Commit Graph

37211 Commits

Author SHA1 Message Date
Weston Ruter
5346347de7 Customize: Remove unnecessary call to refresh() a CodeMirror instance upon focus in Code Editor control.
This also fixes an issue with the cursor not being set in the expected location with an `inputStyle=contenteditable`.

Props afercia.
See #41897.
Fixes #41900.


git-svn-id: https://develop.svn.wordpress.org/trunk@41582 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-23 18:45:49 +00:00
Sergey Biryukov
81551b9e36 Posts, Post Types: Pass $post parameter to post_submitbox_start, attachment_submitbox_misc_actions, media_submitbox_misc_sections, audio_submitbox_misc_sections filters.
Props sebastian.pisula, SergeyBiryukov.
Fixes #36206.

git-svn-id: https://develop.svn.wordpress.org/trunk@41581 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-23 17:06:40 +00:00
Sergey Biryukov
9fc9372d57 Twenty Sixteen: After [41343], add missing space to if condition in twentysixteen_content_image_sizes_attr().
Fixes #38468.

git-svn-id: https://develop.svn.wordpress.org/trunk@41580 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-23 12:24:13 +00:00
Sergey Biryukov
4994c77b28 I18N: Remove HTML tags from translatable strings in wp-activate.php.
Props ramiy.
Fixes #41645.

git-svn-id: https://develop.svn.wordpress.org/trunk@41579 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-23 12:20:39 +00:00
Sergey Biryukov
de9ab629eb Login and Registration: Replace home URL in password reset email with the site name to avoid confusing the user with multiple links.
Props Presskopp, code-monkey.
Fixes #38328.

git-svn-id: https://develop.svn.wordpress.org/trunk@41578 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-23 11:43:28 +00:00
Sergey Biryukov
338cb64a6a Customize: Tweak "New Custom HTML Widget" pointer text to be a bit less informal and more inclusive.
Props birgire, mrasharirfan, danieltj.
Fixes #41798.

git-svn-id: https://develop.svn.wordpress.org/trunk@41577 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-23 11:25:56 +00:00
Sergey Biryukov
bc23b8840d Quick/Bulk Edit: Remove duplicate inline-edit-{$screen->post_type} CSS class from Quick Edit table rows.
Props ibachal.
Fixes #41906.

git-svn-id: https://develop.svn.wordpress.org/trunk@41576 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-23 11:01:45 +00:00
Sergey Biryukov
784d983f59 XML-RPC: Update the string in test_parent_for_nonhierarchical() to match the string added in [41574].
Props netweb.
Fixes #41637.

git-svn-id: https://develop.svn.wordpress.org/trunk@41575 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-23 08:19:54 +00:00
Sergey Biryukov
5af4552f6d I18N: Merge two similar "Cannot set parent term" error strings.
Props ramiy.
Fixes #41637.

git-svn-id: https://develop.svn.wordpress.org/trunk@41574 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 22:07:35 +00:00
Sergey Biryukov
b9f3ed82d6 Docs: Add @access private entries for _get_component_from_parsed_url_array() and _wp_translate_php_url_constant_to_key().
Props ajayghaghretiya1.
Fixes #41282.

git-svn-id: https://develop.svn.wordpress.org/trunk@41573 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 21:59:55 +00:00
Sergey Biryukov
1d172096cc I18N: Merge two similar error strings.
Props ramiy.
Fixes #39172.

git-svn-id: https://develop.svn.wordpress.org/trunk@41572 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 20:54:25 +00:00
Andrew Ozz
5c14c97f9d Plupload: also delete plupload.full.min.js when updating.
See #41755.

git-svn-id: https://develop.svn.wordpress.org/trunk@41571 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 20:47:58 +00:00
Andrew Ozz
6971f7565e Plupload: minify and load plupload.js and moxie.js separately to make them easier to debug.
Props gmariani405, azaozz.
Fixes #41755.

git-svn-id: https://develop.svn.wordpress.org/trunk@41570 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 20:09:49 +00:00
Sergey Biryukov
b4e9d5a125 Media: Improve the preview of transparent images in Attachment Details modal by using CSS3 to show a checkered background.
Props powerzilly, stevepuddick.
Fixes #41948.

git-svn-id: https://develop.svn.wordpress.org/trunk@41569 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 19:56:14 +00:00
Sergey Biryukov
40d47b90cb Admin CSS: Autoprefixer for [41329].
See #39662.

git-svn-id: https://develop.svn.wordpress.org/trunk@41568 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 19:50:57 +00:00
Sergey Biryukov
c33e16661d Docs: Correct filename references in duplicate hook comments for post_password_required filter.
Props coffee2code.
Fixes #41959.

git-svn-id: https://develop.svn.wordpress.org/trunk@41567 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 18:33:11 +00:00
Sergey Biryukov
3dff531717 Help/About: Tweak Help tabs on Users screen for consistency with Posts screen.
Props bnap00, Arena94.
Fixes #40553.

git-svn-id: https://develop.svn.wordpress.org/trunk@41566 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 18:30:10 +00:00
Sergey Biryukov
fa9892a8a3 Embeds: Introduce embed_thumbnail_id filter for thumbnail image ID in the embed template.
Props ketuchetan, Dency, jontyravi, Ov3rfly.
Fixes #39759.

git-svn-id: https://develop.svn.wordpress.org/trunk@41565 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 17:34:24 +00:00
Sergey Biryukov
af90dd0682 Docs: Correct description for insert_user_meta filter.
Props milana_cap, desrosj.
Fixes #41951.

git-svn-id: https://develop.svn.wordpress.org/trunk@41564 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 13:13:41 +00:00
Sergey Biryukov
0c66c82b7c Taxonomy: Convert tag cloud in Tags meta box to a list (<ul>) for better semantics and accessibility.
An unordered list allows screen reader users to know in advance how many tags are within the list.

Props audrasjb, afercia.
Fixes #40187.

git-svn-id: https://develop.svn.wordpress.org/trunk@41563 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 11:27:44 +00:00
Sergey Biryukov
8906b0cdf9 Docs: Change $args to $r in the DocBlock for http_api_debug filter to match the variable name.
Props bor0, ronakganatra.
Fixes #41379.

git-svn-id: https://develop.svn.wordpress.org/trunk@41562 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 09:32:30 +00:00
Weston Ruter
8412ff1f44 Plugin Editor: Use include_once instead of include in plugin_sandbox_scrape() to fix unit tests broken with [41560].
See #39766.


git-svn-id: https://develop.svn.wordpress.org/trunk@41561 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 02:00:33 +00:00
Weston Ruter
f07591d1fd Plugin Editor: Improve reliability of detecting PHP fatal errors when editing an active plugin.
* Invalidate PHP opcache after file is updated to ensure `include` will ''include'' the written changes.
* Define `WP_ADMIN` when activating plugin in sandbox so plugin code targeting admin will be loaded.
* Do actions that get triggered when loading the admin to ensure plugin code runs that could cause errors on plugin editor screen (and lock out access).
* Fix ability to re-activate a plugin after editing a PHP file other than the main plugin file, and ensure PHP fatal error will be displayed in such cases.
* Consolidate duplicated code into `plugin_sandbox_scrape()` and re-use in `activate_plugin()`.
* Show an error notice instead of a success notice when a file is updated but a plugin was deactivated due to a fatal error.
* Update style of warning when editing an active plugin to be styled as an actual warning notice.

See #12423, #21622.
Fixes #39766.


git-svn-id: https://develop.svn.wordpress.org/trunk@41560 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-22 01:35:09 +00:00
Adam Silverstein
e92db998d2 Revisions: correct a timezone display issue.
When preparing the data for the revisions screen, add ' +0000' to the gmt date string before passing it thru `strtotime`.

Props biranit, nacin, buley.
Fixes #25365.


git-svn-id: https://develop.svn.wordpress.org/trunk@41559 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 23:32:25 +00:00
Weston Ruter
a91d3980df Customize: Introduce extensible code editor Customizer control for CodeMirror.
* Adds `WP_Customize_Code_Editor_Control` and `wp.customize.CodeEditorControl()`.
* Control respects user preference for syntax highlighting, showing a textarea when user opts out.
* Code editor control takes the ad hoc code for Additional CSS and makes it reusable and extensible, for Additional CSS in core and plugins to use (such as Jetpack).
* Replace `settings` arg in `wp_enqueue_code_editor()` with separate args for `codemirror`, `csslint`, `jshint`, and `htmlhint`.
* Prefix `codemirror` script and style handles with `wp-` to prevent collisions, as also the object is exported as `wp.CodeMirror` in JS.
* Reduce indent size in Customizer code editor instances and Custom HTML widget to use tab size of 2 instead of 4 to save on space.

See #12423, #38707, #35395.
Fixes #41897.


git-svn-id: https://develop.svn.wordpress.org/trunk@41558 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 23:03:06 +00:00
Adam Silverstein
7a5d0cc29b Customizer: retain aspect ration when cropping media w/ shift+click/drag.
Enforce a 1:1 ratio when holding the shift key and dragging in the image cropping tool in the customizer context.

Props melchoyce, mikeschroder.
Fixes #40211.


git-svn-id: https://develop.svn.wordpress.org/trunk@41557 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 22:44:38 +00:00
Adam Silverstein
52bdeee37d Login: Password reset - add hide icon & confirm weak password checkbox.
Extends the password features added in 4.3 to the password reset flow.

Props johnbillion, manolis09, umesh.nevase, Nikschavan.



git-svn-id: https://develop.svn.wordpress.org/trunk@41556 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 21:28:07 +00:00
Konstantin Obenland
9b7c97af26 Widgets: Improved sidebar mapping on theme switch
Builds on efforts brought forward in #17979.

This will send sidebars through three levels of mapping:

1. If both themes have only one sidebar, that gets mapped.
2. If both themes have sidebars with the same slug, they get mapped.
3. Sidebars that (even partially) match slugs from a similar kind of sidebar will get mapped.

Finally, if the theme has previously been active and we have a record of its 
sidebar configuration then, any unmapped sidebar will be restored to its 
previous state.

Props westonruter, obenland, alexvorn2, timmydcrawford.
See #39693.



git-svn-id: https://develop.svn.wordpress.org/trunk@41555 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 18:45:03 +00:00
Andrew Ozz
8436a4f117 Remove SWFUpload,
- Refactor swfupload.js to output a simple upload form, and handlers.js.
- Delete the SWFUpload plugins directory and swfupload.swf.
- Remove flash cookies "hack" from async-upload.php.

See #41752.

git-svn-id: https://develop.svn.wordpress.org/trunk@41554 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 16:34:31 +00:00
Adam Silverstein
80c424900e REST API JS Client: Improve nonce handling, refresh stale nonce on sync.
Keep the nonce used for cookie based authentication fresh by pulling in and using any new nonce supplied in the response headers.

* Enable passing nonce to init so each api/endpoint can use a unique nonce.
* Store nonce for endpoint on endpointModel.
* New model helper `nonce()` retrieves a model's routeModel nonce.
* When a response header contains a nonce that doesn't match the stored nonce, replace it.

Fixes #40422.


git-svn-id: https://develop.svn.wordpress.org/trunk@41553 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 12:57:16 +00:00
John Blackbourn
40088ea12a Multisite: Correct the docs for maybe_add_existing_user_to_blog().
See #41017


git-svn-id: https://develop.svn.wordpress.org/trunk@41552 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 12:27:30 +00:00
Sergey Biryukov
9ad6dab3db Docs: Use correct order of arguments in the DocBlock for WP_Hook::has_filter().
Props munyagu.
Fixes #41941.

git-svn-id: https://develop.svn.wordpress.org/trunk@41551 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 09:59:12 +00:00
Weston Ruter
d3c8a675ae Customize: Let media control button labels better automatically reflect the specified MIME type.
Props Christian1012, celloexpressions, westonruter.
Fixes #38796.


git-svn-id: https://develop.svn.wordpress.org/trunk@41550 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-20 21:23:51 +00:00
Weston Ruter
ebb578b2d9 Widgets: Omit attributes from an Image widget's link when they are empty.
Props subrataemfluence, Nenad Obradovic, westonruter.
See #39993.
Fixes #41919.


git-svn-id: https://develop.svn.wordpress.org/trunk@41549 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-20 19:44:13 +00:00
Sergey Biryukov
6d341ef5e5 Twenty Seventeen: Document the type of $item argument in twentyseventeen_dropdown_icon_to_menu_link() more accurately.
Props ndoublehwp.
Fixes #41923.

git-svn-id: https://develop.svn.wordpress.org/trunk@41548 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-20 18:14:13 +00:00
Weston Ruter
b7c70cad14 Widgets: Add Customizer preview support to the Category widget when navigating to a category via dropdown.
Switch to using a `form` that is submitted as opposed to making a direct JavaScript call to change the `window.location`. This ensures the Customizer is able to inject the customized state into the request.

Fixes #41671.


git-svn-id: https://develop.svn.wordpress.org/trunk@41547 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-20 03:15:19 +00:00
Dominik Schilling (ocean90)
187f352e9d Taxonomy/Users: Use correct escaping function for URLs.
git-svn-id: https://develop.svn.wordpress.org/trunk@41522 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 21:13:32 +00:00
Aaron D. Campbell
e95dc5a26f Database: Hardening to bring wpdb::prepare() inline with documentation.
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.



git-svn-id: https://develop.svn.wordpress.org/trunk@41496 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 17:55:33 +00:00
Aaron D. Campbell
88464ecd41 Database: Don’t trigger _doing_it_wrong() for null values in wpdb::prepare().
While `wpdb::prepare()` does not support null values (see #12819) they still appear in the wild like in the WordPress Importer and other plugins.



git-svn-id: https://develop.svn.wordpress.org/trunk@41483 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 16:05:26 +00:00
aaroncampbell
eb012314d0 Database: Hardening for wpdb::prepare()
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.



git-svn-id: https://develop.svn.wordpress.org/trunk@41470 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 14:47:46 +00:00
John Blackbourn
64e8c4952a Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues.
git-svn-id: https://develop.svn.wordpress.org/trunk@41457 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 14:35:09 +00:00
aaroncampbell
8e9dbf3c35 oEmbed: Add extra hardening around allowed HTML for improved sandboxing.
git-svn-id: https://develop.svn.wordpress.org/trunk@41448 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 13:41:52 +00:00
John Blackbourn
fa4713e898 General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area.
Props kawauso, Mte90 for initial patches

Fixes #13377


git-svn-id: https://develop.svn.wordpress.org/trunk@41399 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 10:10:35 +00:00
Dominik Schilling (ocean90)
7be5b80976 Taxonomy/Users: Provide a fallback for incorrect HTTP referrers.
git-svn-id: https://develop.svn.wordpress.org/trunk@41398 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 09:12:27 +00:00
Dominik Schilling (ocean90)
ec269e4283 Customize: Ensure valid themes in the preview.
git-svn-id: https://develop.svn.wordpress.org/trunk@41397 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 08:38:43 +00:00
Dominik Schilling (ocean90)
49540b271c TinyMCE: Improve the previews for shortcodes.
git-svn-id: https://develop.svn.wordpress.org/trunk@41395 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 08:18:15 +00:00
Dominik Schilling (ocean90)
1f0d51dbd2 Editor: Prevent adding javascript: and data: URLs through the inline link dialog.
git-svn-id: https://develop.svn.wordpress.org/trunk@41393 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 08:00:40 +00:00
Weston Ruter
ce69e660bd Customize: Add notifications API to sections and panels.
* Adds a `notifications` property to instances of `wp.customize.Panel` and `wp.customize.Section`.
* Adds a `setupNotifications()` method to `Panel`, `Section`, and `Control`.
* Adds a `getNotificationsContainerElement()` method to the `Panel` and `Section` classes, like `Control` has.
* Replace hard-coded notification in header media section with a notification.
* Limit rendering notifications to panels and sections that are expanded, and to controls that have an expanded section.

See #34893, #35210, #38778.
Fixes #38794.


git-svn-id: https://develop.svn.wordpress.org/trunk@41390 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 05:39:37 +00:00
Weston Ruter
eab65862b0 Customize: Show notification error with "Your homepage displays" control when homepage and posts page are set to be the same (but not empty).
* Show global error notiafication when saving is blocked due to client-side setting invalidity.
* Refactor `wp.customize.Notifications#render()` to ensure a notification re-renders if its `message` or data changes but its `code` does not.

Props MatheusGimenez, sixhours, westonruter, karmatosed, aocean90, zoonini, michelleweber, melchoyce.
See #35210.
Fixes #21492.


git-svn-id: https://develop.svn.wordpress.org/trunk@41389 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 00:45:23 +00:00
Weston Ruter
df1bf4a883 Customize: Add wp_is_uuid() validation function with optional second $version=4 parameter to enforce v4 random UUIDs.
Props jonathanbardo.
Fixes #39778.


git-svn-id: https://develop.svn.wordpress.org/trunk@41388 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-18 23:03:06 +00:00