addition of Atom tests.
1. General whitespace cleanup (since the rss2 file serves as the base of the atom file).
2. Adds an author and category to the tests.
3. Since the content of the posts is the same, we don't need to test all of the post content.
4. Adds many posts so that the post count can be checked
Props stevenkword
Fixes#35160.
git-svn-id: https://develop.svn.wordpress.org/trunk@36519 602fd350-edb4-49c9-b593-d223f7449a82
This adds tests for the comment form field lengths returned by `wp_get_comment_fields_max_lengths()`. Replaces unit test removed in r36514.
See #10377.
git-svn-id: https://develop.svn.wordpress.org/trunk@36515 602fd350-edb4-49c9-b593-d223f7449a82
Instead of returning a value for each of the related table column lengths, return an array of all of the column lengths used in the comment form.
Better fallback handling, where each field falls back to the expected max_length instead of an arbitrary number.
Props azaozz.
Fixes#10377.
git-svn-id: https://develop.svn.wordpress.org/trunk@36514 602fd350-edb4-49c9-b593-d223f7449a82
The `$delete_all` flag in `delete_metadata()` triggers cache invalidation for
multiple objects. Previously, invalidation took place for all objects matching
the `$meta_key` parameter, regardless of whether `$meta_value` was also set.
This resulted in overly aggressive invalidation.
Props rahal.aboulfeth.
Fixes#35797.
git-svn-id: https://develop.svn.wordpress.org/trunk@36511 602fd350-edb4-49c9-b593-d223f7449a82
The `$orderby` parameter of `get_terms()` now accepts the following values,
related to term meta:
* 'meta_value'
* 'meta_value_num'
* the value of the `$meta_key` parameter
* any key from the `$meta_query` array
This brings order-by-meta support for terms in line with post, comment, and
user queries.
As a byproduct of these improvements, `$meta_key` and `$meta_value` parameters
have been introduced to `get_terms()`. They interact with `$meta_query` in the
same way as in `WP_Query` and other query classes.
Props jadpm, eherman24.
Fixes#34996.
git-svn-id: https://develop.svn.wordpress.org/trunk@36485 602fd350-edb4-49c9-b593-d223f7449a82
This provides better parity with `get_queried_object()`, which will return the
first taxonomy/term matched by the current query.
[29891] introduced the abnormal behavior for the 'taxonomy' and 'term'
query vars.
Props Chouby.
Fixes#35619.
git-svn-id: https://develop.svn.wordpress.org/trunk@36484 602fd350-edb4-49c9-b593-d223f7449a82
`user_nicename` can be changed via `wp_update_user()`, so we invalidate just
to be safe.
Props thebrandonallen.
Fixes#35750.
git-svn-id: https://develop.svn.wordpress.org/trunk@36482 602fd350-edb4-49c9-b593-d223f7449a82
The changes introduced in [36381], while logical and clearly awesome, introduce
the potential for much breakage. Those who want to query for comments with a
null `comment_post_ID` should use `'post_in' => array( 0 )` instead.
Reverts [36381], [36387].
See #35090.
git-svn-id: https://develop.svn.wordpress.org/trunk@36480 602fd350-edb4-49c9-b593-d223f7449a82
Query var defaults are used to calculate a cache key. The fact that these
params were not listed among the defaults was causing cache keys to be
insufficiently specific.
Props danielbachhuber.
Fixes#35677.
git-svn-id: https://develop.svn.wordpress.org/trunk@36479 602fd350-edb4-49c9-b593-d223f7449a82
In the event that it was closed prematurely, `wpdb::query()` will re-open the connection automatically.
Fixes#34903.
git-svn-id: https://develop.svn.wordpress.org/trunk@36433 602fd350-edb4-49c9-b593-d223f7449a82
* Introduce `WP_Customize_Manager::get_nonces()` to consolidate logic for retrieving nonces.
* Export nonces centrally in `wp.customize.settings.nonce` with each request and update nav menus preview to utilize.
* Send updated nonces to preview upon `nonce-refresh`.
* Request full preview refresh if Nav Menu selective refresh request fails (e.g. due to bad nonce).
* Update nav menus and widgets in Customizer to utilize `customize_refresh_nonces` for exporting nonces and keeping them up to date.
See #27355.
Fixes#35617.
git-svn-id: https://develop.svn.wordpress.org/trunk@36414 602fd350-edb4-49c9-b593-d223f7449a82
In [36347] we moved all PHP factory classes into their own files except the main class. The main class is now in its own file, and `factory.php` is solely an include manifest for all factory classes.
git-svn-id: https://develop.svn.wordpress.org/trunk@36409 602fd350-edb4-49c9-b593-d223f7449a82
Previously, this was not possible due to an overly broad `empty()` check.
Passing `null`, `false`, or `''` to 'post_id', or omitting 'post_id'
altogether, will continue to return comments regardless of `comment_post_ID`,
as before. Passing `0` or `'0'` will limit results to comments with no
associated post.
Props danielbachhuber.
Fixes#35090.
git-svn-id: https://develop.svn.wordpress.org/trunk@36381 602fd350-edb4-49c9-b593-d223f7449a82
* Move the legacy `allowed_themes` filter to `WP_Theme::get_allowed_on_network()`, where it will continue to filter themes allowed on the network.
* Add `network_allowed_themes` filter to `WP_Theme::get_allowed()` and pass `$blog_id` to provide context.
* Add `site_allowed_themes` filter to `WP_Theme::get_allowed_on_site()` and pass `$blog_id` to provide context.
Props pauldewouters, lamosty, michalzuber, dmsnell, johnnypea, rob.
Fixes#28436.
git-svn-id: https://develop.svn.wordpress.org/trunk@36366 602fd350-edb4-49c9-b593-d223f7449a82
We'll be adjusting the placement of this filter and adding two other related filters, so we should make sure it continues to work as expected after the change.
See #28436.
git-svn-id: https://develop.svn.wordpress.org/trunk@36350 602fd350-edb4-49c9-b593-d223f7449a82
[32353] changed the way the 'name' param in `get_terms()` is sanitized, by
running it through `sanitize_term_field( 'name' )` before performing the SQL
query. An unintentional side effect of this change was that the string is
double-escaped: once by `wp_filter_kses()`, and once by `esc_sql()`. The
double-escaping was causing 'name' queries to fail when the param contained
apostrophes or other escaped characters.
Fixes#35493.
git-svn-id: https://develop.svn.wordpress.org/trunk@36348 602fd350-edb4-49c9-b593-d223f7449a82
This makes the code easier to browse.
`factory.php` loads the new files, so this is backwards compatible in case `factory.php` is loaded directly for access to one of the classes.
See #35492.
git-svn-id: https://develop.svn.wordpress.org/trunk@36347 602fd350-edb4-49c9-b593-d223f7449a82
The refactor of `WP_Comment_Query`'s SQL generation in [34542] introduced a bug
that caused only the last post-related filter to be respected in comment
queries. In other words, if querying for comments using params
`post_status=draft&post_author=3`, only the last-processed of these params
would be respected. The current changeset fixes the logic so that these clauses
don't overwrite each other.
Props chriscct7.
Fixes#35478.
git-svn-id: https://develop.svn.wordpress.org/trunk@36326 602fd350-edb4-49c9-b593-d223f7449a82
[34999] modified the cache strategy for terms in the context of
`wp_get_object_terms()`. As part of these changes, the `object_id` property of
term objects had to be unset before being cached. To avoid modifying passed-by-
reference terms, `update_term_cache()` attempted to make a copy of the terms
passed to the function; however, it failed to use the `clone` keyword, and thus
only created a reference instead of a copy.
Props berengerzyla.
Fixes#35462.
git-svn-id: https://develop.svn.wordpress.org/trunk@36323 602fd350-edb4-49c9-b593-d223f7449a82
This allows filtering a post's comment count before it is queried and updated in the database.
Props peterwilsoncc for initial patch.
Fixes#35060.
git-svn-id: https://develop.svn.wordpress.org/trunk@36318 602fd350-edb4-49c9-b593-d223f7449a82
It encourages an ugly pattern like `global $userdata; get_currentuserinfo();` in plugins/themes. `wp_get_current_user()` should be used instead, e.g. `$current_user = wp_get_current_user();`.
Props scribu for initial patch.
Fixes#19615.
git-svn-id: https://develop.svn.wordpress.org/trunk@36311 602fd350-edb4-49c9-b593-d223f7449a82
The descendant query in `WP_Comment_Query::fill_descendants()` uses the clauses
of the main `get_comment_ids()` query as a basis, discarding the `parent`,
`parent__in`, and `parent__not_in` clauses. As implemented in WP 4.4 [34546],
the WHERE clause was assembled in such a way that any modifications applied
using the `comments_clauses` filter were not inherited by `fill_descendants()`.
This resulted in descendant queries that did not always properly filter
results, and sometimes contained syntax errors.
The current changeset fixes the problem by using the post-filter WHERE clause
as the basis for the `fill_descendants()` query. This change requires a new
approach for eliminating the unneeded parent-related clauses: instead of
eliminating values in an associative array, we must use regular expressions.
Props boonebgorges, firebird75.
Fixes#35192.
git-svn-id: https://develop.svn.wordpress.org/trunk@36277 602fd350-edb4-49c9-b593-d223f7449a82
[36157] fixed a bug whereby `wp_list_comments()` would not properly recognize
custom pagination arguments. See #35175. However, it inadvertently introduced
a bug that caused any `$comments` array explicitly passed to the function to be
ignored, when that array was accompanied by pagination arguments that differ
from those in `$wp_query`. We address this bug by moving the logic introduced
in [36157] inside a block that only fires when no `$comments` array has been
provided to the function.
Props ivankristianto.
Fixes#35356.
git-svn-id: https://develop.svn.wordpress.org/trunk@36276 602fd350-edb4-49c9-b593-d223f7449a82
In order to calculate comment pagination when newest comments are displayed
first, `comments_template()` must perform a separate query to determine the
total number of paginating comments available on a post. See [34729], #8071,
pagination calculation - can be defined as a top-level comment, or a comment
with `parent=0`. However, when comment threading is disabled, yet comments
exist in the database that have parents, all comments - even those with a
parent - are "paginating". (This typically happens when comments threading was
once enabled, but has since been turned off.) As such, the total-paginating-
comments query should only be limited to top-level comments when
'thread_comments' is disabled.
Props jmdodd.
Fixes#35419.
git-svn-id: https://develop.svn.wordpress.org/trunk@36275 602fd350-edb4-49c9-b593-d223f7449a82
Added hardcoded maxlength attributes on the author, author_email, author_url, and comment_field input markup. These can be modified via the comment_form_defaults filter. Added logic in wp_handle_comment_submission() to return a WP_Error when the comment_author, comment_author_url, or comment_content values exceed the max length of their columns. Introduces wp_get_comment_column_max_length() which returns the max column length for a given column name, and is filterable. Unit tests included for the error conditions in wp_handle_comment_submission()
Fixes#10377.
Props westonruter rachelbaker.
git-svn-id: https://develop.svn.wordpress.org/trunk@36272 602fd350-edb4-49c9-b593-d223f7449a82
For things like redirects `wp_get_referer()` should be used instead.
Props voldemortensen for initial patch.
Fixes#27152.
git-svn-id: https://develop.svn.wordpress.org/trunk@36266 602fd350-edb4-49c9-b593-d223f7449a82
Fixes issue where user gets stuck at login screen after trying to close the app if previously they had to first login to access the Customizer. Prevents `WP_Customize_Manager::get_return_url()` from using `wp-login.php` as a referer.
Props chandrapatel.
See #32637.
Fixes#35355.
git-svn-id: https://develop.svn.wordpress.org/trunk@36261 602fd350-edb4-49c9-b593-d223f7449a82
Instead, the option gets updated to an empty string.
Adds unit tests.
Props SergeyBiryukov, jesin, voldemortensen.
Fixes#29107.
git-svn-id: https://develop.svn.wordpress.org/trunk@36254 602fd350-edb4-49c9-b593-d223f7449a82
`array_slice()` must be told to preserve keys when the query results exceed the
limit specified the 'number' parameter, so that `id=>parent` and other
id-indexed return value formats don't get mangled.
Props fantasyworld, wpdelighter.
Fixes#35382.
git-svn-id: https://develop.svn.wordpress.org/trunk@36252 602fd350-edb4-49c9-b593-d223f7449a82
The introduction of negative search terms in 4.4 [34934] introduced the
possibility that the ORDER BY clause of a search query could be assembled in
such a way as to create invalid syntax. The current changeset fixes this by
ensuring that the ORDER BY clause corresponding to the search terms is
excluded when it would otherwise be empty.
Props salvoaranzulla.
Fixes#35361.
git-svn-id: https://develop.svn.wordpress.org/trunk@36251 602fd350-edb4-49c9-b593-d223f7449a82
When hierarchical=true, `WP_Comment_Query` will always fetch comments according
to the comment hierarchy, even if 'thread_comments' is disabled for the site.
This can cause problems when comment threading is disabled after threaded
comments have been recorded on the site; comments will no longer be returned in
a strictly chronological order.
We address the issue by refraining from querying hierarchically when comment
threading is disabled.
Props jmdodd.
Fixes#35378.
git-svn-id: https://develop.svn.wordpress.org/trunk@36226 602fd350-edb4-49c9-b593-d223f7449a82
Passing `'description' => null` when creating a term can cause MySQL notices,
as the description column in the terms table does not allow for null values.
We correct this by intepreting a `null` description as an empty string.
Props TimothyBlynJacobs.
Fixes#35321.
git-svn-id: https://develop.svn.wordpress.org/trunk@36214 602fd350-edb4-49c9-b593-d223f7449a82
Limits using the page title to the blog page when the site has a static front page,
bringing it N’Sync with `wp_title()`.
Props peterwilsoncc.
Fixes#34962.
git-svn-id: https://develop.svn.wordpress.org/trunk@36168 602fd350-edb4-49c9-b593-d223f7449a82
Prior to 4.4, it was possible to pass 'page' and 'per_page' values to
`wp_list_comments()` that do not match the corresponding global query vars.
This ability was lost in 4.4 with the refactor of how `comments_template()`
queries for comments; when the main comment query started fetching only the
comments that ought to appear on a page, instead of all of a post's comments,
it became impossible for the comment walker to select comments corresponding to
custom pagination parameters. See #8071.
We restore the previous behavior by (a) detecting when a 'page' or 'per_page'
parameter has been passed to `wp_list_comments()` that does not match the
corresponding query vars (so that the desired comments will not be found in
`$wp_query`), and if so, then (b) querying for all of the post's comments and
passing them to the comment walker for pagination, as was the case before 4.4.
Props boonebgorges, smerriman.
Fixes#35175.
git-svn-id: https://develop.svn.wordpress.org/trunk@36157 602fd350-edb4-49c9-b593-d223f7449a82
Individual attachment pages already have their own RSS comment feed, and would be expected to be included in the site-wide comments RSS feed.
Props jbrinley.
Fixes#15610
git-svn-id: https://develop.svn.wordpress.org/trunk@36138 602fd350-edb4-49c9-b593-d223f7449a82
After [34659], it became possible to cause an incorrect redirect, by changing the slug of a post, then creating a new post with the old slug. The correct behaviour is to prevent redirecting to the old post.
Props dd32, pento.
Fixes#35031 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@36128 602fd350-edb4-49c9-b593-d223f7449a82
Posts that are trashed shouldn't trigger post author notifications. Adds unit tests to enforce this.
Props scottbrownconsulting, peterwilsoncc, swissspidy
Fixes#35006
git-svn-id: https://develop.svn.wordpress.org/trunk@36119 602fd350-edb4-49c9-b593-d223f7449a82
The lack of space resulted in SQL error when searching for posts by content.
Props yetAnotherDaniel, johnbillion.
Fixes#35246.
git-svn-id: https://develop.svn.wordpress.org/trunk@36113 602fd350-edb4-49c9-b593-d223f7449a82
[35333] implemented `public=false` for taxonomies. The implementation prevented
non-public taxonomies from having their archives accessed via query_var during
a normal request. But it didn't prevent non-public taxonomies from registering
their query vars in the `$wp_taxonomies` global. The latter implementation
details causes problems specifically when a taxonomy is registered with
`query_var=true`; for public taxonomies, `register_taxonomy()` translates this
into a query_var equivalent to the taxonomy name, but in the case of non-public
taxonomies, the query_var was set to the boolean itself. The boolean then
causes problems when using non-strict comparison to filter taxonomy objects by
query_var, as when using `get_taxonomies()`.
This changeset addresses the issue by forcing the query_var property of
non-public taxonomies to `false`.
Fixes#35089.
git-svn-id: https://develop.svn.wordpress.org/trunk@36108 602fd350-edb4-49c9-b593-d223f7449a82
This allows for shortcodes such as `[shortcode=attribute]` to work, which while never intentionally supported were widely used in the pre-shortcode days.
Props aaroncampbell.
Fixes#34939 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@36097 602fd350-edb4-49c9-b593-d223f7449a82
[34370] made the order that tabs are returned respect the order they are added, however it broke the respect of priority. By using a ksort instead of a sort, we can restore that default behavior. This adjusts the unit tests so that both order added and priority are tested.
Props meitar, swissspidy, jorbin
Fixes#35215. See #33941.
git-svn-id: https://develop.svn.wordpress.org/trunk@36089 602fd350-edb4-49c9-b593-d223f7449a82
Allows for more targeted updates to affected posts in callbacks.
Disambiguates `$objects` variable and amends unit tests.
Fixes#35213.
git-svn-id: https://develop.svn.wordpress.org/trunk@36080 602fd350-edb4-49c9-b593-d223f7449a82
There's currently no iframe content being generated for a static front page. Giving out a link to that isn't an ideal user experience.
Props peterwilsoncc.
Fixes#35194 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@36059 602fd350-edb4-49c9-b593-d223f7449a82
[34217] removed the `ORDER BY` clause from `update_object_term_cache()`, for
improved performance. But this proved to cause problems in cases where users
were expecting the results of `get_the_terms()` to be ordered by 'name'. Let's
revert the change for the time being, and look into more disciplined ordering
in a future release.
Props afercia.
See #28922. Fixes#35180.
git-svn-id: https://develop.svn.wordpress.org/trunk@36056 602fd350-edb4-49c9-b593-d223f7449a82
In MySQL 5.5.3, `storage_engine` was deprecated in favour of `default_storage_engine`, and subsequently removed in MySQL 5.7. To avoid errors when running tests on MySQL 5.7, we need to switch between the options based on MySQL version.
Props skithund, jeremyfelt.
Fixes#34692.
git-svn-id: https://develop.svn.wordpress.org/trunk@36055 602fd350-edb4-49c9-b593-d223f7449a82
Since 4.4, when fetching the first page of comments and the 'newest' comments
are set to display first, `comments_template()` must perform arithmetic to
determine which comments to show. See #8071. This arithmetic requires the
total comment count for the current post, which is calculated with a separate
`WP_Comment_Query`. This secondary comment query did not properly account for
non-approved comment statuses; all unapproved comments should be part of the
comment count for admins, and individual users should have their own
unapproved comments included in the count. As a result, `comments_template()`
was, in some cases, being fooled into thinking that a post had fewer comments
available for pagination than it actually had, which resulted in empty pages
of comments.
We correct this problem by mirroring 'status' and 'include_unapproved' params
of the main comment query within the secondary query used to calculate
pagination.
Fixes#35068.
git-svn-id: https://develop.svn.wordpress.org/trunk@36040 602fd350-edb4-49c9-b593-d223f7449a82
[35709] was overly broad, and stopped transforming `&` characters within tag attributes. So that sites aren't generating invalid HTML, we need to restore this functionality, while continuing to not transform `&` within blocked tags.
Fixes#35008 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@36036 602fd350-edb4-49c9-b593-d223f7449a82
[34696] introduced a regression whereby comma-separated values for 'exclude'
and 'exclude_tree' would be handled improperly when merging the two parameters,
resulting in category IDs being incorrectly dropped from the combined array.
Props gblsm, hnle.
Fixes#35156.
git-svn-id: https://develop.svn.wordpress.org/trunk@36005 602fd350-edb4-49c9-b593-d223f7449a82
The introduction of 'meta_query' to `get_terms()` in 4.4 made it possible for
`get_terms()` to erroneously return duplicate results. To address the issue,
we add the `DISTINCT` keyword to the SQL query when a 'meta_query' parameter
has been provided.
Props @jadpm.
Fixes#35137.
git-svn-id: https://develop.svn.wordpress.org/trunk@36003 602fd350-edb4-49c9-b593-d223f7449a82
We should avoid testing complete markup strings, unless we are specifically
testing for the format of the markup.
Fixes#35138.
git-svn-id: https://develop.svn.wordpress.org/trunk@35988 602fd350-edb4-49c9-b593-d223f7449a82
We should not be testing the entire tag cloud markup, as it leads to collateral
damage wheneven `wp_generate_tag_cloud()` is touched. See [35984].
See #25566, #35138.
git-svn-id: https://develop.svn.wordpress.org/trunk@35987 602fd350-edb4-49c9-b593-d223f7449a82
The new class describes the cardinal position of a link in the cloud, allowing
more fine-grained CSS and JS targeting.
Props Mte90, chmac.
Fixes#5172.
git-svn-id: https://develop.svn.wordpress.org/trunk@35984 602fd350-edb4-49c9-b593-d223f7449a82
We should not paper over the code and hide warnings from developers by casting values to an array.
See #35087.
git-svn-id: https://develop.svn.wordpress.org/trunk@35949 602fd350-edb4-49c9-b593-d223f7449a82
WP 4.4 changed the way comment pagination is calculated. See #8071. In the
context of `get_comment_link()`, these changes introduced a regression that
causes `cpage` (or its pretty-permalink correlate `comment-page-x`) to appear
in comment links when comment pagination is disabled. The current changeset
fixes the regression.
Fixes#34946.
git-svn-id: https://develop.svn.wordpress.org/trunk@35933 602fd350-edb4-49c9-b593-d223f7449a82
If a validation_callback returns a WP_Error it should give the same response format as if it returned `false`. This makes programmatically reading the validation errors better.
Props bradyvercher for initial patch.
Fixes#35028.
git-svn-id: https://develop.svn.wordpress.org/trunk@35890 602fd350-edb4-49c9-b593-d223f7449a82
In `wp_update_comment()` only check if the given `comment_post_ID` is valid if it isn’t `0`. This allows comments that were created programmatically via `wp_insert_comment()` without the (optional) `comment_post_ID` parameter to be edited.
Props subharanjan for the initial patch.
Fixes#34954
git-svn-id: https://develop.svn.wordpress.org/trunk@35853 602fd350-edb4-49c9-b593-d223f7449a82
`wp_get_object_terms()` can return a `WP_Error` object. As such, the
`get_the_terms()` cache wrapper should handle them properly. To wit:
* Don't try to map an error object to `get_term()`. Introduced in [35032].
* Don't cache an error object as taxonomy relationships. Introduced in at least [16487], maybe earlier.
Props stephenharris.
Fixes#34723.
git-svn-id: https://develop.svn.wordpress.org/trunk@35850 602fd350-edb4-49c9-b593-d223f7449a82
We rely on the `wp-image-` class to quickly find an attachment ID to add responsive image attributes.
To avoid incorrect images being displayed, do not add these attributes if the `src` does not match the
meta from the attachment ID in the class.
Props azaozz, kovshenin, joemcgill.
Fixes: #34898.
git-svn-id: https://develop.svn.wordpress.org/trunk@35820 602fd350-edb4-49c9-b593-d223f7449a82
Ensure that plugin filters apply as expected for any settings registered statically without passing in an explicit class instance to `WP_Customize_Manager::add_setting()`.
Fixes#34597.
git-svn-id: https://develop.svn.wordpress.org/trunk@35810 602fd350-edb4-49c9-b593-d223f7449a82
Previously when updating a post using wp_insert_post(), post_name was
regenerated based on post_title every time if post_name was not passed in
explicitly. This irons out the expectation that properties not passed into the
function should not be modified.
Props jason_the_adams.
Fixes#34865.
git-svn-id: https://develop.svn.wordpress.org/trunk@35800 602fd350-edb4-49c9-b593-d223f7449a82
User dropdowns in wp-admin have traditionally shown the users' display names.
However, this causes ambiguity when users share display names. To correct this,
we now show the unique user_login in parentheses after the display name.
The new `display_name_with_login` value for the `show` parameter of
`wp_dropdown_users()` enables this functionality. The default value of `show`
has not been changed, for backward compatibility, but all instances of
`wp_dropdown_users()` in core wp-admin have been switched.
This changeset also reduces some duplicated logic when assembling a user list
when `include_selected` is true.
Props krogsgard, boonebgorges.
Fixes#31251.
git-svn-id: https://develop.svn.wordpress.org/trunk@35790 602fd350-edb4-49c9-b593-d223f7449a82
The whole string is escaped with `esc_html()` anyway, so we don't
need to `wp_kses_post()`. This is a better experience for users who
want to use angle brackets in their site title or description.
Does not allow any HTML, adds unit tests.
props BandonRandon, pauldewouters.
fixes#27942.
git-svn-id: https://develop.svn.wordpress.org/trunk@35788 602fd350-edb4-49c9-b593-d223f7449a82
This gives us better compatibility with existing errors thrown by
`sanitize_user()`, especially in Multisite, where user_login has more
restrictions on allowed characters.
Props markjaquith.
Fixes#27317.
git-svn-id: https://develop.svn.wordpress.org/trunk@35772 602fd350-edb4-49c9-b593-d223f7449a82
In `populate_options()`, if the theme specified by `WP_DEFAULT_THEME` doesn't exist, fall back to the latest core default theme. If we can't find a core default theme, `WP_DEFAULT_THEME` is the best we can do.
Props nacin, jeremyfelt, dd32.
See #34306.
git-svn-id: https://develop.svn.wordpress.org/trunk@35738 602fd350-edb4-49c9-b593-d223f7449a82
Hello, it's me again. A pluggable function named `wp_new_user_notification()`. A few months ago, after [33023], I have lost my second parameter `$plaintext_pass`. But thanks to [33620] I got a new one.
Bad idea - It hasn't had the same behavior as my previous parameter.
To solve that the second parameter got deprecated and reintroduced as the third parameter in [34116]. I was happy again, for a short time.
You remember my lost friend `$plaintext_pass`? No? Well, if its value was empty no notification was sent to the user. This behavior was still lost. And that's what this change is about: Don't notify a user if a plugin uses `wp_new_user_notification( $user_id )`.
You're asking if I'm happy now? Dunno, but maybe you have learned something about pluggable functions, have you?
Props danielbachhuber.
Fixes#34377.
git-svn-id: https://develop.svn.wordpress.org/trunk@35735 602fd350-edb4-49c9-b593-d223f7449a82
The old URL redirects to `login.wordpress.org` because it's the new canonical URL for all logins on wordpress.org.
Fixes#34782.
git-svn-id: https://develop.svn.wordpress.org/trunk@35734 602fd350-edb4-49c9-b593-d223f7449a82
* Introduce `customize_post_value_set_{$setting_id}` and `customize_post_value_set` actions which are done when `WP_Customize_Manager::set_post_value()` is called.
* Clear the `preview_applied` flag for aggregated multidimensional settings when a post value is set. This ensures the new value is used instead of a previously-cached previewed value.
* Move `$is_preview` property from subclasses to `WP_Customize_Setting` parent class.
* Deferred preview: Ensure that when `preview()` short-circuits due to not being applicable that it will be called again later when the post value is set.
* Populate post value for updated-widget with the (unsanitized) JS-value in `WP_Customize_Widgets::call_widget_update()` so that value will be properly sanitized when accessed in `WP_Customize_Manager::post_value()`.
Includes unit tests with assertions to check the reported issues and validate the fixes.
Fixes defect introduced in [35007].
See #32103.
Fixes#34738.
git-svn-id: https://develop.svn.wordpress.org/trunk@35724 602fd350-edb4-49c9-b593-d223f7449a82
Previously, `&` would be converted everywhere, which caused problems when it was converted within a `<script>`, for example.
`convert_chars()` is now removed from the `the_content` filter, as it was doing the same job as `wptexturize()`.
KSES correctly handles converting `&` within HTML attributes, so there's no need for `wptexturize()` and `convert_chars()` to do the same job.
Fixes#34698.
git-svn-id: https://develop.svn.wordpress.org/trunk@35709 602fd350-edb4-49c9-b593-d223f7449a82
This is just an artifact of how we parse the URL, and is already available
via $request->get_route()
Props danielbachhuber.
Fixes#34647.
git-svn-id: https://develop.svn.wordpress.org/trunk@35659 602fd350-edb4-49c9-b593-d223f7449a82
If `DB_CHARSET` isn't defined (or is empty), `wpdb::$charset` will be empty, too. `wpdb::strip_invalid_text()` assumes that it isn't empty, however, so we need to fall back to the connection character set when we're running our sanity checks.
Fixes#34708.
git-svn-id: https://develop.svn.wordpress.org/trunk@35655 602fd350-edb4-49c9-b593-d223f7449a82
This fixes an edge case where the Close button could never link the user out of the Customizer, if the user initially accessed it without a `url` param and then clicked a link (provided by a plugin) that took them to another `customize.php` URL.
See #32637.
git-svn-id: https://develop.svn.wordpress.org/trunk@35635 602fd350-edb4-49c9-b593-d223f7449a82
* Apply `title_save_pre`, `excerpt_save_pre`, and `content_save_pre` filters on a nav menu item's `title`, `attr_title`, and `description` properties respectively. This ensures that arbitrary markup can be supplied if the user has `unfiltered_html` cap, and for these fields to have markup stripped if not.
* Ensure a nav menu item's `post_status` is sanitized as `publish` or `draft` using the same conditions as `wp_update_nav_menu_item()`.
* Align `WP_Customize_Nav_Menu_Item_Setting::sanitize()` behavior for sanitizing `position` to be the same as `wp_update_nav_menu_item()`.
* Also apply `nav_menu_attr_title` and `nav_menu_description` filters in `WP_Customize_Nav_Menu_Item_Setting::value_as_wp_post_nav_menu_item()` to ensure that previewing markup entered into menu item description will preview the same way as when the nav menu item is saved.
* Add unit tests.
Fixes#32812.
git-svn-id: https://develop.svn.wordpress.org/trunk@35580 602fd350-edb4-49c9-b593-d223f7449a82
This moves the last of the iframe message code from PHP to JavaScript, so it can be included in any site, without needing to rely on any of WordPress' internal behaviour.
Props swissspidy.
Fixes#34451.
git-svn-id: https://develop.svn.wordpress.org/trunk@35577 602fd350-edb4-49c9-b593-d223f7449a82
When the site icon for another site is requested, retrieving its ID via `get_blog_option()` is not enough. `switch_to_blog()` is used to set proper context when required.
Adds multsite tests for `has_site_icon()`.
Props imath.
Fixes#34312.
git-svn-id: https://develop.svn.wordpress.org/trunk@35572 602fd350-edb4-49c9-b593-d223f7449a82
The issue, however, does not manifest in the UI because the UI is now built via JS and the `wp.customize.utils.prioritySort()` algorithm did not have the same typo.
Props bordoni, westonruter.
Fixes#34594.
git-svn-id: https://develop.svn.wordpress.org/trunk@35553 602fd350-edb4-49c9-b593-d223f7449a82
When `WP_Term` was introduced in [34997], the `$taxonomy` parameter for
`get_term()` was made optional. This meant that, when the optional param was
omitted, `get_term()` had no way of determining which term was intended when
the term_id was shared between multiple taxonomies. As a (somewhat sneaky) way
of fixing things, `get_term()` split any shared terms it found. But this could
cause problems with developer expectations: it's not clear why requesting a
term should result in a database update, much less a potential change in the
ID of a term.
In place of this technique, this changeset introduces a number of changes that
make the handling of shared terms a bit less insane:
* When a taxonomy is provided to `get_term()`, and a cached term is found matching the term_id, make sure the taxonomy also matches before returning it.
* When a taxonomy is not provided, ensure that the term is not shared before adding it to the cache.
* When a term is shared between taxonomies and no taxonomy is provided, return a `WP_Error` rather than splitting the term.
* When a term is shared between taxonomies, only one of which is valid, return the term from that taxonomy.
Props boonebgorges, dlh.
Fixes#34533.
git-svn-id: https://develop.svn.wordpress.org/trunk@35537 602fd350-edb4-49c9-b593-d223f7449a82
`add_term_meta()` and `update_term_meta()` identify terms by `$term_id`. In
cases where a term is shared between taxonomies, `$term_id` is insufficient to
distinguish where the metadata belongs.
When attempting to add/update termmeta on a shared term, a `WP_Error` object
is returned. This gives developers enough information to decide whether they'd
like to force the term to be split and retry the save, or show an error in the
UI, or whatever.
Props boonebgorges, mboynes, DH-Shredder, jorbin, aaroncampbell.
Fixes#34544.
git-svn-id: https://develop.svn.wordpress.org/trunk@35515 602fd350-edb4-49c9-b593-d223f7449a82
This fixes a bug where widgets loaded in a preview or the Customizer are
rendered inside of a `wp_suspend_cache_addition()` block and thus could not
find comment objects in the cache.
Props rommelxcastro, stevehenty.
Fixes#34138.
git-svn-id: https://develop.svn.wordpress.org/trunk@35512 602fd350-edb4-49c9-b593-d223f7449a82
- Fix `_wp_upload_dir_baseurl()` to cache by blog_id.
- Replace `path_join()` with `trailingslashit()`, it's much faster.
- Rename $image_url to $image_src for consistency (used at about 50 other places).
- Couple of tests fixes.
See #34430.
git-svn-id: https://develop.svn.wordpress.org/trunk@35498 602fd350-edb4-49c9-b593-d223f7449a82
When referring URL is not available, default returning user to frontend URL instead of admin URL. Themes page is updated to include the `return` path in Customizer links.
Props McGuive7, westonruter.
Fixes#32637.
git-svn-id: https://develop.svn.wordpress.org/trunk@35483 602fd350-edb4-49c9-b593-d223f7449a82
- Merge `wp_image_srcset_attr()` into `wp_calculate_image_srcset()`.
- Remove the `wp_image_srcset` filter.
- Fix the tests for the above changes.
See #34430.
git-svn-id: https://develop.svn.wordpress.org/trunk@35464 602fd350-edb4-49c9-b593-d223f7449a82
Sometimes, embedded sites might suffer from less than 100% uptime. Instead of leaving the embedding site with a big blank space where the embed should be, let's fall back to a link to the embedded post, so there's at least some context for the post.
Fixes#34462.
git-svn-id: https://develop.svn.wordpress.org/trunk@35437 602fd350-edb4-49c9-b593-d223f7449a82
Well, while it's here, we probably should make use of it. The oEmbed endpoint now uses the REST API infrastructure, instead of providing its own.
Props swissspidy.
Fixes#34207.
git-svn-id: https://develop.svn.wordpress.org/trunk@35436 602fd350-edb4-49c9-b593-d223f7449a82
The default value should be a null offset. A `0` default overrides any value
of `paged` passed to `get_posts()`. See [34697].
Fixes#34060.
git-svn-id: https://develop.svn.wordpress.org/trunk@35417 602fd350-edb4-49c9-b593-d223f7449a82
- Introduce `wp_calculate_image_srcset()` that replaces `wp_get_attachment_image_srcset_array()` and is used as lower level function for retrieving the srcset data as array.
- Use the new function when generating `srcset` and `sizes` on the front-end. This is faster as no (other) image API functions are used.
- Change the `wp_get_attachment_image_srcset()`. Now it is meant for use in templates and is no longer used in core.
- A few logic fixes and improvements.
- Some names changed to be (hopefully) more descriptive.
- Fixed/updated tests.
Props joemcgill, jaspermdegroot, azaozz.
See #34430.
git-svn-id: https://develop.svn.wordpress.org/trunk@35412 602fd350-edb4-49c9-b593-d223f7449a82
This hardens WordPress against a common vector which uses multiple user identifiers in a single `system.multicall` call. In the event that authentication fails, all following authentication attempts ''in that call'' will also fail.
Props dd32, johnbillion.
Fixes#34336
git-svn-id: https://develop.svn.wordpress.org/trunk@35366 602fd350-edb4-49c9-b593-d223f7449a82
* Change the 3rd arg from `args` to `width`
* Change `wp_image_sizes_args` filter to `wp_get_attachment_image_sizes`
Updates unit tests.
Props joemcgill.
Fixes#34379.
git-svn-id: https://develop.svn.wordpress.org/trunk@35355 602fd350-edb4-49c9-b593-d223f7449a82
This allows sites to use an admin area over HTTPS with the front end over HTTP, and not end up with a cross-protocol problem when using the REST API URL in the admin area.
Fixes#34299
git-svn-id: https://develop.svn.wordpress.org/trunk@35351 602fd350-edb4-49c9-b593-d223f7449a82
This allows sites to use an admin area over HTTPS with the front end over HTTP, and not end up with a cross-protocol problem when using the REST API URL in the admin area.
Fixes#34299
git-svn-id: https://develop.svn.wordpress.org/trunk@35342 602fd350-edb4-49c9-b593-d223f7449a82
The `notify_moderator` filter makes it possible to override the value for the `moderation_notify` option, which controls whether to send new comment emails to "site moderators", that is to say, the owner of the admin email for the site and the post author if they have the ability to modify the comment.
The `notify_post_author` filter likewise makes it possible to override the value for the `comments_notify` option, which controls whether to send new comment emails to the post author. If the post author is the comment author, default behavior is not to send the notification. Note: enabling or disabling notifications via this hook could also affect other recipients added via the 'comment_notification_recipients' filter in `wp_notify_postauthor()`, if hooked.
Passing a falsey value to either of the new filters will prevent notifications from being sent, regardless of their corresponding option values.
Adds tests.
Props coffee2code, adamsilverstein, DrewAPicture.
Fixes#761.
git-svn-id: https://develop.svn.wordpress.org/trunk@35339 602fd350-edb4-49c9-b593-d223f7449a82