[34106] moved post author notification to a hook, and in the process, missed
the 'spam' check. This changeset restores that check.
To make unit testing easier, the notification callbacks have been refactored
to return values: false when various conditions aren't met (eg, approved
comments should not trigger moderation emails), and the return value of the
`wp_notify_*()` function otherwise.
Props cfinke, kraftbj.
See #33587.
git-svn-id: https://develop.svn.wordpress.org/trunk@34250 602fd350-edb4-49c9-b593-d223f7449a82
[13216] introduced the 'public' argument for `register_taxonomy()`. This param
was used to set defaults for 'show_ui' and a number of other params, but it
never did anything itself.
With this changeset, taxonomies registered with `public=false` will no longer
be queryable on the front end, ie via taxonomy archive queries.
Props wpsmith, ocean90, nacin, ericlewis, boonebgorges.
Fixes#21949.
git-svn-id: https://develop.svn.wordpress.org/trunk@34247 602fd350-edb4-49c9-b593-d223f7449a82
The `user_login` field only allows 60 characters, and `user_nicename` allows
50. However, there are no protections in the interface, and few in the code,
that prevent the creation of users with values in excess of these limits. Prior
to recent changes in `$wpdb`, users were generally created anyway, MySQL
having performed the necessary truncation. More recently, the `INSERT`s and
`UPDATE`s simply fail, with no real feedback on the nature of the failure.
This changeset addresses the issue in a number of ways:
* On the user-new.php and network/user-new.php panels, don't allow input in excess of the maximum field length.
* In `wp_insert_user()`, throw an error if the value provided for `'user_login'` or `'user_nicename'` exceeds the maximum field length.
* In `wp_insert_user()`, when using `'user_login'` to generate a default value for `'user_nicename'`, ensure that the nicename is properly truncated, even when suffixed for uniqueness (username-2, etc).
Props dipesh.kakadiya, utkarshpatel, tommarshall, boonebgorges.
Fixes#33793.
git-svn-id: https://develop.svn.wordpress.org/trunk@34218 602fd350-edb4-49c9-b593-d223f7449a82
In `_unregister_post_type()` (unit tests), don't add query vars of non-viewable post types to `WP::public_query_vars`.
Adds unit test.
Fixes#30018.
git-svn-id: https://develop.svn.wordpress.org/trunk@34215 602fd350-edb4-49c9-b593-d223f7449a82
We already accept 'id'. `ID` more closely matches the database and
`WP_User` schemas.
Props Shelob9.
Fixes#33869.
git-svn-id: https://develop.svn.wordpress.org/trunk@34125 602fd350-edb4-49c9-b593-d223f7449a82
The second parameter `$plaintext_pass` was removed in [33023] and restored as `$notify` in [33620] with a different behavior. If you have a plugin overriding `wp_new_user_notification()` which hasn't been updated you would get a notification with your username and the password "both".
To prevent this the second parameter is now deprecated and reintroduced as the third parameter.
Adds unit tests.
Props kraftbj, adamsilverstein, welcher, ocean90.
Fixes#33654.
(Don't ask for new pluggables kthxbye)
git-svn-id: https://develop.svn.wordpress.org/trunk@34116 602fd350-edb4-49c9-b593-d223f7449a82
Post type objects are reponsible for mapping their capabilities to core caps.
As a result, when the post type is no longer registered, the caps are no
longer mapped. This causes problems when a post is left in the database after
the post type is no longer present, and WP does an 'edit_post' or other cap
check against it: a PHP notice is thrown, and the cap check always fails.
As a more graceful fallback, we map all post-type-dependent caps onto
'edit_others_posts', which allows highly privileged users to be able to
access orphaned content (such as comments belonging to disabled post types),
while minimizing the possibility of unintended privilege escalation.
We also add a `_doing_it_wrong()` notice, so that developers and site
administrators are aware that the cap mapping is failing in the absence of
the registered post type.
Props mitchoyoshitaka, DrewAPicture, imath, codeelite, boonebgorges, nofearinc, SergeyBiryukov, jorbin, dlh.
Fixes#16956.
git-svn-id: https://develop.svn.wordpress.org/trunk@34091 602fd350-edb4-49c9-b593-d223f7449a82
Since [29248], a table join has not been necessary to process the
`$excluded_terms` parameter of `get_adjacent_post()`. Aside from adding extra
overhead, this join meant that post records that don't have any corresponding
rows in `wp_term_relationships` were erroneously excluded from results.
Fixes#32833.
git-svn-id: https://develop.svn.wordpress.org/trunk@34088 602fd350-edb4-49c9-b593-d223f7449a82
Setting the default value of the `queried_object_id` property to `0` meant
that, when called early enough in the WP bootstrap, `get_queried_object()`
could short-circuit the normal query by fooling it into thinking that the
request was for a page with id 0. Setting the default value to `null` instead
avoids this problem.
Props gradyetc, jazbek.
Fixes#31355.
git-svn-id: https://develop.svn.wordpress.org/trunk@34073 602fd350-edb4-49c9-b593-d223f7449a82
`wp_delete_user()` and `wpmu_delete_user()` both require an `$id` parameter.
Previously, the functions did not verify that the value passed was, in fact,
a number. As such, passing an object or any other entity that would be cast
to int `1` would result in user 1 being deleted. We fix this by enforcing
the requirement that `$id` be numeric.
Props dipesh.kakadiya, utkarshpatel, juliobox.
Fixes#33800.
git-svn-id: https://develop.svn.wordpress.org/trunk@34034 602fd350-edb4-49c9-b593-d223f7449a82
Other users in a network can now be given capabilities to manage users without also having global super admin privileges.
* Users with `manage_network_users` can not edit super admins.
* Users with `manage_network_users` can not promote users to super admin.
* Uses of `is_super_admin()` in `user-new.php` are now updated to `manage_network_users`.
Props daniellandau, chriscct7.
Fixes#16860.
git-svn-id: https://develop.svn.wordpress.org/trunk@33988 602fd350-edb4-49c9-b593-d223f7449a82
An administrator in multisite can not edit users other than itself.
Props daniellandau for the initial patch.
See #16860.
git-svn-id: https://develop.svn.wordpress.org/trunk@33987 602fd350-edb4-49c9-b593-d223f7449a82
This also includes a unit test to ensure we're only recommending actively supported versions of PHP in the future.
Fixes#33758.
git-svn-id: https://develop.svn.wordpress.org/trunk@33937 602fd350-edb4-49c9-b593-d223f7449a82
There are no uses of `wp_list_comments()` in Core where `$comments` are passed as the 2nd argument.
Adds unit tests.
Props wonderboymusic, bradt.
Fixes#16894.
git-svn-id: https://develop.svn.wordpress.org/trunk@33925 602fd350-edb4-49c9-b593-d223f7449a82
[29128] introduced updated documentation for the `'orderby'` parameter of
`get_terms()`. The new documentation mistakenly said that 'term_id' was a valid
orderby value. The current changeset makes that fantasy...A REALITY.
Props ixkaito.
Fixes#33726.
git-svn-id: https://develop.svn.wordpress.org/trunk@33903 602fd350-edb4-49c9-b593-d223f7449a82
Add unit tests - there were none. Mock `set_user_setting()` since it won't run due to `headers_sent()` being `true`.
Fixes#22781.
git-svn-id: https://develop.svn.wordpress.org/trunk@33840 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a bug where `$new_theme` got set before the second argument was
appropriately handled, causing the `current_theme` option to later always be
updated to the parent theme's name.
Introduced in [21131].
Props obenland, wonderboymusic.
Fixes#32635.
git-svn-id: https://develop.svn.wordpress.org/trunk@33815 602fd350-edb4-49c9-b593-d223f7449a82
Add a bunch of unit tests to `tests/image/intermediate_size.php`.
Props joemcgill, ericlewis, kitchin, SergeyBiryukov, chipbennett.
Fixes#17626.
git-svn-id: https://develop.svn.wordpress.org/trunk@33807 602fd350-edb4-49c9-b593-d223f7449a82
* Cases for `0` and `1` should be `'1'` and `'0'`
* Add unit tests for `get_comment_count()`. Currently, there are none.
See #33414.
git-svn-id: https://develop.svn.wordpress.org/trunk@33806 602fd350-edb4-49c9-b593-d223f7449a82
This allows the 'current-cat' or 'current-cat-parent' classes to be applied
to more than one item in the list.
Props vilkatis.
Fixes#33565.
git-svn-id: https://develop.svn.wordpress.org/trunk@33804 602fd350-edb4-49c9-b593-d223f7449a82
When generating a `<ul>` using `wp_list_categories()`, a title `<li>` element
is put at the top of the term list. Current behavior is that this title `<li>`
appears even when no terms are found. The new `hide_title_if_no_cats` param
allows developers to specify that the title should be hidden when the term list
is empty.
Props vilkatis.
Fixes#33460.
git-svn-id: https://develop.svn.wordpress.org/trunk@33764 602fd350-edb4-49c9-b593-d223f7449a82
This allows the `count` property to reflect the pre-delete state of affairs,
rather than always being 0.
Props nicholas_io.
Fixes#33485.
git-svn-id: https://develop.svn.wordpress.org/trunk@33711 602fd350-edb4-49c9-b593-d223f7449a82
Add a query var, `title`, that allows you to query posts by `post_title`. To accomplish this now, you have to do something like:
{{{
$tacos = get_posts( [
'post_type' => 'taco',
's' => $name,
'exact' => true,
'sentence' => true,
'post_status' => 'publish',
'fields' => 'ids',
'posts_per_page' => 1
] );
}}}
Adds unit tests.
Fixes#33074.
git-svn-id: https://develop.svn.wordpress.org/trunk@33706 602fd350-edb4-49c9-b593-d223f7449a82
`test_transient_data_with_timeout()`, `test_transient_add_timeout()`, `test_nonexistent_key_dont_delete_if_false()`, and `test_nonexistent_key_old_timeout` are testing option values which aren't available with an an external object cache like memcache.
see #31491.
git-svn-id: https://develop.svn.wordpress.org/trunk@33702 602fd350-edb4-49c9-b593-d223f7449a82
As of [32484], `wp_dropdown_categories()` uses the `$value_field` value to
decide whether a given `<option>` should be 'selected'. However, `$value_field`
can refer to a value that is a string, such as a category's slug. This causes
problems when doing a loose comparison (`==`) with the value of the `'selected'`
parameter, which defaults to `0`, because when doing a loose comparison
between an integer and a string, PHP will cast the string to an integer. This
creates false matches, resulting in `<option>` elements getting a 'selected'
attribute incorrectly.
We address the issue by casting the comparison values to strings, and then
using the strict comparison operator `===`.
Fixes#33452 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@33681 602fd350-edb4-49c9-b593-d223f7449a82
If the post cache is not cleared at this point, the cache can become stale
for operations performed before the cache is cleared later in the function.
Specifically, the generation of a `guid` for new posts can use stale data,
resulting in non-unique values. [33262] introduced a call to `get_post()`
that introduced just such an invalidation problem.
Fixes#5305.
git-svn-id: https://develop.svn.wordpress.org/trunk@33630 602fd350-edb4-49c9-b593-d223f7449a82
After [33615], `wp_update_term()` no longer checks `$wp_db_version` before
attempting a split. This is because pre-4.1 versions of WordPress must be
allowed to update to 4.3+.
See #30261.
git-svn-id: https://develop.svn.wordpress.org/trunk@33616 602fd350-edb4-49c9-b593-d223f7449a82
Also avoid PHP notices because of orphaned comments in the comments list table.
Includes unit test.
props pento, dd32.
fixes#33154.
git-svn-id: https://develop.svn.wordpress.org/trunk@33614 602fd350-edb4-49c9-b593-d223f7449a82
`assertNotFalse()` is not included in PHPUnit 3.6.12, use `assertInternalType( 'int' )` instead.
fixes#32814.
git-svn-id: https://develop.svn.wordpress.org/trunk@33526 602fd350-edb4-49c9-b593-d223f7449a82
Available items now fade from view while you're searching, and there is an explicit way to clear search results. No results gives a better message, though still brief this time around.
props valendesigns, designsimply, DH-Shredder, helen.
fixes#32710.
git-svn-id: https://develop.svn.wordpress.org/trunk@33511 602fd350-edb4-49c9-b593-d223f7449a82
* Ensure that a Custom Menu widget selecting a newly-inserted menu gets updated to use the new menu ID upon Save & Publish.
* Dynamically update the visibility of the Custom Menu widget's "no menus" message when the number of menus changes between 0 and 1+.
* Send all dirty Customized settings in `update-widget` Ajax request and `preview()` them so that the widget update/form callbacks have access to any data dependencies in the current Customizer session (such as newly created unsaved menus).
* Update link in Custom Menu widget to point to Menus panel as opposed to Menus admin page, when in the Customizer.
* Fix an issue with extra space at top immediately after creating new menu.
* Fix doubled `update-widget` Ajax requests when changing select dropdown; prevent initial from being aborted.
* Add missing `wp_get_nav_menus()` hooks to preview Customizer updates/inserts for `nav_menu` settings; includes tests.
* Update `wp_get_nav_menu_object()` to allow a menu object to be passed in (and thus passed through).
Props westonruter, adamsilverstein.
Fixes#32814.
git-svn-id: https://develop.svn.wordpress.org/trunk@33488 602fd350-edb4-49c9-b593-d223f7449a82
* Tokenize newlines in `WP_Embed::autoembed()` before running `->autoembed_callback()`
* Tokenize newlines with placeholders in `wpautop()`
* Introduce `wp_html_split()` to DRY the RegEx from `wp_replace_in_html_tags()` and `do_shortcodes_in_html_tags()`
Adds unit tests.
Props miqrogroove, kitchin, azaozz.
Fixes#33106.
git-svn-id: https://develop.svn.wordpress.org/trunk@33469 602fd350-edb4-49c9-b593-d223f7449a82
While these two tests will help ensure we don't repeat our mistakes, they mostly help lay the foundation for more tests that still need to be written.
See #32688
Props adamsilverstein, jorbin
git-svn-id: https://develop.svn.wordpress.org/trunk@33451 602fd350-edb4-49c9-b593-d223f7449a82
Allows for new available menu item types/objects to be registered in addition to filtering the available items that are returned for each menu item type/object.
Props valendesigns, imath, westonruter.
See #32832.
Fixes#32708.
git-svn-id: https://develop.svn.wordpress.org/trunk@33366 602fd350-edb4-49c9-b593-d223f7449a82
Removes object_type restriction to allow for future extensibility. Refactors some methods to improve testability. Includes new tests for Ajax requests.
Fixes#32687.
Props valendesigns, welcher, westonruter.
git-svn-id: https://develop.svn.wordpress.org/trunk@33322 602fd350-edb4-49c9-b593-d223f7449a82
Also only exclude these characters for the `words` type. They should be counted for other types.
Add the ASCIIOnly option to the uglify config to preserve escaped unicode characters.
See #30966. Fixes#27391.
git-svn-id: https://develop.svn.wordpress.org/trunk@33292 602fd350-edb4-49c9-b593-d223f7449a82
Don't nest `esc_attr()` and `htmlspecialchars()` when escaping the post title on the edit post screen.
Unrevert parts of [32851] and [32850].
Adds/alters unit tests.
Props miqrogroove.
Fixes#17780.
git-svn-id: https://develop.svn.wordpress.org/trunk@33271 602fd350-edb4-49c9-b593-d223f7449a82
This prevents existing posts with numeric slugs from having their permalinks
changed on update.
Fixes#5305.
git-svn-id: https://develop.svn.wordpress.org/trunk@33262 602fd350-edb4-49c9-b593-d223f7449a82
Reduce some of the clutter in `tests/multisite/site.php` and introduce `tests/multisite/updateBlogDetails.php`. Tests moved over are verbatum at this point.
See #32988.
git-svn-id: https://develop.svn.wordpress.org/trunk@33253 602fd350-edb4-49c9-b593-d223f7449a82
Previously, attempting to run certain test files in isolation would resultin
fatal errors, as the parent classes had not been loaded.
Props isaacchapman.
Fixes#32984.
git-svn-id: https://develop.svn.wordpress.org/trunk@33250 602fd350-edb4-49c9-b593-d223f7449a82
Falling back to Apple app icons is deprecated behavior and will not work
forever. 192px is the recommended size for that icon.
Props kraftbj.
Fixes#32964.
git-svn-id: https://develop.svn.wordpress.org/trunk@33202 602fd350-edb4-49c9-b593-d223f7449a82
* Add an `$exclude` parameter to `recurse_dirsize()`.
* Use this parameter in `get_dirsize()` to exclude `/sites` when on the main site.
* Add tests for main site and switched site.
Props @earnjam, @jeremyfelt.
Fixes#30202.
git-svn-id: https://develop.svn.wordpress.org/trunk@33184 602fd350-edb4-49c9-b593-d223f7449a82
Test to make sure that dbDelta properly inserts a value into the DB.
Props tryon, jtsternberg, ebinnion, JPry, avnarun, kevkoeh, salcode.
Fixes#29020.
git-svn-id: https://develop.svn.wordpress.org/trunk@33175 602fd350-edb4-49c9-b593-d223f7449a82
In step with the UI provided by `wp-admin/network/users.php`, super admin privileges must be removed before a user can be deleted through the API.
Props @johnjamesjacoby, @jeremyfelt.
Fixes#32935.
git-svn-id: https://develop.svn.wordpress.org/trunk@33143 602fd350-edb4-49c9-b593-d223f7449a82
Also includes these related changes:
* Export `oldContainer` and `newContainer` among the `customize-preview-menu-refreshed` event params for themes to be able to more easily re-initialize the DOM elements.
* Improve performance for partial refresh by only sending settings related to the menu being previewed.
* Fix previewing of menu assigned to Custom Menu by exporting a menu `term_id` as opposed to an object, as the former is more stable for comparing in in args hashes.
* Do full refresh of preview when nav menu unassigned so that the layout can be updated.
* Harden conditions for when partial refresh is eligible for a `wp_nav_menu()` instance.
Fixes#32841.
git-svn-id: https://develop.svn.wordpress.org/trunk@33138 602fd350-edb4-49c9-b593-d223f7449a82
These args only need to be cleared out when exported to JavaScript, when they are not JSON-serializable. So the filter now clears these when gathering args for exporting to JS, but otherwise now leaves the original values to be passed through to `wp_nav_menu()`.
Fixes#32781.
git-svn-id: https://develop.svn.wordpress.org/trunk@33131 602fd350-edb4-49c9-b593-d223f7449a82
Includes two modifications for WordPress:
* Removes support for NTLM in `class-smtp.php` since the required client (`extras/ntlm_sasl_client.php`) is not distributed as part of WordPress.
* Requires `class-smtp.php` for backwards compatibility with direct (non-wp_mail()) uses of PHPMailer, as the autoloader isn't used. See [27385].
This also includes a change to our `MockMailer` for unit tests. It now overrides `postSend() instead of `send()`, and `preSend()`.
`preSend()` resets `$this->Encoding` because PHPMailer doesn't clean up after itself / presets all variables. This becomes an issue when `PHPMailer::createBody()` sets `$this->Encoding = 'quoted-printable'` (away from it's default of 8bit) when it encounters a line longer than 998 characters. `Tests_Comment::test_comment_field_lengths` is such a case.
props MattyRob, dd32.
fixes#28909.
git-svn-id: https://develop.svn.wordpress.org/trunk@33124 602fd350-edb4-49c9-b593-d223f7449a82
If you are subclassing these classes in your own tests, you'll need to update your code.
Props johnbillion
See #31982
git-svn-id: https://develop.svn.wordpress.org/trunk@33123 602fd350-edb4-49c9-b593-d223f7449a82
In cases where a user has the `edit_others_posts` capability but not
`publish_posts`, it was possible for that user to unstick a post after editing,
since the input field was never made available in that context.
Props ericmann, chriscct7.
Fixes#24153.
git-svn-id: https://develop.svn.wordpress.org/trunk@33096 602fd350-edb4-49c9-b593-d223f7449a82