Prior to 4.4, it was possible to pass 'page' and 'per_page' values to
`wp_list_comments()` that do not match the corresponding global query vars.
This ability was lost in 4.4 with the refactor of how `comments_template()`
queries for comments; when the main comment query started fetching only the
comments that ought to appear on a page, instead of all of a post's comments,
it became impossible for the comment walker to select comments corresponding to
custom pagination parameters. See #8071.
We restore the previous behavior by (a) detecting when a 'page' or 'per_page'
parameter has been passed to `wp_list_comments()` that does not match the
corresponding query vars (so that the desired comments will not be found in
`$wp_query`), and if so, then (b) querying for all of the post's comments and
passing them to the comment walker for pagination, as was the case before 4.4.
Props boonebgorges, smerriman.
Fixes#35175.
git-svn-id: https://develop.svn.wordpress.org/trunk@36157 602fd350-edb4-49c9-b593-d223f7449a82
Individual attachment pages already have their own RSS comment feed, and would be expected to be included in the site-wide comments RSS feed.
Props jbrinley.
Fixes#15610
git-svn-id: https://develop.svn.wordpress.org/trunk@36138 602fd350-edb4-49c9-b593-d223f7449a82
After [34659], it became possible to cause an incorrect redirect, by changing the slug of a post, then creating a new post with the old slug. The correct behaviour is to prevent redirecting to the old post.
Props dd32, pento.
Fixes#35031 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@36128 602fd350-edb4-49c9-b593-d223f7449a82
Posts that are trashed shouldn't trigger post author notifications. Adds unit tests to enforce this.
Props scottbrownconsulting, peterwilsoncc, swissspidy
Fixes#35006
git-svn-id: https://develop.svn.wordpress.org/trunk@36119 602fd350-edb4-49c9-b593-d223f7449a82
The lack of space resulted in SQL error when searching for posts by content.
Props yetAnotherDaniel, johnbillion.
Fixes#35246.
git-svn-id: https://develop.svn.wordpress.org/trunk@36113 602fd350-edb4-49c9-b593-d223f7449a82
[35333] implemented `public=false` for taxonomies. The implementation prevented
non-public taxonomies from having their archives accessed via query_var during
a normal request. But it didn't prevent non-public taxonomies from registering
their query vars in the `$wp_taxonomies` global. The latter implementation
details causes problems specifically when a taxonomy is registered with
`query_var=true`; for public taxonomies, `register_taxonomy()` translates this
into a query_var equivalent to the taxonomy name, but in the case of non-public
taxonomies, the query_var was set to the boolean itself. The boolean then
causes problems when using non-strict comparison to filter taxonomy objects by
query_var, as when using `get_taxonomies()`.
This changeset addresses the issue by forcing the query_var property of
non-public taxonomies to `false`.
Fixes#35089.
git-svn-id: https://develop.svn.wordpress.org/trunk@36108 602fd350-edb4-49c9-b593-d223f7449a82
This allows for shortcodes such as `[shortcode=attribute]` to work, which while never intentionally supported were widely used in the pre-shortcode days.
Props aaroncampbell.
Fixes#34939 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@36097 602fd350-edb4-49c9-b593-d223f7449a82
[34370] made the order that tabs are returned respect the order they are added, however it broke the respect of priority. By using a ksort instead of a sort, we can restore that default behavior. This adjusts the unit tests so that both order added and priority are tested.
Props meitar, swissspidy, jorbin
Fixes#35215. See #33941.
git-svn-id: https://develop.svn.wordpress.org/trunk@36089 602fd350-edb4-49c9-b593-d223f7449a82
Allows for more targeted updates to affected posts in callbacks.
Disambiguates `$objects` variable and amends unit tests.
Fixes#35213.
git-svn-id: https://develop.svn.wordpress.org/trunk@36080 602fd350-edb4-49c9-b593-d223f7449a82
There's currently no iframe content being generated for a static front page. Giving out a link to that isn't an ideal user experience.
Props peterwilsoncc.
Fixes#35194 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@36059 602fd350-edb4-49c9-b593-d223f7449a82
[34217] removed the `ORDER BY` clause from `update_object_term_cache()`, for
improved performance. But this proved to cause problems in cases where users
were expecting the results of `get_the_terms()` to be ordered by 'name'. Let's
revert the change for the time being, and look into more disciplined ordering
in a future release.
Props afercia.
See #28922. Fixes#35180.
git-svn-id: https://develop.svn.wordpress.org/trunk@36056 602fd350-edb4-49c9-b593-d223f7449a82
In MySQL 5.5.3, `storage_engine` was deprecated in favour of `default_storage_engine`, and subsequently removed in MySQL 5.7. To avoid errors when running tests on MySQL 5.7, we need to switch between the options based on MySQL version.
Props skithund, jeremyfelt.
Fixes#34692.
git-svn-id: https://develop.svn.wordpress.org/trunk@36055 602fd350-edb4-49c9-b593-d223f7449a82
Since 4.4, when fetching the first page of comments and the 'newest' comments
are set to display first, `comments_template()` must perform arithmetic to
determine which comments to show. See #8071. This arithmetic requires the
total comment count for the current post, which is calculated with a separate
`WP_Comment_Query`. This secondary comment query did not properly account for
non-approved comment statuses; all unapproved comments should be part of the
comment count for admins, and individual users should have their own
unapproved comments included in the count. As a result, `comments_template()`
was, in some cases, being fooled into thinking that a post had fewer comments
available for pagination than it actually had, which resulted in empty pages
of comments.
We correct this problem by mirroring 'status' and 'include_unapproved' params
of the main comment query within the secondary query used to calculate
pagination.
Fixes#35068.
git-svn-id: https://develop.svn.wordpress.org/trunk@36040 602fd350-edb4-49c9-b593-d223f7449a82
[35709] was overly broad, and stopped transforming `&` characters within tag attributes. So that sites aren't generating invalid HTML, we need to restore this functionality, while continuing to not transform `&` within blocked tags.
Fixes#35008 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@36036 602fd350-edb4-49c9-b593-d223f7449a82
[34696] introduced a regression whereby comma-separated values for 'exclude'
and 'exclude_tree' would be handled improperly when merging the two parameters,
resulting in category IDs being incorrectly dropped from the combined array.
Props gblsm, hnle.
Fixes#35156.
git-svn-id: https://develop.svn.wordpress.org/trunk@36005 602fd350-edb4-49c9-b593-d223f7449a82
The introduction of 'meta_query' to `get_terms()` in 4.4 made it possible for
`get_terms()` to erroneously return duplicate results. To address the issue,
we add the `DISTINCT` keyword to the SQL query when a 'meta_query' parameter
has been provided.
Props @jadpm.
Fixes#35137.
git-svn-id: https://develop.svn.wordpress.org/trunk@36003 602fd350-edb4-49c9-b593-d223f7449a82
We should avoid testing complete markup strings, unless we are specifically
testing for the format of the markup.
Fixes#35138.
git-svn-id: https://develop.svn.wordpress.org/trunk@35988 602fd350-edb4-49c9-b593-d223f7449a82
We should not be testing the entire tag cloud markup, as it leads to collateral
damage wheneven `wp_generate_tag_cloud()` is touched. See [35984].
See #25566, #35138.
git-svn-id: https://develop.svn.wordpress.org/trunk@35987 602fd350-edb4-49c9-b593-d223f7449a82
The new class describes the cardinal position of a link in the cloud, allowing
more fine-grained CSS and JS targeting.
Props Mte90, chmac.
Fixes#5172.
git-svn-id: https://develop.svn.wordpress.org/trunk@35984 602fd350-edb4-49c9-b593-d223f7449a82
We should not paper over the code and hide warnings from developers by casting values to an array.
See #35087.
git-svn-id: https://develop.svn.wordpress.org/trunk@35949 602fd350-edb4-49c9-b593-d223f7449a82
WP 4.4 changed the way comment pagination is calculated. See #8071. In the
context of `get_comment_link()`, these changes introduced a regression that
causes `cpage` (or its pretty-permalink correlate `comment-page-x`) to appear
in comment links when comment pagination is disabled. The current changeset
fixes the regression.
Fixes#34946.
git-svn-id: https://develop.svn.wordpress.org/trunk@35933 602fd350-edb4-49c9-b593-d223f7449a82
If a validation_callback returns a WP_Error it should give the same response format as if it returned `false`. This makes programmatically reading the validation errors better.
Props bradyvercher for initial patch.
Fixes#35028.
git-svn-id: https://develop.svn.wordpress.org/trunk@35890 602fd350-edb4-49c9-b593-d223f7449a82
In `wp_update_comment()` only check if the given `comment_post_ID` is valid if it isn’t `0`. This allows comments that were created programmatically via `wp_insert_comment()` without the (optional) `comment_post_ID` parameter to be edited.
Props subharanjan for the initial patch.
Fixes#34954
git-svn-id: https://develop.svn.wordpress.org/trunk@35853 602fd350-edb4-49c9-b593-d223f7449a82
`wp_get_object_terms()` can return a `WP_Error` object. As such, the
`get_the_terms()` cache wrapper should handle them properly. To wit:
* Don't try to map an error object to `get_term()`. Introduced in [35032].
* Don't cache an error object as taxonomy relationships. Introduced in at least [16487], maybe earlier.
Props stephenharris.
Fixes#34723.
git-svn-id: https://develop.svn.wordpress.org/trunk@35850 602fd350-edb4-49c9-b593-d223f7449a82
We rely on the `wp-image-` class to quickly find an attachment ID to add responsive image attributes.
To avoid incorrect images being displayed, do not add these attributes if the `src` does not match the
meta from the attachment ID in the class.
Props azaozz, kovshenin, joemcgill.
Fixes: #34898.
git-svn-id: https://develop.svn.wordpress.org/trunk@35820 602fd350-edb4-49c9-b593-d223f7449a82
Ensure that plugin filters apply as expected for any settings registered statically without passing in an explicit class instance to `WP_Customize_Manager::add_setting()`.
Fixes#34597.
git-svn-id: https://develop.svn.wordpress.org/trunk@35810 602fd350-edb4-49c9-b593-d223f7449a82
Previously when updating a post using wp_insert_post(), post_name was
regenerated based on post_title every time if post_name was not passed in
explicitly. This irons out the expectation that properties not passed into the
function should not be modified.
Props jason_the_adams.
Fixes#34865.
git-svn-id: https://develop.svn.wordpress.org/trunk@35800 602fd350-edb4-49c9-b593-d223f7449a82
User dropdowns in wp-admin have traditionally shown the users' display names.
However, this causes ambiguity when users share display names. To correct this,
we now show the unique user_login in parentheses after the display name.
The new `display_name_with_login` value for the `show` parameter of
`wp_dropdown_users()` enables this functionality. The default value of `show`
has not been changed, for backward compatibility, but all instances of
`wp_dropdown_users()` in core wp-admin have been switched.
This changeset also reduces some duplicated logic when assembling a user list
when `include_selected` is true.
Props krogsgard, boonebgorges.
Fixes#31251.
git-svn-id: https://develop.svn.wordpress.org/trunk@35790 602fd350-edb4-49c9-b593-d223f7449a82
The whole string is escaped with `esc_html()` anyway, so we don't
need to `wp_kses_post()`. This is a better experience for users who
want to use angle brackets in their site title or description.
Does not allow any HTML, adds unit tests.
props BandonRandon, pauldewouters.
fixes#27942.
git-svn-id: https://develop.svn.wordpress.org/trunk@35788 602fd350-edb4-49c9-b593-d223f7449a82
This gives us better compatibility with existing errors thrown by
`sanitize_user()`, especially in Multisite, where user_login has more
restrictions on allowed characters.
Props markjaquith.
Fixes#27317.
git-svn-id: https://develop.svn.wordpress.org/trunk@35772 602fd350-edb4-49c9-b593-d223f7449a82
In `populate_options()`, if the theme specified by `WP_DEFAULT_THEME` doesn't exist, fall back to the latest core default theme. If we can't find a core default theme, `WP_DEFAULT_THEME` is the best we can do.
Props nacin, jeremyfelt, dd32.
See #34306.
git-svn-id: https://develop.svn.wordpress.org/trunk@35738 602fd350-edb4-49c9-b593-d223f7449a82
Hello, it's me again. A pluggable function named `wp_new_user_notification()`. A few months ago, after [33023], I have lost my second parameter `$plaintext_pass`. But thanks to [33620] I got a new one.
Bad idea - It hasn't had the same behavior as my previous parameter.
To solve that the second parameter got deprecated and reintroduced as the third parameter in [34116]. I was happy again, for a short time.
You remember my lost friend `$plaintext_pass`? No? Well, if its value was empty no notification was sent to the user. This behavior was still lost. And that's what this change is about: Don't notify a user if a plugin uses `wp_new_user_notification( $user_id )`.
You're asking if I'm happy now? Dunno, but maybe you have learned something about pluggable functions, have you?
Props danielbachhuber.
Fixes#34377.
git-svn-id: https://develop.svn.wordpress.org/trunk@35735 602fd350-edb4-49c9-b593-d223f7449a82
The old URL redirects to `login.wordpress.org` because it's the new canonical URL for all logins on wordpress.org.
Fixes#34782.
git-svn-id: https://develop.svn.wordpress.org/trunk@35734 602fd350-edb4-49c9-b593-d223f7449a82
* Introduce `customize_post_value_set_{$setting_id}` and `customize_post_value_set` actions which are done when `WP_Customize_Manager::set_post_value()` is called.
* Clear the `preview_applied` flag for aggregated multidimensional settings when a post value is set. This ensures the new value is used instead of a previously-cached previewed value.
* Move `$is_preview` property from subclasses to `WP_Customize_Setting` parent class.
* Deferred preview: Ensure that when `preview()` short-circuits due to not being applicable that it will be called again later when the post value is set.
* Populate post value for updated-widget with the (unsanitized) JS-value in `WP_Customize_Widgets::call_widget_update()` so that value will be properly sanitized when accessed in `WP_Customize_Manager::post_value()`.
Includes unit tests with assertions to check the reported issues and validate the fixes.
Fixes defect introduced in [35007].
See #32103.
Fixes#34738.
git-svn-id: https://develop.svn.wordpress.org/trunk@35724 602fd350-edb4-49c9-b593-d223f7449a82
Previously, `&` would be converted everywhere, which caused problems when it was converted within a `<script>`, for example.
`convert_chars()` is now removed from the `the_content` filter, as it was doing the same job as `wptexturize()`.
KSES correctly handles converting `&` within HTML attributes, so there's no need for `wptexturize()` and `convert_chars()` to do the same job.
Fixes#34698.
git-svn-id: https://develop.svn.wordpress.org/trunk@35709 602fd350-edb4-49c9-b593-d223f7449a82
This is just an artifact of how we parse the URL, and is already available
via $request->get_route()
Props danielbachhuber.
Fixes#34647.
git-svn-id: https://develop.svn.wordpress.org/trunk@35659 602fd350-edb4-49c9-b593-d223f7449a82
If `DB_CHARSET` isn't defined (or is empty), `wpdb::$charset` will be empty, too. `wpdb::strip_invalid_text()` assumes that it isn't empty, however, so we need to fall back to the connection character set when we're running our sanity checks.
Fixes#34708.
git-svn-id: https://develop.svn.wordpress.org/trunk@35655 602fd350-edb4-49c9-b593-d223f7449a82
This fixes an edge case where the Close button could never link the user out of the Customizer, if the user initially accessed it without a `url` param and then clicked a link (provided by a plugin) that took them to another `customize.php` URL.
See #32637.
git-svn-id: https://develop.svn.wordpress.org/trunk@35635 602fd350-edb4-49c9-b593-d223f7449a82
* Apply `title_save_pre`, `excerpt_save_pre`, and `content_save_pre` filters on a nav menu item's `title`, `attr_title`, and `description` properties respectively. This ensures that arbitrary markup can be supplied if the user has `unfiltered_html` cap, and for these fields to have markup stripped if not.
* Ensure a nav menu item's `post_status` is sanitized as `publish` or `draft` using the same conditions as `wp_update_nav_menu_item()`.
* Align `WP_Customize_Nav_Menu_Item_Setting::sanitize()` behavior for sanitizing `position` to be the same as `wp_update_nav_menu_item()`.
* Also apply `nav_menu_attr_title` and `nav_menu_description` filters in `WP_Customize_Nav_Menu_Item_Setting::value_as_wp_post_nav_menu_item()` to ensure that previewing markup entered into menu item description will preview the same way as when the nav menu item is saved.
* Add unit tests.
Fixes#32812.
git-svn-id: https://develop.svn.wordpress.org/trunk@35580 602fd350-edb4-49c9-b593-d223f7449a82
This moves the last of the iframe message code from PHP to JavaScript, so it can be included in any site, without needing to rely on any of WordPress' internal behaviour.
Props swissspidy.
Fixes#34451.
git-svn-id: https://develop.svn.wordpress.org/trunk@35577 602fd350-edb4-49c9-b593-d223f7449a82
