Commit Graph

151 Commits

Author SHA1 Message Date
Aaron Jorbin
f673d1851c Privacy: Silence is golden and invisible.
"Be more discrete." declared matt in [3155], and since then, "Silence is Golden" has been the calling card of placeholder index files. Historically, these have been php files, but [43012] changed that and added index.html files for privacy export generated folders.

The php silence files produce no visible content. This adds consistency with these new html files in that there will be no visible content. Silence will fall when the question is asked.

Fixes #44195.
Props audrasjb, rafsuntaskin, Ov3rfly, johnbillion, pento



git-svn-id: https://develop.svn.wordpress.org/trunk@43446 602fd350-edb4-49c9-b593-d223f7449a82
2018-07-15 23:38:14 +00:00
Felix Arntz
3d85e311ef Privacy: Fix a further inconsistency of site name and URL usage in notification emails.
This is a follow-up to [43388].

Props desrosj.
Fixes #44396.


git-svn-id: https://develop.svn.wordpress.org/trunk@43435 602fd350-edb4-49c9-b593-d223f7449a82
2018-07-08 13:54:02 +00:00
Sergey Biryukov
51b94c3262 Privacy: Remove unnecessary This email has been sent to ###EMAIL### from privacy emails.
The line was copied from the emails that get sent when an email address changes, without considering if it made sense in the new context.

Props iandunn, ianbelanger, desrosj.
Fixes #44030.

git-svn-id: https://develop.svn.wordpress.org/trunk@43353 602fd350-edb4-49c9-b593-d223f7449a82
2018-06-16 10:24:30 +00:00
Sergey Biryukov
d612af2e5e Docs: Add missing documentation and duplicate hook references for wp_privacy_personal_data_export_file, wp_privacy_personal_data_exporters, and wp_privacy_personal_data_erasers hooks.
Props birgire.
See #44125.

git-svn-id: https://develop.svn.wordpress.org/trunk@43303 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-21 13:02:55 +00:00
Sergey Biryukov
0e067ab91e Privacy: Correct the error check when creating an export folder in wp_privacy_generate_personal_data_export_file().
`wp_mkdir_p()` returns `false` on error, not a `WP_Error` object.

Props birgire.
Fixes #44158.

git-svn-id: https://develop.svn.wordpress.org/trunk@43299 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-21 11:58:19 +00:00
Ian Dunn
3e3db8af66 Privacy: Rename exports folder to avoid deleting other files.
Previously, personal data exports were stored in `wp-content/uploads/exports`, which is generic enough that it's likely there are existing folders with that name, either created by plugins or manually by administrators. If that folder were reused by Core, then `wp_privacy_delete_old_export_files()` would delete all of the existing files inside it, which is almost certainly not what the site owner wants or expects.

To avoid that, the folder is being renamed to include a specific reference to Core, and a more verbose description of its purpose. With those factored in, it's very unlikely that there will be any conflicts with existing folders.

The `wp_privacy_exports_dir()` and `wp_privacy_exports_url()` functions were introduced to provide a canonical source for the location, and the `wp_privacy_exports_dir` and `wp_privacy_exports_url` filters were introduced to allow plugins to customize it.

Props johnjamesjacoby, allendav.
Fixes #44091.


git-svn-id: https://develop.svn.wordpress.org/trunk@43284 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-15 20:21:37 +00:00
Sergey Biryukov
33b742f7d1 Privacy: Normalize file paths in wp_privacy_generate_personal_data_export_file() to make sure Windows paths don't have their backslashes stripped.
Props xkon, pmbaldha.
Fixes #43908.

git-svn-id: https://develop.svn.wordpress.org/trunk@43234 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 21:11:00 +00:00
Sergey Biryukov
6d4bb2c508 Privacy: Pass export request ID to wp_privacy_personal_data_export_file_created filter.
Props thomasplevy.
Fixes #44031.

git-svn-id: https://develop.svn.wordpress.org/trunk@43208 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 23:17:03 +00:00
Ian Dunn
a631c2378d Privacy: Reuse existing archive filenames to maintain URLs.
Whenever an admin initiates a download or email of a personal data export, a fresh copy of the file is generated. Previously, a new filename was used each time, which could lead to situations where a URL that was emailed to a data subject is broken.

That can be avoided by reusing the same filename when building fresh archives.

Props desrosj, tz-media, allendav.
Fixes #43905.


git-svn-id: https://develop.svn.wordpress.org/trunk@43180 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-08 00:51:59 +00:00
Ian Dunn
4bb19e4aca Privacy: Store plugin callbacks in associative array for flexibility.
The personal data export and erasure tools allow plugins to register their own callbacks, in order to add additional data to the export and erasure processes. Previously, these were registered without specifying a constant identifier in the array of callbacks. Using mutable integers makes it difficult for plugins to modify the callbacks of other plugins, though.

Using associative array keys instead provides a covenient and reliable way to identify and interact with another plugin's callbacks.

Props desrosj, allendav, ocean90.
Fixes #43931.


git-svn-id: https://develop.svn.wordpress.org/trunk@43154 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-03 19:27:14 +00:00
Andrew Ozz
e678d4ea6d Privacy: fix inconsistencies in new strings.
Props audrasjb.
Fixes #43925.

git-svn-id: https://develop.svn.wordpress.org/trunk@43118 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-02 18:41:10 +00:00
Sergey Biryukov
f908280af9 I18N: Correct translator comment in wp_privacy_generate_personal_data_export_file().
See #43546.

git-svn-id: https://develop.svn.wordpress.org/trunk@43089 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-02 01:51:13 +00:00
Andrew Ozz
ef14780ff0 Privacy: add attachments to the personal data export file.
Props allendav.
See #43883.

git-svn-id: https://develop.svn.wordpress.org/trunk@43054 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-01 13:44:50 +00:00
Ian Dunn
a159bf4e16 Privacy: Add wp_privacy_personal_data_export_file_created filter.
This runs immediately after the data export file has been successfully created, allowing plugins to introduce some workflow customizations. For example, a plugin could password-protect the export file, for peace of mind, even though the CSPRN in the filename makes brute force attacks nearly impossible.

See #43546.


git-svn-id: https://develop.svn.wordpress.org/trunk@43047 602fd350-edb4-49c9-b593-d223f7449a82
2018-04-30 21:03:31 +00:00
Ian Dunn
a1fe96576f Privacy: Add cron to delete expired export files to protect privacy.
The primary means of protecting the files is the CSPRN appended to the filename, but there is no reason to keep the files after the data subject has downloaded them, so deleting them provides an additional layer of protection. Previously this was done from `wp_privacy_generate_personal_data_export_file()`, but that does not guarantee that it will be run regularly, and on smaller sites that could result in export files being exposed for much longer than necessary.

`wp_privacy_delete_old_export_files()` was moved to a front end file, so that it can be called from `cron.php`.

This introduces the `wp_privacy_export_expiration` filter, which allows plugins to customize how long the exports are kept before being deleted.

`index.html` was added to the `$exclusions` parameter of `list_files()` to make sure that it isn't deleted. If it were, then poorly-configured servers would allow the directory to be traversed, exposing all of the exported files.

Props iandunn, desrosj.
See #43546.


git-svn-id: https://develop.svn.wordpress.org/trunk@43046 602fd350-edb4-49c9-b593-d223f7449a82
2018-04-30 20:08:37 +00:00
Ian Dunn
953e094719 Privacy: Use a CSPRNG in export filenames for more security.
`rand()` is deterministic and therefore offers much less protection in this context. `wp_generate_password()` is a convenient wrapper around `wp_rand()`, which uses `random_int()` to generate cryptographically-secure psuedorandom numbers.

See #43546.


git-svn-id: https://develop.svn.wordpress.org/trunk@43045 602fd350-edb4-49c9-b593-d223f7449a82
2018-04-30 18:52:59 +00:00
Andrew Ozz
da5dc711a5 Privacy: add means to export personal data by username or email address. Generate a zipped export file containing all data. First run.
Props allendav.
See #43546.

git-svn-id: https://develop.svn.wordpress.org/trunk@43012 602fd350-edb4-49c9-b593-d223f7449a82
2018-04-27 19:53:37 +00:00
Sergey Biryukov
031a90a6b3 I18N: Correct placeholder references in a translator comment in wp_print_file_editor_templates().
Props afercia.
See #43523.

git-svn-id: https://develop.svn.wordpress.org/trunk@42983 602fd350-edb4-49c9-b593-d223f7449a82
2018-04-16 18:35:44 +00:00
John Blackbourn
b20dc7aaaf Docs: Standardise and correct documentation relating to parameters which accept plugin names.
See #42505


git-svn-id: https://develop.svn.wordpress.org/trunk@42787 602fd350-edb4-49c9-b593-d223f7449a82
2018-03-05 21:49:53 +00:00
Sergey Biryukov
e0b16ef59c Docs: Use consistent description for $wp_filesystem global.
See #42505.

git-svn-id: https://develop.svn.wordpress.org/trunk@42777 602fd350-edb4-49c9-b593-d223f7449a82
2018-03-04 21:57:10 +00:00
Sergey Biryukov
fa1ce009b5 Docs: Clarify return values and improve DocBlock formatting for verify_file_md5(), unzip_file(), _unzip_file_ziparchive(), _unzip_file_pclzip(), copy_dir(), WP_Filesystem().
See #42505.

git-svn-id: https://develop.svn.wordpress.org/trunk@42776 602fd350-edb4-49c9-b593-d223f7449a82
2018-03-04 21:42:12 +00:00
Sergey Biryukov
aae94227c6 Docs: Clarify download_url() return value, improve DocBlock formatting.
See #42505.

git-svn-id: https://develop.svn.wordpress.org/trunk@42775 602fd350-edb4-49c9-b593-d223f7449a82
2018-03-04 19:49:54 +00:00
Sergey Biryukov
4edda96383 Filesystem API: Allow download_url() to return the response code and body on error as an additional WP_Error object data.
The error response body size is limited to 1 KB by default to avoid taking up too much memory. The size can be increased using `download_url_error_max_body_size` filter.

Props soulseekah, campusboy1987, mihdan, SergeyBiryukov.
Fixes #43329.

git-svn-id: https://develop.svn.wordpress.org/trunk@42773 602fd350-edb4-49c9-b593-d223f7449a82
2018-03-04 17:13:35 +00:00
Sergey Biryukov
1cc516f2e8 General: Introduce WP_Error::has_errors() method and use it where appropriate.
Props robdxw, DrewAPicture, SergeyBiryukov.
Fixes #42742.

git-svn-id: https://develop.svn.wordpress.org/trunk@42761 602fd350-edb4-49c9-b593-d223f7449a82
2018-02-27 02:30:46 +00:00
Peter Wilson
d002fde80e General: Further improve error messages following [42648].
Props kristastevens, melchoyce.
Fixes #38332 for trunk.



git-svn-id: https://develop.svn.wordpress.org/trunk@42719 602fd350-edb4-49c9-b593-d223f7449a82
2018-02-19 02:12:41 +00:00
John Blackbourn
47abf85ab8 Docs: First pass at switching some array parameter documentation to typed notation.
Props janak007

See #41756


git-svn-id: https://develop.svn.wordpress.org/trunk@42679 602fd350-edb4-49c9-b593-d223f7449a82
2018-02-09 17:25:22 +00:00
John Blackbourn
4836686b6f Docs: Add missing code formatting to various @since entries.
See #42505


git-svn-id: https://develop.svn.wordpress.org/trunk@42678 602fd350-edb4-49c9-b593-d223f7449a82
2018-02-09 16:54:58 +00:00
Peter Wilson
f317869c7f General: Replace Cheatin’ uh? with friendlier error messages.
While intended as a playful error message, `Cheatin’ uh?` can be interpreted as insulting or accusatory in an already stressful situation. This replaces Cheatin’ with more meaningful error messages, depending on the error that occurs.

Props ElectricFeet, EricMeyer, karmatosed, dd32, BandonRandon, melchoyce for language; dmsnell for original patch; peterwilsoncc.
Fixes #38332.



git-svn-id: https://develop.svn.wordpress.org/trunk@42648 602fd350-edb4-49c9-b593-d223f7449a82
2018-02-05 02:29:53 +00:00
Sergey Biryukov
0baa8ae85c Media: In _wp_handle_upload(), check if the file was properly uploaded before checking its size.
Props achbed, dglingren.
Fixes #39522.

git-svn-id: https://develop.svn.wordpress.org/trunk@42525 602fd350-edb4-49c9-b593-d223f7449a82
2018-01-17 07:15:57 +00:00
Gary Pendergast
8f95800d52 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.



git-svn-id: https://develop.svn.wordpress.org/trunk@42343 602fd350-edb4-49c9-b593-d223f7449a82
2017-11-30 23:09:33 +00:00
Dion Hulse
44c75415b3 Theme Editior: Base the nonce on a simpler combination of fields, for easier debugging & reading.
See #42609.
Fixes #42705.


git-svn-id: https://develop.svn.wordpress.org/trunk@42246 602fd350-edb4-49c9-b593-d223f7449a82
2017-11-27 03:43:11 +00:00
Dion Hulse
6e0ba7864f Theme Editor: Validate files are editable based on their relative filenames, rather than full file path.
This fixes theme editing on Windows platforms where `validate_file()` will return `2` on a full file path.

Fixes #42609.


git-svn-id: https://develop.svn.wordpress.org/trunk@42244 602fd350-edb4-49c9-b593-d223f7449a82
2017-11-27 03:27:19 +00:00
Dion Hulse
26fb077862 Filesystem: Use a more unique filename in wp_tempnam() and get_filesystem_method().
Using a filename which was generated from `time()` could cause two processes to try to use the same filename, causing unexpected behaviour.

Props jrchamp, bikecrazyy.
Fixes #42265.


git-svn-id: https://develop.svn.wordpress.org/trunk@42224 602fd350-edb4-49c9-b593-d223f7449a82
2017-11-24 03:04:35 +00:00
Gary Pendergast
f797c252d9 General: Reformat inline if () statements inside HTML tags.
This pattern occurs a handful of times across the codebase:

`<div class="foo<?php if ( $bar ) { echo ' baz'; } ?>">`

Unfortunately, it doesn't really play nicely with `phpcbf`, so all instances need to be removed in preperation for auto code formatting.

See #41057.



git-svn-id: https://develop.svn.wordpress.org/trunk@42217 602fd350-edb4-49c9-b593-d223f7449a82
2017-11-23 04:08:42 +00:00
Weston Ruter
3fab757196 Theme Editor: Ensure files listed recursively can be both viewed and edited.
Prevent edits to 2-level deep theme files from returning a `disallowed_theme_file` error when attempting to save an edit. Aligns logic for gathering `$allowed_files` in `theme-editor.php` for listing files with the validation logic in `wp_edit_theme_plugin_file()`.

Amends [41806].
See #6531.
Fixes #42425.


git-svn-id: https://develop.svn.wordpress.org/trunk@42112 602fd350-edb4-49c9-b593-d223f7449a82
2017-11-02 23:04:54 +00:00
John Blackbourn
3e9a42ed27 Filesystem API: Add more specificity to the rules for valid files in validate_file().
This now treats files containing `./` as valid, and also treats files containing a trailing `../` as valid due to widespread use of this pattern in theme and plugin zip files.

Adds tests.

Props Ipstenu, borgesbruno, DavidAnderson, philipjohn, birgire
Fixes #42016, #36170


git-svn-id: https://develop.svn.wordpress.org/trunk@42011 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-24 23:14:33 +00:00
John Blackbourn
49b7cb458f Filesystem API: Don't immediately return an error for invalid file names contained within a Zip while it's being extracted.
This allows the extraction of the rest of the valid files within the archive to continue.

See #42016


git-svn-id: https://develop.svn.wordpress.org/trunk@42010 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-24 23:10:37 +00:00
John Blackbourn
7329816301 Docs: Improve the docs for validate_file() and validate_file_to_edit().
See #42016, #36170, #41017


git-svn-id: https://develop.svn.wordpress.org/trunk@42007 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-24 22:49:13 +00:00
Gary Pendergast
33a0ff50b7 File Editor: Add support for more than one sub-directory level.
The theme and plugin editors now list all files in the selected theme or plugin, recursing through subdirectories as necessary.

Props WraithKenny, schlessera, chsxf, MikeHansenMe, Daedalon, valendesigns, westonruter, pento.
Fixes #6531.



git-svn-id: https://develop.svn.wordpress.org/trunk@41806 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-10 05:33:57 +00:00
Weston Ruter
5deddd9c62 File Editor: Increase robustness of fatal error checking when saving PHP file edits.
* Increase PHP execution time limit prior to issuing loopback requests where are themselves given timeouts to ensure PHP file can be reverted.
* Output scrape messages on success and failure so that absence of either can also be flagged as an error condition.
* Forward browser's HTTP Basic Auth credentials in loopback requests to admin and home URL.
* Display more helpful message when loopback request fails.

Amends [41721].
See #21622.
Fixes #42102.


git-svn-id: https://develop.svn.wordpress.org/trunk@41805 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-10 05:26:53 +00:00
Weston Ruter
3fcfefd05c File Editors: Introduce sandboxed live editing of PHP files with rollbacks for both themes and plugins.
* Edits to active plugins which cause PHP fatal errors will no longer auto-deactivate the plugin. Supersedes #39766.
* Introduce sandboxed PHP file edits for active themes, preventing accidental whitescreening of a user's site when introducing a fatal error.
* After writing a change to a PHP file for an active theme or plugin, perform loopback requests on the file editor admin screens and the homepage to check for fatal errors. If a fatal error is encountered, roll back the edited file and display the error to the user to fix and try again.
* Introduce a secure way to scrape PHP fatal errors from a site via `wp_start_scraping_edited_file_errors()` and `wp_finalize_scraping_edited_file_errors()`.
* Moves file modifications from `theme-editor.php` and `plugin-editor.php` to common `wp_edit_theme_plugin_file()` function.
* Refactor themes and plugin editors to submit file changes via Ajax instead of doing full page refreshes when JS is available.
* Use `get` method for theme/plugin dropdowns.
* Improve styling of plugin editors, including width of plugin/theme dropdowns.
* Improve notices API for theme/plugin editor JS component.
* Strip common base directory from plugin file list. See #24048.
* Factor out functions to list editable file types in `wp_get_theme_file_editable_extensions()` and `wp_get_plugin_file_editable_extensions()`.
* Scroll to line in editor that has linting error when attempting to save. See #41886.
* Add checkbox to dismiss lint errors to proceed with saving. See #41887.
* Only style the Update File button as disabled instead of actually disabling it for accessibility reasons.
* Ensure that value from CodeMirror is used instead of `textarea` when CodeMirror is present.
* Add "Are you sure?" check when leaving editor when there are unsaved changes.

Supersedes [41560].
See #39766, #24048, #41886.
Props westonruter, Clorith, melchoyce, johnbillion, jjj, jdgrimes, azaozz.
Fixes #21622, #41887.


git-svn-id: https://develop.svn.wordpress.org/trunk@41721 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-04 00:19:16 +00:00
John Blackbourn
64e8c4952a Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues.
git-svn-id: https://develop.svn.wordpress.org/trunk@41457 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 14:35:09 +00:00
Weston Ruter
7aa34b77e9 Customize: Re-use homepage settings help tab text from Reading Options admin screen in description for corresponding Customizer section.
Also remove "Static" reference in template name, missed in [41363].

See #41829.


git-svn-id: https://develop.svn.wordpress.org/trunk@41364 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-10 17:07:50 +00:00
Weston Ruter
d0dbcf5913 Customize: Rename "Static front page" to just "Homepage".
Props danieltj, melchoyce.
Fixes #41828.


git-svn-id: https://develop.svn.wordpress.org/trunk@41363 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-10 16:19:53 +00:00
Drew Jaynes
0fb490ee1a Filesystem: Introduce the pre_move_uploaded_file filter.
Passing a non-null value to the filter will prevent the uploaded file from being moved to the uploads directory for any of the functions leveraging `_wp_handle_upload()`, such as `wp_handle_upload()` or `wp_handle_sideload()`.

Error reporting related to the file being moved will also be skipped.

Props ryan, Mte90.
Fixes #24603.


git-svn-id: https://develop.svn.wordpress.org/trunk@41258 602fd350-edb4-49c9-b593-d223f7449a82
2017-08-16 21:58:12 +00:00
Sergey Biryukov
7e8d932935 Docs: Add a @global entry for $allowed_files in get_file_description().
Props div33, ajayghaghretiya1.
Fixes #41294.

git-svn-id: https://develop.svn.wordpress.org/trunk@41032 602fd350-edb4-49c9-b593-d223f7449a82
2017-07-12 21:39:37 +00:00
Aaron D. Campbell
96c3a01019 Add nonce for updating file system credentials.
git-svn-id: https://develop.svn.wordpress.org/trunk@40723 602fd350-edb4-49c9-b593-d223f7449a82
2017-05-16 14:47:08 +00:00
swissspidy
fd211c9a2e Cron API: Add a new wp_doing_cron() helper function.
This replaces `DOING_CRON` checks via the constant.

Props tfrommen.
Fixes #39591.


git-svn-id: https://develop.svn.wordpress.org/trunk@40575 602fd350-edb4-49c9-b593-d223f7449a82
2017-05-06 14:29:01 +00:00
Dion Hulse
85ad040c97 Updates: Remove a stray " from a tag.
Props afercia.
See #39057.


git-svn-id: https://develop.svn.wordpress.org/trunk@39656 602fd350-edb4-49c9-b593-d223f7449a82
2016-12-30 07:41:45 +00:00
Andrea Fercia
ee7f970ffa Administration: Improve the usage of the button CSS classes.
Introduces some consistency in the usage of the button CSS classes, fixes the
focus style for accessibility and responsiveness of the buttons.

- Adds the `button` class to all primary buttons make them responsive
- Removes all `secondary-button` classes and replaces it with button when needed. `button-secondary` shouldn't be used and exists just for backward compatibility reasons
- Replaces classes inside `submit_button()` with a shorthand for some buttons, and use an empty string for the default `button` class. Passing `button` is unnecessary
- Adjusts `get_submit_button()` to remove empty items

Props iseulde, dimchik, chris_d2d, mhowell, afercia.
Fixes #27314, #37138, #37448.


git-svn-id: https://develop.svn.wordpress.org/trunk@38672 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-28 19:53:07 +00:00