`autop()` can sometimes get confused and not clean up stray `<p>` or `</p>` tags inside block level elements, which produces sub-optimal HTML. While browsers can generally handle it, there's no need to make things harder for them if we don't have to.
Props pento, ayubi, pbearne, jond, azaozz, 1994rstefan, dionysous, MikeHansenMe, jorbin, miqrogroove, niallkennedy.
Fixes#27350.
git-svn-id: https://develop.svn.wordpress.org/trunk@45585 602fd350-edb4-49c9-b593-d223f7449a82
Add a new `terms_pre_query` filter which returns null by default. Return a non-null value to bypass WordPress's default `get_terms` queries.
Props jarocks, boonebgorges, spacedmonkey.
Fixes#41246.
git-svn-id: https://develop.svn.wordpress.org/trunk@45584 602fd350-edb4-49c9-b593-d223f7449a82
Inline `<svg>`s should generally work, as browsers should just ignore `<p>` or `<br/>` tags that shouldn't be inside the `<svg>`. To keep things neat, however, it's better not add them in the first place.
Props jared_smith, nacin, pento.
Fixes#9437.
git-svn-id: https://develop.svn.wordpress.org/trunk@45577 602fd350-edb4-49c9-b593-d223f7449a82
It can be tricky to know when `wpautop()` should add `<p>` tags, but one thing we can be certain about is that they really shouldn't be anywhere near `<hr>` tags.
Now they aren't.
Props solarissmoke, MattyRob, pento.
Fixes#14674.
git-svn-id: https://develop.svn.wordpress.org/trunk@45574 602fd350-edb4-49c9-b593-d223f7449a82
The web has gotten so much faster since `human_time_diff()` was created, we need to be able to measure time differences with much finer granularity. Now, we can.
Props johnjamesjacoby, pento.
Fixes#35655.
git-svn-id: https://develop.svn.wordpress.org/trunk@45573 602fd350-edb4-49c9-b593-d223f7449a82
Smilies in ignored tags are not supposed to be converted to emoji, but this can malfunction if the tag has attributes. For example, the Preformatted block with add a `class` to the `<pre>` tag.
Props pento, jikamens.
Fixes#47489.
git-svn-id: https://develop.svn.wordpress.org/trunk@45569 602fd350-edb4-49c9-b593-d223f7449a82
Introduces the faux primitive capability `view_site_health_checks` available to single site admins and multisite super-admin to view the site health page within the admin.
The capability is mapped to the `install_plugins` capability without being dependent on the file system being writable. This fixes a bug where the feature couldn't be used by sites unable to write to the file system or managed through version control.
The capability is granted on the `user_has_cap` filter.
Props birgire, Clorith, palmiak, peterwilsoncc, spacedmonkey.
Fixes#46957.
git-svn-id: https://develop.svn.wordpress.org/trunk@45507 602fd350-edb4-49c9-b593-d223f7449a82
This introduces three new strings that can be used to control the maximum length of automatically generated excerpts for posts, comments, and draft post previews in the dashboard. Optionally combined with the existing word count type control this allows languages which include many multibyte characters to specify more appropriate maximum excerpt lengths.
Props miyauchi, birgire, johnbillion
Fixes#44541
git-svn-id: https://develop.svn.wordpress.org/trunk@45505 602fd350-edb4-49c9-b593-d223f7449a82
The existing `"grunt": "grunt"` script in `package.json` allows for the use of `npm run grunt ...` which uses the local `grunt` binary in the project's `node_modules`.
Fixes#47380
git-svn-id: https://develop.svn.wordpress.org/trunk@45445 602fd350-edb4-49c9-b593-d223f7449a82
Use of `date()` in core depends on PHP timezone set to UTC and not changed by third party code (which cannot be guaranteed).
`gmdate()` is functionally equivalent, but is not affected by PHP timezone setting: it's always UTC, which is the exact behavior the core needs.
Props nielsdeblaauw, Rarst.
Fixes#46438. See #44491.
git-svn-id: https://develop.svn.wordpress.org/trunk@45424 602fd350-edb4-49c9-b593-d223f7449a82
Restore `$previousweekday` global usage in `the_weekday_date()`, so it could still be used simultaneously with `the_date()`.
Partially reverts [45378].
See #47354.
git-svn-id: https://develop.svn.wordpress.org/trunk@45379 602fd350-edb4-49c9-b593-d223f7449a82
* Make `the_date()` always apply the the filter and return a value.
* Use `is_new_day()` in `the_weekday_date()`.
* Add a unit test for `the_weekday_date()`.
Fixes#47354.
git-svn-id: https://develop.svn.wordpress.org/trunk@45378 602fd350-edb4-49c9-b593-d223f7449a82
Allow `flex`, `flex-grow`, `flex-shrink` and `flex-basis` to be used in inline CSS. As of WordPress 5.3 the block editor is expected to use `flex-basis` inline to set the width in the column block.
Props aduth.
Fixes#47281.
See #37248.
git-svn-id: https://develop.svn.wordpress.org/trunk@45363 602fd350-edb4-49c9-b593-d223f7449a82
The sodium_compat library can be very slow for certain operations on 32-bit architectures, which can lead to web server timeouts while attempting to verify an update. This adds a runtime speed check to skip signature verification on systems that would otherwise time out. Includes simple unit tests.
Props dd32, paragoninitiativeenterprises.
See #47186.
git-svn-id: https://develop.svn.wordpress.org/trunk@45345 602fd350-edb4-49c9-b593-d223f7449a82
`get_available_post_mime_types()` uses a query that's extremely slow on sites with lots of posts. The original fix can be revisited after those performance issues are tackled.
See #43658.
git-svn-id: https://develop.svn.wordpress.org/trunk@45270 602fd350-edb4-49c9-b593-d223f7449a82
Fixes:
- Parsing of blocks in the second half of post_content.
- Outputting malformed HTML when `the_content( null, true )` or `<!--noteaser-->` is used.
Props lukecarbis, garrett-eclipse, birgire.
Fixes#46471.
git-svn-id: https://develop.svn.wordpress.org/trunk@45261 602fd350-edb4-49c9-b593-d223f7449a82
Simplify overall code structure by passing the required format to the helper function.
Clarify functionality by renaming `get_last_build_date` to `get_feed_build_date`.
Props pento, spacedmonkey.
Fixes#4575.
git-svn-id: https://develop.svn.wordpress.org/trunk@45247 602fd350-edb4-49c9-b593-d223f7449a82
Currently, there are a number of scenarios where `is_block_editor()` (and `WP_Screen::is_block_editor`) would incorrectly indicate block editor support at different points of the loading process. Most notably, checking `is_block_editor` when hooking into the `current_screen` action will always result in `false`, even when the block editor is being loaded. This is because `is_block_editor` is not set to `true` until `edit-form-blocks.php` is included.
This change adds logic to `WP_Screen` to ensure the accuracy of `is_block_editor` on block editor pages earlier in the load process.
While edit screens will now be accurate 100% of the time from `current_screen` on, there are still a few edge cases where `is_block_editor` could contain an incorrect value when creating a new post.
Because a `WP_Post` object is a required parameter for the `replace_editor` filter and `use_block_editor_for_post()` function, `WP_Screen` will fall back to the value returned by `use_block_editor_for_post_type()` for the post being created. To eliminate these edge cases, the `use_block_editor_for_post_type` filter can be used to return the appropriate boolean value to indicate support.
Props Chouby, desrosj, aduth, johnbillion.
Fixes#46195.
git-svn-id: https://develop.svn.wordpress.org/trunk@45224 602fd350-edb4-49c9-b593-d223f7449a82
While currently a recovery link is only made available via the admin email address, this will be expanded in the future. In order to accomplish that, the mechanisms to store and validate recovery keys must support multiple keys to be valid at the same time.
This changeset adds that support, adding an additional token parameter which is part of a recovery link in addition to the key. A key itself is always associated with a token, so the two are only valid in combination. These associations are stored in a new `recovery_keys` option, which is regularly cleared in a new Cron hook, to prevent potential cluttering from unused recovery keys.
This changeset does not have any user-facing implications otherwise.
Props pbearne, timothyblynjacobs.
Fixes#46595. See #46130.
git-svn-id: https://develop.svn.wordpress.org/trunk@45211 602fd350-edb4-49c9-b593-d223f7449a82
An admin may download an export to check that it's all correct, but this action shouldn't mark the request as complete.
Props garrett-eclipse, JoshuaWold, birgire.
Fixes#44644.
git-svn-id: https://develop.svn.wordpress.org/trunk@45148 602fd350-edb4-49c9-b593-d223f7449a82
This expands upon `rel="noopener"` being previously added to links in the content.
Props audrasjb, welcher.
Fixes#43290.
git-svn-id: https://develop.svn.wordpress.org/trunk@45141 602fd350-edb4-49c9-b593-d223f7449a82
When `do_blocks()` is run, it sets up some special handling of the `wpautop` filter, as we don't want `wpautop` to run on block content, but we do want it to be available for subsequent runs of `the_content`, which may be happening on non-block content.
As we set this up before rendering dynamic blocks, however, a dynamic block choosing to run `the_content` will cause unintentially structural deficiences in this particular recursive block tower.
Moving this handling to after dynamic blocks are rendered makes our tower lean a little less.
Props aldavigdis, pento.
Fixes#45495.
git-svn-id: https://develop.svn.wordpress.org/trunk@45139 602fd350-edb4-49c9-b593-d223f7449a82
Fix off-by-one error in pixel color checks for rotate and flip image tests.
Change to using PNG with single pixel to ensure that errors are caught in the future, rather than lost in JPEG noise.
Props Fuegas, mikeschroder.
Fixes#46073.
git-svn-id: https://develop.svn.wordpress.org/trunk@45067 602fd350-edb4-49c9-b593-d223f7449a82
Making incorrect assumptions about microdata used in a theme results in invalid markup.
The attribute can still be added using the `get_custom_logo` or `wp_get_attachment_image_attributes` filter, but it should not be added by default.
Props henry.wright, tfrommen, afercia, markcallen, zodiac1978.
Fixes#37305.
git-svn-id: https://develop.svn.wordpress.org/trunk@45028 602fd350-edb4-49c9-b593-d223f7449a82
Similar to the `posts_pre_query` filter for WP_Query added in #36687. These filters lets you short circuit the queries to return your own results.
Add a new filter `sites_pre_query` - which returns null by default. Return a non-null value to bypass WordPress's default `get_sites` queries.
Developers should note that filtering functions that require pagination information are encouraged to set the `found_sites` property of the `WP_Site_Query` object, passed to the filter by reference. If `WP_Site_Query` does not perform a database query, it will not have enough information to generate these values itself.
Add a new filter `networks_pre_query` - which returns null by default. Return a non-null value to bypass WordPress's default `get_networks` queries.
Developers should note that filtering functions that require pagination information are encouraged to set the `found_networks` property of the `WP_Network_Query` object, passed to the filter by reference. If `WP_Network_Query` does not perform a database query, it will not have enough information to generate these values itself.
Props spacedmonkey.
Fixes#45749.
git-svn-id: https://develop.svn.wordpress.org/trunk@44983 602fd350-edb4-49c9-b593-d223f7449a82
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes#46130, #44458.
git-svn-id: https://develop.svn.wordpress.org/trunk@44973 602fd350-edb4-49c9-b593-d223f7449a82
* `is_privacy_policy()` template tag
* `privacy-policy.php` template
* `.privacy-policy` body class
* `.menu-item-privacy-policy` menu item class
Props garrett-eclipse, birgire, xkon, Clorith.
Fixes#44005.
git-svn-id: https://develop.svn.wordpress.org/trunk@44966 602fd350-edb4-49c9-b593-d223f7449a82
Only try to access `term_id` once `$parent_term` is known to be a `WP_Term`.
Props dlh, earnjam.
Fixes#44983.
git-svn-id: https://develop.svn.wordpress.org/trunk@44965 602fd350-edb4-49c9-b593-d223f7449a82
This allows post exists checks scoped to a specific post type.
Props sgarza, birgire, swissspidy.
Fixes#37406.
git-svn-id: https://develop.svn.wordpress.org/trunk@44959 602fd350-edb4-49c9-b593-d223f7449a82
Displaying the correct build date in feeds is as important today as it was twelve years ago when this ticket was opened.
Fix an issue where all feeds in WordPress showed the same date for their last build date (the datapoint is `lastBuildDate`, `updated` or `dc:date` depending on the feed type).
Introduce a new `get_last_build_date` filter to adjust the date used for `lastBuildDate`. Developers who previously filtered `get_lastcommentmodified` to alter feed dates should use this filter instead.
* `get_last_build_date` extracts the latest post (or comment) in the current WP_Query object.
* In all feed templates, use `get_last_build_date` vs `get_lastpostmodified( 'GMT' );`.
Props stevenkword, spacedmonkey, ryanshoover, mauteri, nacin, jorbin, MikeNGarrett, Denis-de-Bernardy, peaceablewhale.
Fixes#4575.
git-svn-id: https://develop.svn.wordpress.org/trunk@44948 602fd350-edb4-49c9-b593-d223f7449a82
In the media library gird view, properly limit the media attachment filter to available mime types, matching the list view.
Props itzmekhokan.
Fixes#43658.
git-svn-id: https://develop.svn.wordpress.org/trunk@44947 602fd350-edb4-49c9-b593-d223f7449a82
Screen reader users rely on the iframe title attribute to describe the contents of iframes. A meaningful title attribute allows to quickly identify the iframe content, so users can determine which iframe to enter and explore in detail or skip if desired.
Note: this is the only case where a title attribute is required for compliance with the W3C Web Content Accessibility Guidelines (WCAG).
- checks for oEmbed response of type `video` or `rich`
- checks if they use an iframe
- fetches the title (if any) from the oEmbed response
- adds the title to the embed iframe
Props bamadesigner, TomHarrigan, swissspidy, jrf, afercia.
Fixes#40245.
git-svn-id: https://develop.svn.wordpress.org/trunk@44942 602fd350-edb4-49c9-b593-d223f7449a82
This changeset introduces `$post` parameters to `get_the_content()` and
`wp_trim_excerpt()`. When a `$post` object is passed to one of these functions,
the functions will operate on the data from that object, rather than from the
post globals (`$authordata`, `$page`, etc). This ensures that the functions work
in a predictable manner when used outside of the regular post loop.
The global-mismatch problem is surfaced in cases where `get_the_excerpt()` is
called outside of the post loop, on posts that don't have a defined excerpt. In
these cases, the post globals - used to generate a fallback excerpt - may refer
to the incorrect object, resulting in PHP notices or other unpredictable
behavior. See #36934 for a related issue.
Props spacedmonkey, kraftbj, Shital Patel.
Fixes#42814.
git-svn-id: https://develop.svn.wordpress.org/trunk@44941 602fd350-edb4-49c9-b593-d223f7449a82
This changeset ensures `$request->set_url_params()` is called while fulfilling OPTIONS requests, where previously it was skipped because OPTIONS requests short-circuit the logic in `dispatch` which handles this setup for other request methods. Omitting the URL parameters prevented the Allow header from being set.
Props killua99, noisysocks.
Fixes#45753.
git-svn-id: https://develop.svn.wordpress.org/trunk@44933 602fd350-edb4-49c9-b593-d223f7449a82
- adds a visually hidden text to give context to the lyrics
- the text is `Quote from Hello Dolly song, by Jerry Herman:`
- adds a `lang` HTML attribute (when the admin language is not English) to better support assistive technologies
- adds a `dir` HTML attribute to better support the LTR English lyrics with RTL languages
- CSS adjustments
Props audrasjb, SergeyBiryukov, danieltj, birgire, karmatosed, desrosj, afercia.
Fixes#43632.
git-svn-id: https://develop.svn.wordpress.org/trunk@44929 602fd350-edb4-49c9-b593-d223f7449a82
Improves the logic in `wp_schedule_single_event()` to ensure an identical event is not scheduled within ten minutes.
This moves the logic for checking for identical events to be self contained rather than relying on `wp_next_scheduled()` as this fails to account for events with a past timestamp when wp-cron fails to trigger or for multiple identical events being scheduled already.
Props bodohugobarwich.
Fixes#44818.
git-svn-id: https://develop.svn.wordpress.org/trunk@44917 602fd350-edb4-49c9-b593-d223f7449a82
When dealing with personal data exports and erasure requests, it is important to have a log of all the requests for a specific person. This is often required to confirm when and how many times requests were completed and fulfilled properly.
This change allows a new request to be created after a previous data request has reached completed status (`request-completed`) instead of requiring admins to delete or re-initiate the existing request. The latter approach removes the historical log of requests for that user when creating a new request.
Full unit tests for the `wp_create_user_request()` function are also included.
Props garrett-eclipse, cc0a, birgire, desrosj.
Fixes#44707.
git-svn-id: https://develop.svn.wordpress.org/trunk@44906 602fd350-edb4-49c9-b593-d223f7449a82
Previously, only `a` and `br` tags were allowed in the `value` table cell for each field included in the HTML file generated when a user is exporting their personal data. Instead of relying on a hardcoded list of allowed tags, the `wp_kses()` call in `wp_privacy_generate_personal_data_export_group_html()` will now fallback to the default list of allowed tags (which includes `i`, `strong`, `em`, and other basic HTML formatting tags).
Also, a new context of `personal_data_export` will now be passed to the `wp_kses()` call. As a result, the list of HTML tags and attributes allowed in the export file can now be filtered using the `wp_kses_allowed_html` filter and checking for the `personal_data_export` context.
Fixes#44044.
Props tz-media, desrosj, pento, birgire, garrett-eclipse.
git-svn-id: https://develop.svn.wordpress.org/trunk@44824 602fd350-edb4-49c9-b593-d223f7449a82
Restores `public`, `archived`, `mature`, `spam`, `deleted`, `lang_id`, and `WPLANG` to the `$meta` data passed to `wpmu_new_blog`. This hook was deprecated in 5.1.0, but code using it still relies on this data.
Props david.binda, pbiron.
Fixes#46351.
git-svn-id: https://develop.svn.wordpress.org/trunk@44805 602fd350-edb4-49c9-b593-d223f7449a82
The `test_detects_cannot_create_index()` and `tests_detects_cannot_write_html()` test methods are prone to failure under certain configurations, as discovered by the hosts reporting back the test suite results. This removes those two methods until a better approach to testing those scenarios can be created.
Partial revert of [44786].
See #44233.
git-svn-id: https://develop.svn.wordpress.org/trunk@44792 602fd350-edb4-49c9-b593-d223f7449a82
A PHPUnit configuration file with more than one `<php>` tag causes a validation error in PHPUnit versions 7.x. There are currently 2 in the `tests/phpunit/multisite.xml` file, which appears to be accidentally introduced in [29954].
Fixes#46414.
git-svn-id: https://develop.svn.wordpress.org/trunk@44790 602fd350-edb4-49c9-b593-d223f7449a82
Minimize jquery.form.js as part of build process to remove the source map reference.
Modify source map tests to include all JavaScript files rather than testing Backbone and jQuery only.
Props pento.
Fixes#46218.
git-svn-id: https://develop.svn.wordpress.org/trunk@44740 602fd350-edb4-49c9-b593-d223f7449a82
[44618] added strict type checking to `_sanitize_text_fields()`, which has caused some compat issues with plugins.
We can loosen the type checking to only reject objects and arrays, and cast other types to string.
Props Nick_theGeek, pento.
Fixes#41450.
git-svn-id: https://develop.svn.wordpress.org/trunk@44731 602fd350-edb4-49c9-b593-d223f7449a82
Due to the high number of follow-up tickets and associated security concerns, it was decided to reschedule the fatal error recovery feature for WordPress 5.2, in order to address these issues properly. The feature will continue to be developed, with iterations being merged into trunk early in the 5.2 release cycle.
Fixes#46141. See #44458, #45932, #45940, #46038, #46047, #46068.
git-svn-id: https://develop.svn.wordpress.org/trunk@44717 602fd350-edb4-49c9-b593-d223f7449a82
Introduced in [918/tests] and updated in [26871], the class is there to make sure that known bugs are not skipped when `phpunit` is called with a `--group` that corresponds to an `@ticket` annotation (such as `phpunit --group 12345`).
Enforcing recognized arguments or correctly formed arguments is not the concern here, so reusing `PHPUnit_Util_Getopt::parseLongOption()` was superfluous.
See #43218.
git-svn-id: https://develop.svn.wordpress.org/trunk@44715 602fd350-edb4-49c9-b593-d223f7449a82
The pre-save filters added to links in [43732] could invalidate JSON data when saving Customizer change-sets.
This removes the filters when saving and publishing change-sets.
Props peterwilsoncc, nikeo for testing.
See #45292.
git-svn-id: https://develop.svn.wordpress.org/trunk@44714 602fd350-edb4-49c9-b593-d223f7449a82
To test the `date_i18n()` output correctly, the tests added in [43434] need to set a non-UTC timezone.
Props Rarst.
Fixes#20973.
git-svn-id: https://develop.svn.wordpress.org/trunk@44710 602fd350-edb4-49c9-b593-d223f7449a82
The method is only used for two known options: `group` and `exclude-group`, others should be passed to PHPUnit.
Props johnbillion.
See #43218.
git-svn-id: https://develop.svn.wordpress.org/trunk@44707 602fd350-edb4-49c9-b593-d223f7449a82
* Create an abstract `WP_UnitTestCase_Base` class to share between PHPUnit 7.x and older versions.
* Add a speed-trap loader to determine which `SpeedTrapListener` class needs to be loaded for the current PHPUnit version.
* Remove unnecessary `PHPUnit\Util\Test` and `PHPUnit_Util_Getopt` inheritances.
* Update Travis CI config to use PHPUnit 7.x for PHP 7.1, 7.2, and nightly PHP versions.
Props jipmoors, netweb, desrosj, ayeshrajans, soulseekah, SergeyBiryukov.
See #43218.
git-svn-id: https://develop.svn.wordpress.org/trunk@44701 602fd350-edb4-49c9-b593-d223f7449a82
Moves the logic for determining when an event will next run from `wp_next_scheduled()` to `wp_get_scheduled_event()`.
This improves the performance of `wp_get_scheduled_event()` by avoiding duplicate function calls and object cache hits.
Props peterwilsoncc.
Fixes#45976.
git-svn-id: https://develop.svn.wordpress.org/trunk@44693 602fd350-edb4-49c9-b593-d223f7449a82
Bypass adding a `rel` attribute when the `wp_targeted_link_rel` filter returns an empty string or other falsy result.
Props mcmwebsol, spartank, meatman89fs.
Fixes#45352.
git-svn-id: https://develop.svn.wordpress.org/trunk@44691 602fd350-edb4-49c9-b593-d223f7449a82
This was introduced in [44466]. Also, this changeset adds tests for `_wp_die_process_input()` so that this never happens again.
Props dd32.
See #45933.
git-svn-id: https://develop.svn.wordpress.org/trunk@44690 602fd350-edb4-49c9-b593-d223f7449a82
Adds a `maybe_serialize()` comparison for the old and new values in `update_network_option()` to avoid unnecessary database writes when options contain identical objects.
Props bor0.
Fixes#44956.
git-svn-id: https://develop.svn.wordpress.org/trunk@44662 602fd350-edb4-49c9-b593-d223f7449a82
The "Your comment is awaiting moderation." message relied upon the comment author cookie being set. However, since it's now possible to opt-out of that cookie, submitting a comment won't show the comment preview when the comment is placed in moderation.
To avoid this issue, we now include a hash in the redirect URL, allowing the site to identify that a preview of the moderated comment should be displayed.
Props imath, tomdxw, birgire, lakenh, azaozz, pento.
Fixes#43857.
git-svn-id: https://develop.svn.wordpress.org/trunk@44659 602fd350-edb4-49c9-b593-d223f7449a82
A few sniffs have been renamed, this change includes the relevant `phpcs:ignore` comment updates.
Fixes#46002.
git-svn-id: https://develop.svn.wordpress.org/trunk@44645 602fd350-edb4-49c9-b593-d223f7449a82
When a `PUT` request is performed to update a user, a `rest_user_invalid_email` error is incorrectly being returned when the email exists with different letter casing, even if it belongs to the user being updated. `email_exists()` performs a case insensitive lookup, but the conditional statement following that lookup was performing a strict comparison between the new email and the user’s current email.
This changes that comparison to instead compare the user ID returned by `email_exists()` with the user ID being updated. This more closely matches the logic used in `edit_user()` and allows a user to change the letter casing of their email.
Props fuchsws, rachelbaker, desrosj.
Fixes#44672.
git-svn-id: https://develop.svn.wordpress.org/trunk@44641 602fd350-edb4-49c9-b593-d223f7449a82
This allows users to sort the export and erase personal data request tables by “Requester” (`post_title`, or user email) and “Requested” (`post_date`, or when the request was created), which can be helpful when sites have many requests present.
Props birgire, ianbelanger, pbiron, desrosj.
Fixes#43405.
git-svn-id: https://develop.svn.wordpress.org/trunk@44628 602fd350-edb4-49c9-b593-d223f7449a82
Prevent a notification from being sent when an unrecognised value is passed in the `$notify` parameter.
Props cthreelabs, 360zen.
Fixes#44293.
git-svn-id: https://develop.svn.wordpress.org/trunk@44611 602fd350-edb4-49c9-b593-d223f7449a82
This is a followup to [42828], ensuring that the `get_{$adjacent}_post_excluded_terms` filter is always passed an array, as expected.
Props soulseekah, zottto.
Fixes#43521.
git-svn-id: https://develop.svn.wordpress.org/trunk@44591 602fd350-edb4-49c9-b593-d223f7449a82
When `home` and `siteurl` are different, the customizer preview iframe will be blank in Chrome and Safari, due to their `X-Frame-Options` implementation quirks.
Changing this to `SAMEORIGIN` and adding the `frame-ancestors` Content Security Policy gives the correct behaviour.
Props fullyint.
Fixes#40020.
git-svn-id: https://develop.svn.wordpress.org/trunk@44580 602fd350-edb4-49c9-b593-d223f7449a82
[41215] supresses these irrelevant error messages from the front end, this removes them from the error log, too.
Props jeherve.
Fixes#43815.
git-svn-id: https://develop.svn.wordpress.org/trunk@44578 602fd350-edb4-49c9-b593-d223f7449a82
From the `WordPress.NamingConventions.ValidVariableName` sniff, this commit fixes/whitelists all `NotSnakeCaseMemberVar`, `MemberNotSnakeCase`, and `StringNotSnakeCase` violations. It also fixes a handful of the `NotSnakeCase` violations.
See #45934.
git-svn-id: https://develop.svn.wordpress.org/trunk@44573 602fd350-edb4-49c9-b593-d223f7449a82
Of the last four instances of `extract()` occurring, three of them are removed by this commit, and the fourth is appropriately documented.
See #45934.
git-svn-id: https://develop.svn.wordpress.org/trunk@44569 602fd350-edb4-49c9-b593-d223f7449a82
Calling `register_rest_route()` too early in the loading process has the potential to cause some unintentional problems and pitfalls. Because `register_rest_route()` calls `rest_get_server()` (which creates the `WP_REST_Server` instance), calling the function directly and/or before `rest_api_init` should be discouraged.
For example, if `register_rest_route ()` is called on `init`, the REST API server instance is set up (and all functions added to `rest_api_init` and other related hooks are invoked), even though the current request may not be a REST request. Also, if `register_rest_route()` is called even earlier (say, in an `mu-plugin` file), required endpoints may be missing since normal plugins have not yet been loaded and have not had a chance to register their own action hooks.
This adds a `_doing_it_wrong()` notice the first time `register_rest_route()` is called before `rest_api_init` in a request to encourage best practices for registering REST API routes.
Props kraftbj, desrosj, timothyblynjacobs.
Fixes#45265.
git-svn-id: https://develop.svn.wordpress.org/trunk@44568 602fd350-edb4-49c9-b593-d223f7449a82
WordPress has historically often used code like `preg_split( '/[\s,]+/', $var )` to parse a string of comma-separated values into an array. However, this approach was causing an empty string to not be parsed into an empty array as expected, but rather into an array with the empty string as its sole element.
This was among other areas causing problems in the REST API where passing an empty request parameter could cause that request to fail because, instead of it being ignored, that parameter would be compared against the valid values for it, which typically do not include an empty string.
Props david.binda, sstoqnov.
Fixes#43977.
git-svn-id: https://develop.svn.wordpress.org/trunk@44546 602fd350-edb4-49c9-b593-d223f7449a82
This solution does not work with custom taxonomies in the current state.
Reverts [42614,42619,42737].
Props danielbachhuber.
See #38922.
git-svn-id: https://develop.svn.wordpress.org/trunk@44537 602fd350-edb4-49c9-b593-d223f7449a82
Defining `WP_TESTS_SKIP_INSTALL=1` when running tests will skip the install step. While this shouldn't be used for full test runs, it's useful for saving time when running small groups of tests.
Props soulseekah.
Fixes#43432.
git-svn-id: https://develop.svn.wordpress.org/trunk@44536 602fd350-edb4-49c9-b593-d223f7449a82
This is a partial recommit of [44509]: it allows running unit tests from `src` (which is useful), but doesn't make it the default (which Travis is having issues with).
See #45863.
git-svn-id: https://develop.svn.wordpress.org/trunk@44534 602fd350-edb4-49c9-b593-d223f7449a82
In [41746], `wp_get_media_creation_timestamp()` was introduced to read the created timestamp for videos from `getID3` in meta whenever possible. This information is useful separately from the dates on the file itself.
This adds the same support audio files by utilizing `wp_get_media_creation_timestamp()` in `wp_read_audio_metadata()`.
Props blob folio, desrosj.
Fixes#42017.
git-svn-id: https://develop.svn.wordpress.org/trunk@44528 602fd350-edb4-49c9-b593-d223f7449a82
This function splits the `get_avatar_comment_types` filter out of `get_avatar_data()`.
Props dshanske, birgire.
Fixes#44033.
git-svn-id: https://develop.svn.wordpress.org/trunk@44499 602fd350-edb4-49c9-b593-d223f7449a82
Returning a non-`null` value on this fillter will cause `wp_unique_post_slug()` to return early with that value, skipping potentially expensive database queries on some sites.
Props coffee2code, javorszky, iCaleb.
Fixes#21112.
git-svn-id: https://develop.svn.wordpress.org/trunk@44454 602fd350-edb4-49c9-b593-d223f7449a82
Ordering by `post__in` was introduced in [21776], but the code assumed that
`post__in` would be a comma-separated string listing post IDs. When an array
of post IDs was passed to the `post__in` query var, 'orderby=post__in' was
not respected. This changeset changes this behavior by handling
'orderby=post__in' in the same way as most other values of 'orderby',
which ensures that arrays as well as strings can be properly parsed.
The same treatment is given to the similar `post_name__in` and
`post_parent__in` options of 'orderby', so that most query generation for
orderby clauses happens in the same place, instead of in special cases.
A slight change in the resulting SQL (related to the whitespace around
parentheses and commas) necessitates a change to an existing REST API test
that does a string comparison against the SQL query.
Props mgibbs189, kelvink.
Fixes#38034.
git-svn-id: https://develop.svn.wordpress.org/trunk@44452 602fd350-edb4-49c9-b593-d223f7449a82
This adds some special case handling in 'wp_check_filetype_and_ext()' that prevents some common file types from being blocked based on mismatched MIME checks, which were made more strict in WordPress 5.0.1.
Props Kloon, birgire, tellyworth, joemcgill.
See #45615.
git-svn-id: https://develop.svn.wordpress.org/trunk@44438 602fd350-edb4-49c9-b593-d223f7449a82
The inline JavaScript added by `WP_Scripts::print_translations()` should check whether `locale_data.$text_domain` exists and fall back to `locale_data.messages` otherwise.
Props swissspidy.
See #45441.
git-svn-id: https://develop.svn.wordpress.org/trunk@44403 602fd350-edb4-49c9-b593-d223f7449a82
A typo when unregistering a test post type for the `WP_Test_REST_Posts_Controller` class was preventing it from being properly removed. `youseeme` now?
Props rahulsprajapati.
Fixes#45124.
git-svn-id: https://develop.svn.wordpress.org/trunk@44394 602fd350-edb4-49c9-b593-d223f7449a82
Add a new filter `users_pre_query` - filters the users array before the query takes place. Return a non-null value to bypass WordPress's default user queries. Similar to the `posts_pre_query` filter for WP_Query added in #36687. This filter lets you short circuit the WP_User_Query MySQL query to return your own results.
Developers should note that filtering functions that require pagination information are encouraged to set the `total_users` property of the WP_User_Query object, passed to the filter by reference. If WP_User_Query does not perform a database query, it will not have enough information to generate these values itself.
Props tlovett1, birgire, boonebgorges, spacedmonkey.
Fixes#44169.
git-svn-id: https://develop.svn.wordpress.org/trunk@44373 602fd350-edb4-49c9-b593-d223f7449a82
Fixes the `load_script_textdomain` function not resolving the md5 hash based on the relative path for WordPress installations in a subdirectory. Also adds a filter to allow sites using CDNs or other alternative asset locations to filter the relative path resolution.
Props akirk, fierevere, swissspidy, mypacecreator, babaevan, tmatsuur, ocean90, herregroen.
Merges [44209] to trunk.
Fixes#45528.
git-svn-id: https://develop.svn.wordpress.org/trunk@44310 602fd350-edb4-49c9-b593-d223f7449a82
`wpdb::get_col()` iterates over `$wpdb->last_result`, which can be a non-countable value, should the preceding query have failed.
Props spacedmonkey, desrosj, pento.
Merges [43934] into trunk.
See #45299.
git-svn-id: https://develop.svn.wordpress.org/trunk@44272 602fd350-edb4-49c9-b593-d223f7449a82
- Skips validation where there is no attribute definition, but keeps the attribute value. Previously, the attribute would be omitted from the attributes passed to `render_callback`. Notably, this resolves an issue where `render_callback` cannot receive a block's `align` and `customClassName` attribute values, since these are defined as a client-side filter.
- Validates `null` as a proper value in its own right. Previously, a client implementation of a block could track `{“attribute":null}` as an explicitly empty value, and the server would wrongly initiate defaulting behavior. The new behavior will now only populate a default value if the attribute is not defined at all, including when unset in its being invalid per the attribute schema.
Props aduth, noisysocks, youknowriad, danielbachhuber.
Merges [43918] to trunk.
See #45145 for the patch, #45098 for the original ticket.
git-svn-id: https://develop.svn.wordpress.org/trunk@44269 602fd350-edb4-49c9-b593-d223f7449a82
Demarcations for reusable blocks are always expected to be accessible by clients.
Props noisysocks, youknowriad.
Merges [43917] to trunk.
See #45145 for the patch, #45098 for the original ticket.
git-svn-id: https://develop.svn.wordpress.org/trunk@44268 602fd350-edb4-49c9-b593-d223f7449a82
Changes of note:
- Includes the new Annotations API package.
- `wp-polyfill-ecmascript.js` is renamed to `wp-polyfill.js`.
- `strip_dynamic_blocks()` has been removed in favor of `excerpt_remove_blocks()`.
- The PHP block parser is now syncing from the `block-serialization-default-parser` package.
- `do_blocks()` uses the new parser.
- The `do_block` filter has been removed from `do_blocks()`, in favor of a `render_block` filter in `render_block()`.
Also, a little cleanup to `render_block()`. Always normalize `$block['attrs’]` to array in `’render_block’` filter.
Props pento, azaozz.
Merges [43884] and [43888] to trunk.
See #45145, #45190, #45264, #45282.
git-svn-id: https://develop.svn.wordpress.org/trunk@44261 602fd350-edb4-49c9-b593-d223f7449a82
In [42724], `$this->server` was replaced with `rest_get_server()` for better memory recycling.
[43908], from the 5.0 branch, was merged into trunk in [44254] and used the now unavailable `$this->server`.
This updates the new test from the 5.0 branch to use the expected `rest_get_server()`.
See #45220, #41641.
git-svn-id: https://develop.svn.wordpress.org/trunk@44256 602fd350-edb4-49c9-b593-d223f7449a82
In [42724], `$this->server` was replaced with `rest_get_server()` for better memory recycling.
[43897], from the 5.0 branch, was merged into trunk in [44250] and used the now unavailable `$this->server`.
This updates the new test from the 5.0 branch to use the expected `rest_get_server()`.
See #43316, #41641.
git-svn-id: https://develop.svn.wordpress.org/trunk@44255 602fd350-edb4-49c9-b593-d223f7449a82
In [43736], we prevented rendering fields when not present in `?_fields=`. However, because `get_fields_for_response()` is dependent on `get_item_schema()`, any custom fields registered with a null schema would be incorrectly excluded from the response. Because the REST API permits a null schema for `register_rest_field()`, those fields should be included in the available fields for a response.
Props danielbachhuber.
Merges [43908] to trunk.
Fixes#45220.
git-svn-id: https://develop.svn.wordpress.org/trunk@44254 602fd350-edb4-49c9-b593-d223f7449a82
When 'parent' is set as the path argument name, it gets passed down through to the `create_item()` method and can erroneously reset the 'parent' value on the post itself. Instead, we rename the argument to 'id' and replicate the revision controller's `get_items_permissions_check()` to instead reference 'id'.
Also ensures revision query params (of which there are many) aren't exposed as the query params for autosaves (of which there are two).
Props TimothyBlynJacobs.
Merges [43897] to trunk.
See #43316.
git-svn-id: https://develop.svn.wordpress.org/trunk@44250 602fd350-edb4-49c9-b593-d223f7449a82
Calls `wp_set_script_translations` for all packages scripts that have translations. Also correctly sets the domain on the translations.
Props omarreiss, pento, ocean90.
Merges [43878] to trunk.
Fixes#45161.
git-svn-id: https://develop.svn.wordpress.org/trunk@44239 602fd350-edb4-49c9-b593-d223f7449a82
In [42724], `$this->server` was replaced with `rest_get_server()` for better memory recycling.
[43862], from the 5.0 branch, was merged into trunk in [44225] and used the now unavailable `$this->server`.
This updates the new tests from the 5.0 branch to use the expected `rest_get_server()`.
See #45269, #41641.
git-svn-id: https://develop.svn.wordpress.org/trunk@44234 602fd350-edb4-49c9-b593-d223f7449a82
As `do_blocks()` is run before `wpautop()` in the_content filter, we can remove in a Just In Time fashion, before that filter is run.
After `wpautop()`s original priority has passed, we can re-add it in a Just Too Late fashion, to ensure it's available if `the_content` filter is run multiple times on a page load.
Merges [43879] and [43881] from the 5.0 branch to trunk.
Props pento, nerrad.
Fixes#45290.
git-svn-id: https://develop.svn.wordpress.org/trunk@44226 602fd350-edb4-49c9-b593-d223f7449a82
I thought I was writing JavaScript. Alas.
Merges [43852] from the 5.0 branch to trunk.
Props danielbachhuber.
See #45196.
git-svn-id: https://develop.svn.wordpress.org/trunk@44218 602fd350-edb4-49c9-b593-d223f7449a82
This fixture schema ensures `wp-api-generated.js` doesn't change when running tests in local dev environments.
Merges [43851] from the 5.0 branch to trunk. `wp-api-generated.js` generated based on current trunk.
Props danielbachhuber.
Fixes#45196.
git-svn-id: https://develop.svn.wordpress.org/trunk@44217 602fd350-edb4-49c9-b593-d223f7449a82
Also introduces a `block_editor_preload_paths` filter for plugins and themes to preload additional data.
Merges [43833] from the 5.0 branch to trunk.
Props imath, mattheu, danielbachhuber.
Fixes#45194.
git-svn-id: https://develop.svn.wordpress.org/trunk@44172 602fd350-edb4-49c9-b593-d223f7449a82
Adds the `wp_set_script_translations()` function which registers translations for a JavaScript file. This function takes a handle, domain and optionally a path and ensures JavaScript translation files are loaded if they exist.
Merges [43825,43828,43859,43898] from the 5.0 branch to trunk.
Props herregroen, atimmer, omarreiss, nerrad, swissspidy, ocean90, georgestephanis.
Fixes#45103, #45256.
git-svn-id: https://develop.svn.wordpress.org/trunk@44169 602fd350-edb4-49c9-b593-d223f7449a82
When switching themes, `wp_map_nav_menu_locations()` is used to ensure nav menus are placed in the relevant menu location. Occasionally, menus are registered to locations with numeric slugs, rather than strings. `wp_map_nav_menu_locations()` assumed it would be the latter, and ran `stripos()` on those numeric slugs. This behavior is deprecated in PHP 7.3.
As this is the last PHP 7.3 error in unit tests, this commit also removes PHP 7.3 from Travis' `allowed_failures` list.
Props pento, desrosj, jorbin.
Merges [43899] to trunk.
See #45018.
git-svn-id: https://develop.svn.wordpress.org/trunk@44167 602fd350-edb4-49c9-b593-d223f7449a82
In PHP 7.3, the `compact()` function has been changed to issue an `E_NOTICE` level error if a passed string refers to an unset variable. In previous versions of PHP, this notice was silently skipped. The full RFC can be viewed here: https://wiki.php.net/rfc/compact.
Props jorbin, desrosj.
Merges [43819] and [43832] to trunk.
Fixes#44416.
git-svn-id: https://develop.svn.wordpress.org/trunk@44166 602fd350-edb4-49c9-b593-d223f7449a82
Blocks are able to register styles that used in the editor and the frontend, or only in the editor. These functions ensure the correct styles are loaded in the correct place.
Props pento.
Merges [43812] to trunk.
See #45065.
git-svn-id: https://develop.svn.wordpress.org/trunk@44157 602fd350-edb4-49c9-b593-d223f7449a82
To avoid this being a vector for bypassing the filetypes that are allowed to be uploaded, this attribute is only allowed to be added without a value.
Merges [43813] from the 5.0 branch to trunk.
Props kalpshit, arshidkv12, welcher, peterwilsoncc, marina_wp, pento.
Fixes#44724.
git-svn-id: https://develop.svn.wordpress.org/trunk@44156 602fd350-edb4-49c9-b593-d223f7449a82
A handful of code formatting issues were introduced in recent commits, runs the auto-fixer on them.
git-svn-id: https://develop.svn.wordpress.org/trunk@44155 602fd350-edb4-49c9-b593-d223f7449a82
Adapts the response from `WP_oEmbed_Controller::get_proxy_item()` so that the response is correctly filtered and embeds work properly in JavaSccript editors. Introduces new `get_oembed_response_data_for_url()` function for preparing internal oEmbed responses.
Merges [43810] from the 5.0 branch to trunk.
Props danielbachhuber, imath, swissspidy.
Fixes#45142.
git-svn-id: https://develop.svn.wordpress.org/trunk@44154 602fd350-edb4-49c9-b593-d223f7449a82
Because the REST API allows meta keys to have empty values, the Custom Fields meta box should permit the same behavior.
Props charlestonsw, soulseekah, danielbachhuber.
Merges [43811] to trunk.
Fixes#43559.
git-svn-id: https://develop.svn.wordpress.org/trunk@44153 602fd350-edb4-49c9-b593-d223f7449a82
After [44149], we can now make twentynineteen the default theme. Twentyseventeen has been a great default, but 5.0 and twentynineteen is guten.
Merges [43809,43954] from the 5.0 branch to trunk.
Fixes#45152.
Props jorbin, SergeyBiryukov, pento, mcsf.
git-svn-id: https://develop.svn.wordpress.org/trunk@44151 602fd350-edb4-49c9-b593-d223f7449a82
Responsive embeds is a way for a theme to opt in to WordPress dynamically scaling the width/height of an embed. When a theme supports responsive embeds, a `wp-embed-responsive` class is added to the `<body>` tag. This information is also presented through the REST API for clients to respect.
Merges [43790] and [43791] from the 5.0 branch to trunk.
Props desrosj, danielbachhuber, ocean90.
Fixes#45125.
git-svn-id: https://develop.svn.wordpress.org/trunk@44138 602fd350-edb4-49c9-b593-d223f7449a82
The cover image block uses the `url()` function in its inline CSS, to show the cover image. KSES didn't allow this, causing the block to not save correctly for Author and Contributor users. As KSES does already check each attribute name against an allowed list, we're able to add an extra check for certain attributes to be able to use the `url()` function, too.
Merges [43781] from the 5.0 branch to core.
Props peterwilsoncc, azaozz, pento, dd32.
Fixes#45067.
git-svn-id: https://develop.svn.wordpress.org/trunk@44136 602fd350-edb4-49c9-b593-d223f7449a82
PHPUnit 3.6.x requires `exclude` and `file` paths to be relative to the checkout root.
PHPUnit 4.0.0+ requires the paths to be relative to the configuration file.
Merges [43774] from the 5.0 branch to trunk.
See #45131.
git-svn-id: https://develop.svn.wordpress.org/trunk@44128 602fd350-edb4-49c9-b593-d223f7449a82
The `block_version` denotes which version of Blocks the `post_content` contains. Introduces new `block_version()` function for versioning Blocks.
Merges [43770] from the 5.0 branch to trunk.
Props danielbachhuber, birgire.
Fixes#43887.
git-svn-id: https://develop.svn.wordpress.org/trunk@44127 602fd350-edb4-49c9-b593-d223f7449a82
- Adds `WP_REST_Autosaves_Controller` which extends `WP_REST_Revisions_Controller`.
- Autosaves endpoint is registered for all post types except attachment because even post types without revisions enabled are expected to autosave.
- Because setting the `DOING_AUTOSAVE` constant pollutes the test suite, autosaves tests are run last. We may want to improve upon this later.
Also, use a truly impossibly high number in User Controller tests. The number `100`, (or `7777` in `trunk`), could be valid in certain test run configurations. The `REST_TESTS_IMPOSSIBLY_HIGH_NUMBER` constant is impossibly high for this very reason.
Finally, Skip Autosaves controller test for multisite. There's a PHP 5.2 edge case where paths calculated differently, possibly caused by differing version of PHPUnit.
Props adamsilverstein, aduth, azaozz, danielbachhuber, rmccue, danielbachhuber.
Merges [43767], [43768], [43769] to trunk.
See #45132, #45131.
Fixes#45128, #43316.
git-svn-id: https://develop.svn.wordpress.org/trunk@44126 602fd350-edb4-49c9-b593-d223f7449a82
This function helps perform multiple REST API requests, for the purpose of preloading data into a page.
Props pento.
Merges [43763] to trunk.
See #45110.
git-svn-id: https://develop.svn.wordpress.org/trunk@44123 602fd350-edb4-49c9-b593-d223f7449a82
`use_block_editor_for_post()` and `use_block_editor_for_post_type()` determine if the block editor should be loaded.
`get_block_categories()` and `get_block_editor_server_block_settings()` provide data be included while the block editor is loading.
Props pento.
Merges [43762] to trunk.
See #45110.
git-svn-id: https://develop.svn.wordpress.org/trunk@44122 602fd350-edb4-49c9-b593-d223f7449a82
Posts containing blocks are now correctly handled when displaying on the front end, including dynamic blocks and nested blocks.
Props pento.
Merges [43752] to trunk.
See #45109.
git-svn-id: https://develop.svn.wordpress.org/trunk@44118 602fd350-edb4-49c9-b593-d223f7449a82
The `WP_Block_Parser` class, and the accompanying `parse_blocks()` helper function, can be used to parse an array of blocks out of a content string.
`WP_Block_Parser` is copied from the `@wordpress/block-serialization-default-parser` package. To ensure it stays in sync with the JavaScript parser, changes should be implemented in the package first, then the package version should be upgraded to include the changes.
Props pento.
Merges [43751] to trunk.
See #45109.
git-svn-id: https://develop.svn.wordpress.org/trunk@44116 602fd350-edb4-49c9-b593-d223f7449a82
Adjusts the packages registration after [43723]:
Combine the different registration functions into one `wp_default_packages` function. To reach this goal move the prefix logic into a function so it can be called from different locations. Use a static variable there to prevent duplicate inclusion of `version.php`.
Call this function from the `wp_default_scripts` action by registering it as a default filter.
Combine some of the logic in `_WP_Editors::print_tinymce_scripts` into `wp_register_tinymce_scripts`. The logic to force an uncompressed TinyMCE script file stays in `_WP_Editors::force_uncompressed_tinymce` because that logic is very specific to the classic editor.
The script handle `wp-tinymce` is now a dependency of the editor script handle. In combination with the previous item, this makes the classic editor work.
Adjust the syntax of the script paths to be more consistent with other WordPress code.
Always use "production" mode for the media files to prevent people from inadvertently committing development files.
Props pento, omarreiss, atimmer.
Merges [43738] into trunk.
Fixes#45065.
git-svn-id: https://develop.svn.wordpress.org/trunk@44115 602fd350-edb4-49c9-b593-d223f7449a82
When comparing the old and new values for a meta key being set, ensure both values are sanitized using the same logic so that equal values match.
props boonebgorges, dcavins, MattGeri, pilou69, TimothyBlynJacobs, kadamwhite.
Merges [43740] to trunk.
Fixes#42069.
git-svn-id: https://develop.svn.wordpress.org/trunk@44113 602fd350-edb4-49c9-b593-d223f7449a82
These helper functions allow easy access to the global block registry.
Merges [43743] from the 5.0 branch to trunk.
See #45109.
git-svn-id: https://develop.svn.wordpress.org/trunk@44109 602fd350-edb4-49c9-b593-d223f7449a82
These are the foundational classes allowing blocks to be registered and used throughout WordPress.
This commit also includes the `has_block()` and `has_blocks()` functions, which are required for unit testing these classes.
Merges [43742] from the 5.0 branch to trunk.
Props adamsilverstein, danielbachhuber, desrosj.
Fixes#45097.
See #45109.
git-svn-id: https://develop.svn.wordpress.org/trunk@44108 602fd350-edb4-49c9-b593-d223f7449a82
Introduces a `WP_REST_Search_Controller` class which registers a `/wp/v2/search` endpoint. Search types are handled by extending `WP_REST_Search_Handler`. The default search type is `WP_REST_Post_Search_Handler` but can be filtered by plugins or a theme.
Merges [43739,43741] from the 5.0 branch to trunk.
Props danielbachhuber, flixos90, pento, rmccue, joehoyle.
Fixes#39965.
git-svn-id: https://develop.svn.wordpress.org/trunk@44107 602fd350-edb4-49c9-b593-d223f7449a82
In [43087], we improved REST API performance by only rendering the fields specified in the request. Similarly, any fields registered with `register_rest_field()` should only be rendered when included in `?_fields=`.
Props dlh, danielbachhuber.
Merges [43736] to trunk.
Fixes#45099.
git-svn-id: https://develop.svn.wordpress.org/trunk@43986 602fd350-edb4-49c9-b593-d223f7449a82
In order to correctly render parts of its UI, the new editor needs to be aware of the active theme's post-formats and post-thumbnails support. This data is exposed by querying for the active theme on a new /wp/v2/themes endpoint for sufficiently privileged users.
Merges [43734], [43735] to trunk.
props desrosj.
Fixes#45016.
git-svn-id: https://develop.svn.wordpress.org/trunk@43985 602fd350-edb4-49c9-b593-d223f7449a82
Object type-specific actions that should happen before or after modification of metadata have so far been part of the respective wrapper functions. By using action and filter hooks, this changeset ensures they are always executed, even when calling the lower-level Meta API functions directly, which the REST API does as a prime example.
Merges [43729] to trunk.
Props flixos90, spacedmonkey.
Fixes#44467.
git-svn-id: https://develop.svn.wordpress.org/trunk@43982 602fd350-edb4-49c9-b593-d223f7449a82
Add global support for HTML attributes prefixed `data-` for authors and contributors, as required by the new editor.
Merges [43727] to trunk.
Props azaozz, peterwilsoncc.
Fixes#33121.
git-svn-id: https://develop.svn.wordpress.org/trunk@43981 602fd350-edb4-49c9-b593-d223f7449a82
In order for clients to present permalink previews, the REST API must share the computed results of get_sample_permalink(). These two values are now exposed as permalink_template and generated_slug for public, viewable post types, but only for context=edit.
Merges [43720] to trunk.
Props danielbachhuber, rahulsprajapati.
Fixes#45017.
git-svn-id: https://develop.svn.wordpress.org/trunk@43980 602fd350-edb4-49c9-b593-d223f7449a82
An authorized request with the read_private_posts capability for a post type should be able to GET /wp/v2/posts for posts of status=private. This query is further sanity-checked by WP_REST_Posts_Controller->check_read_permission(), which is unchanged.
Props rachelbaker, soulseekah, twoelevenjay.
Moves [43694] from the 5.0 branch to trunk.
Fixes#43701.
git-svn-id: https://develop.svn.wordpress.org/trunk@43979 602fd350-edb4-49c9-b593-d223f7449a82
Because user capabilities can be modified at runtime, the REST API needs to expose them in some evaluated but declarative manner for clients to interpret. JSON Hyper Schema targetSchema provides an appropriate paradigm for doing so.
Merges [43682] to trunk.
Props timothyblynjacobs.
Fixes#45014.
git-svn-id: https://develop.svn.wordpress.org/trunk@43974 602fd350-edb4-49c9-b593-d223f7449a82
In [43437], the link definition implementation caused attachment links to be unexpectedly nested under an attributes key. This changeset restores the prior behavior.
Merges [43681] to trunk.
Props TimothyBlynJacobs, danielbachhuber.
Fixes#44750.
git-svn-id: https://develop.svn.wordpress.org/trunk@43973 602fd350-edb4-49c9-b593-d223f7449a82
A static variable contains an integer that is incremented with each call. This number is returned with the optional prefix.
As such the returned value is not universally unique, but it is unique across the life of the PHP process.
Props westonruter, dlh.
See #44883.
git-svn-id: https://develop.svn.wordpress.org/trunk@43658 602fd350-edb4-49c9-b593-d223f7449a82
This changeset makes the new CRUD API for sites introduced in [43548] usable for real-world sites. A new function `wp_initialize_site()`, which takes care of creating a site's database tables and populating them with initial values, is hooked into the site insertion process that is initiated when calling `wp_insert_site()`. Similarly, a new function `wp_uninitialize_site()`, which takes care of dropping a site's database tables, is hooked into the site deletion process that is initiated when calling `wp_delete_site()`.
A new function `wp_is_site_initialized()` completes the API, allowing to check whether a site is initialized. Since this function always makes a database request in its default behavior, it should be called with caution. Plugins that would like to use site initialization in special ways can leverage a `pre_wp_is_site_initialized` filter to alter that default behavior.
The separate handling of the site's row in the `wp_blogs` database table and the actual site setup allows for more flexibility in controlling whether or how a site's data is set up. For example, a unit test that only checks data from the site's database table row can unhook the site initialization process to improve performance. At the same time, developers consuming the new sites API only need to know about the CRUD functions, since the initialization and uninitialization processes happen internally.
With this changeset, the foundation for a sites REST API endpoint is fully available. The previously recommended functions `wpmu_create_blog()` and `wpmu_delete_blog()` now call the new respective function internally. Further follow-up work to this includes replacing calls to `wpmu_create_blog()` with `wp_insert_site()`, `update_blog_details()` with `wp_update_site()` and `wpmu_delete_blog()` with `wp_delete_blog()` throughout the codebase.
As a side-effect of this work, the `wpmu_new_blog`, `delete_blog`, and `deleted_blog` actions and the `install_blog()` function have been deprecated.
Fixes#41333. See #40364.
git-svn-id: https://develop.svn.wordpress.org/trunk@43654 602fd350-edb4-49c9-b593-d223f7449a82
The way this was implemented in [43630] caused the file to be excluded for all sniffs, since PHPCS does not support file-wide ignores of a specific sniff at this point.
Props jrf.
See #44896.
git-svn-id: https://develop.svn.wordpress.org/trunk@43641 602fd350-edb4-49c9-b593-d223f7449a82
* Add a `human_readable_duration` function including tests.
* Add 'pixels' after image width/height.
* Add screen reader text for durations.
Props Presskopp, kiranpotphode, milindmore22, stormrockwell, afercia.
Fixes#39667.
git-svn-id: https://develop.svn.wordpress.org/trunk@43633 602fd350-edb4-49c9-b593-d223f7449a82
Previously, UTC context was implied, but could be unreliable due to being affected by plugins.
Props Rarst, rahulsprajapati, marco.marsala.
Fixes#37440.
git-svn-id: https://develop.svn.wordpress.org/trunk@43594 602fd350-edb4-49c9-b593-d223f7449a82
The original REST API revisions controller relied on `wp_get_post_revisions()`, getting all revisions of a post without any possibility to restrict the result. This changeset replaces that function call with a proper `WP_Query` setup, replicating how `wp_get_post_revisions()` works while offering parameters to alter the default behavior.
Props adamsilverstein, birgire, flixos90.
Fixes#40510.
git-svn-id: https://develop.svn.wordpress.org/trunk@43584 602fd350-edb4-49c9-b593-d223f7449a82
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.
This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script.
- Auto-fixable coding standards issues will now cause Travis failures.
Fixes#44600.
git-svn-id: https://develop.svn.wordpress.org/trunk@43571 602fd350-edb4-49c9-b593-d223f7449a82
Introduce tests to validate that register_meta and register_term_meta work as expected in WP_REST_Terms_Controller.
props timmydcrawford.
Fixes#39122.
git-svn-id: https://develop.svn.wordpress.org/trunk@43567 602fd350-edb4-49c9-b593-d223f7449a82
New functions `wp_insert_site( $data )`, `wp_update_site( $id, $data )` and `wp_delete_site( $id )` are introduced to manage site rows in the `wp_blogs` table, forming the new CRUD API together with the existing `get_site()` / `get_sites()`. The new API provides various benefits over the previously existing API, fixing several cache invalidation issues and being hook-driven so that normalization and validation of the passed data can be fully customized.
New hooks introduced as part of this are the actions `wp_insert_site`, `wp_update_site`, `wp_delete_site`, `wp_validate_site_data` and the filter `wp_normalize_site_data`.
At this point, `wp_insert_site()` does not handle setting up the site's database tables, and `wp_delete_site()` does not handle dropping the site's database tables, so the two can not yet be used directly as full replacements of `wpmu_create_blog()` and `wpmu_delete_blog()`. Managing the site's database tables will be added via hooks as part of the follow-up ticket #41333.
The existing functions `wpmu_create_blog()`, `update_blog_details()`, and `wpmu_delete_blog()` make use of the respective new counterpart and will be obsolete once #41333 has been completed.
Props flixos90, jeremyfelt, spacedmonkey.
Fixes#40364.
git-svn-id: https://develop.svn.wordpress.org/trunk@43548 602fd350-edb4-49c9-b593-d223f7449a82
This allows sites with a large cron option or a custom cron implementation to hijack the cron option to store cron data using custom functionality.
`wp_get_scheduled_event()` is new function to retrieve the event object for a given event based on the hook name, arguments and timestamp. If no timestamp is specified the next occurence is returned.
Preflight filters are added to all functions that read from or modify the cron option: `pre_schedule_event`, `pre_reschedule_event`, `pre_unschedule_event`, `pre_clear_scheduled_hook`, `pre_unschedule_hook`, `pre_get_scheduled_event` and `pre_next_scheduled`.
Additionally, the post scheduling hooks `next_scheduled` and `get_schedule` to allow plugins to modify an event after retrieving it from WordPress.
Props rmccue, DavidAnderson, ethitter, peterwilsoncc.
Fixes#32656.
git-svn-id: https://develop.svn.wordpress.org/trunk@43540 602fd350-edb4-49c9-b593-d223f7449a82
The `comment_form_default_fields` filter can be used to remove the checkbox.
Props pross, SergeyBiryukov.
Fixes#44126.
git-svn-id: https://develop.svn.wordpress.org/trunk@43518 602fd350-edb4-49c9-b593-d223f7449a82
When the REST API is in use on WordPress multisite, the `WP_REST_Attachments_Controller` should respect the "Max upload file size" and "Site upload space" site options.
Props flixos90, danielbachhuber.
Fixes#43751.
git-svn-id: https://develop.svn.wordpress.org/trunk@43462 602fd350-edb4-49c9-b593-d223f7449a82
As [43439] added data that contains object IDs, it can cause `wp-api-generated.js` to be unnecessarily regenerated.
Regenerating our list of fixtures that need normalising rectifies this.
See #44321.
git-svn-id: https://develop.svn.wordpress.org/trunk@43441 602fd350-edb4-49c9-b593-d223f7449a82
To match behaviour in the Classic Editor, we need to slightly loosen permissions on taxonomy and term endpoints. This allows users to create terms to assign to a post that they're editing.
Props danielbachhuber.
Fixes#44096.
git-svn-id: https://develop.svn.wordpress.org/trunk@43440 602fd350-edb4-49c9-b593-d223f7449a82
So that REST API clients can show appropriate UI for a post's revisions, it needs to know how many revisions the post has, and what the latest revision ID is.
Props kadamwhite, danielbachhuber, birgire, TimothyBlynJacobs.
Fixes#44321.
git-svn-id: https://develop.svn.wordpress.org/trunk@43439 602fd350-edb4-49c9-b593-d223f7449a82
There are a variety of operations a WordPress user can only perform if they have the correct capabilities. A REST API client should only display UI for one of these operations if the WordPress user can perform the operation.
Rather than requiring REST API clients to calculate whether to display UI based on potentially complicated combinations of user capabilities, `targetSchema` allows us to expose a single flag to show whether the corresponding UI should be displayed.
This change also includes flags on post objects for the following actions:
- `action-publish`: The current user can publish this post.
- `action-sticky`: The current user can make this post sticky, and the post type supports sticking.
- `action-assign-author': The current user can change the author on this post.
- `action-assign-{$taxonomy}`: The current user can assign terms from the "$taxonomy" taxonomy to this post.
- `action-create-{$taxonomy}`: The current user can create terms int the "$taxonomy" taxonomy.
Props TimothyBlynJacobs, danielbachhuber.
Fixes#44287.
git-svn-id: https://develop.svn.wordpress.org/trunk@43437 602fd350-edb4-49c9-b593-d223f7449a82
The docs for `date_i18n()` and its filter now correctly state that the `$gmt` parameter is only taken into account if no timestamp is provided. Furthermore, a bug with that parameter is fixed, as it is now ensured that the timezone used with it is `UTC`.
Props Rarst.
Fixes#38771.
git-svn-id: https://develop.svn.wordpress.org/trunk@43389 602fd350-edb4-49c9-b593-d223f7449a82
Prior to this change, `date_i18n()` only supported the `timezone_string` option, causing incorrect timezones to appear in formatted dates on sites that still rely on the `gmt_offset` option.
Props Rarst.
Fixes#34835.
git-svn-id: https://develop.svn.wordpress.org/trunk@43387 602fd350-edb4-49c9-b593-d223f7449a82
This utility function allows for easy detection whether terms for a taxonomy are considered publicly viewable.
Props andizer.
Fixes#44466.
git-svn-id: https://develop.svn.wordpress.org/trunk@43386 602fd350-edb4-49c9-b593-d223f7449a82
This brings the name in line with user-facing language and similar names of existing related capabilities. Since the capability has not been part of any WordPress release, it can be renamed without any backward-compatibility implications.
Also missing props benhuberman for [43006].
Fixes#44457.
git-svn-id: https://develop.svn.wordpress.org/trunk@43381 602fd350-edb4-49c9-b593-d223f7449a82
Introduce an `object_subtype` argument to the args array for `register_meta()` which can be used to limit meta registration to a single subtype (e.g. a custom post type or taxonomy, vs all posts or taxonomies).
Introduce `register_post_meta()` and `register_term_meta()` wrapper methods for `register_meta` to provide a convenient interface for the common case of registering meta for a specific taxonomy or post type. These methods work the way plugin developers have often expected `register_meta` to function, and should be used in place of direct `register_meta` where possible.
Props flixos90, tharsheblows, spacedmonkey.
Fixes#38323.
git-svn-id: https://develop.svn.wordpress.org/trunk@43378 602fd350-edb4-49c9-b593-d223f7449a82
This can be used in phpunit.xml:
{{{
<php>
<const name="WP_TESTS_CONFIG_FILE_PATH" value="/path/to/wp-tests-config.php" />
</php>
}}}
Props clarinetlord
Fixes#39734
git-svn-id: https://develop.svn.wordpress.org/trunk@43369 602fd350-edb4-49c9-b593-d223f7449a82
When a term query using `fields=all_with_object_id` hits the cache, the
cached `stdClass` objects must be converted to `WP_Term` objects. This
was overlooked when `WP_Term_Query` was refactored to support object
queries in [38667].
Props dlh.
Fixes#44221.
git-svn-id: https://develop.svn.wordpress.org/trunk@43313 602fd350-edb4-49c9-b593-d223f7449a82
Update the test infrastructure so that third party plugins, themes, and projects that use the core testing framework continue to operate from the `src` directory and do not require a build step.
Props mboynes, danielbachhuber, schlessera
See #43055
git-svn-id: https://develop.svn.wordpress.org/trunk@43311 602fd350-edb4-49c9-b593-d223f7449a82
In many a strange and curious file of forgotten lore—
While I pondered, blaming Nacin, my notifications suddenly awakened,
As of someone quietly DMing;—DMing me, I can’t ignore.
“’Tis some contributor,” I muttered, “DMing me an idea or four—
Only this and nothing more.”
Ah, distinctly I remember, at WordCamp US, last December;
A mad proposal nearly laid me—down out cold—upon the floor.
Curious, I listened closely;—to a plan I agreed with, mostly—
A way to make our JavaScript—JavaScript which was a chore—
Maintainable, extendable, for the future, is what I saw.
Guten-ready for evermore.
Open here I switch to Slack, when, with many a patch and hack,
In there stepped Omar, a JavaScript developer hardcore;
Pronouncing all the changes fit; ready now to be commit;
“There’s nothing else for us to do,” DMing me, “It’s done!” he swore—
“No longer random guessing at which file need next be explored—
Let’s move on, we’re all aboard.”
Moved all together, grouped and managed, in folders all is packaged,
The code had all been cleaned and tidied, important parts moved to the fore,
“Though this change be useful here,” I said, “it is too large, I fear,
We couldn’t manage such a patch, we’ve done nothing like this before—
Tell me where doth go this change, change to make our codebase soar!”
Quoth Omar, “In WordPress Core.”
Props omarreis for shepherding this significant change.
Props adamsilverstein, aduth, atimmer, dingo_bastard, frank-klein, gziolo, herregroen, jaswrks, jeremyfelt, jipmoors, jorbin, netweb, ocean90, pento, tjnowell, and youknowriad for testing, feedback, discussion, encouragement, commiserations, etc.
I make no apologies for this commit message.
Fixes#43055.
git-svn-id: https://develop.svn.wordpress.org/trunk@43309 602fd350-edb4-49c9-b593-d223f7449a82
`ResourceBundle` is only countable in PHP 5.4+, which can be considered an acceptable edge case for WordPress core purposes.
Props jrf, ayeshrajans.
Fixes#43583.
git-svn-id: https://develop.svn.wordpress.org/trunk@43226 602fd350-edb4-49c9-b593-d223f7449a82
r43008 refactored the request flow to make several improvements, but accidentally marked `completed` requests as `confirmed`. This commit restores the intended statuses, so that the data and corresponding UI reflect reality.
Props allendav, birgire.
Fixes#43913.
git-svn-id: https://develop.svn.wordpress.org/trunk@43183 602fd350-edb4-49c9-b593-d223f7449a82
In many common Multisite use cases, the network administrator will want to set a network-wide privacy policy -- via the `privacy_policy_url` filter -- for consistency and convenience. When that's done, the Privacy Settings screen on individual sites becomes unnecessary, and may confuse administrators of those sites when they see that their changes don't have any effect on the policy link in the footer.
Since we can't programatically determine which behavior the network admins would like, the safest default setting is to restrict the ability to super admins, and let them delegate it to individual site owners via a plugin, if they'd like to.
Fixes#43935.
git-svn-id: https://develop.svn.wordpress.org/trunk@43147 602fd350-edb4-49c9-b593-d223f7449a82
`user_status` is not considered personal data, so the total number of exported user properties is 11.
See #43547.
git-svn-id: https://develop.svn.wordpress.org/trunk@43116 602fd350-edb4-49c9-b593-d223f7449a82
Historically, the REST API would generate the entire response object, including running expensive filters, then it would apply the `_fields` parameter, discarding the fields that weren't specificed.
This change causes `_fields` to be applied earlier, so that only requested fields are processed.
Props danielbachhuber.
See #43874.
git-svn-id: https://develop.svn.wordpress.org/trunk@43087 602fd350-edb4-49c9-b593-d223f7449a82
Multisite networks have a variety of use cases, and in many of them single-site administrators are not trusted to take actions that affect the whole network, require making decisions about legal compliance, etc. By default, those actions should require super admin capabilities. Plugins can be used to override that behavior if a particular site's use case calls for it.
Props allendav, jeremyfelt, iandunn.
Fixes#43919.
git-svn-id: https://develop.svn.wordpress.org/trunk@43085 602fd350-edb4-49c9-b593-d223f7449a82
Return values added to Cron API functions to indicate outcome:
* `wp_schedule_single_event()`, `wp_schedule_event()`, `wp_reschedule_event()` and `wp_unschedule_event()`: boolean indicating success or failure,
* `wp_clear_scheduled_hook()`: integer indicating number of jobs cleared (zero or more), `false` if one or more jobs fail to clear,
* `wp_unschedule_hook()`: integer indicating number of jobs cleared (zero or more), `false` if the jobs fail to clear,
* `spawn_cron()`: boolean indicating whether job spawned,
* `wp_cron()`: integer indicating number of jobs spawned (zero or more), `false` if one or more jobs fail to spawned,
* `_set_cron_array()`: boolean outcome of `update_option()`.
Props evansolomon, jrf, peterwilsoncc, pento for code review.
Fixes#21072.
git-svn-id: https://develop.svn.wordpress.org/trunk@43050 602fd350-edb4-49c9-b593-d223f7449a82
The `get_term()` mapping may result in term objects that are `null` or
`WP_Error` when plugins use `get_term` or a related filter. Since `null`
and error objects are not valid results for a term query, we discard
them.
Props GM_Alex.
See #42691.
git-svn-id: https://develop.svn.wordpress.org/trunk@43049 602fd350-edb4-49c9-b593-d223f7449a82
After the introduction of site metadata in [42836], it should be possible to query sites by that data.
Fixes#40229.
git-svn-id: https://develop.svn.wordpress.org/trunk@43010 602fd350-edb4-49c9-b593-d223f7449a82
For the block editor to be able to expose the Preview button correctly, it needs to know the `is_post_type_viewable()` setting, this change adds it to the Post Type response.
Props danielbachhuber.
Fixes#43739.
git-svn-id: https://develop.svn.wordpress.org/trunk@43007 602fd350-edb4-49c9-b593-d223f7449a82
Without the `ms-required` and `ms-excluded` groups being marked as excluded in the PHPUnit configurations for the project, those groups were still executed, causing fatal errors. Checking against the groups in the correct structure of the array returned from PHPUnit's `Testcase::getAnnotations()` ensures that those tests are skipped properly.
Fixes#43863.
git-svn-id: https://develop.svn.wordpress.org/trunk@43005 602fd350-edb4-49c9-b593-d223f7449a82
This introduces the `get_the_privacy_policy_link()` and `the_privacy_policy_link()` functions, as well as the `privacy_policy_url` filter.
A new `tests/url/` folder was added to better organize tests related to `get_*_url()` functions. Previously, those tests were placed in `tests/url.php` and `tests/link/`, but neither of those locations are optimal. Placing tests in `tests/url.php` violates the guideline of creating separate files/classes for each function under test, and using `tests/link/` conflates two distinct -- albeit related -- groups of functions. Over time, URL-related tests can be migrated to the new folder.
Props birgire, xkon, azaozz, iandunn.
See #43850.
git-svn-id: https://develop.svn.wordpress.org/trunk@43002 602fd350-edb4-49c9-b593-d223f7449a82
Any WordPress user who can `edit_posts` of a post type with `show_in_rest=true` can query for authors. This maps to current WordPress behavior where a WordPress user who can view the Manage Posts view for a post type can see any WordPress user assigned to a post (whether published or draft).
This implementation, over restricting `who=authors` to users with `list_users`, gives us future flexibility in displaying lists of posts. It still respects more restrictive permissions for `context=edit`.
Props danielbachhuber.
Fixes#42202.
git-svn-id: https://develop.svn.wordpress.org/trunk@43001 602fd350-edb4-49c9-b593-d223f7449a82
This was originally added to allow Gutenberg to do permalink editing, but is no longer required. It's also superceded by #41014.
Reverts [42142].
Fixes#42465.
git-svn-id: https://develop.svn.wordpress.org/trunk@42997 602fd350-edb4-49c9-b593-d223f7449a82
Prior to this change, the nonce passed from `wp-signup.php` was verified with a simple comparison. Furthermore in case of failures, `wp_die()` would be called right during the HTML markup being already printed. Now the error message is returned properly, modifying the `WP_Error` object in the passed `$result`.
Props herregroen.
Fixes#43667.
git-svn-id: https://develop.svn.wordpress.org/trunk@42976 602fd350-edb4-49c9-b593-d223f7449a82
This iterates on earlier versions of the code, in order to handle more edge cases. An arbitrary string like `or=\"` will now be stripped, as well as reachability scopes like `%eth0`.
Props eamax, soulseekah, iandunn.
Fixes#41083.
git-svn-id: https://develop.svn.wordpress.org/trunk@42968 602fd350-edb4-49c9-b593-d223f7449a82
`edit_user()` can also update user roles but was still using the `edit_users` capability instead of the newer `promote_users` capability introduced in [14176].
This makes the role handling consistent with the bulk dropdown menu for role changes.
Props flixos90, johnjamesjacoby, ocean90.
Fixes#42564.
git-svn-id: https://develop.svn.wordpress.org/trunk@42855 602fd350-edb4-49c9-b593-d223f7449a82
This updates the expected version number for Hello Dolly in `Tests_Ajax_Update_Plugin::test_update_plugin` following [42839].
See #43555.
git-svn-id: https://develop.svn.wordpress.org/trunk@42841 602fd350-edb4-49c9-b593-d223f7449a82
This is a partial revert of [41724], so image captions include an
inline `width` style instead of `max-width`.
This returns the caption shortcode to the pre-4.9.0 behavior, while
retaining the extra unit test coverage added in [41724].
Fixes#43123. See #33981.
git-svn-id: https://develop.svn.wordpress.org/trunk@42837 602fd350-edb4-49c9-b593-d223f7449a82
A new global multisite table `wp_blogmeta` is added to the database schema, and a set of `*_site_meta()` API functions are introduced.
The implementation fails gracefully when the new table is not yet available, which may happen especially shortly after the core update, before the network has been upgraded to the new database schema. The presence of the table is detected once and stored as a global setting on the main network.
Core does not yet use site metadata, but there are several use-cases to be implemented or explored in the near future, and it allows plugins to extend sites with arbitrary data, which will come in particularly handy with the upcoming REST API endpoint for sites.
Props spacedmonkey, johnjamesjacoby, jeremyfelt, flixos90.
Fixes#37923.
git-svn-id: https://develop.svn.wordpress.org/trunk@42836 602fd350-edb4-49c9-b593-d223f7449a82
Prior to this change, the `{$network_id}:notoptions` cache would only be fetched, but not set, unless the actual database lookup would be unsuccessful. This enhancement slightly improves performance by preventing unnecessary external object cache lookups if one is used.
Fixes#43506.
git-svn-id: https://develop.svn.wordpress.org/trunk@42833 602fd350-edb4-49c9-b593-d223f7449a82
This new dashboard widget is shown on WordPress sites which are powered by a PHP version which WordPress considers outdated, in order to inform site owners about the resulting problems and to explain how to upgrade to a supported version. An education page for that purpose has been previously created that the widget links to. The link is translatable so that localized versions of the page can be referred to as they become available.
The nag follows the example of the Browse Happy dashboard widget and is only visible for administrators, or network administrators when using multisite. To determine whether it needs to be displayed, a new wordpress.org API introduced prior is called that handles the version logic in a centralized location.
Props flixos90, hedgefield, schlessera.
Fixes#41191.
git-svn-id: https://develop.svn.wordpress.org/trunk@42832 602fd350-edb4-49c9-b593-d223f7449a82
The error response body size is limited to 1 KB by default to avoid taking up too much memory. The size can be increased using `download_url_error_max_body_size` filter.
Props soulseekah, campusboy1987, mihdan, SergeyBiryukov.
Fixes#43329.
git-svn-id: https://develop.svn.wordpress.org/trunk@42773 602fd350-edb4-49c9-b593-d223f7449a82
The new `compare_key=LIKE` parameter works in conjunction with `key` in a
similar way to the `compare=LIKE` and `value`: by doing a "compares" `LIKE`
query. This allows developers to do partial matches against keys when
doing meta queries.
Props mariovalney, chasewg.
Fixes#42409.
git-svn-id: https://develop.svn.wordpress.org/trunk@42768 602fd350-edb4-49c9-b593-d223f7449a82
The files were removed from Core in r42462 because they're no longer necessary, and have a history of security issues. They remain upstream, though, so this test makes it explicitly clear that they should not be added back in the future without careful consideration and discussion with the Security team.
`Tests_Admin_IncludesUpdateCore::test_new_files_are_not_in_old_files_array_compiled()` would already catch files with the exact same name, but this test will also catch files with new names, just to be extra cautious.
Props iandunn, ocean90, SergeyBiryukov
Fixes 43101
git-svn-id: https://develop.svn.wordpress.org/trunk@42762 602fd350-edb4-49c9-b593-d223f7449a82
Fix an issue that prevents tests from running correctly when run outside their normal context.
Props PressLabs, johnbillion.
Fixes#40071.
git-svn-id: https://develop.svn.wordpress.org/trunk@42741 602fd350-edb4-49c9-b593-d223f7449a82
Reverts unit test removal, instead changing them to expect the function to be deprecated.
Correct the version the ajax callback was deprecated.
Amends [42614].
Props dlh, ocean90.
Fixes#38922.
git-svn-id: https://develop.svn.wordpress.org/trunk@42737 602fd350-edb4-49c9-b593-d223f7449a82
For Gutenberg and other admin-type interfaces, it's useful to be able to see the visibility settings for taxonomies.
Props joehoyle, pento.
Fixes#42707.
git-svn-id: https://develop.svn.wordpress.org/trunk@42729 602fd350-edb4-49c9-b593-d223f7449a82
WordCamps are celebrations of the local WordPress Community and once a local one is scheduled, people in that community should know it is coming. This adjusts the WordPress Events in the dashboard widgets to always display a WordCamp, even if there are multiple Meetups happening first.
Props iandunn, metalandcoffee, warmlaundry, alejandroxlopez, jorbin.
Fixes#41112.
git-svn-id: https://develop.svn.wordpress.org/trunk@42726 602fd350-edb4-49c9-b593-d223f7449a82
Also somewhat explain to future maintainers why this pairing of strings was chosen, besides this committer's musical preferences. Social opinions on cancer are fairly clear, as are commonly accepted definitions of profanity and family-friendly language.
Shout out to the close contender, which would have been particularly appropriate here: "You could be the king // But watch the queen conquer".
see #43207, #38176
git-svn-id: https://develop.svn.wordpress.org/trunk@42667 602fd350-edb4-49c9-b593-d223f7449a82
In particular allows audio and video playlists to be added to the Text widget and previewed.
Props bpayton, westonruter.
See #40854.
Fixes#42495.
git-svn-id: https://develop.svn.wordpress.org/trunk@42613 602fd350-edb4-49c9-b593-d223f7449a82
As these tests are already validating that two arrays match, checking that the counts also match before is redundant and makes it harder to debug when the test fails.
See #16895
git-svn-id: https://develop.svn.wordpress.org/trunk@42526 602fd350-edb4-49c9-b593-d223f7449a82
Removes the formatting and texturization added to author bios in #40040 due to back-compatibility concerns.
Reverts [41172], [41173].
Props 0x6f0, rabmalin for review.
Fixes#42578.
git-svn-id: https://develop.svn.wordpress.org/trunk@42441 602fd350-edb4-49c9-b593-d223f7449a82
Continues the introduction in core of the aria-current attribute after [41683], [41359], and [41371].
- changes the `wp_link_pages()` (see the `nextpage` quicktag) output to use an `aria-current` attribute on the current item
- adds `post-nav-links` and `post-page-numbers` CSS classes to help themes style these links
- updates the related tests
Props antonioeatgoat, alexstine.
Fixes#41859.
git-svn-id: https://develop.svn.wordpress.org/trunk@42440 602fd350-edb4-49c9-b593-d223f7449a82
The `test_remove_orientation_data_on_rotate()` test was failing on systems that did not have the `exif` extension available.
Skips test when the `exif_read_data()` function does not exist.
Props danielbachhuber, desrosj.
Fixes#42447.
git-svn-id: https://develop.svn.wordpress.org/trunk@42431 602fd350-edb4-49c9-b593-d223f7449a82
Unfortunately, in my overzealous desire to fix all the un-capitalised Ps, [42343] capitalled some Ps that intentionally should not be capitals.
This commit fixes the incorrectly capitalling of Ps, as well as including unit tests and PHPCS instructions to ensure we never capitulate to capitalisationing them again.
Props superdav42.
Fixes#43040.
Fixes#43041.
git-svn-id: https://develop.svn.wordpress.org/trunk@42429 602fd350-edb4-49c9-b593-d223f7449a82
When a post slug is changed, we store a copy of the old slug, so that we can redirect visitors visiting the old URL to the new URL.
In the same way, this stores a copy of the old date, when the post date changes, so we can redirect visitors to the new URL.
Props nickmomrik.
Fixes#15397 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@42401 602fd350-edb4-49c9-b593-d223f7449a82
Rename `$post_ID` to `$post` for consistency with other functions.
Add unit tests for `wp_get_post_parent_id()`.
Props keesiemeijer.
Fixes#42797.
git-svn-id: https://develop.svn.wordpress.org/trunk@42397 602fd350-edb4-49c9-b593-d223f7449a82
Previously, only the `publish_posts` capability was checked. Now, the correct meta or primitive capability for the post type is used where appropriate.
Props peterwilsoncc
Fixes#42464
git-svn-id: https://develop.svn.wordpress.org/trunk@42380 602fd350-edb4-49c9-b593-d223f7449a82
This change reinstates the previous de facto behavior of `category_description()`.
See [40979], [42364]. Because `term_description()` no longer passes `$taxonomy` to
`get_term_field()`, the parameter is no longer needed and has been deprecated.
Fixes#42605. See #42771.
git-svn-id: https://develop.svn.wordpress.org/trunk@42368 602fd350-edb4-49c9-b593-d223f7449a82
Prior to 4.9, this function was accidentally taxonomy-agnostic in most cases.
The fix in [40979] caused a regression in this function. For backward
compatibility, we make it explicit that the query is by ID only.
See #42771.
git-svn-id: https://develop.svn.wordpress.org/trunk@42367 602fd350-edb4-49c9-b593-d223f7449a82
See [42364] for description of the problem.
Because `get_category_link()` is now totally taxonomy-agnostic, `get_tag_link()`
can become a simple wrapper.
Props juiiee8487, markjaquith.
See #42771.
git-svn-id: https://develop.svn.wordpress.org/trunk@42366 602fd350-edb4-49c9-b593-d223f7449a82
Prior to version 4.9, a quirk in the implementation of `get_term()` caused
`get_category_link( 123 )` to fetch the taxonomy archive link for term 123
even if 123 is not in the 'category' taxonomy. The quirk was fixed in [40979];
see #40671. This bugfix introduced a regression for theme authors who were
expecting the old behavior.
By lifting the 'category' restriction, we allow the template function to work
in the old way.
Fixes#42717. See #42771.
git-svn-id: https://develop.svn.wordpress.org/trunk@42364 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a bug where the mapping logic would try mapping empty sidebars, resulting in PHP warnings.
Props ionvv, chetan200891 for initial patch.
Fixes#42603.
git-svn-id: https://develop.svn.wordpress.org/trunk@42362 602fd350-edb4-49c9-b593-d223f7449a82
There are situations where the REST API client wants to be able to read and set the permalink_structure option. Though this doesn’t fix the use case of front-end rendered unauthenticated websites, it still has utility as a setting in it’s own right.
Props aduth.
See #41014.
git-svn-id: https://develop.svn.wordpress.org/trunk@42359 602fd350-edb4-49c9-b593-d223f7449a82
The 409 error code is intended for situations where it is expected that the user will resolve the conflict and resubmit the same request. We use 400 error codes for other routes when a duplicate request is made. The 400 status code tells the user they need to modify their request for it to be successful.
Props shooper.
Fixes#42781. See #41370.
git-svn-id: https://develop.svn.wordpress.org/trunk@42354 602fd350-edb4-49c9-b593-d223f7449a82
WordPress' code just... wasn't.
This is now dealt with.
Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes#41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42343 602fd350-edb4-49c9-b593-d223f7449a82
`rest_url()` inconsistent addes slashes to the passed path depending on whether the site has pretty permalinks enabled. Apart from being inconsistent, this also caused the unit tests to fail when pretty permalinks are enabled.
Props frank-klein.
Fixes#42452. See #41451.
git-svn-id: https://develop.svn.wordpress.org/trunk@42250 602fd350-edb4-49c9-b593-d223f7449a82
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.
See #41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42228 602fd350-edb4-49c9-b593-d223f7449a82
The `meta_box_cb` argument was introduced in [25572] to allow plugin
authors to provide a custom callback for rendering their taxonomy's meta
box on the post edit screen. However, the routine used to handle the saving
of these custom taxonomy meta boxes was not customizable, but was instead
based simply on whether the taxonomy was hierarchicaly. See [13535].
The new `meta_box_sanitize_cb` argument defaults to the "tag" routine for
non-hierarchical taxonomies and the "category" routine for hierarchical ones,
thereby maintaining the current default behavior. Developers can override this
when the data passed from their `meta_box_cb` differs.
Props boonebgorges, ZaneMatthew, stephenharris.
Fixes#36514.
git-svn-id: https://develop.svn.wordpress.org/trunk@42211 602fd350-edb4-49c9-b593-d223f7449a82
When querying for 'count', ensure that 0 is returned. Otherwise,
ensure that it's an array.
Props xParham, birgire.
Fixes#42327.
git-svn-id: https://develop.svn.wordpress.org/trunk@42209 602fd350-edb4-49c9-b593-d223f7449a82
[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.
This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.
See #41925.
git-svn-id: https://develop.svn.wordpress.org/trunk@42056 602fd350-edb4-49c9-b593-d223f7449a82
In the original function introduced in [41380], and subsequently [41861], only the network ID was passed to the new `pre_get_main_site_id` filter. In order to make give quick access to other network properties, it was decided to pass the whole object instead. The changeset includes an additional test.
Fixes#29684.
git-svn-id: https://develop.svn.wordpress.org/trunk@42043 602fd350-edb4-49c9-b593-d223f7449a82
This now treats files containing `./` as valid, and also treats files containing a trailing `../` as valid due to widespread use of this pattern in theme and plugin zip files.
Adds tests.
Props Ipstenu, borgesbruno, DavidAnderson, philipjohn, birgire
Fixes#42016, #36170
git-svn-id: https://develop.svn.wordpress.org/trunk@42011 602fd350-edb4-49c9-b593-d223f7449a82
* Allow updating oEmbed cache during `parse-embed` requests for non-post editors (such as widgets).
* Update any existing `oembed_cache` post when `usecache` and TTL has passed.
* Do not overwrite a previously valid cache with `{{unknown}}`.
Props dlh.
See #34115.
Fixes#42310.
git-svn-id: https://develop.svn.wordpress.org/trunk@42009 602fd350-edb4-49c9-b593-d223f7449a82
In r41727 the ability to sanitise and validate objects from JSON schema was added, with a whitelist approach. It was decided we should pass through all non-registered properties to reflect the behaviour of the root object in register_rest_route. To prevent arbitrary extra data via setting objects, we force additionalProperties to false in the settings endpoint.
See #38583.
git-svn-id: https://develop.svn.wordpress.org/trunk@42000 602fd350-edb4-49c9-b593-d223f7449a82
Previously attempted in [40256], which caused the test for decoded curly quotes to fail in some environments.
`$_SERVER['REQUEST_URI']` contains the encoded URI, so this version removes the failing tests and only checks for encoded curly quotes.
Props joostdevalk, lancewillett, SergeyBiryukov.
Fixes#20383.
git-svn-id: https://develop.svn.wordpress.org/trunk@41991 602fd350-edb4-49c9-b593-d223f7449a82
Adds checks throughout to allow for `wp_new_comment()` returning a `WP_Error` instance.
Updates the docs for the `pre_comment_approved` filter to include that it can be passed an error.
Props enrico.sorcinelli, ryotsun.
Fixes#39730.
git-svn-id: https://develop.svn.wordpress.org/trunk@41980 602fd350-edb4-49c9-b593-d223f7449a82
Also remove `enum` for validating allowed templates to allow plugins to dynamically supply their own templates for specific posts, even when they are not in the theme.
Props TimothyBlynJacobs, jnylen0, swissspidy.
Fixes#39996.
git-svn-id: https://develop.svn.wordpress.org/trunk@41979 602fd350-edb4-49c9-b593-d223f7449a82
Moves defintion of ajax request in `WP_Ajax_UnitTestCase` to `setUp()` method to account for hooks being reset as part of `tearDown()`.
Props matthias.thiel for report.
Fixes#41561.
git-svn-id: https://develop.svn.wordpress.org/trunk@41970 602fd350-edb4-49c9-b593-d223f7449a82
This allows for automated scripts & test suites to handle the failure of the test suite easier.
Props danielbachhuber
Fixes#41916
git-svn-id: https://develop.svn.wordpress.org/trunk@41966 602fd350-edb4-49c9-b593-d223f7449a82
When media is uploaded to a post, the upload directory is set according to the date of the post, so that the media URLs in the post match when the post was published.
A page is a slightly different beast, pages often live for years, and are regularly updated to stay relevant. This change causes media uploaded to pages to use the upload date to determine the upload directory.
Fixes#10752.
git-svn-id: https://develop.svn.wordpress.org/trunk@41964 602fd350-edb4-49c9-b593-d223f7449a82
Allow `CodeEditorControl` to be instantiated with a `editor_settings` param which is merged with `wp.codeEditor.defaultSettings`.
Also:
* Turn redundant "CSS Code" control label into screen reader text for Additional CSS.
* Remove `code-editor` as script dependency for `custom-html-widgets` since enqueueing is determined by `wp_enqueue_code_editor()`.
* Remove useless exporting of `code_type` param to JS in `WP_Customize_Code_Editor_Control`.
* Add `disabled` class to Custom HTML widget's Save button when linting errors are present.
* Remove redundant `span` inside CodeEditorControl's `label`.
See #41897, #12423, #41872.
git-svn-id: https://develop.svn.wordpress.org/trunk@41957 602fd350-edb4-49c9-b593-d223f7449a82
* Introduce a `widget_{$id_base}_instance_schema` filter for plugins to add new properties to a media widget's instance schema.
* Pass all of a gallery widget's instance props to the gallery media frame, not just the ones that core supports.
See #32417, #41914.
Fixes#42285.
git-svn-id: https://develop.svn.wordpress.org/trunk@41951 602fd350-edb4-49c9-b593-d223f7449a82
* Only use default control content template when a more specific template doesn't exist.
* Remove extraneous whitespace from being output in `WP_Customize_Control::render()` method.
* Move Custom Header template printing to `customize_controls_print_footer_scripts` action.
See #30738.
git-svn-id: https://develop.svn.wordpress.org/trunk@41935 602fd350-edb4-49c9-b593-d223f7449a82
* Update stubs to have draft status when changeset is saved as draft, instead of preventing auto-draft garbage collection by giving them a far-future `post_date`.
* Show notice in publish metabox when editing a customization draft indicating that it will be published automatically with its changeset; a link to Customizer is included.
* Include a new "Customization Draft" display post state in the post list table.
* Disconnect stubs from their changesets when they are updated with a status other than "Draft".
* Trash customization drafts when their related changeset is trashed or deleted.
* Add a `_customize_changeset_uuid` postmeta to stubs to link them with their associated changeset.
* Include `customize_changeset_uuid` as context when requesting to insert a new auto-draft.
Props westonruter, melchoyce.
See #39896, #39752, #34923.
Fixes#42220.
git-svn-id: https://develop.svn.wordpress.org/trunk@41887 602fd350-edb4-49c9-b593-d223f7449a82
In order for `get_site_by()` to be truly beneficial, caching in `WP_Site_Query` needs to be improved to account for common use-cases and have them be invalidated less aggressively.
See #40180, #40228, #42091.
git-svn-id: https://develop.svn.wordpress.org/trunk@41884 602fd350-edb4-49c9-b593-d223f7449a82
While `get_site_by()` makes sense as a more explicit and less complex replacement for `get_blog_details()`, it is not ready yet in terms of caching, where it currently falls short of the older function under specific circumstances.
See #40180, #40228.
git-svn-id: https://develop.svn.wordpress.org/trunk@41883 602fd350-edb4-49c9-b593-d223f7449a82
When the `WP_Network::$blog_id` property is set manually, for example in the multisite bootstrap process, `get_main_site_id()` should use that value instead of running its own logic. The main logic for the function was therefore moved into the internal `WP_Network::get_main_site_id()` method, which is now being accessed by the function through the magic property handling for `WP_Network::$blog_id` (and its equivalent `WP_Network::$site_id`).
Props spacedmonkey, jeremyfelt.
Fixes#41936.
git-svn-id: https://develop.svn.wordpress.org/trunk@41861 602fd350-edb4-49c9-b593-d223f7449a82
This ensures that the `get_pages()` query cache doesn't go stale when
postmeta is modified.
Props spacedmonkey.
Fixes#40669.
git-svn-id: https://develop.svn.wordpress.org/trunk@41849 602fd350-edb4-49c9-b593-d223f7449a82
Comment queries are sensitive to comment meta due to the `meta_query`
parameter, so the cache must be invalidated when comment meta is changed,
added, or deleted.
Props spacedmonkey.
See #40669.
git-svn-id: https://develop.svn.wordpress.org/trunk@41848 602fd350-edb4-49c9-b593-d223f7449a82
[41784] was a workaround for a bug in PHPUnit 6.4. PHPUnit 6.4.1 has since been released, which includes a fix for this.
Fixes#42124.
git-svn-id: https://develop.svn.wordpress.org/trunk@41841 602fd350-edb4-49c9-b593-d223f7449a82
* Customization locking is checked when changesets are saved and when heartbeat ticks.
* Lock is lifted immediately upon a user closing the Customizer.
* Heartbeat is introduced into Customizer.
* Changes made to user after it was locked by another user are stored as an autosave revision for restoration.
* Lock notification displays link to preview the other user's changes on the frontend.
* A user loading a locked Customizer changeset will be presented with an option to take over.
* Autosave revisions attached to a published changeset are converted into auto-drafts so that they will be presented to users for restoration.
* Focus constraining is improved in overlay notifications.
* Escape key is stopped from propagating in overlay notifications, and it dismisses dismissible overlay notifications.
* Introduces `changesetLocked` state which is used to disable the Save button and suppress the AYS dialog when leaving the Customizer.
* Fixes bug where users could be presented with each other's autosave revisions.
Props sayedwp, westonruter, melchoyce.
See #31436, #31897, #39896.
Fixes#42024.
git-svn-id: https://develop.svn.wordpress.org/trunk@41839 602fd350-edb4-49c9-b593-d223f7449a82
Trashing a changeset via `wp_trash_post()` does not have the desired result since it mutates `post_content` (via Kses) and the `post_name` (even though it is a UUID).
Props dlh.
See #39896, #42030.
Fixes#42175.
git-svn-id: https://develop.svn.wordpress.org/trunk@41824 602fd350-edb4-49c9-b593-d223f7449a82
This fixes a change in behaviour introduced by [41629].
The host is set to an empty string when it isn't defined, this continues existing behaviour. In particular, the mysqli library treats a `null` host as being the same as `localhost`, which is not always the intended behaviour.
Props birgire, markjaquith, pento.
Fixes#41722.
git-svn-id: https://develop.svn.wordpress.org/trunk@41820 602fd350-edb4-49c9-b593-d223f7449a82
On newer versions of MySQL, an error was being thrown when creating a table with an index that we wanted to be silently truncated.
To avoid this, the test now tries to use a newer InnoDB file format where available, and skips the test when that happens.
Props pento, danielbachhuber, straussd.
Fixes#41716.
git-svn-id: https://develop.svn.wordpress.org/trunk@41818 602fd350-edb4-49c9-b593-d223f7449a82
Weeds out orphaned locations, so their information will not continue to be mapped to future themes.
Fixes#42121.
git-svn-id: https://develop.svn.wordpress.org/trunk@41811 602fd350-edb4-49c9-b593-d223f7449a82
For values of `fields` like `id=>parent`, the keys of the array must be
maintained as part of the query results.
Introduced as part of #40496. See [38667], [40513].
Props miyauchi, dany2217, pcarvalho.
Fixes#41293.
git-svn-id: https://develop.svn.wordpress.org/trunk@41809 602fd350-edb4-49c9-b593-d223f7449a82
The theme and plugin editors now list all files in the selected theme or plugin, recursing through subdirectories as necessary.
Props WraithKenny, schlessera, chsxf, MikeHansenMe, Daedalon, valendesigns, westonruter, pento.
Fixes#6531.
git-svn-id: https://develop.svn.wordpress.org/trunk@41806 602fd350-edb4-49c9-b593-d223f7449a82
* Prevent autoloading an existing draft/future changeset when theme not active.
* Add missing notifications container to Themes panel.
* Remove deactivation of themes panel when selected status is not publish.
* Show notification in Themes panel when themes cannot be previewed and disable preview buttons.
* Reject installTheme call when theme preview not available.
* Return promise from installTheme and eliminate use of global events in favor of promises.
Props westonruter, melchoyce, zoonini.
See #37661, #39896.
Fixes#42126.
git-svn-id: https://develop.svn.wordpress.org/trunk@41788 602fd350-edb4-49c9-b593-d223f7449a82
Adds an "include_slug" orderby value for REST API collections to permit returning a collection filtered by slugs in the same order in which those slugs are specified.
Previously, the order of slugs provided with the ?slug query parameter had no effect on the order of the returned records.
Props wonderboymusic, ocean90, boonebgorges.
Fixes#40826.
git-svn-id: https://develop.svn.wordpress.org/trunk@41760 602fd350-edb4-49c9-b593-d223f7449a82
Enables register_setting to accept an object as its schema value, allowing settings to accept non-scalar values through the REST API.
This whitelists the added type in the settings controller, and passes properties from argument registration into the validation functions.
Props joehoyle.
See #38583.
git-svn-id: https://develop.svn.wordpress.org/trunk@41758 602fd350-edb4-49c9-b593-d223f7449a82
* Allow passing settings in keyed object (e.g. `settings: { default: 'id' } ), or as an array (e.g. `settings: [ 'id' ]`) with first being default; again, `Setting`/`Value` objects may be supplied instead of IDs.
* Allow a single setting to be supplied with just a single `setting` param, either a string or a `Setting`/`Value` object.
* Update `changeset_status` and `scheduled_changeset_date` to be added dynamically with JS and simply passing of `api.state()` instances as `setting`.
* Introduce a `data-customize-setting-key-link` attribute which, unlike `data-customize-setting-link`, allows passing the setting key (e.g. `default`) as opposed to the setting ID.
* Allow `WP_Customize_Control::get_link()` to return `data-customize-setting-key-link` when setting is not registered.
* Eliminate `default_value` from `WP_Customize_Date_Time_Control` since now comes from supplied `Value`.
* Export status choices as `wp.customize.settings.changeset.statusChoices`.
* Export date and time formats as `wp.customize.settings.dateFormat` and `wp.customize.settings.timeFormat` respectively.
Props westonruter, sayedwp.
See #39896, #30738, #30741, #42083.
Fixes#37964, #36167.
git-svn-id: https://develop.svn.wordpress.org/trunk@41750 602fd350-edb4-49c9-b593-d223f7449a82
When able to be parsed, store the created date for a video file from meta,
since this is useful separately from the dates on the file itself.
Introduces `wp_get_media_creation_timestamp()` to read the timestamp from
getID3 and a `wp_read_video_metadata` filter analogous to
`wp_read_image_metadata`.
Fixes#35218.
Props stevegrunwell, joemcgill, desrosj, blobfolio, mikeschroder.
git-svn-id: https://develop.svn.wordpress.org/trunk@41746 602fd350-edb4-49c9-b593-d223f7449a82
Allows REST API consumers to specify the specific fields needed in their application code, whitelisting those fields and omitting all others from the returned JSON response object.
This permits applications that only need for example the ID and title of posts to avoid having to transfer the entire rendered post content over the wire alongside the desired fields.
While this whitelisting has no affect on the queries run when preparing the response, it can yield significant reductions in the bandwidth required to transfer a response payload for simple applications.
Props adamsilverstein, TimothyBlynJacobs, svrooij.
Fixes#38131.
git-svn-id: https://develop.svn.wordpress.org/trunk@41744 602fd350-edb4-49c9-b593-d223f7449a82
Fixes an issue where submitting a well-formed request to create a term inappropriately returns a 500 error status if that term already exists.
HTTP 5xx error codes should be reserved for unexpected server errors, so "409 Conflict" is a more appropriate response.
Props alibasheer, guzzilar, shooper.
Fixes#41370.
git-svn-id: https://develop.svn.wordpress.org/trunk@41737 602fd350-edb4-49c9-b593-d223f7449a82
This adds `Custom_Image_Header::get_previous_crop()`, which finds any
previously cropped headers created from the same base image and replaces
that attachment rather than creating a new attachment.
After updating a crop, the replaced images is also removed from the list
of previous header images in the Customizer.
See #21819.
git-svn-id: https://develop.svn.wordpress.org/trunk@41732 602fd350-edb4-49c9-b593-d223f7449a82
* Move the `create_function()` code into a file that's only loaded, and into a test that's only run, on PHP <= 7.2 to avoid deprecated warnings in 7.2+.
* Convert the test skipping into a failure if the GlotPress locale file cannot be downloaded.
* Ensure `test_exceptions` fails if an exception is not thrown.
* Docs improvements
See #41562, #40109
git-svn-id: https://develop.svn.wordpress.org/trunk@41730 602fd350-edb4-49c9-b593-d223f7449a82
When registering routes developers can now define their complex objects in the schema and benefit from the automatic validation and sanitization in the REST API. This also paves the way for support for complex object registration via register_meta and register_setting.
See #38583.
Props TimothyBlynJacobs5.
git-svn-id: https://develop.svn.wordpress.org/trunk@41727 602fd350-edb4-49c9-b593-d223f7449a82
`test_cache` used PHPUnit's object mocking to test some internal behaviour in `Plural_Forms`, but made use of the `willReturn()` method, which was introduced in PHPUnit 4.0 as shorthand for `will($this->returnValue())`. Fixed by switching to the longer form.
Several tests used the `@expectedException` directive to catch generic `Exception` exceptions, which was added in PHPUnit 3.7. Fixed by changing to an explicit `try` / `catch` test.
See #41562.
git-svn-id: https://develop.svn.wordpress.org/trunk@41725 602fd350-edb4-49c9-b593-d223f7449a82
This alters the HTML output of the image caption shortcode to use
`max-width` instead of `width` to improve compatibility with
flexible layouts.
Props aaronrutley, desrosj.
Fixes#33981.
git-svn-id: https://develop.svn.wordpress.org/trunk@41724 602fd350-edb4-49c9-b593-d223f7449a82
Historically, we've evaluated the plural forms for each language using `create_function()`. This is being deprecated in PHP 7.2, so needs to be replaced.
The `Plural_Forms` class parses the `Plural-Forms` header from the PO file, and internally caches the result of all subsequent plural form tests, allowing it to match the performance of the existing code.
Props rmccue.
Fixes#41562.
git-svn-id: https://develop.svn.wordpress.org/trunk@41722 602fd350-edb4-49c9-b593-d223f7449a82
`get_site_by()` is now the preferred way to retrieve a site object by lookup for identifying data. By using a coherent structure and `get_sites()` internally, it has several advantages over the direct database queries and complex code in `get_blog_details()`. Therefore `get_blog_details()` is now a wrapper for `get_site_by()`, providing backward compatibility fixes where necessary.
Unit tests have been adjusted to account for the `blog-details` and `blog-lookup` cache groups, which are no longer needed.
Props spacedmonkey, jeremyfelt, flixos90.
Fixes#40228.
git-svn-id: https://develop.svn.wordpress.org/trunk@41719 602fd350-edb4-49c9-b593-d223f7449a82
Going forward, `clean_blog_cache()` is recommended to be used instead of `refresh_blog_details()`. It has been adjusted to match the functionality of the latter, with the exception that it always requires a site ID or object to be passed. The `refresh_blog_details` action has been deprecated in favor of the `clean_site_cache` action. The function itself is not formally deprecated at this point, but will likely be in the near future.
Props spacedmonkey.
Fixes#40201.
git-svn-id: https://develop.svn.wordpress.org/trunk@41716 602fd350-edb4-49c9-b593-d223f7449a82
These tests no longer test anything that WordPress core has control over. YouTube now serves everything
over HTTPS by default, so the tests for #23149 will always pass, and the tests for #32714 aren't testing
anything that core has control over.
Tests for the responses from oEmbed providers has been attempted and reverted in #32360.
See #42076, #32714, #23149
git-svn-id: https://develop.svn.wordpress.org/trunk@41712 602fd350-edb4-49c9-b593-d223f7449a82
[41701] included a bug with PHP < 5.4. Prior to then, `html_entity_decode()` decoded into `ISO-8859-1`, when we actually need it to use `UTF-8`.
Fixes#35293.
git-svn-id: https://develop.svn.wordpress.org/trunk@41702 602fd350-edb4-49c9-b593-d223f7449a82
This was previously attempted in [41043], which unfortunately had severe performance issues, the regex it used was fatally slow on long posts.
This version now uses an array of all emoji that Twemoji supports, which maintains the accuracy of [41043], while being the same speed or only a few ms slower than the code prior to [41043].
As with [41043], the `grunt precommit:emoji` task detects when `twemoji.js` has changed, and regenerates the array.
Props jmdodd for feedback, suggestions, and insults where appropriate.
Fixes#35293. 🤞🏻
git-svn-id: https://develop.svn.wordpress.org/trunk@41701 602fd350-edb4-49c9-b593-d223f7449a82
`get_site_by()` is a replacement for `get_blog_details()` that uses `WP_Site_Query` to retrieve specific sites based on a given field and value.
Props flixos90, spacedmonkey.
Fixes#40180.
git-svn-id: https://develop.svn.wordpress.org/trunk@41698 602fd350-edb4-49c9-b593-d223f7449a82
- uses the core `notice` styles for the Quick Edit form inline error messages
- adds missing periods at the end of a few error messages
Props ocean90, karmatosed, melchoyce, afercia.
Fixes#35496.
git-svn-id: https://develop.svn.wordpress.org/trunk@41684 602fd350-edb4-49c9-b593-d223f7449a82
* Add/fix `getMeta`, `getMetas`, `setMeta` and `setMetas` helpers for models that support meta.
* Add tests for new helpers, verify meta support for `Posts`, `Comments`, `Tags` and `Users`.
* Include meta data in fixture generation and fixture file driving tests.
Fixes#41055.
git-svn-id: https://develop.svn.wordpress.org/trunk@41678 602fd350-edb4-49c9-b593-d223f7449a82
Restores the data format of the `sidebars_widgets` theme mod to its pre [41555]
format. It can trigger PHP warnings after switching themes if that mod has not
been removed previously.
Fixes#39693.
git-svn-id: https://develop.svn.wordpress.org/trunk@41673 602fd350-edb4-49c9-b593-d223f7449a82
* Introduce a new `wp.customize.previewer.trash()` JS API to trash the current changeset, along with logic to `WP_Customize_Manager` to handle deleting changeset drafts.
* Add `trashing` to `wp.customize.state` which is then used to update the UI.
* UI for trashing is pending design feedback. One possibility is to add a new trash button to Publish Settings section that invokes `wp.customize.previewer.trash()`.
* Improve logic for managing the visibility and disabled states for publish buttons.
* Prevent attempting `requestChangesetUpdate` while processing and bump processing while doing `save`.
* Update `changeset_date` state only if sent in save response.
* Merge `ThemesSection#loadThemePreview()` into `ThemesPanel#loadThemePreview()`.
* Remove unused `autosaved` state.
* Start autosaving and prompting at beforeunload after a change first happens. This is key for theme previews since even if a user did not make any changes, there were still dirty settings which would get stored in an auto-draft unexpectedly.
* Allow `Notification` to accept additional `classes` to be added to `container`.
* Introduce `OverlayNotification` and use for theme installing, previewing, and trashing. Such overlay notifications take over the entire window.
Props westonruter, celloexpressions.
See #37661, #39896, #21666, #35210.
git-svn-id: https://develop.svn.wordpress.org/trunk@41667 602fd350-edb4-49c9-b593-d223f7449a82
`wpdb::prepare()` currently gives no information if the number of arguments passed doesn't match the number of placeholders in the query. This change gives an explicit notice that the call was incorrect.
Also fixes an enrelated term meta test that was triggering this new notice.
Props thekt12 for the initial patch.
Fixes#42040.
git-svn-id: https://develop.svn.wordpress.org/trunk@41662 602fd350-edb4-49c9-b593-d223f7449a82
`get_current_blog_id()` is more appropriate for determining the ID of the current site in most cases. This eliminates the need for the global `$wpdb` in several functions and is better than the implicit global used in admin pages.
Props bnap00, spacedmonkey.
Fixes#41684.
git-svn-id: https://develop.svn.wordpress.org/trunk@41661 602fd350-edb4-49c9-b593-d223f7449a82
Prior to this change, when passing another site than the current one to `wp_get_users_with_no_role()` through its `$site_id` parameter, the function still used the roles available on the current site, which would cause users with other roles that possibly exist on the other site to show up as users without a role. Switching the site before retrieving the available rules fixes the issue.
Fixes#42015.
git-svn-id: https://develop.svn.wordpress.org/trunk@41654 602fd350-edb4-49c9-b593-d223f7449a82
The `time` strategy in `count_users()` queries users by role. However, the roles queried for were not affected by passing another site than the current one through the `$site_id` parameter, causing users having roles that were not queried for to appear as users without a role. This changeset fixes the issue by switching the site before retrieving the roles to query for.
Fixes#42014.
git-svn-id: https://develop.svn.wordpress.org/trunk@41653 602fd350-edb4-49c9-b593-d223f7449a82
Unify the theme-browsing and theme-customization experiences by introducing a comprehensive theme browser and installer directly accessible in the customizer. Replaces the customizer theme switcher with a full-screen panel for discovering/browsing and installing themes available on WordPress.org. Themes can now be installed and previewed directly in the customizer without entering the wp-admin context. Also includes an extensible framework for browsing and installing themes from other sources.
Also includes CSS auto-prefixing added via `grunt precommit:css`.
For details, see: https://make.wordpress.org/core/2016/10/03/feature-proposal-a-new-experience-for-discovering-installing-and-previewing-themes-in-the-customizer/
Previously [38813] but reverted in [39140].
Fixes#37661, #34843, #38666.
Props celloexpressions, folletto, westonruter, karmatosed, melchoyce, afercia.
git-svn-id: https://develop.svn.wordpress.org/trunk@41648 602fd350-edb4-49c9-b593-d223f7449a82
These two tests assume a certain level of indentation in code which does not conform to core's coding
standards and will hopefully be corrected at some point in #41057.
See #41057
git-svn-id: https://develop.svn.wordpress.org/trunk@41635 602fd350-edb4-49c9-b593-d223f7449a82
IPv4 addresses are scarce, overworked, and underpaid. They're ready to retire, but we just won't let them go. If you care about their wellbeing, switch to IPv6 today.
Props schlessera, birgire.
Fixes#41722.
git-svn-id: https://develop.svn.wordpress.org/trunk@41629 602fd350-edb4-49c9-b593-d223f7449a82
`pre_cache_alloptions` is run before the alloptions array is inserted into the cache, and is valuable for sanity checking the options, particularly if your caching scheme has size limitations.
`alloptions` is run before returning the alloptions array, and is useful for when you have extra information that alloptions should return.
Props sebastian.pisula, keesiemeijer.
Fixes#33958.
git-svn-id: https://develop.svn.wordpress.org/trunk@41627 602fd350-edb4-49c9-b593-d223f7449a82
* Incorporates code from the Customize Snapshots and Customize Posts feature plugins.
* Adds a new Publish Settings section for managing the changeset status, scheduled date, and frontend preview link.
* Updates Publish button to reflect the status selected in the Publish Settings (including Save Draft and Schedule).
* Deactivates the Themes section when a non-publish status selected, and deactivates the Publish Settings section when previewing a theme switch.
* Introduces an `outer` section type (`wp.customize.OuterSection` in JS) for the Publish Settings section to use and for available widgets and available nav menu panels to use in the future. These sections can be expanded while other sections are expanded.
* Introduces `WP_Customize_Date_Time_Control` in PHP and `wp.customize.DateTimeControl` in JS for managing a date/time value.
* Keeps track of scheduled time and proactively publish from the client when the time arrives, as opposed to waiting for WP Cron.
* Auto-publishes a scheduled changeset when attempting to access one that missed its schedule.
* Starts a new changeset if attempting to save a changeset that was previously publish.
* Adds `force` arg to `requestChangesetUpdate()` to force an update request even when there are no pending changes.
* Adds utils methods for `getCurrentTimestamp` and `getRemainingTime`.
* Adds new state values for `selectedChangesetStatus`, `changesetDate`, `selectedChangesetDate`.
* Fixes logic for when to short-circuit check to close Customizer when there are unsaved changes.
* Adds getter methods for `autosaved` and `branching` parameters, with the latter applying the `customize_changeset_branching` filter.
* Call to `establish_loaded_changeset` on the fly when `changeset_uuid()` is called if no changeset UUID was specififed.
* De-duplicates logic for dismissing auto-draft changesets.
* Includes unit tests.
Builds on [41597].
Props sayedwp, westonruter, melchoyce, JoshuaWold, folletto, stubgo, karmatosed, dlh, paaljoachim, afercia, johnregan3, utkarshpatel, valendesigns.
See #30937.
Fixes#39896, #28721, #39275.
git-svn-id: https://develop.svn.wordpress.org/trunk@41626 602fd350-edb4-49c9-b593-d223f7449a82
Switching the available roles and the current user's capabilities no longer happens in `switch_to_blog()` and `restore_current_blog()`, instead it has been moved to a new function `wp_switch_roles_and_user()` which is hooked into the site switching process. This allows to improve performance by temporarily unhooking the function when roles and capabilities do not need to be switched.
This change ensures that switching available roles now works closer to switching user capabilities, particularly the changes in [41624]. A new `WP_Roles::for_site( $site_id )` method has been introduced, and the `WP_Roles::_init()` method has been deprecated. It is furthermore possible to retrieve the site ID for which the available roles are currently initialized through a new `WP_Roles::get_site_id()`.
Props johnjamesjacoby, flixos90.
Fixes#38645.
git-svn-id: https://develop.svn.wordpress.org/trunk@41625 602fd350-edb4-49c9-b593-d223f7449a82
While it has always been possible to initialize a user's roles and capabilities for another site than the current one in a multisite, the actual roles available were not switched prior to this change, possibly causing invalid roles to show up or actually valid capabilities not being available.
In order to fix this bug in a clean way, relevant parts of the `WP_User` class have been refactored. The ID of the site for which capabilities are currently initialized are now stored in a private property `WP_User::$site_id`. The `WP_User::for_blog( $blog_id )` and `WP_User::_init_caps( $cap_key )` methods have been deprecated in favor of `WP_User::for_site( $site_id )`. In addition, a new method `WP_User::get_site_id()` has been introduced to retrieve the site ID for which the user's capabilities are currently initialized.
Props ryanduff, jeremyfelt, flixos90.
Fixes#36961.
git-svn-id: https://develop.svn.wordpress.org/trunk@41624 602fd350-edb4-49c9-b593-d223f7449a82
Calling the `count_users()` function is expensive, regardless of the counting strategy that's used, and it gets
slower the more users there are on a site. In order to speed up the Users screen in the admin area, calling
`count_users()` can be avoided entirely while still displaying the total count for users.
This introduces some new functions:
* `wp_is_large_user_count()`
* `wp_get_active_user_count()`
* `wp_update_active_user_count()`
A corresponding `wp_is_large_user_count` filter is also introduced.
Props tharsheblows, johnbillion
Fixes#38741
git-svn-id: https://develop.svn.wordpress.org/trunk@41613 602fd350-edb4-49c9-b593-d223f7449a82
* Galleries are managed in the widget in the same way they are managed in the post editor, both using the media manager.
* Gallery widget is merged from the Core Media Widgets v0.2.0 feature plugin and it extends `WP_Widget_Media` in the same way as is done for image, audio, and video widgets.
* Model syncing logic is updated to support booleans and arrays (of integers).
* Placeholder areas in media widgets are now clickable shortcuts for selecting media.
* Image widget placeholder is updated to match gallery widget where clicking preview is shortcut for editing media.
Props westonruter, joemcgill, timmydcrawford, m1tk00, obenland, melchoyce.
See #32417.
Fixes#41914.
git-svn-id: https://develop.svn.wordpress.org/trunk@41590 602fd350-edb4-49c9-b593-d223f7449a82
* Adds `WP_Customize_Code_Editor_Control` and `wp.customize.CodeEditorControl()`.
* Control respects user preference for syntax highlighting, showing a textarea when user opts out.
* Code editor control takes the ad hoc code for Additional CSS and makes it reusable and extensible, for Additional CSS in core and plugins to use (such as Jetpack).
* Replace `settings` arg in `wp_enqueue_code_editor()` with separate args for `codemirror`, `csslint`, `jshint`, and `htmlhint`.
* Prefix `codemirror` script and style handles with `wp-` to prevent collisions, as also the object is exported as `wp.CodeMirror` in JS.
* Reduce indent size in Customizer code editor instances and Custom HTML widget to use tab size of 2 instead of 4 to save on space.
See #12423, #38707, #35395.
Fixes#41897.
git-svn-id: https://develop.svn.wordpress.org/trunk@41558 602fd350-edb4-49c9-b593-d223f7449a82
Builds on efforts brought forward in #17979.
This will send sidebars through three levels of mapping:
1. If both themes have only one sidebar, that gets mapped.
2. If both themes have sidebars with the same slug, they get mapped.
3. Sidebars that (even partially) match slugs from a similar kind of sidebar will get mapped.
Finally, if the theme has previously been active and we have a record of its
sidebar configuration then, any unmapped sidebar will be restored to its
previous state.
Props westonruter, obenland, alexvorn2, timmydcrawford.
See #39693.
git-svn-id: https://develop.svn.wordpress.org/trunk@41555 602fd350-edb4-49c9-b593-d223f7449a82
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.
git-svn-id: https://develop.svn.wordpress.org/trunk@41496 602fd350-edb4-49c9-b593-d223f7449a82
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.
git-svn-id: https://develop.svn.wordpress.org/trunk@41470 602fd350-edb4-49c9-b593-d223f7449a82
This function can be used to easily get the main site ID of a given network via the optional `$network_id` parameter, which defaults to the current network. The existing `is_main_site()` now uses the new function internally and now accepts an optional `$network_id` parameter as well.
The main purpose of the new function at this point is to ensure that the `WP_Network::$blog_id` property is always set. Magic getters in the class have been adjusted to auto-fill the property when it is accessed and empty. Furthermore the function encapsulates logic that was previously part of `ms_load_current_site_and_network()` and has been replaced with a call to the function now.
Props spacedmonkey, jeremyfelt, johnjamesjacoby, flixos90.
Fixes#29684.
git-svn-id: https://develop.svn.wordpress.org/trunk@41380 602fd350-edb4-49c9-b593-d223f7449a82
Generally, duplicate terms returned by a term query are eliminated in PHP,
after the database query takes place. This technique doesn't work properly
when the query parameters specify the `number` of results, since the results
of a `SELECT ... LIMIT x...` query may be deduplicated to a count less than
`x`. In these cases, we force the original query to be `DISTINCT`.
Props elvishp2006.
Fixes#41796.
git-svn-id: https://develop.svn.wordpress.org/trunk@41377 602fd350-edb4-49c9-b593-d223f7449a82
* Code editor is integrated into the Theme/Plugin Editor, Additional CSS in Customizer, and Custom HTML widget. Code editor is not yet integrated into the post editor, and it may not be until accessibility concerns are addressed.
* The CodeMirror component in the Custom HTML widget is integrated in a similar way to TinyMCE being integrated into the Text widget, adopting the same approach for integrating dynamic JavaScript-initialized fields.
* Linting is performed for JS, CSS, HTML, and JSON via JSHint, CSSLint, HTMLHint, and JSONLint respectively. Linting is not yet supported for PHP.
* When user lacks `unfiltered_html` the capability, the Custom HTML widget will report any Kses-invalid elements and attributes as errors via a custom Kses rule for HTMLHint.
* When linting errors are detected, the user will be prevented from saving the code until the errors are fixed, reducing instances of broken websites.
* The placeholder value is removed from Custom CSS in favor of a fleshed-out section description which now auto-expands when the CSS field is empty. See #39892.
* The CodeMirror library is included as `wp.CodeMirror` to prevent conflicts with any existing `CodeMirror` global.
* An `wp.codeEditor.initialize()` API in JS is provided to convert a `textarea` into CodeMirror, with a `wp_enqueue_code_editor()` function in PHP to manage enqueueing the assets and settings needed to edit a given type of code.
* A user preference is added to manage whether or not "syntax highlighting" is enabled. The feature is opt-out, being enabled by default.
* Allowed file extensions in the theme and plugin editors have been updated to include formats which CodeMirror has modes for: `conf`, `css`, `diff`, `patch`, `html`, `htm`, `http`, `js`, `json`, `jsx`, `less`, `md`, `php`, `phtml`, `php3`, `php4`, `php5`, `php7`, `phps`, `scss`, `sass`, `sh`, `bash`, `sql`, `svg`, `xml`, `yml`, `yaml`, `txt`.
Props westonruter, georgestephanis, obenland, melchoyce, pixolin, mizejewski, michelleweber, afercia, grahamarmfield, samikeijonen, rianrietveld, iseulde.
See #38707.
Fixes#12423, #39892.
git-svn-id: https://develop.svn.wordpress.org/trunk@41376 602fd350-edb4-49c9-b593-d223f7449a82
The `aria-current` attribute is a simple, effective way to help assistive
technology users orientate themselves within a list of items.
Props GrahamArmfield, palmiak.
Fixes#40833.
git-svn-id: https://develop.svn.wordpress.org/trunk@41371 602fd350-edb4-49c9-b593-d223f7449a82
* Used now in core to facilitate displaying inserted media. See #40854.
* The `[embed]` shortcode is not supported because there is no post context for caching oEmbed responses. This depends on #34115.
* Add `do_shortcode()` to the `widget_text_content` filter in the same way it is added for `the_content` at priority 11, with `shortcode_unautop()` called at priority 10 after `wpautop()`.
* For Text widget in legacy mode, manually apply `do_shortcode()` (and `shortcode_unautop()` if auto-paragraph checked) if the core-added `widget_text_content` filter remains, unless a plugin added `do_shortcode()` to `widget_text` to prevent applying shortcodes twice.
* Ensure that global `$post` is `null` while filters apply in the Text widget so shortcode handlers won't run with unexpected contexts.
Props westonruter, nacin, aaroncampbell.
See #40854, #34115.
Fixes#10457.
git-svn-id: https://develop.svn.wordpress.org/trunk@41361 602fd350-edb4-49c9-b593-d223f7449a82
Previously, it was not possible to hook into the `wp_link_query` filter to add custom entries when the
query returned no posts.
Props mitraval192, msebel.
Fixes#41825.
git-svn-id: https://develop.svn.wordpress.org/trunk@41346 602fd350-edb4-49c9-b593-d223f7449a82
Informs developers that widgets need to be registered before they can be
displayed through `the_widget()`. Previously it would fail with an ambiguous
undefined index notice.
Props SeBsZ, mrasharirfan.
Fixes#41743.
git-svn-id: https://develop.svn.wordpress.org/trunk@41327 602fd350-edb4-49c9-b593-d223f7449a82
This introduces the following meta capabilities:
* `activate_plugin`
* `deactivate_plugin`
* `deactivate_plugins`
The singular `activate_plugin` and `deactivate_plugin` capabilities are used along with the corresponding plugin name when
determining whether or not a user can activate or deactivate an individual plugin.
The plural `deactivate_plugins` capability is used in place of the existing `activate_plugins` capability when determining
whether a user can deactivate plugins.
Each of these new meta capabilities map to the existing `activate_plugins` primitive capability, which means there is no
change in existing behaviour, but plugins can now filter the capabilities required to activate and deactivate individual
plugins.
Fixes#38652
git-svn-id: https://develop.svn.wordpress.org/trunk@41290 602fd350-edb4-49c9-b593-d223f7449a82
"Install" is not a noun, and while it might be acceptable to use the verb as a noun, it is not correct. Using the correct
noun, "installation", increases clarity, especially for non-native English speakers.
This change fixes the usage in user-facing text and in developer documentation.
Fixes#41620
git-svn-id: https://develop.svn.wordpress.org/trunk@41289 602fd350-edb4-49c9-b593-d223f7449a82
Using `paged` with `number` allows developers to request
paginated comment results without having to do a manual offset
calculation.
Props AdamWills.
Fixes#38268.
git-svn-id: https://develop.svn.wordpress.org/trunk@41287 602fd350-edb4-49c9-b593-d223f7449a82
The new meta capabilities are called `install_languages` and `update_languages`. Prior to this change, there were no proper capability checks applied. Instead only the filesystem and related constants were checked, and for actual permissions a rather vague fallback was used where a user needed to have at least one of the other updating capabilities. In addition to being generally more verbose, the new capabilities make it possible for example to allow a user to update languages, but nothing else. By default they fall back to the original way of how they were handled.
Props johnbillion, flixos90.
Fixes#39677.
git-svn-id: https://develop.svn.wordpress.org/trunk@41268 602fd350-edb4-49c9-b593-d223f7449a82
In addition to the enhancement, tests for the filter usage including the new parameter have been added.
Props NathanAtmoz.
Fixes#39030.
git-svn-id: https://develop.svn.wordpress.org/trunk@41267 602fd350-edb4-49c9-b593-d223f7449a82
For bonus :yolo: :friday:, this repeats [41262] for `multisite.xml`, which duplicates the ignored file list from `phpunit.xml.dist`.
See #41658.
git-svn-id: https://develop.svn.wordpress.org/trunk@41263 602fd350-edb4-49c9-b593-d223f7449a82
There were a handful of files with an underscore in the name, which violated our naming scheme, and caused problems for anyone how enforced the scheme on their own systems.
This commit renames all of the files to the correct camelCase scheme.
Fixes#41658.
git-svn-id: https://develop.svn.wordpress.org/trunk@41261 602fd350-edb4-49c9-b593-d223f7449a82
Also apply `the_editor_content` filters on widget `text` with `format_for_editor()` as is done for the post editor.
Amends [40631].
Props westonruter, azaozz.
See #35243.
Fixes#41596.
git-svn-id: https://develop.svn.wordpress.org/trunk@41260 602fd350-edb4-49c9-b593-d223f7449a82
Also explicitly use HTML5 doctype when parsing Text widget contents in legacy mode detection.
Amends [41050].
See #40951.
Fixes#41622.
git-svn-id: https://develop.svn.wordpress.org/trunk@41251 602fd350-edb4-49c9-b593-d223f7449a82
This is a consistency improvement and also a bug fix for fairly obscure cases involving modified WP load order.
Fixes#41555.
git-svn-id: https://develop.svn.wordpress.org/trunk@41238 602fd350-edb4-49c9-b593-d223f7449a82
This will send nav menu locations through three levels of mapping:
1. If both themes have only one location, that gets mapped.
2. If both themes have locations with the same slug, they get mapped.
3. Locations that (even partially) match slugs from a similar kind of menu location will get mapped.
Menu locations are mapped for Live Previews in the Customizer and during theme switches.
Props westonruter, obenland, welcher, melchoyce.
Fixes#39692.
git-svn-id: https://develop.svn.wordpress.org/trunk@41237 602fd350-edb4-49c9-b593-d223f7449a82
The following tests were never executed as they have `@depends` annotations which means they get skipped because the `test_video_shortcode_body()` test has not run by the time they run. Re-ordering the test methods fixes this.
* `test_wp_video_shortcode_with_empty_params()`
* `test_wp_video_shortcode_with_bad_attr()`
* `test_wp_video_shortcode_attributes()`
* `test_wp_video_shortcode_youtube_remove_feature()`
* `test_wp_video_shortcode_youtube_force_ssl()`
* `test_wp_video_shortcode_vimeo_force_ssl_remove_query_args()`
* `test_wp_video_shortcode_vimeo_adds_loop()`
* `test_wp_video_shortcode_vimeo_force_adds_loop_true()`
See #35367
git-svn-id: https://develop.svn.wordpress.org/trunk@41229 602fd350-edb4-49c9-b593-d223f7449a82
While site administrators cannot generally edit users in multisite, they have always been able to change the roles of users on their site. In the REST API however, this has not been possible so far. This changeset brings parity with how it is handled in the administration panel: A REST request to edit only a user's roles succeeds correctly, while a REST request to edit any further details of a user fails.
Props jnylen0.
Fixes#40263.
git-svn-id: https://develop.svn.wordpress.org/trunk@41226 602fd350-edb4-49c9-b593-d223f7449a82
Under certain circumstances, it can be necessary that a user should not be added to a site, beyond the restrictions that WordPress core applies. With the new `can_add_user_to_blog` filter, plugin developers can run custom checks and return an error in case of a failure, that will prevent the user from being added.
The user-facing parts and the REST API route that interact with `add_user_to_blog()` have been adjusted accordingly to provide appropriate error feedback when a user could not be added to a site. Furthermore, two existing error feedback messages in the site admin's "New User" screen have been adjusted to properly show inside an error notice instead of a success notice.
Props jmdodd.
Fixes#41101.
git-svn-id: https://develop.svn.wordpress.org/trunk@41225 602fd350-edb4-49c9-b593-d223f7449a82
The list of endpoint parameters should only include explicitly named and requested parameters.
Props flixos90, rmccue, jnylen0.
Fixes#40704.
git-svn-id: https://develop.svn.wordpress.org/trunk@41223 602fd350-edb4-49c9-b593-d223f7449a82
The `settings_previewed` property eliminates the need for the Customizer components from having to look at global `doing_ajax` state. This is in particular needed when saving settings, as some settings will short-circuit the update operation if they detect no changes are introduced. This is also needed for low-level integrations with the Customizer, such as in REST API endpoints under development.
Props stubgo, westonruter, utkarshpatel for testing.
See #38900.
Fixes#39221.
git-svn-id: https://develop.svn.wordpress.org/trunk@41205 602fd350-edb4-49c9-b593-d223f7449a82
`WP_Comment_Query` always queries runs an ID query, and so is unaffected
by the 'fields' parameter. As such, 'fields' can be ignored when building
a cache key for the results of the ID query.
Props spacedmonkey.
Fixes#41348.
git-svn-id: https://develop.svn.wordpress.org/trunk@41190 602fd350-edb4-49c9-b593-d223f7449a82
This makes sure that plugins hooked to `save_post` get the right post format.
Props Chouby, SergeyBiryukov.
Fixes#41396.
git-svn-id: https://develop.svn.wordpress.org/trunk@41187 602fd350-edb4-49c9-b593-d223f7449a82
This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their account.
Props rodrigosprimo, tharsheblows, johnbillion
Fixes#16470
git-svn-id: https://develop.svn.wordpress.org/trunk@41163 602fd350-edb4-49c9-b593-d223f7449a82
[41139] changed how the REST API URL is generated, but included an incorrect version of `wp-api-generated.js`.
This updates the generator to create the correct `wp-api-generated.js`, and updates ``wp-api-generated.js`.
See #40886.
git-svn-id: https://develop.svn.wordpress.org/trunk@41154 602fd350-edb4-49c9-b593-d223f7449a82
When pretty permalinks are disabled, the web server will internally forward requests to `index.php`. Unfortunately, nginx only forwards HTTP/1.0 methods: `PUT`, `PATCH`, and `DELETE` methods will return a 405 error.
To work around this nginx behaviour, including `index.php` in the REST URL skips the internal redirect.
Fixes#40886.
git-svn-id: https://develop.svn.wordpress.org/trunk@41139 602fd350-edb4-49c9-b593-d223f7449a82
This ensures that users who are a member of a site but have no role are correctly listed on the Users screen and can be filtered from the 'None' role filter.
Props tobi823, flixos90, scottlee
Fixes#36196
git-svn-id: https://develop.svn.wordpress.org/trunk@41138 602fd350-edb4-49c9-b593-d223f7449a82
The same styling from the Text widget should apply to the Custom HTML widget since users are expected to copy HTML from the (legacy) Text widget into the latter.
Amends [40893].
See #40907.
Fixes#41392.
git-svn-id: https://develop.svn.wordpress.org/trunk@41115 602fd350-edb4-49c9-b593-d223f7449a82
Link to some documentation that explains the problem and how to resolve it.
Props enrico.sorcinelli.
Fixes#41345.
git-svn-id: https://develop.svn.wordpress.org/trunk@41090 602fd350-edb4-49c9-b593-d223f7449a82
Ensures that users who copy HTML from the Text widget in legacy mode over to the Custom HTML widget will continue to get all of the same filters applied, including tag balancing and shortcodes, if a plugin added support. Plugins still have the `widget_text_content` and `widget_custom_html_content` filters they can use to target the specific widget types.
Amends [40893].
See #40951.
Fixes#40907 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@41086 602fd350-edb4-49c9-b593-d223f7449a82
Since plugin-added shortcode handling is just-in-time deferred to run after `wpautop`, there is no need to retain the presence of shortcodes to trigger legacy mode. Also updates Text widget legacy mode notice informing of Custom HTML widget.
Amends [41050].
Props westonruter, melchoyce.
Fixes#40951 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@41070 602fd350-edb4-49c9-b593-d223f7449a82
Prior to this change there were two different cache keys used for the same query. That is because regardless of the `$fields` argument, the query response will be the same. This was already fixed for `WP_Site_Query` in [41059].
Props spacedmonkey.
Fixes#41347.
git-svn-id: https://develop.svn.wordpress.org/trunk@41063 602fd350-edb4-49c9-b593-d223f7449a82
Prior to this change there were two different cache keys used for the same query. That is because regardless of the `$fields` argument, the query response will be the same.
Props spacedmonkey.
Fixes#41197.
git-svn-id: https://develop.svn.wordpress.org/trunk@41059 602fd350-edb4-49c9-b593-d223f7449a82
Before this changeset, the language of a new site would always result in the language of the current network, regardless of the `$site_id` parameter passed that actually determines the network for the site. Now the correct `WPLANG` value is used in such cases.
Alongside this change, a few minor documentation changes around the function have been made to account for the current naming conventions of sites and networks.
Props spacedmonkey.
Fixes#40503.
git-svn-id: https://develop.svn.wordpress.org/trunk@41058 602fd350-edb4-49c9-b593-d223f7449a82
The Text widget in legacy mode omits TinyMCE and retains old behavior for matching pre-existing Text widgets. Usage pointers added to default visual mode appear when attempting to paste HTML code into the Visual tab and when clicking on the Text tab, informing users of the new Custom HTML widget.
Props westonruter, melchoyce, gitlost for testing, obenland for testing, dougal for testing, afercia for testing.
See #35243.
Fixes#40951.
git-svn-id: https://develop.svn.wordpress.org/trunk@41050 602fd350-edb4-49c9-b593-d223f7449a82
Also correct phpdoc return tag on `WP_oEmbed_Controller::get_proxy_item()` and remove dead code in oEmbed controller phpunit tests.
Amends [40628].
See #40450.
Fixes#41299.
git-svn-id: https://develop.svn.wordpress.org/trunk@41047 602fd350-edb4-49c9-b593-d223f7449a82
- Older versions of PHP don't know how to `html_entity_decode()` emoji.
- The fall back regex was a little too broad, catching characters that aren't emoji.
See #35293.
git-svn-id: https://develop.svn.wordpress.org/trunk@41045 602fd350-edb4-49c9-b593-d223f7449a82
Previously, `wp_encode_emoji()` and `wp_staticize_emoji()` used inaccurate regular expressions to find emoji, and transform then into HTML entities or `<img>`s, respectively. This would result in emoji not being correctly transformed, or occasionally, non-emoji being incorrectly transformed.
This commit adds a new `grunt` task - `grunt precommit:emoji`. It finds the regex in `twemoji.js`, transforms it into a PHP-friendly version, and adds it to `formatting.php`. This task is also automatically run by `grunt precommit`, when it detects that `twemoji.js` has changed.
The new regex requires features introduced in PCRE 8.32, which was introduced in PHP 5.4.14, though it was also backported to later releases of the PHP 5.3 series. For versions of PHP that don't support this, it will fall back to an updated version of the loose-matching regex.
For short posts, the performance difference between the old and new regex is negligible. As the posts get longer, however, the new method is exponentially faster.
Fixes#35293.
git-svn-id: https://develop.svn.wordpress.org/trunk@41043 602fd350-edb4-49c9-b593-d223f7449a82
[40514] introduced a bug that caused term queries to return some duplicates
when the `$taxonomies` array contained only taxonomies that were originally
registered with an `$args` array. We fix this bug by ensuring that
recursive `get_terms()` queries stop when all queried `$taxonomies` have
already been referenced.
Props bor0, atanasangelovdev.
Fixes#41010.
git-svn-id: https://develop.svn.wordpress.org/trunk@41037 602fd350-edb4-49c9-b593-d223f7449a82
Verify that `human_time_diff` works as expected for minute, hour and day intervals. Test that rounding works as expected when the time difference is near the rounding margin.
Props SGr33n.
Fixes#38773.
git-svn-id: https://develop.svn.wordpress.org/trunk@41018 602fd350-edb4-49c9-b593-d223f7449a82
Check return value of `WP_Customize_Manager::get_changeset_post_data()` and return if error instead of assuming it is an array.
Amends [38810].
See #30937.
Fixes#41252.
git-svn-id: https://develop.svn.wordpress.org/trunk@41012 602fd350-edb4-49c9-b593-d223f7449a82
This was previously searching for the user ID, which isn't really what it was meant to do. As a result, the test can break if that number appears in any other user information.
git-svn-id: https://develop.svn.wordpress.org/trunk@41011 602fd350-edb4-49c9-b593-d223f7449a82
Previously, changing these constants in `wp-tests-config` would cause PHPUnit to regenerate `wp-api-generated.js` with different values.
This commit uses the existing mechanism to also "freeze" all values that would change as a result of changing these constants.
Fixes#41123.
git-svn-id: https://develop.svn.wordpress.org/trunk@41006 602fd350-edb4-49c9-b593-d223f7449a82
Previously, checks like `current_user_can( 'edit_term_meta', $term_id )`
returned the proper value, but generated a PHP notice due to the fact
that `get_term( $term_id )` could, in certain instances, return
`WP_Error` objects.
Props caercam.
Fixes#40891.
git-svn-id: https://develop.svn.wordpress.org/trunk@40999 602fd350-edb4-49c9-b593-d223f7449a82
This filter allows developers to modify the arguments passed to
`wp_get_object_terms()` before the query is run.
Props enrico.sorcinelli.
Fixes#35925.
git-svn-id: https://develop.svn.wordpress.org/trunk@40994 602fd350-edb4-49c9-b593-d223f7449a82
Meta capabilities use the capability `do_not_allow` to indicate a user should be blocked from performing a particular action. This ensures users can not have the capability as it would cause unexpected behaviour.
Props johnbillion.
Fixes#41059.
git-svn-id: https://develop.svn.wordpress.org/trunk@40993 602fd350-edb4-49c9-b593-d223f7449a82
