Commit Graph

2112 Commits

Author SHA1 Message Date
Boone Gorges
e9ef25d9f6 Query: Allow the hyphen-prefix-for-search-exclusion feature to be disabled by filter.
WordPress 4.4 introduced "hyphen exclusion" for search terms, so that
"foo -bar" would return posts containing "foo" AND not containing "bar".
The new filter 'wp_query_use_hyphen_for_exclusion' allows developers
to disable this feature when it's known that their content will contain
semantically important leading hyphens.

Props chriseverson, choongsavvii.
Fixes #38099.

git-svn-id: https://develop.svn.wordpress.org/trunk@38792 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-14 20:05:40 +00:00
Rachel Baker
a94f468051 REST API: Support sites with index-style permalinks in get_rest_url().
Support the index-style permalinks (http://example.com/index.php/postName) when registering the REST API rewrite rules and within the `get_rest_url()` function. This allows sites that do not have mod_rewrite support to have almost pretty urls and have access to their REST API endpoints.

Props kraftbj.
Fixes #38182.

git-svn-id: https://develop.svn.wordpress.org/trunk@38790 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-14 19:29:08 +00:00
John Blackbourn
3083effa52 Users: Use the role name instead of the role display name when fetching the list of users with no role. This avoids false positives when dealing with user roles that, for example, contain spaces in the display name.
Props procodewp, choongsavvii
Fixes #38234


git-svn-id: https://develop.svn.wordpress.org/trunk@38787 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-14 12:04:50 +00:00
Jeremy Felt
ee259e073a Multisite: Maintain switched state in site icon/logo functions.
Adjusts `get_custom_logo()`, `get_site_icon_url()`, and `has_custom_logo()` so that when called in a switched state, the original switched stack is not adjusted.

Props achbed, flixos90.
Fixes #38253.


git-svn-id: https://develop.svn.wordpress.org/trunk@38786 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-13 22:27:15 +00:00
Gary Pendergast
595c76de1a KSES: Deprecate wp_kses_js_entities().
This function was originally introduced to fix an XSS attack in Netscape 4, which never affected any other browsers, or later versions of Netscape.

I'm willing to go out on a limb, and say that we've officially dropped security support for Netscape 4.

Props dmsnell, desrosj.
Fixes #33848.



git-svn-id: https://develop.svn.wordpress.org/trunk@38785 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-13 22:24:27 +00:00
Boone Gorges
7e8e642ead Taxonomy: Cache results of term count queries.
Fixes #38295.

git-svn-id: https://develop.svn.wordpress.org/trunk@38784 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-12 15:29:03 +00:00
Boone Gorges
eb12311afb Comments: Abstract die() calls from comment submission routine.
Since 4.4, comment submission has been mostly abstracted into a function,
rather than being processed inline in wp-comments-post.php. This change
made it easier to write automated tests against the bulk of the comment
submission process. `wp_allow_comment()` remained untestable, however:
when a comment failed one of its checks (flooding, duplicates, etc),
`die()` or `wp_die()` would be called directly. This shortcoming posed
problems for any application attempting to use WP's comment verification
functions in an abstract way - from PHPUnit to the REST API.

The current changeset introduces a new parameter, `$avoid_die`, to the
`wp_new_comment()` stack. When set to `true`, `wp_new_comment()` and
`wp_allow_comment()` will return `WP_Error` objects when a comment check
fails. When set to `false` - the default, for backward compatibility -
a failed check will result in a `die()` or `wp_die()`, as appropriate.

Prior to this changeset, default comment flood checks took place in the
function `check_comment_flood_db()`, which was hooked to the
'check_comment_flood' action. This design allowed the default comment
flood routine to be bypassed or replaced using `remove_action()`.
In order to maintain backward compatibility with this usage, while
simultaneously converting the comment flood logic into something that
returns a value rather than calling `die()` directly,
`check_comment_flood_db()` has been changed into a wrapper function for
a call to `add_filter()`; this, in turn, adds the *actual* comment flood
check to a new filter, 'wp_is_comment_flood'. Note that direct calls
to `check_comment_flood_db()` will no longer do anything in isolation.

Props websupporter, rachelbaker.
Fixes #36901.

git-svn-id: https://develop.svn.wordpress.org/trunk@38778 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-11 03:42:28 +00:00
Boone Gorges
5fef526cca Taxonomy: Better error handling when fetching object terms from cache.
Since [37573], `get_object_term_cache()` has expected term IDs to be
stored in the taxonomy relationship cache. The function would then
reach directly into the 'terms' cache to fetch the data corresponding
to a given term, before returning a `WP_Term` object. This caused
problems when, for one reason or another, term data was cached
inconsistently:

* If the 'terms' cache is empty for a given term ID, despite the earlier call to `_prime_term_caches()`, `get_term()` would return an error object.
* If the array of cached term IDs contains an invalid ID, `get_term()` would return an error object.

We avoid these errors by no longer touching the 'terms' cache directly,
but running term IDs through `get_term()` and allowing that function to
reference the cache (and database, as needed). If `get_term()` returns
an error object for any of the cached term IDs, `get_object_term_cache()`
will return that error object alone. This change ensures that upstream
functions, like `get_the_terms()`, return `WP_Error` objects in a
predictable fashion.

Props dd32, michalzuber.
Fixes #37291.

git-svn-id: https://develop.svn.wordpress.org/trunk@38776 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-11 01:55:58 +00:00
Andrew Ozz
7b3132214e TiinyMCE: update to 4.4.3, changelog: https://www.tinymce.com/docs/changelog/#version443-september12016
Fixes #38081, #38245, #37507, #37808 and #38000.

git-svn-id: https://develop.svn.wordpress.org/trunk@38773 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-11 00:09:03 +00:00
Rachel Baker
08b94111cb REST API: Remove reference to the plugin in infrastructure activation test.
Also adds class exists checks for WP_REST_Request and WP_REST_Response.

Props kraftbj.
Fixes #38279.

git-svn-id: https://develop.svn.wordpress.org/trunk@38771 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-10 21:48:02 +00:00
John Blackbourn
0842857b5c Role/Capability: Add tests for all user roles that check custom capabilities that do not have any form of handling (eg. in a map_meta_cap filter).
See #38191


git-svn-id: https://develop.svn.wordpress.org/trunk@38769 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-10 14:39:35 +00:00
Gary Pendergast
6774e27ae7 General: Restore usage of $wpdb, instead of $this->db.
Hiding the `$wpdb` global behind a property decreases the readability of the code, as well as causing irrelevant output when dumping an object.

Reverts [38275], [38278], [38279], [38280], [38387].
See #37699.



git-svn-id: https://develop.svn.wordpress.org/trunk@38768 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-10 06:37:02 +00:00
Weston Ruter
f4779221a3 Customize: Ensure customize_validate_{$setting->id} filters apply on input post values for WP_Customize_Setting subclasses that neglect to apply the filter themselves.
Fixes #37638.


git-svn-id: https://develop.svn.wordpress.org/trunk@38765 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-09 20:07:16 +00:00
John Blackbourn
b4f01bb97f Build/Test Tools: Continue eliminating randomness in tests.
See [38762]
See #37371


git-svn-id: https://develop.svn.wordpress.org/trunk@38763 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-09 01:29:04 +00:00
John Blackbourn
c91be6f1fe Build/Test Tools: Begin eliminating unnecessary randomness in tests.
Although unlikely, clashes in randomly generated strings could cause unexpected failures. In addition, most randomness is entirely unnecessary, is bad practice, and increases test time (however small it may be).

See #37371


git-svn-id: https://develop.svn.wordpress.org/trunk@38762 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-09 01:11:14 +00:00
John Blackbourn
b45f2feada Build/Test Tools: Revert [38759]. PHPUnit's @requires syntax was introduced in PHPUnit 3.7, but the tests for PHP 5.2 use PHPUnit 3.6 because it's the latest version that supports PHP 5.2.
Fixes #38256


git-svn-id: https://develop.svn.wordpress.org/trunk@38761 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-08 22:42:12 +00:00
John Blackbourn
471103de31 Media: Correct the hostname used in the wp_get_attachment_metadata() test.
See #36246


git-svn-id: https://develop.svn.wordpress.org/trunk@38760 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-08 12:04:39 +00:00
John Blackbourn
b3d15125a6 Build/Test Tools: Make use of PHPUnit's @requires notation.
Fixes #38256


git-svn-id: https://develop.svn.wordpress.org/trunk@38759 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-08 01:19:11 +00:00
John Blackbourn
3fad194f64 HTTP API: Remove an unnecessary duplicate HTTP request in the HTTP tests.
See #30017


git-svn-id: https://develop.svn.wordpress.org/trunk@38758 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-08 01:02:40 +00:00
John Blackbourn
8f5999fe47 HTTP API: Convert the POST redirect test to use a dataProvider in order for its speed to be more accurately measured.
See #38237


git-svn-id: https://develop.svn.wordpress.org/trunk@38757 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-08 00:29:20 +00:00
John Blackbourn
1271cbd258 Themes: Remove paged.php from the theme template hierarchy.
The position of this template within the hierarchy is of so little use that zero themes in the WordPress.org theme directory make use of it. It's second only to `index.php` in the hierarchy, meaning that any archive template such as `category.php` or `archive.php` will be chosen before it.

Fixes #38162
Props ryankienstra for initial patch


git-svn-id: https://develop.svn.wordpress.org/trunk@38755 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-07 21:02:39 +00:00
swissspidy
b2f60b5419 Taxonomy: Introduce WP_Taxonomy and use it in register_taxonomy() and unregister_taxonomy().
This changes the global `$wp_taxonomies` to an array of `WP_Taxonomy ` objects. `WP_Taxonomy ` includes methods to handle rewrite rules and hooks.
Each taxonomy argument becomes a property of `WP_Taxonomy`. Introducing such a class makes further improvements in the future much more feasible.

Props boonebgorges for review.
Fixes #36224. See #36217.

git-svn-id: https://develop.svn.wordpress.org/trunk@38747 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-07 17:11:02 +00:00
Pascal Birchler
f683e9aae1 Menus: Do not show trashed posts in nav menus.
Trashed posts cannot be accessed by site visitors and thus should not be visible on the front end. By marking menu items of trashed posts as invalid, they are excluded from the output.

Props solarissmoke, swissspidy.
Fixes #19038.

git-svn-id: https://develop.svn.wordpress.org/trunk@38744 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-07 16:49:19 +00:00
Rachel Baker
9dd9880600 Comments: Account for the comment_order option in get_page_of_comment().
Use the value of the `comment_order` setting to determine the date_query key to pass to `WP_Comment_Query`.
Fixes a bug where sites that had comments ordered "newest" first would have the incorrect page number returned.

Props tyxla, boonebgorges.
Fixes #31101.

git-svn-id: https://develop.svn.wordpress.org/trunk@38740 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-06 17:41:51 +00:00
Rachel Baker
57a80e2c84 Comments: Improve check for previous comments for authenticated users in check_comment().
When the 'comment_whitelist' option is enabled and the commenter is an authenticated user, query for the existence of an approved comment with a matching `user_id`.  This allows authenticated users that have changed their email address to bypass having their comment held for moderation.

Props voldemortensen, rachelbaker.
Fixes #28603.

git-svn-id: https://develop.svn.wordpress.org/trunk@38738 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-06 15:50:55 +00:00
joemcgill
2eade6230d Media: Better handling of JOINs when searching filenames.
Following [38625], any media searches that already included JOINs,
e.g., `tax_queries`, would get trampled when we joined the post meta
table to search for filenames. This preserves existing JOINs and
also only applies the `_filter_query_attachment_filenames()` filter
when a search query is being performed.

Props flixos90, joemcgill.
Fixes #22744.

git-svn-id: https://develop.svn.wordpress.org/trunk@38733 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-05 19:50:02 +00:00
John Blackbourn
48e2bde86b Role/capability: Add more complete capability and role assertions to existing user capability tests. Also reuses one more user account fixtures.
Fixes #38236
See #38235


git-svn-id: https://develop.svn.wordpress.org/trunk@38732 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-05 17:17:02 +00:00
John Blackbourn
7581f3cc25 Role/Capability: Reuse some user account fixtures in the user capability tests.
See #38235


git-svn-id: https://develop.svn.wordpress.org/trunk@38731 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-05 16:56:32 +00:00
Peter Wilson
3d2f8ba836 HTTP API: Simplify wp_parse_url() to ensure consistent results.
[38694] revealed some URL formats were been parsed incorrectly, including those used by Google Fonts. This change simplifies the function to use placeholder values which cause PHP's parsing to behave consistently.

Props jrf, peterwilsoncc.
Fixes #36356.


git-svn-id: https://develop.svn.wordpress.org/trunk@38726 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-04 20:32:40 +00:00
Gary Pendergast
f881c4e646 Emoji: Update some failing unit tests.
The changes in [38717] weren't reflected in the associated unit tests.

See #38113.



git-svn-id: https://develop.svn.wordpress.org/trunk@38724 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-04 10:37:59 +00:00
boonebgorges
3b6202a4d2 Query: Add nicename and login params to user query.
New parameters are: `login`, `login__in`, `login__not_in`, `nicename`,
`nicename__in`, `nicename__not_in`.

`login__in` and `nicename__in` are also now valid values for the
'orderby' parameter.

Props ryanplas.
Fixes #36624.

git-svn-id: https://develop.svn.wordpress.org/trunk@38715 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-04 02:26:26 +00:00
Sergey Biryukov
0a23c4d206 Unit Tests: Remove unused variable in Tests_oEmbed::dataShouldNotMatchOembedRegex().
Props jrf.
See #38187.

git-svn-id: https://develop.svn.wordpress.org/trunk@38714 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-04 00:50:09 +00:00
Gary Pendergast
7e4e9f1ce7 Shortcodes: Add a do_shortcode_tag filter.
The addition of the `pre_do_shortcode_tag` in [38506] allows plugins to short-circuit the shortcode execution process, which is particularly helpful for caching expensive shortcodes.

The `do_shortcode_tag` is the corresponding part of that system - when a shortcode hasn't been executed previously, there needs to be a clean method of populating the cache.

Props flixos90.
Fixes #32790.



git-svn-id: https://develop.svn.wordpress.org/trunk@38713 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-04 00:38:45 +00:00
Konstantin Obenland
e3becde640 Tests: Add newly introduced theme to theme list.
Introduced in [38710].

See #37924.



git-svn-id: https://develop.svn.wordpress.org/trunk@38712 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-03 18:44:19 +00:00
Konstantin Obenland
ab087dadfc Themes: Account for uppercase chars when managing themes.
Fixes a bug where the UI wasn't updated after deleting/updating a theme.

Also introduces unit tests for theme management ajax handlers. For now they're
focused on `wp_ajax_update_theme()` but they can include tests for other
handlers as well.

Props chrisjean for initial patch.
Fixes #37924.
 


git-svn-id: https://develop.svn.wordpress.org/trunk@38710 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-03 18:12:57 +00:00
Pascal Birchler
bcf50fedcd Toolbar: Be more strict about adding a 'View Posts' link to the toolbar.
After [38634], this adjusts the behaviour to remove redundancy by not displaying the link if the latest posts are shown on the front page. In that scenario, the 'Visit Site' link already points to the latest posts.

Fixes #34113.

git-svn-id: https://develop.svn.wordpress.org/trunk@38708 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-03 08:37:27 +00:00
Pascal Birchler
f231e7233d I18N: Introduce a user-specific language setting.
By enabling the user to select their preferred locale when editing the profile, we allow for greater personalization of the WordPress admin and therefore a better user experience.

The back end will be displayed in the user's individual locale while the locale used on the front end equals the one set for the whole site. If the user didn't specify a locale, the site's locale will be used as a fallback. The new `locale` property of the `WP_User` class can be used to retrieve the user's locale setting.

Props ocean90, ipm-frommen, swissspidy.
Fixes #29783.

git-svn-id: https://develop.svn.wordpress.org/trunk@38705 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-03 07:03:41 +00:00
Peter Wilson
fe0ba53c44 Meta: Improve ID casting when getting, updating or deleting meta data.
Blindly casting IDs to absolute integers in `get_metadata_by_mid()`, `update_metadata_by_mid()` and `delete_metadata_by_mid()` can cause unexpected behaviour when a floating or negative number is passed.

Fixes #37746.


git-svn-id: https://develop.svn.wordpress.org/trunk@38699 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-01 06:27:27 +00:00
John Blackbourn
17ef6d8cfa Taxonomy: Introduce more fine grained capabilities for managing taxonomy terms.
This introduces the singular `edit_term`, `delete_term`, and `assign_term` meta capabilities for terms, and switches the base capability name for tags from `manage_categories` to `manage_post_tags` and the corresponding `edit_post_tags`, `delete_post_tags`, and `assign_post_tags`.

All of these capabilities ultimately map to `manage_categories` so by default there is no change in the behaviour of the capabilities for categories, tags, or custom taxonomies. The `map_meta_cap` filter and the `capabilities` argument when registering a taxonomy now allow for control over editing, deleting, and assigning individual terms, as well as a separation of capabilities for tags from those of categories.

Fixes #35614
Props johnjamesjacoby for feedback


git-svn-id: https://develop.svn.wordpress.org/trunk@38698 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 22:39:32 +00:00
John Blackbourn
ad6ef7c110 Role/Capability: Introduce tests that assert the primitive and meta capability tests test the correct capabilities.
Fixes #38191


git-svn-id: https://develop.svn.wordpress.org/trunk@38697 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 22:11:47 +00:00
John Blackbourn
ec49d4d3d1 Role/Capability: Correct some meta capabilities that were incorrectly listed as primitive capabilities in the role and capability tests.
See #38191


git-svn-id: https://develop.svn.wordpress.org/trunk@38696 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 22:10:27 +00:00
John Blackbourn
e0f4a218fb HTTP API: Add a $component parameter to wp_parse_url() to give it parity with PHP's parse_url() function.
Fixes #36356
Props jrf


git-svn-id: https://develop.svn.wordpress.org/trunk@38694 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 21:46:43 +00:00
Dominik Schilling (ocean90)
41fc5ba881 Embeds: Add oEmbed support for User, List and Like Twitter timelines.
Props earnjam.
Fixes #38003.

git-svn-id: https://develop.svn.wordpress.org/trunk@38693 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 21:42:01 +00:00
Dominik Schilling (ocean90)
f603891a41 Embeds: Update the oEmbed provider test suite.
* Dailymotion: Use an URL for an existing video.
* Facebook: Remove URLs which don't exist and update provider map for [38691].

See #32360.

git-svn-id: https://develop.svn.wordpress.org/trunk@38692 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 21:01:36 +00:00
Joe Hoyle
2da297eeaf Options: Add Unit tests for register_setting.
Test `register_setting` with old and new style of arguments.

Props rmccue.
Fixes #37885.


git-svn-id: https://develop.svn.wordpress.org/trunk@38690 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 20:23:33 +00:00
Dominik Schilling (ocean90)
a245ff9c54 Add 'urn' to the list of URI protocols whitelisted by default.
Props geekysoft, jorbin.
Fixes #37300.

git-svn-id: https://develop.svn.wordpress.org/trunk@38686 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 13:14:54 +00:00
Dominik Schilling (ocean90)
5273c469d8 Add test for each whitelisted URI protocol in wp_allowed_protocols().
Move test from [25301] to the new file.

Fixes #38198.

git-svn-id: https://develop.svn.wordpress.org/trunk@38685 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 13:12:00 +00:00
Sergey Biryukov
335cb0223f Embeds: Escape periods in oEmbed regex.
Props jrf.
Fixes #38187.

git-svn-id: https://develop.svn.wordpress.org/trunk@38684 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 11:24:08 +00:00
Jeremy Felt
824a10a8a6 Multisite: Ensure a consistent WP_Site return from get_site_by_path().
It is possible to short circuit `get_site_by_path()` using the `pre_get_site_by_path` filter. When this happens and a standard site object is provided, we can make sure it is upgraded to a proper `WP_Site` object before passing it on.

Props flixos90.
Fixes #37053.


git-svn-id: https://develop.svn.wordpress.org/trunk@38681 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 04:09:45 +00:00
Boone Gorges
8f30d56cdc Tests: Move get_the_excerpt() tests to their own file.
See #36934. Fixes #38196.


git-svn-id: https://develop.svn.wordpress.org/trunk@38679 602fd350-edb4-49c9-b593-d223f7449a82
2016-09-30 03:23:05 +00:00