[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.
This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.
See #41925.
git-svn-id: https://develop.svn.wordpress.org/trunk@42056 602fd350-edb4-49c9-b593-d223f7449a82
In the original function introduced in [41380], and subsequently [41861], only the network ID was passed to the new `pre_get_main_site_id` filter. In order to make give quick access to other network properties, it was decided to pass the whole object instead. The changeset includes an additional test.
Fixes#29684.
git-svn-id: https://develop.svn.wordpress.org/trunk@42043 602fd350-edb4-49c9-b593-d223f7449a82
* Let min hour be 0 and max be 23 in 24-hour time; let min hour be 1 and max be 12 in 12-hour time.
* Show error notification when an invalid date value is provided, not just when not a future date.
* Fix translation of custom validity message.
* Start checking for validity after all inputs have been initially populated.
* Remove support for being able to enter 24:00.
* Cease forcing date input elements from being casted to integers, to allow for invalid inputs to be detected.
Props westonruter, Presskopp, peterwilsoncc, atachibana for testing.
See #39896, #28721.
Fixes#42373.
git-svn-id: https://develop.svn.wordpress.org/trunk@42042 602fd350-edb4-49c9-b593-d223f7449a82
* Deprecate PHP classes `WP_Customize_New_Menu_Section` and `WP_Customize_New_Menu_Control`.
* Deprecate JS class `wp.customize.Menus.NewMenuControl`.
* Also introduce `wp.customize.Menus.createNavMenu()` for logic to create nav menus separately from the logic for handling UI interactions.
Amends [41768].
See #40104, #42364.
Fixes#42357.
git-svn-id: https://develop.svn.wordpress.org/trunk@42034 602fd350-edb4-49c9-b593-d223f7449a82
This now treats files containing `./` as valid, and also treats files containing a trailing `../` as valid due to widespread use of this pattern in theme and plugin zip files.
Adds tests.
Props Ipstenu, borgesbruno, DavidAnderson, philipjohn, birgire
Fixes#42016, #36170
git-svn-id: https://develop.svn.wordpress.org/trunk@42011 602fd350-edb4-49c9-b593-d223f7449a82
* Allow updating oEmbed cache during `parse-embed` requests for non-post editors (such as widgets).
* Update any existing `oembed_cache` post when `usecache` and TTL has passed.
* Do not overwrite a previously valid cache with `{{unknown}}`.
Props dlh.
See #34115.
Fixes#42310.
git-svn-id: https://develop.svn.wordpress.org/trunk@42009 602fd350-edb4-49c9-b593-d223f7449a82
In r41727 the ability to sanitise and validate objects from JSON schema was added, with a whitelist approach. It was decided we should pass through all non-registered properties to reflect the behaviour of the root object in register_rest_route. To prevent arbitrary extra data via setting objects, we force additionalProperties to false in the settings endpoint.
See #38583.
git-svn-id: https://develop.svn.wordpress.org/trunk@42000 602fd350-edb4-49c9-b593-d223f7449a82
Previously attempted in [40256], which caused the test for decoded curly quotes to fail in some environments.
`$_SERVER['REQUEST_URI']` contains the encoded URI, so this version removes the failing tests and only checks for encoded curly quotes.
Props joostdevalk, lancewillett, SergeyBiryukov.
Fixes#20383.
git-svn-id: https://develop.svn.wordpress.org/trunk@41991 602fd350-edb4-49c9-b593-d223f7449a82
Adds checks throughout to allow for `wp_new_comment()` returning a `WP_Error` instance.
Updates the docs for the `pre_comment_approved` filter to include that it can be passed an error.
Props enrico.sorcinelli, ryotsun.
Fixes#39730.
git-svn-id: https://develop.svn.wordpress.org/trunk@41980 602fd350-edb4-49c9-b593-d223f7449a82
Also remove `enum` for validating allowed templates to allow plugins to dynamically supply their own templates for specific posts, even when they are not in the theme.
Props TimothyBlynJacobs, jnylen0, swissspidy.
Fixes#39996.
git-svn-id: https://develop.svn.wordpress.org/trunk@41979 602fd350-edb4-49c9-b593-d223f7449a82
Moves defintion of ajax request in `WP_Ajax_UnitTestCase` to `setUp()` method to account for hooks being reset as part of `tearDown()`.
Props matthias.thiel for report.
Fixes#41561.
git-svn-id: https://develop.svn.wordpress.org/trunk@41970 602fd350-edb4-49c9-b593-d223f7449a82
This allows for automated scripts & test suites to handle the failure of the test suite easier.
Props danielbachhuber
Fixes#41916
git-svn-id: https://develop.svn.wordpress.org/trunk@41966 602fd350-edb4-49c9-b593-d223f7449a82
When media is uploaded to a post, the upload directory is set according to the date of the post, so that the media URLs in the post match when the post was published.
A page is a slightly different beast, pages often live for years, and are regularly updated to stay relevant. This change causes media uploaded to pages to use the upload date to determine the upload directory.
Fixes#10752.
git-svn-id: https://develop.svn.wordpress.org/trunk@41964 602fd350-edb4-49c9-b593-d223f7449a82
Allow `CodeEditorControl` to be instantiated with a `editor_settings` param which is merged with `wp.codeEditor.defaultSettings`.
Also:
* Turn redundant "CSS Code" control label into screen reader text for Additional CSS.
* Remove `code-editor` as script dependency for `custom-html-widgets` since enqueueing is determined by `wp_enqueue_code_editor()`.
* Remove useless exporting of `code_type` param to JS in `WP_Customize_Code_Editor_Control`.
* Add `disabled` class to Custom HTML widget's Save button when linting errors are present.
* Remove redundant `span` inside CodeEditorControl's `label`.
See #41897, #12423, #41872.
git-svn-id: https://develop.svn.wordpress.org/trunk@41957 602fd350-edb4-49c9-b593-d223f7449a82
* Introduce a `widget_{$id_base}_instance_schema` filter for plugins to add new properties to a media widget's instance schema.
* Pass all of a gallery widget's instance props to the gallery media frame, not just the ones that core supports.
See #32417, #41914.
Fixes#42285.
git-svn-id: https://develop.svn.wordpress.org/trunk@41951 602fd350-edb4-49c9-b593-d223f7449a82
* Only use default control content template when a more specific template doesn't exist.
* Remove extraneous whitespace from being output in `WP_Customize_Control::render()` method.
* Move Custom Header template printing to `customize_controls_print_footer_scripts` action.
See #30738.
git-svn-id: https://develop.svn.wordpress.org/trunk@41935 602fd350-edb4-49c9-b593-d223f7449a82
Adds a link to the menu creation workflow from the locations selector in the nav menu control.
Props bpayton, westonruter, Travel_girl, melchoyce, celloexpressions.
Fixes#36279.
git-svn-id: https://develop.svn.wordpress.org/trunk@41899 602fd350-edb4-49c9-b593-d223f7449a82
* Update stubs to have draft status when changeset is saved as draft, instead of preventing auto-draft garbage collection by giving them a far-future `post_date`.
* Show notice in publish metabox when editing a customization draft indicating that it will be published automatically with its changeset; a link to Customizer is included.
* Include a new "Customization Draft" display post state in the post list table.
* Disconnect stubs from their changesets when they are updated with a status other than "Draft".
* Trash customization drafts when their related changeset is trashed or deleted.
* Add a `_customize_changeset_uuid` postmeta to stubs to link them with their associated changeset.
* Include `customize_changeset_uuid` as context when requesting to insert a new auto-draft.
Props westonruter, melchoyce.
See #39896, #39752, #34923.
Fixes#42220.
git-svn-id: https://develop.svn.wordpress.org/trunk@41887 602fd350-edb4-49c9-b593-d223f7449a82
In order for `get_site_by()` to be truly beneficial, caching in `WP_Site_Query` needs to be improved to account for common use-cases and have them be invalidated less aggressively.
See #40180, #40228, #42091.
git-svn-id: https://develop.svn.wordpress.org/trunk@41884 602fd350-edb4-49c9-b593-d223f7449a82
While `get_site_by()` makes sense as a more explicit and less complex replacement for `get_blog_details()`, it is not ready yet in terms of caching, where it currently falls short of the older function under specific circumstances.
See #40180, #40228.
git-svn-id: https://develop.svn.wordpress.org/trunk@41883 602fd350-edb4-49c9-b593-d223f7449a82
When the `WP_Network::$blog_id` property is set manually, for example in the multisite bootstrap process, `get_main_site_id()` should use that value instead of running its own logic. The main logic for the function was therefore moved into the internal `WP_Network::get_main_site_id()` method, which is now being accessed by the function through the magic property handling for `WP_Network::$blog_id` (and its equivalent `WP_Network::$site_id`).
Props spacedmonkey, jeremyfelt.
Fixes#41936.
git-svn-id: https://develop.svn.wordpress.org/trunk@41861 602fd350-edb4-49c9-b593-d223f7449a82
This ensures that the `get_pages()` query cache doesn't go stale when
postmeta is modified.
Props spacedmonkey.
Fixes#40669.
git-svn-id: https://develop.svn.wordpress.org/trunk@41849 602fd350-edb4-49c9-b593-d223f7449a82
Comment queries are sensitive to comment meta due to the `meta_query`
parameter, so the cache must be invalidated when comment meta is changed,
added, or deleted.
Props spacedmonkey.
See #40669.
git-svn-id: https://develop.svn.wordpress.org/trunk@41848 602fd350-edb4-49c9-b593-d223f7449a82
[41784] was a workaround for a bug in PHPUnit 6.4. PHPUnit 6.4.1 has since been released, which includes a fix for this.
Fixes#42124.
git-svn-id: https://develop.svn.wordpress.org/trunk@41841 602fd350-edb4-49c9-b593-d223f7449a82
* Customization locking is checked when changesets are saved and when heartbeat ticks.
* Lock is lifted immediately upon a user closing the Customizer.
* Heartbeat is introduced into Customizer.
* Changes made to user after it was locked by another user are stored as an autosave revision for restoration.
* Lock notification displays link to preview the other user's changes on the frontend.
* A user loading a locked Customizer changeset will be presented with an option to take over.
* Autosave revisions attached to a published changeset are converted into auto-drafts so that they will be presented to users for restoration.
* Focus constraining is improved in overlay notifications.
* Escape key is stopped from propagating in overlay notifications, and it dismisses dismissible overlay notifications.
* Introduces `changesetLocked` state which is used to disable the Save button and suppress the AYS dialog when leaving the Customizer.
* Fixes bug where users could be presented with each other's autosave revisions.
Props sayedwp, westonruter, melchoyce.
See #31436, #31897, #39896.
Fixes#42024.
git-svn-id: https://develop.svn.wordpress.org/trunk@41839 602fd350-edb4-49c9-b593-d223f7449a82
Trashing a changeset via `wp_trash_post()` does not have the desired result since it mutates `post_content` (via Kses) and the `post_name` (even though it is a UUID).
Props dlh.
See #39896, #42030.
Fixes#42175.
git-svn-id: https://develop.svn.wordpress.org/trunk@41824 602fd350-edb4-49c9-b593-d223f7449a82
This fixes a change in behaviour introduced by [41629].
The host is set to an empty string when it isn't defined, this continues existing behaviour. In particular, the mysqli library treats a `null` host as being the same as `localhost`, which is not always the intended behaviour.
Props birgire, markjaquith, pento.
Fixes#41722.
git-svn-id: https://develop.svn.wordpress.org/trunk@41820 602fd350-edb4-49c9-b593-d223f7449a82
On newer versions of MySQL, an error was being thrown when creating a table with an index that we wanted to be silently truncated.
To avoid this, the test now tries to use a newer InnoDB file format where available, and skips the test when that happens.
Props pento, danielbachhuber, straussd.
Fixes#41716.
git-svn-id: https://develop.svn.wordpress.org/trunk@41818 602fd350-edb4-49c9-b593-d223f7449a82
Weeds out orphaned locations, so their information will not continue to be mapped to future themes.
Fixes#42121.
git-svn-id: https://develop.svn.wordpress.org/trunk@41811 602fd350-edb4-49c9-b593-d223f7449a82
For values of `fields` like `id=>parent`, the keys of the array must be
maintained as part of the query results.
Introduced as part of #40496. See [38667], [40513].
Props miyauchi, dany2217, pcarvalho.
Fixes#41293.
git-svn-id: https://develop.svn.wordpress.org/trunk@41809 602fd350-edb4-49c9-b593-d223f7449a82
The theme and plugin editors now list all files in the selected theme or plugin, recursing through subdirectories as necessary.
Props WraithKenny, schlessera, chsxf, MikeHansenMe, Daedalon, valendesigns, westonruter, pento.
Fixes#6531.
git-svn-id: https://develop.svn.wordpress.org/trunk@41806 602fd350-edb4-49c9-b593-d223f7449a82
* Prevent autoloading an existing draft/future changeset when theme not active.
* Add missing notifications container to Themes panel.
* Remove deactivation of themes panel when selected status is not publish.
* Show notification in Themes panel when themes cannot be previewed and disable preview buttons.
* Reject installTheme call when theme preview not available.
* Return promise from installTheme and eliminate use of global events in favor of promises.
Props westonruter, melchoyce, zoonini.
See #37661, #39896.
Fixes#42126.
git-svn-id: https://develop.svn.wordpress.org/trunk@41788 602fd350-edb4-49c9-b593-d223f7449a82
Often, folks run into two issues when they create new menus: they click "Add a Menu" thinking it will add a new page to their menu, or they forget to assign their new menu to a location, and then wonder why it doesn't show up on their site.
This commit rearranges the order of items in the menu panel, and updates the flow for creating a menu by breaking it up into steps. Additionally, more help text has been added to guide people through the process of creating a menu.
Also adds default `type` lookups for Panel and Section instances. See #30741.
Props bpayton, obenland, westonruter, celloexpessions, afercia, melchoyce, zoonini, michelleweber.
Fixes#40104.
git-svn-id: https://develop.svn.wordpress.org/trunk@41768 602fd350-edb4-49c9-b593-d223f7449a82
Adds an "include_slug" orderby value for REST API collections to permit returning a collection filtered by slugs in the same order in which those slugs are specified.
Previously, the order of slugs provided with the ?slug query parameter had no effect on the order of the returned records.
Props wonderboymusic, ocean90, boonebgorges.
Fixes#40826.
git-svn-id: https://develop.svn.wordpress.org/trunk@41760 602fd350-edb4-49c9-b593-d223f7449a82
Enables register_setting to accept an object as its schema value, allowing settings to accept non-scalar values through the REST API.
This whitelists the added type in the settings controller, and passes properties from argument registration into the validation functions.
Props joehoyle.
See #38583.
git-svn-id: https://develop.svn.wordpress.org/trunk@41758 602fd350-edb4-49c9-b593-d223f7449a82
* Allow passing settings in keyed object (e.g. `settings: { default: 'id' } ), or as an array (e.g. `settings: [ 'id' ]`) with first being default; again, `Setting`/`Value` objects may be supplied instead of IDs.
* Allow a single setting to be supplied with just a single `setting` param, either a string or a `Setting`/`Value` object.
* Update `changeset_status` and `scheduled_changeset_date` to be added dynamically with JS and simply passing of `api.state()` instances as `setting`.
* Introduce a `data-customize-setting-key-link` attribute which, unlike `data-customize-setting-link`, allows passing the setting key (e.g. `default`) as opposed to the setting ID.
* Allow `WP_Customize_Control::get_link()` to return `data-customize-setting-key-link` when setting is not registered.
* Eliminate `default_value` from `WP_Customize_Date_Time_Control` since now comes from supplied `Value`.
* Export status choices as `wp.customize.settings.changeset.statusChoices`.
* Export date and time formats as `wp.customize.settings.dateFormat` and `wp.customize.settings.timeFormat` respectively.
Props westonruter, sayedwp.
See #39896, #30738, #30741, #42083.
Fixes#37964, #36167.
git-svn-id: https://develop.svn.wordpress.org/trunk@41750 602fd350-edb4-49c9-b593-d223f7449a82
When able to be parsed, store the created date for a video file from meta,
since this is useful separately from the dates on the file itself.
Introduces `wp_get_media_creation_timestamp()` to read the timestamp from
getID3 and a `wp_read_video_metadata` filter analogous to
`wp_read_image_metadata`.
Fixes#35218.
Props stevegrunwell, joemcgill, desrosj, blobfolio, mikeschroder.
git-svn-id: https://develop.svn.wordpress.org/trunk@41746 602fd350-edb4-49c9-b593-d223f7449a82
Allows REST API consumers to specify the specific fields needed in their application code, whitelisting those fields and omitting all others from the returned JSON response object.
This permits applications that only need for example the ID and title of posts to avoid having to transfer the entire rendered post content over the wire alongside the desired fields.
While this whitelisting has no affect on the queries run when preparing the response, it can yield significant reductions in the bandwidth required to transfer a response payload for simple applications.
Props adamsilverstein, TimothyBlynJacobs, svrooij.
Fixes#38131.
git-svn-id: https://develop.svn.wordpress.org/trunk@41744 602fd350-edb4-49c9-b593-d223f7449a82
Fixes an issue where submitting a well-formed request to create a term inappropriately returns a 500 error status if that term already exists.
HTTP 5xx error codes should be reserved for unexpected server errors, so "409 Conflict" is a more appropriate response.
Props alibasheer, guzzilar, shooper.
Fixes#41370.
git-svn-id: https://develop.svn.wordpress.org/trunk@41737 602fd350-edb4-49c9-b593-d223f7449a82
This adds `Custom_Image_Header::get_previous_crop()`, which finds any
previously cropped headers created from the same base image and replaces
that attachment rather than creating a new attachment.
After updating a crop, the replaced images is also removed from the list
of previous header images in the Customizer.
See #21819.
git-svn-id: https://develop.svn.wordpress.org/trunk@41732 602fd350-edb4-49c9-b593-d223f7449a82
* Move the `create_function()` code into a file that's only loaded, and into a test that's only run, on PHP <= 7.2 to avoid deprecated warnings in 7.2+.
* Convert the test skipping into a failure if the GlotPress locale file cannot be downloaded.
* Ensure `test_exceptions` fails if an exception is not thrown.
* Docs improvements
See #41562, #40109
git-svn-id: https://develop.svn.wordpress.org/trunk@41730 602fd350-edb4-49c9-b593-d223f7449a82
When registering routes developers can now define their complex objects in the schema and benefit from the automatic validation and sanitization in the REST API. This also paves the way for support for complex object registration via register_meta and register_setting.
See #38583.
Props TimothyBlynJacobs5.
git-svn-id: https://develop.svn.wordpress.org/trunk@41727 602fd350-edb4-49c9-b593-d223f7449a82
* Eliminate need to pass both ID and instance in calls to `Values#add()` for panels, sections, controls, settings, partials, and notifications.
* Eliminate need to supply `content` param when constructing a `Control`.
* Unwrap the `options.params` object passed in constructors to just pass a flat `options`. (Back-compat is maintained.)
* Add support for `templateId` param for `Control` to override which template is used for the content.
* Remove unused `previewer` being supplied in `Control` instances.
* Rename `classes` to `containerClasses` on `Notification`.
* Automatically supply `instanceNumber` to improve stable sorting.
* Use `api.Notifications` for notifications in settings instead of `api.Value`.
See #30741.
Fixes#42083.
git-svn-id: https://develop.svn.wordpress.org/trunk@41726 602fd350-edb4-49c9-b593-d223f7449a82
`test_cache` used PHPUnit's object mocking to test some internal behaviour in `Plural_Forms`, but made use of the `willReturn()` method, which was introduced in PHPUnit 4.0 as shorthand for `will($this->returnValue())`. Fixed by switching to the longer form.
Several tests used the `@expectedException` directive to catch generic `Exception` exceptions, which was added in PHPUnit 3.7. Fixed by changing to an explicit `try` / `catch` test.
See #41562.
git-svn-id: https://develop.svn.wordpress.org/trunk@41725 602fd350-edb4-49c9-b593-d223f7449a82
This alters the HTML output of the image caption shortcode to use
`max-width` instead of `width` to improve compatibility with
flexible layouts.
Props aaronrutley, desrosj.
Fixes#33981.
git-svn-id: https://develop.svn.wordpress.org/trunk@41724 602fd350-edb4-49c9-b593-d223f7449a82
Historically, we've evaluated the plural forms for each language using `create_function()`. This is being deprecated in PHP 7.2, so needs to be replaced.
The `Plural_Forms` class parses the `Plural-Forms` header from the PO file, and internally caches the result of all subsequent plural form tests, allowing it to match the performance of the existing code.
Props rmccue.
Fixes#41562.
git-svn-id: https://develop.svn.wordpress.org/trunk@41722 602fd350-edb4-49c9-b593-d223f7449a82
`get_site_by()` is now the preferred way to retrieve a site object by lookup for identifying data. By using a coherent structure and `get_sites()` internally, it has several advantages over the direct database queries and complex code in `get_blog_details()`. Therefore `get_blog_details()` is now a wrapper for `get_site_by()`, providing backward compatibility fixes where necessary.
Unit tests have been adjusted to account for the `blog-details` and `blog-lookup` cache groups, which are no longer needed.
Props spacedmonkey, jeremyfelt, flixos90.
Fixes#40228.
git-svn-id: https://develop.svn.wordpress.org/trunk@41719 602fd350-edb4-49c9-b593-d223f7449a82
Going forward, `clean_blog_cache()` is recommended to be used instead of `refresh_blog_details()`. It has been adjusted to match the functionality of the latter, with the exception that it always requires a site ID or object to be passed. The `refresh_blog_details` action has been deprecated in favor of the `clean_site_cache` action. The function itself is not formally deprecated at this point, but will likely be in the near future.
Props spacedmonkey.
Fixes#40201.
git-svn-id: https://develop.svn.wordpress.org/trunk@41716 602fd350-edb4-49c9-b593-d223f7449a82
These tests no longer test anything that WordPress core has control over. YouTube now serves everything
over HTTPS by default, so the tests for #23149 will always pass, and the tests for #32714 aren't testing
anything that core has control over.
Tests for the responses from oEmbed providers has been attempted and reverted in #32360.
See #42076, #32714, #23149
git-svn-id: https://develop.svn.wordpress.org/trunk@41712 602fd350-edb4-49c9-b593-d223f7449a82
[41701] included a bug with PHP < 5.4. Prior to then, `html_entity_decode()` decoded into `ISO-8859-1`, when we actually need it to use `UTF-8`.
Fixes#35293.
git-svn-id: https://develop.svn.wordpress.org/trunk@41702 602fd350-edb4-49c9-b593-d223f7449a82
This was previously attempted in [41043], which unfortunately had severe performance issues, the regex it used was fatally slow on long posts.
This version now uses an array of all emoji that Twemoji supports, which maintains the accuracy of [41043], while being the same speed or only a few ms slower than the code prior to [41043].
As with [41043], the `grunt precommit:emoji` task detects when `twemoji.js` has changed, and regenerates the array.
Props jmdodd for feedback, suggestions, and insults where appropriate.
Fixes#35293. 🤞🏻
git-svn-id: https://develop.svn.wordpress.org/trunk@41701 602fd350-edb4-49c9-b593-d223f7449a82
`get_site_by()` is a replacement for `get_blog_details()` that uses `WP_Site_Query` to retrieve specific sites based on a given field and value.
Props flixos90, spacedmonkey.
Fixes#40180.
git-svn-id: https://develop.svn.wordpress.org/trunk@41698 602fd350-edb4-49c9-b593-d223f7449a82
- uses the core `notice` styles for the Quick Edit form inline error messages
- adds missing periods at the end of a few error messages
Props ocean90, karmatosed, melchoyce, afercia.
Fixes#35496.
git-svn-id: https://develop.svn.wordpress.org/trunk@41684 602fd350-edb4-49c9-b593-d223f7449a82
* Add/fix `getMeta`, `getMetas`, `setMeta` and `setMetas` helpers for models that support meta.
* Add tests for new helpers, verify meta support for `Posts`, `Comments`, `Tags` and `Users`.
* Include meta data in fixture generation and fixture file driving tests.
Fixes#41055.
git-svn-id: https://develop.svn.wordpress.org/trunk@41678 602fd350-edb4-49c9-b593-d223f7449a82
Fix an (intermittent) issue where the final assertion verifying all hooks have been triggered ran too early, resulting in the test failing.
Fixes#31218.
git-svn-id: https://develop.svn.wordpress.org/trunk@41675 602fd350-edb4-49c9-b593-d223f7449a82
Restores the data format of the `sidebars_widgets` theme mod to its pre [41555]
format. It can trigger PHP warnings after switching themes if that mod has not
been removed previously.
Fixes#39693.
git-svn-id: https://develop.svn.wordpress.org/trunk@41673 602fd350-edb4-49c9-b593-d223f7449a82
* Allow time fields to be omitted by constructing with `timeIncluded` as `false`.
* Ensure `reportValidity` is only called on a control when it is in an expanded section.
* Rename "ampm" to "meridian".
* Improve accessibility and fix HTML validation and style issues for both the date/time control and the preview link control.
* Fix styling of dropdowns and clean CSS.
* Improve accessibility of nav menus component.
Props westonruter, afercia, sayedwp, melchoyce.
Amends [41626].
See #39896.
Fixes#42022.
git-svn-id: https://develop.svn.wordpress.org/trunk@41670 602fd350-edb4-49c9-b593-d223f7449a82
* Introduce a new `wp.customize.previewer.trash()` JS API to trash the current changeset, along with logic to `WP_Customize_Manager` to handle deleting changeset drafts.
* Add `trashing` to `wp.customize.state` which is then used to update the UI.
* UI for trashing is pending design feedback. One possibility is to add a new trash button to Publish Settings section that invokes `wp.customize.previewer.trash()`.
* Improve logic for managing the visibility and disabled states for publish buttons.
* Prevent attempting `requestChangesetUpdate` while processing and bump processing while doing `save`.
* Update `changeset_date` state only if sent in save response.
* Merge `ThemesSection#loadThemePreview()` into `ThemesPanel#loadThemePreview()`.
* Remove unused `autosaved` state.
* Start autosaving and prompting at beforeunload after a change first happens. This is key for theme previews since even if a user did not make any changes, there were still dirty settings which would get stored in an auto-draft unexpectedly.
* Allow `Notification` to accept additional `classes` to be added to `container`.
* Introduce `OverlayNotification` and use for theme installing, previewing, and trashing. Such overlay notifications take over the entire window.
Props westonruter, celloexpressions.
See #37661, #39896, #21666, #35210.
git-svn-id: https://develop.svn.wordpress.org/trunk@41667 602fd350-edb4-49c9-b593-d223f7449a82
`wpdb::prepare()` currently gives no information if the number of arguments passed doesn't match the number of placeholders in the query. This change gives an explicit notice that the call was incorrect.
Also fixes an enrelated term meta test that was triggering this new notice.
Props thekt12 for the initial patch.
Fixes#42040.
git-svn-id: https://develop.svn.wordpress.org/trunk@41662 602fd350-edb4-49c9-b593-d223f7449a82
`get_current_blog_id()` is more appropriate for determining the ID of the current site in most cases. This eliminates the need for the global `$wpdb` in several functions and is better than the implicit global used in admin pages.
Props bnap00, spacedmonkey.
Fixes#41684.
git-svn-id: https://develop.svn.wordpress.org/trunk@41661 602fd350-edb4-49c9-b593-d223f7449a82
Update the way and location the JavaScript client determines which models/endpoints require the `force=true` parameter when being deleted to avoid a `rest_trash_not_supported` error. Identify models with endpoints that support DELETE, excluding those that support the trash (posts and pages by default). Also, move the check into the default `wp.api.WPApiBaseModel.initialize()` function.
Props caercam, euthelup.
Fixes#40672.
git-svn-id: https://develop.svn.wordpress.org/trunk@41657 602fd350-edb4-49c9-b593-d223f7449a82
Prior to this change, when passing another site than the current one to `wp_get_users_with_no_role()` through its `$site_id` parameter, the function still used the roles available on the current site, which would cause users with other roles that possibly exist on the other site to show up as users without a role. Switching the site before retrieving the available rules fixes the issue.
Fixes#42015.
git-svn-id: https://develop.svn.wordpress.org/trunk@41654 602fd350-edb4-49c9-b593-d223f7449a82
The `time` strategy in `count_users()` queries users by role. However, the roles queried for were not affected by passing another site than the current one through the `$site_id` parameter, causing users having roles that were not queried for to appear as users without a role. This changeset fixes the issue by switching the site before retrieving the roles to query for.
Fixes#42014.
git-svn-id: https://develop.svn.wordpress.org/trunk@41653 602fd350-edb4-49c9-b593-d223f7449a82
Unify the theme-browsing and theme-customization experiences by introducing a comprehensive theme browser and installer directly accessible in the customizer. Replaces the customizer theme switcher with a full-screen panel for discovering/browsing and installing themes available on WordPress.org. Themes can now be installed and previewed directly in the customizer without entering the wp-admin context. Also includes an extensible framework for browsing and installing themes from other sources.
Also includes CSS auto-prefixing added via `grunt precommit:css`.
For details, see: https://make.wordpress.org/core/2016/10/03/feature-proposal-a-new-experience-for-discovering-installing-and-previewing-themes-in-the-customizer/
Previously [38813] but reverted in [39140].
Fixes#37661, #34843, #38666.
Props celloexpressions, folletto, westonruter, karmatosed, melchoyce, afercia.
git-svn-id: https://develop.svn.wordpress.org/trunk@41648 602fd350-edb4-49c9-b593-d223f7449a82
These two tests assume a certain level of indentation in code which does not conform to core's coding
standards and will hopefully be corrected at some point in #41057.
See #41057
git-svn-id: https://develop.svn.wordpress.org/trunk@41635 602fd350-edb4-49c9-b593-d223f7449a82
IPv4 addresses are scarce, overworked, and underpaid. They're ready to retire, but we just won't let them go. If you care about their wellbeing, switch to IPv6 today.
Props schlessera, birgire.
Fixes#41722.
git-svn-id: https://develop.svn.wordpress.org/trunk@41629 602fd350-edb4-49c9-b593-d223f7449a82
`pre_cache_alloptions` is run before the alloptions array is inserted into the cache, and is valuable for sanity checking the options, particularly if your caching scheme has size limitations.
`alloptions` is run before returning the alloptions array, and is useful for when you have extra information that alloptions should return.
Props sebastian.pisula, keesiemeijer.
Fixes#33958.
git-svn-id: https://develop.svn.wordpress.org/trunk@41627 602fd350-edb4-49c9-b593-d223f7449a82
* Incorporates code from the Customize Snapshots and Customize Posts feature plugins.
* Adds a new Publish Settings section for managing the changeset status, scheduled date, and frontend preview link.
* Updates Publish button to reflect the status selected in the Publish Settings (including Save Draft and Schedule).
* Deactivates the Themes section when a non-publish status selected, and deactivates the Publish Settings section when previewing a theme switch.
* Introduces an `outer` section type (`wp.customize.OuterSection` in JS) for the Publish Settings section to use and for available widgets and available nav menu panels to use in the future. These sections can be expanded while other sections are expanded.
* Introduces `WP_Customize_Date_Time_Control` in PHP and `wp.customize.DateTimeControl` in JS for managing a date/time value.
* Keeps track of scheduled time and proactively publish from the client when the time arrives, as opposed to waiting for WP Cron.
* Auto-publishes a scheduled changeset when attempting to access one that missed its schedule.
* Starts a new changeset if attempting to save a changeset that was previously publish.
* Adds `force` arg to `requestChangesetUpdate()` to force an update request even when there are no pending changes.
* Adds utils methods for `getCurrentTimestamp` and `getRemainingTime`.
* Adds new state values for `selectedChangesetStatus`, `changesetDate`, `selectedChangesetDate`.
* Fixes logic for when to short-circuit check to close Customizer when there are unsaved changes.
* Adds getter methods for `autosaved` and `branching` parameters, with the latter applying the `customize_changeset_branching` filter.
* Call to `establish_loaded_changeset` on the fly when `changeset_uuid()` is called if no changeset UUID was specififed.
* De-duplicates logic for dismissing auto-draft changesets.
* Includes unit tests.
Builds on [41597].
Props sayedwp, westonruter, melchoyce, JoshuaWold, folletto, stubgo, karmatosed, dlh, paaljoachim, afercia, johnregan3, utkarshpatel, valendesigns.
See #30937.
Fixes#39896, #28721, #39275.
git-svn-id: https://develop.svn.wordpress.org/trunk@41626 602fd350-edb4-49c9-b593-d223f7449a82
Switching the available roles and the current user's capabilities no longer happens in `switch_to_blog()` and `restore_current_blog()`, instead it has been moved to a new function `wp_switch_roles_and_user()` which is hooked into the site switching process. This allows to improve performance by temporarily unhooking the function when roles and capabilities do not need to be switched.
This change ensures that switching available roles now works closer to switching user capabilities, particularly the changes in [41624]. A new `WP_Roles::for_site( $site_id )` method has been introduced, and the `WP_Roles::_init()` method has been deprecated. It is furthermore possible to retrieve the site ID for which the available roles are currently initialized through a new `WP_Roles::get_site_id()`.
Props johnjamesjacoby, flixos90.
Fixes#38645.
git-svn-id: https://develop.svn.wordpress.org/trunk@41625 602fd350-edb4-49c9-b593-d223f7449a82
While it has always been possible to initialize a user's roles and capabilities for another site than the current one in a multisite, the actual roles available were not switched prior to this change, possibly causing invalid roles to show up or actually valid capabilities not being available.
In order to fix this bug in a clean way, relevant parts of the `WP_User` class have been refactored. The ID of the site for which capabilities are currently initialized are now stored in a private property `WP_User::$site_id`. The `WP_User::for_blog( $blog_id )` and `WP_User::_init_caps( $cap_key )` methods have been deprecated in favor of `WP_User::for_site( $site_id )`. In addition, a new method `WP_User::get_site_id()` has been introduced to retrieve the site ID for which the user's capabilities are currently initialized.
Props ryanduff, jeremyfelt, flixos90.
Fixes#36961.
git-svn-id: https://develop.svn.wordpress.org/trunk@41624 602fd350-edb4-49c9-b593-d223f7449a82
Calling the `count_users()` function is expensive, regardless of the counting strategy that's used, and it gets
slower the more users there are on a site. In order to speed up the Users screen in the admin area, calling
`count_users()` can be avoided entirely while still displaying the total count for users.
This introduces some new functions:
* `wp_is_large_user_count()`
* `wp_get_active_user_count()`
* `wp_update_active_user_count()`
A corresponding `wp_is_large_user_count` filter is also introduced.
Props tharsheblows, johnbillion
Fixes#38741
git-svn-id: https://develop.svn.wordpress.org/trunk@41613 602fd350-edb4-49c9-b593-d223f7449a82
* Galleries are managed in the widget in the same way they are managed in the post editor, both using the media manager.
* Gallery widget is merged from the Core Media Widgets v0.2.0 feature plugin and it extends `WP_Widget_Media` in the same way as is done for image, audio, and video widgets.
* Model syncing logic is updated to support booleans and arrays (of integers).
* Placeholder areas in media widgets are now clickable shortcuts for selecting media.
* Image widget placeholder is updated to match gallery widget where clicking preview is shortcut for editing media.
Props westonruter, joemcgill, timmydcrawford, m1tk00, obenland, melchoyce.
See #32417.
Fixes#41914.
git-svn-id: https://develop.svn.wordpress.org/trunk@41590 602fd350-edb4-49c9-b593-d223f7449a82
* Adds `WP_Customize_Code_Editor_Control` and `wp.customize.CodeEditorControl()`.
* Control respects user preference for syntax highlighting, showing a textarea when user opts out.
* Code editor control takes the ad hoc code for Additional CSS and makes it reusable and extensible, for Additional CSS in core and plugins to use (such as Jetpack).
* Replace `settings` arg in `wp_enqueue_code_editor()` with separate args for `codemirror`, `csslint`, `jshint`, and `htmlhint`.
* Prefix `codemirror` script and style handles with `wp-` to prevent collisions, as also the object is exported as `wp.CodeMirror` in JS.
* Reduce indent size in Customizer code editor instances and Custom HTML widget to use tab size of 2 instead of 4 to save on space.
See #12423, #38707, #35395.
Fixes#41897.
git-svn-id: https://develop.svn.wordpress.org/trunk@41558 602fd350-edb4-49c9-b593-d223f7449a82
Builds on efforts brought forward in #17979.
This will send sidebars through three levels of mapping:
1. If both themes have only one sidebar, that gets mapped.
2. If both themes have sidebars with the same slug, they get mapped.
3. Sidebars that (even partially) match slugs from a similar kind of sidebar will get mapped.
Finally, if the theme has previously been active and we have a record of its
sidebar configuration then, any unmapped sidebar will be restored to its
previous state.
Props westonruter, obenland, alexvorn2, timmydcrawford.
See #39693.
git-svn-id: https://develop.svn.wordpress.org/trunk@41555 602fd350-edb4-49c9-b593-d223f7449a82
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.
git-svn-id: https://develop.svn.wordpress.org/trunk@41496 602fd350-edb4-49c9-b593-d223f7449a82
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.
git-svn-id: https://develop.svn.wordpress.org/trunk@41470 602fd350-edb4-49c9-b593-d223f7449a82
This function can be used to easily get the main site ID of a given network via the optional `$network_id` parameter, which defaults to the current network. The existing `is_main_site()` now uses the new function internally and now accepts an optional `$network_id` parameter as well.
The main purpose of the new function at this point is to ensure that the `WP_Network::$blog_id` property is always set. Magic getters in the class have been adjusted to auto-fill the property when it is accessed and empty. Furthermore the function encapsulates logic that was previously part of `ms_load_current_site_and_network()` and has been replaced with a call to the function now.
Props spacedmonkey, jeremyfelt, johnjamesjacoby, flixos90.
Fixes#29684.
git-svn-id: https://develop.svn.wordpress.org/trunk@41380 602fd350-edb4-49c9-b593-d223f7449a82
Generally, duplicate terms returned by a term query are eliminated in PHP,
after the database query takes place. This technique doesn't work properly
when the query parameters specify the `number` of results, since the results
of a `SELECT ... LIMIT x...` query may be deduplicated to a count less than
`x`. In these cases, we force the original query to be `DISTINCT`.
Props elvishp2006.
Fixes#41796.
git-svn-id: https://develop.svn.wordpress.org/trunk@41377 602fd350-edb4-49c9-b593-d223f7449a82
* Code editor is integrated into the Theme/Plugin Editor, Additional CSS in Customizer, and Custom HTML widget. Code editor is not yet integrated into the post editor, and it may not be until accessibility concerns are addressed.
* The CodeMirror component in the Custom HTML widget is integrated in a similar way to TinyMCE being integrated into the Text widget, adopting the same approach for integrating dynamic JavaScript-initialized fields.
* Linting is performed for JS, CSS, HTML, and JSON via JSHint, CSSLint, HTMLHint, and JSONLint respectively. Linting is not yet supported for PHP.
* When user lacks `unfiltered_html` the capability, the Custom HTML widget will report any Kses-invalid elements and attributes as errors via a custom Kses rule for HTMLHint.
* When linting errors are detected, the user will be prevented from saving the code until the errors are fixed, reducing instances of broken websites.
* The placeholder value is removed from Custom CSS in favor of a fleshed-out section description which now auto-expands when the CSS field is empty. See #39892.
* The CodeMirror library is included as `wp.CodeMirror` to prevent conflicts with any existing `CodeMirror` global.
* An `wp.codeEditor.initialize()` API in JS is provided to convert a `textarea` into CodeMirror, with a `wp_enqueue_code_editor()` function in PHP to manage enqueueing the assets and settings needed to edit a given type of code.
* A user preference is added to manage whether or not "syntax highlighting" is enabled. The feature is opt-out, being enabled by default.
* Allowed file extensions in the theme and plugin editors have been updated to include formats which CodeMirror has modes for: `conf`, `css`, `diff`, `patch`, `html`, `htm`, `http`, `js`, `json`, `jsx`, `less`, `md`, `php`, `phtml`, `php3`, `php4`, `php5`, `php7`, `phps`, `scss`, `sass`, `sh`, `bash`, `sql`, `svg`, `xml`, `yml`, `yaml`, `txt`.
Props westonruter, georgestephanis, obenland, melchoyce, pixolin, mizejewski, michelleweber, afercia, grahamarmfield, samikeijonen, rianrietveld, iseulde.
See #38707.
Fixes#12423, #39892.
git-svn-id: https://develop.svn.wordpress.org/trunk@41376 602fd350-edb4-49c9-b593-d223f7449a82
* Displays an error notification in the global area when a save attempt is rejected due to invalid settings. An error notification is also displayed when saving fails due to a network error or server error.
* Introduces `wp.customize.Notifications` subclass of `wp.customize.Values` to contain instances of `wp.customize.Notification` and manage their rendering into a container.
* Exposes the global notification area as `wp.customize.notifications` collection instance.
* Updates the `notifications` object on `Control` to use `Notifications` rather than `Values` and to re-use the rendering logic from the former. The old `Control#renderNotifications` method is deprecated.
* Allows notifications to be dismissed by instantiating them with a `dismissible` property.
* Allows `wp.customize.Notification` to be extended with custom templates and `render` functions.
* Triggers a `removed` event on `wp.customize.Values` instances _after_ a value has been removed from the collection.
Props delawski, westonruter, karmatosed, celloexpressions, Fab1en, melchoyce, Kelderic, afercia, adamsilverstein.
See #34893, #39896.
Fixes#35210, #31582, #37727, #37269.
git-svn-id: https://develop.svn.wordpress.org/trunk@41374 602fd350-edb4-49c9-b593-d223f7449a82
The `aria-current` attribute is a simple, effective way to help assistive
technology users orientate themselves within a list of items.
Props GrahamArmfield, palmiak.
Fixes#40833.
git-svn-id: https://develop.svn.wordpress.org/trunk@41371 602fd350-edb4-49c9-b593-d223f7449a82
* Used now in core to facilitate displaying inserted media. See #40854.
* The `[embed]` shortcode is not supported because there is no post context for caching oEmbed responses. This depends on #34115.
* Add `do_shortcode()` to the `widget_text_content` filter in the same way it is added for `the_content` at priority 11, with `shortcode_unautop()` called at priority 10 after `wpautop()`.
* For Text widget in legacy mode, manually apply `do_shortcode()` (and `shortcode_unautop()` if auto-paragraph checked) if the core-added `widget_text_content` filter remains, unless a plugin added `do_shortcode()` to `widget_text` to prevent applying shortcodes twice.
* Ensure that global `$post` is `null` while filters apply in the Text widget so shortcode handlers won't run with unexpected contexts.
Props westonruter, nacin, aaroncampbell.
See #40854, #34115.
Fixes#10457.
git-svn-id: https://develop.svn.wordpress.org/trunk@41361 602fd350-edb4-49c9-b593-d223f7449a82
Previously, it was not possible to hook into the `wp_link_query` filter to add custom entries when the
query returned no posts.
Props mitraval192, msebel.
Fixes#41825.
git-svn-id: https://develop.svn.wordpress.org/trunk@41346 602fd350-edb4-49c9-b593-d223f7449a82
Add two new helper functions, `wp.api.getModelByRoute` and `wp.api.getCollectionByRoute`. Passed a route, they return the matching model or collection, or `undefined` if none is found.
Also adds tests to verify these functions work as expected.
Props rcutmore.
Fixes#41111.
git-svn-id: https://develop.svn.wordpress.org/trunk@41334 602fd350-edb4-49c9-b593-d223f7449a82
Informs developers that widgets need to be registered before they can be
displayed through `the_widget()`. Previously it would fail with an ambiguous
undefined index notice.
Props SeBsZ, mrasharirfan.
Fixes#41743.
git-svn-id: https://develop.svn.wordpress.org/trunk@41327 602fd350-edb4-49c9-b593-d223f7449a82
This introduces the following meta capabilities:
* `activate_plugin`
* `deactivate_plugin`
* `deactivate_plugins`
The singular `activate_plugin` and `deactivate_plugin` capabilities are used along with the corresponding plugin name when
determining whether or not a user can activate or deactivate an individual plugin.
The plural `deactivate_plugins` capability is used in place of the existing `activate_plugins` capability when determining
whether a user can deactivate plugins.
Each of these new meta capabilities map to the existing `activate_plugins` primitive capability, which means there is no
change in existing behaviour, but plugins can now filter the capabilities required to activate and deactivate individual
plugins.
Fixes#38652
git-svn-id: https://develop.svn.wordpress.org/trunk@41290 602fd350-edb4-49c9-b593-d223f7449a82
"Install" is not a noun, and while it might be acceptable to use the verb as a noun, it is not correct. Using the correct
noun, "installation", increases clarity, especially for non-native English speakers.
This change fixes the usage in user-facing text and in developer documentation.
Fixes#41620
git-svn-id: https://develop.svn.wordpress.org/trunk@41289 602fd350-edb4-49c9-b593-d223f7449a82
Using `paged` with `number` allows developers to request
paginated comment results without having to do a manual offset
calculation.
Props AdamWills.
Fixes#38268.
git-svn-id: https://develop.svn.wordpress.org/trunk@41287 602fd350-edb4-49c9-b593-d223f7449a82
The new meta capabilities are called `install_languages` and `update_languages`. Prior to this change, there were no proper capability checks applied. Instead only the filesystem and related constants were checked, and for actual permissions a rather vague fallback was used where a user needed to have at least one of the other updating capabilities. In addition to being generally more verbose, the new capabilities make it possible for example to allow a user to update languages, but nothing else. By default they fall back to the original way of how they were handled.
Props johnbillion, flixos90.
Fixes#39677.
git-svn-id: https://develop.svn.wordpress.org/trunk@41268 602fd350-edb4-49c9-b593-d223f7449a82
In addition to the enhancement, tests for the filter usage including the new parameter have been added.
Props NathanAtmoz.
Fixes#39030.
git-svn-id: https://develop.svn.wordpress.org/trunk@41267 602fd350-edb4-49c9-b593-d223f7449a82
For bonus :yolo: :friday:, this repeats [41262] for `multisite.xml`, which duplicates the ignored file list from `phpunit.xml.dist`.
See #41658.
git-svn-id: https://develop.svn.wordpress.org/trunk@41263 602fd350-edb4-49c9-b593-d223f7449a82
There were a handful of files with an underscore in the name, which violated our naming scheme, and caused problems for anyone how enforced the scheme on their own systems.
This commit renames all of the files to the correct camelCase scheme.
Fixes#41658.
git-svn-id: https://develop.svn.wordpress.org/trunk@41261 602fd350-edb4-49c9-b593-d223f7449a82
Also apply `the_editor_content` filters on widget `text` with `format_for_editor()` as is done for the post editor.
Amends [40631].
Props westonruter, azaozz.
See #35243.
Fixes#41596.
git-svn-id: https://develop.svn.wordpress.org/trunk@41260 602fd350-edb4-49c9-b593-d223f7449a82
Also explicitly use HTML5 doctype when parsing Text widget contents in legacy mode detection.
Amends [41050].
See #40951.
Fixes#41622.
git-svn-id: https://develop.svn.wordpress.org/trunk@41251 602fd350-edb4-49c9-b593-d223f7449a82
Weston Ruter
Gary Pendergast
Felix Arntz
Konstantin Obenland
Ian Dunn
John Blackbourn
Joe Hoyle
Sergey Biryukov
Peter Wilson
Pascal Birchler
Dion Hulse
Boone Gorges
K. Adam White
Adam Silverstein
westonruter
Mike Schroder
Joe McGill
Jeremy Felt
Andrea Fercia
Dominik Schilling (ocean90)
Andrew Ozz
Aaron D. Campbell
aaroncampbell