Commit Graph

2041 Commits

Author SHA1 Message Date
Joe Hoyle
6d8e277152 REST API: Validate posts status enum
Currently we are using a different validate callback, so the `enum` is not interpretted. We just have to fallback to the result of `rest_validate_request_arg` in our custom wrapper function.

Fixes #38417.


git-svn-id: https://develop.svn.wordpress.org/trunk@38911 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-25 17:12:18 +00:00
Joe Hoyle
57aec4798f Options: Add 'default' to register_setting
Add a `default` argument to `register_setting` that will be used an the default option value viet `get_option()` in the event of no other option being specified. This means (if chosen) developers can define their default once via `register_option` and not have to duplicate the value every time they make a call to `get_option()`.

Props rmccue, jorbin, jtsternberg.
Fixes #38176.


git-svn-id: https://develop.svn.wordpress.org/trunk@38910 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-25 17:07:20 +00:00
Gary Pendergast
94201ff1f5 Tests: Fix a PHP notice introduced in [38907].
`WP_DEFAULT_THEME` was being defined in the wrong location.

Also, if WordPress has the original "default" theme installed, ensure that our test theme overrides it.

Props swissspidy for daring to dive into Themes of WordPress Past.
See #31550, #38457.



git-svn-id: https://develop.svn.wordpress.org/trunk@38908 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-25 11:05:17 +00:00
Gary Pendergast
ee65fc1f80 Tests: Use a minimal theme for tests.
This functionality was originally added in [38858], using `symlink()` to put a link to the theme in WordPress' `themes` directory. Unfortunately, not all installs have write access to the `themes` directory, causing unit tests to fail.

The new method is to add the test theme directory to `$wp_theme_directories`, and fix the handful of tests that don't expect `$wp_theme_directories` to have multiple entries.

The test install/bootstrap routines now also check that `WP_DEFAULT_THEME` is defined, in case the tests are being run on a system that hasn't upgraded its' `wp-tests-config.php`.

See #31550.
Fixes #38457.



git-svn-id: https://develop.svn.wordpress.org/trunk@38907 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-25 10:24:57 +00:00
Weston Ruter
4e8410a886 Customize: Allow page stubs to be created via dropdown-pages controls in the Static Front Page section.
This ability was previously added to nav menus via the available page items panel. The "Add New Page" button only appears when the `allow_addition` control param is supplied as `true`. Code is adapted from the Customize Posts feature plugin.

Props celloexpressions, westonruter.
See #38013, #34923.
Fixes #38164.


git-svn-id: https://develop.svn.wordpress.org/trunk@38906 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-25 06:30:27 +00:00
Jeremy Felt
701dbe4271 Multisite: Replace get_blog_details() in add_user_to_blog() with get_site().
Adds tests for `add_user_to_blog()`.

Props flixos90.
Fixes #38356.


git-svn-id: https://develop.svn.wordpress.org/trunk@38903 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-25 05:48:22 +00:00
Weston Ruter
e6425b0735 Customize: Prevent absent site icon link from outputting an empty string as href in customizer; use /favicon.ico as fallback.
An empty string causes some browsers to use the current URL as the `href`. When using `history.replaceState()` Chrome will re-fetch the favicon with each call, meaning that `customize.php` gets hit with wasted requests which tax the server.

Fixes #38377.


git-svn-id: https://develop.svn.wordpress.org/trunk@38901 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-25 04:46:36 +00:00
Aaron D. Campbell
73a1aed2cd Shortcodes: Add new strip_shortcodes_tagnames filter.
With the new `strip_shortcodes_tagnames` filter you can specify which shortcodes are stripped by `strip_shortcodes()`. The default is all registered shortcodes.

Props DylanAuty, orvils, swissspidy.
Fixes #37767.



git-svn-id: https://develop.svn.wordpress.org/trunk@38877 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-23 14:24:26 +00:00
Pascal Birchler
4a65ecc64a Date/Time: Fix unit tests after [38804].
The tests for `date_i18n()` need to use a delta for comparing timestamps.

Fixes #38381. See #37910.

git-svn-id: https://develop.svn.wordpress.org/trunk@38871 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-23 07:18:21 +00:00
Rachel Baker
39226db649 REST API: Allow comments to be created setting the user_agent parameter.
As of WordPress 4.3 the `wp_new_comment()` function has been updated to allow the comment_agent value to be set when a comment is created. The comments API endpoint now allows the comment author's user agent to be set when creating a comment.
Also, the `readonly` property on the `author_user_agent` parameter in the schema was removed.

Props rabmalin for the initial patch.
Fixes #38425.

git-svn-id: https://develop.svn.wordpress.org/trunk@38864 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-21 18:27:18 +00:00
Dominik Schilling (ocean90)
ef43d7b0fa Revert [38859] due to an incomplete implementation.
See https://core.trac.wordpress.org/ticket/37128#comment:27.
See #37128.

git-svn-id: https://develop.svn.wordpress.org/trunk@38863 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-21 17:00:29 +00:00
John Blackbourn
f27fb3e91f Role/Capability: Add tests for the exist user capability.
See #38236


git-svn-id: https://develop.svn.wordpress.org/trunk@38861 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-21 14:11:10 +00:00
John Blackbourn
3808c8c21d Role/Capability: Improve the test which asserts that a user can edit their own profile.
All users can edit their own profile, as this ability is not linked to an explicit capability. Technically, it should map to the `exist` capability, which will be addressed at a later date.

See #31518 


git-svn-id: https://develop.svn.wordpress.org/trunk@38860 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-21 13:46:50 +00:00
Pascal Birchler
e4cbb7d031 General: Introduce a wp_list_sort() helper function.
In addition to `wp_list_filter()` for filtering a list of objects, and `wp_list_pluck()` for plucking a certain field out of each object in a list, this new function can be used for sorting a list of objects by specific fields. These functions are now all contained within the new `WP_List_Util()` class and `wp_list_sort()` is used in various parts of core for sorting lists.

Props flixos90, DrewAPicture, jorbin.
Fixes #37128.

git-svn-id: https://develop.svn.wordpress.org/trunk@38859 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-21 11:11:42 +00:00
Gary Pendergast
9d7e8fec8c Tests: Use a minimal theme for tests.
New default themes require workarounds being added to several unit tests, as they often alter default WordPress behaviour. To avoid ongoing maintenance issues, this change switches to a minimal theme when running tests.

This change also removes the old workarounds for default themes.

Fixes #31550.



git-svn-id: https://develop.svn.wordpress.org/trunk@38858 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-21 11:02:37 +00:00
Pascal Birchler
f508d80a1b List Tables: Do not show filter button when there are no filter options available.
Props juhise, dipesh.kakadiya, swissspidy.
Fixes #37407.

git-svn-id: https://develop.svn.wordpress.org/trunk@38854 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-21 10:32:55 +00:00
Gary Pendergast
2d6badf6ab Pings: Allow ping functions to accept WP_Post objects as well as post IDs.
This removes the use of several `global $wpdb` instances, as well as bringing the ping functions into line with other post-related functions, which will accept a post ID or `WP_Post` object.

Props dshanke.
Fixes #38202.



git-svn-id: https://develop.svn.wordpress.org/trunk@38852 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-21 05:59:34 +00:00
Gary Pendergast
9320e0775c Tests: Prevent Twenty Seventeen from interfering with Customizer ajax tests.
Missed in [38850].

See #38372.



git-svn-id: https://develop.svn.wordpress.org/trunk@38851 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-21 05:50:54 +00:00
Gary Pendergast
90f8c9314a Tests: Prevent Twenty Seventeen from interfering with Customizer tests.
This was previously fixed in [38837], but it wasn't really the correct answer, to fix it in the theme. So, [38837] is reverted in this commit, and the Twenty Seventeen actions causing problems are unhooked before tests are run.

See #38372.



git-svn-id: https://develop.svn.wordpress.org/trunk@38850 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-21 05:27:56 +00:00
Boone Gorges
12c72a7906 Query: Allow the prefix used for search term exclusion to be filtered.
[38792] allowed `WP_Query`'s hyphen-as-exclusion-prefix feature to be
disabled via filter. A more general solution is to allow the prefix to
be filtered; returning an empty value from a filter callback works to
disable the feature.

Props dlh.
Fixes #38099.

git-svn-id: https://develop.svn.wordpress.org/trunk@38844 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 18:41:22 +00:00
Boone Gorges
993d6fb898 Tests: Skip strip_invalid_text() test for big5 charset on MariaDB.
MariaDB doesn't support the tested configuration.

Props ocean90.
Fixes #33171.

git-svn-id: https://develop.svn.wordpress.org/trunk@38843 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 18:29:28 +00:00
Gary Pendergast
dad515b2a8 Tests: Fix ajax tests that fail when Twenty Seventeen is the default theme.
There are some tests who's outcome can be affected by the default theme, so we need to ensure the Twenty Seventeen functionality is unhooked while the tests are running.

See #38372.



git-svn-id: https://develop.svn.wordpress.org/trunk@38842 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 10:47:23 +00:00
John Blackbourn
29cfd0b336 oEmbed: Remove the oEmbed provider unit tests.
This reverts [38454] along with its follow-up commits, [38512], [38514], and [38692]. These tests are currently not pass
ing, and maybe they never will. The tests are in a group which does not run by default without a flag, making them quest
ionably useful.

We can re-visit this at a later date.

See #32360


git-svn-id: https://develop.svn.wordpress.org/trunk@38840 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 09:15:10 +00:00
Gary Pendergast
b0e625bfdf Tests: Fix tests that don't pass when Twenty Seventeen is the default theme.
There are some tests who's outcome can be affected by the default theme, so we need to ensure the Twenty Seventeen functionality is unhooked while the tests are running.

See #38372.



git-svn-id: https://develop.svn.wordpress.org/trunk@38838 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 09:06:11 +00:00
Rachel Baker
5a33080de0 REST API: Fix comment option leak causing another test failure.
Set the 'comment_whitelist' option back to the default when tearing down wpAllowComment tests.

See #38373.

git-svn-id: https://develop.svn.wordpress.org/trunk@38835 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 05:24:39 +00:00
Rachel Baker
72418d4bc1 REST API: Fix test failures.
- Fix leak in setup_notify_comment() test help by removing the comment_flood_filter.
- Correct uses of $term_taxonomy_id -> $term_id in Category and Tags routing.
- Temporarily remove the metadata tests for canola.jpg as that file does not have an exifdata.  Will need to update the test.

Props jorbin, rmccue, nacin
See #38373.

git-svn-id: https://develop.svn.wordpress.org/trunk@38834 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 05:12:26 +00:00
Rachel Baker
ede099a704 REST API: Introduce the Content API endpoints.
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.

Love your REST API, WordPress!  The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"

Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes #38373.

git-svn-id: https://develop.svn.wordpress.org/trunk@38832 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-20 02:54:12 +00:00
Weston Ruter
85c0921f91 Customize: Fix unit tests when twentyfifteen is WP_DEFAULT_THEME instead of twentysixteen.
Use an inactive core theme for previewing theme switch instead of assuming `twentysixteen` is installed and active and `twentyfifteen` is not.

See #30937.


git-svn-id: https://develop.svn.wordpress.org/trunk@38830 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-19 19:38:27 +00:00
Weston Ruter
76226c9b41 Customize: Introduce custom CSS for extending theme styles.
* Custom CSS is associated with a given theme and is displayed in an inline `style` element at the `wp_head` hook after the `wp_print_styles` is called so that it overrides any enqueued stylesheets.
* A `wp_get_custom_css()` function is used for accessing the CSS associated with the current theme (or another theme) and a `wp_get_custom_css` filter for manipulating it.
* CSS is managed in customizer via a new "Additional CSS" section with a single `textarea` control. 
* `WP_Customize_Section::$description_hidden` is introduced for hiding extended descriptions in customizer sections behind a help toggle as done with panels.
* CSS is stored in a `custom_css` post type with the theme (stylesheet) slug as the `post_name`.
* `WP_Customize_Custom_CSS_Setting` is introduced to handle validation of CSS, previewing, and persisting the CSS to the `custom_css` post type.
* The `custom_css` setting is tied to a new `unfiltered_css` capability which maps to `unfiltered_html` by default.
* Escaping the message in the notification template is removed to allow markup (`code` tags) to be rendered.

See https://make.wordpress.org/core/2016/10/11/feature-proposal-better-theme-customizations-via-custom-css-with-live-previews/

Props johnregan3, celloexpressions, folletto, westonruter.
Fixes #35395.


git-svn-id: https://develop.svn.wordpress.org/trunk@38829 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-19 18:14:21 +00:00
Pascal Birchler
752708b84f Resource Hints: Allow passing custom attributes to resource hints.
[37920] introduced resource hints that allow browsers to prefetch specific pages or render them in the background. With this change, the `as`, `crossorigin`, `pr`, and `type` attributes can be passed in addition to the URLs/hosts.

Props peterwilsoncc, swissspidy.
Fixes #38121.

git-svn-id: https://develop.svn.wordpress.org/trunk@38826 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-19 09:28:22 +00:00
Weston Ruter
8a79cdc107 Customize: Introduce a new experience for discovering, installing, and previewing themes within the customizer.
Unify the theme-browsing and theme-customization experiences by introducing a comprehensive theme browser and installer directly accessible in the customizer. Replaces the customizer theme switcher with a full-screen panel for discovering/browsing and installing themes available on WordPress.org. Themes can now be installed and previewed directly in the customizer without entering the wp-admin context.

For details, see https://make.wordpress.org/core/2016/10/03/feature-proposal-a-new-experience-for-discovering-installing-and-previewing-themes-in-the-customizer/

Fixes #37661, #34843.
Props celloexpressions, folletto, westonruter, karmatosed, afercia.


git-svn-id: https://develop.svn.wordpress.org/trunk@38813 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-19 03:19:13 +00:00
Joe McGill
788bb093f2 Media: Remove alt fallbacks to improve accessibility.
This removes the fallbacks in `wp_get_attachment_image()` and in
`wp.media.string.props` which attempt to generate an `alt` value
from the image caption or title if an `alt` attribute isn't explicitly
set.

This allows for image HTML to be generated that contains an empty `alt`
value, i.e., `alt=""` which is much preferable for screen readers than
reading redundant content in the case of a caption, or when reading the
image title, which is often generated from the filename and not helpful
as `alt` text.

Props odie2, joedolson, rianrietveld, afercia, iamjolly, joemcgill.
Fixes #34635.

git-svn-id: https://develop.svn.wordpress.org/trunk@38812 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-19 03:05:51 +00:00
Weston Ruter
83b059aa19 Customize: Implement customized state persistence with changesets.
Includes infrastructure developed in the Customize Snapshots feature plugin.

See https://make.wordpress.org/core/2016/10/12/customize-changesets-technical-design-decisions/

Props westonruter, valendesigns, utkarshpatel, stubgo, lgedeon, ocean90, ryankienstra, mihai2u, dlh, aaroncampbell, jonathanbardo, jorbin.
See #28721.
See #31089.
Fixes #30937.
Fixes #31517.
Fixes #30028.
Fixes #23225.
Fixes #34142.
Fixes #36485.


git-svn-id: https://develop.svn.wordpress.org/trunk@38810 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-18 20:04:36 +00:00
Gary Pendergast
2ba32a2d48 Charset: Allow _canonical_charset() to handle mixed-case strings.
Add improved unit tests, and collect existing unit tests together.

Props pbearne.
Fixes #38337.



git-svn-id: https://develop.svn.wordpress.org/trunk@38809 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-17 23:53:20 +00:00
Pascal Birchler
b9894d3295 Date/Time: Remove some legacy logic in date_i18n().
Since there's no difference between using `date()` and `gmdate()` in WordPress, we can simply use the former in `date_i18n()` to reduce its complexity.

Adds tests.

Props jdgrimes for initial patch.
Fixes #37910.

git-svn-id: https://develop.svn.wordpress.org/trunk@38804 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-17 08:09:11 +00:00
John Blackbourn
d3dd6046d5 Role/Capability: Disregard the order of capabilities when testing that single site and multisite capability tests match.
See #38191


git-svn-id: https://develop.svn.wordpress.org/trunk@38802 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-16 23:35:33 +00:00
Boone Gorges
e9ef25d9f6 Query: Allow the hyphen-prefix-for-search-exclusion feature to be disabled by filter.
WordPress 4.4 introduced "hyphen exclusion" for search terms, so that
"foo -bar" would return posts containing "foo" AND not containing "bar".
The new filter 'wp_query_use_hyphen_for_exclusion' allows developers
to disable this feature when it's known that their content will contain
semantically important leading hyphens.

Props chriseverson, choongsavvii.
Fixes #38099.

git-svn-id: https://develop.svn.wordpress.org/trunk@38792 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-14 20:05:40 +00:00
Rachel Baker
a94f468051 REST API: Support sites with index-style permalinks in get_rest_url().
Support the index-style permalinks (http://example.com/index.php/postName) when registering the REST API rewrite rules and within the `get_rest_url()` function. This allows sites that do not have mod_rewrite support to have almost pretty urls and have access to their REST API endpoints.

Props kraftbj.
Fixes #38182.

git-svn-id: https://develop.svn.wordpress.org/trunk@38790 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-14 19:29:08 +00:00
John Blackbourn
3083effa52 Users: Use the role name instead of the role display name when fetching the list of users with no role. This avoids false positives when dealing with user roles that, for example, contain spaces in the display name.
Props procodewp, choongsavvii
Fixes #38234


git-svn-id: https://develop.svn.wordpress.org/trunk@38787 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-14 12:04:50 +00:00
Jeremy Felt
ee259e073a Multisite: Maintain switched state in site icon/logo functions.
Adjusts `get_custom_logo()`, `get_site_icon_url()`, and `has_custom_logo()` so that when called in a switched state, the original switched stack is not adjusted.

Props achbed, flixos90.
Fixes #38253.


git-svn-id: https://develop.svn.wordpress.org/trunk@38786 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-13 22:27:15 +00:00
Gary Pendergast
595c76de1a KSES: Deprecate wp_kses_js_entities().
This function was originally introduced to fix an XSS attack in Netscape 4, which never affected any other browsers, or later versions of Netscape.

I'm willing to go out on a limb, and say that we've officially dropped security support for Netscape 4.

Props dmsnell, desrosj.
Fixes #33848.



git-svn-id: https://develop.svn.wordpress.org/trunk@38785 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-13 22:24:27 +00:00
Boone Gorges
7e8e642ead Taxonomy: Cache results of term count queries.
Fixes #38295.

git-svn-id: https://develop.svn.wordpress.org/trunk@38784 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-12 15:29:03 +00:00
Boone Gorges
eb12311afb Comments: Abstract die() calls from comment submission routine.
Since 4.4, comment submission has been mostly abstracted into a function,
rather than being processed inline in wp-comments-post.php. This change
made it easier to write automated tests against the bulk of the comment
submission process. `wp_allow_comment()` remained untestable, however:
when a comment failed one of its checks (flooding, duplicates, etc),
`die()` or `wp_die()` would be called directly. This shortcoming posed
problems for any application attempting to use WP's comment verification
functions in an abstract way - from PHPUnit to the REST API.

The current changeset introduces a new parameter, `$avoid_die`, to the
`wp_new_comment()` stack. When set to `true`, `wp_new_comment()` and
`wp_allow_comment()` will return `WP_Error` objects when a comment check
fails. When set to `false` - the default, for backward compatibility -
a failed check will result in a `die()` or `wp_die()`, as appropriate.

Prior to this changeset, default comment flood checks took place in the
function `check_comment_flood_db()`, which was hooked to the
'check_comment_flood' action. This design allowed the default comment
flood routine to be bypassed or replaced using `remove_action()`.
In order to maintain backward compatibility with this usage, while
simultaneously converting the comment flood logic into something that
returns a value rather than calling `die()` directly,
`check_comment_flood_db()` has been changed into a wrapper function for
a call to `add_filter()`; this, in turn, adds the *actual* comment flood
check to a new filter, 'wp_is_comment_flood'. Note that direct calls
to `check_comment_flood_db()` will no longer do anything in isolation.

Props websupporter, rachelbaker.
Fixes #36901.

git-svn-id: https://develop.svn.wordpress.org/trunk@38778 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-11 03:42:28 +00:00
Boone Gorges
5fef526cca Taxonomy: Better error handling when fetching object terms from cache.
Since [37573], `get_object_term_cache()` has expected term IDs to be
stored in the taxonomy relationship cache. The function would then
reach directly into the 'terms' cache to fetch the data corresponding
to a given term, before returning a `WP_Term` object. This caused
problems when, for one reason or another, term data was cached
inconsistently:

* If the 'terms' cache is empty for a given term ID, despite the earlier call to `_prime_term_caches()`, `get_term()` would return an error object.
* If the array of cached term IDs contains an invalid ID, `get_term()` would return an error object.

We avoid these errors by no longer touching the 'terms' cache directly,
but running term IDs through `get_term()` and allowing that function to
reference the cache (and database, as needed). If `get_term()` returns
an error object for any of the cached term IDs, `get_object_term_cache()`
will return that error object alone. This change ensures that upstream
functions, like `get_the_terms()`, return `WP_Error` objects in a
predictable fashion.

Props dd32, michalzuber.
Fixes #37291.

git-svn-id: https://develop.svn.wordpress.org/trunk@38776 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-11 01:55:58 +00:00
Rachel Baker
08b94111cb REST API: Remove reference to the plugin in infrastructure activation test.
Also adds class exists checks for WP_REST_Request and WP_REST_Response.

Props kraftbj.
Fixes #38279.

git-svn-id: https://develop.svn.wordpress.org/trunk@38771 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-10 21:48:02 +00:00
John Blackbourn
0842857b5c Role/Capability: Add tests for all user roles that check custom capabilities that do not have any form of handling (eg. in a map_meta_cap filter).
See #38191


git-svn-id: https://develop.svn.wordpress.org/trunk@38769 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-10 14:39:35 +00:00
Gary Pendergast
6774e27ae7 General: Restore usage of $wpdb, instead of $this->db.
Hiding the `$wpdb` global behind a property decreases the readability of the code, as well as causing irrelevant output when dumping an object.

Reverts [38275], [38278], [38279], [38280], [38387].
See #37699.



git-svn-id: https://develop.svn.wordpress.org/trunk@38768 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-10 06:37:02 +00:00
Weston Ruter
f4779221a3 Customize: Ensure customize_validate_{$setting->id} filters apply on input post values for WP_Customize_Setting subclasses that neglect to apply the filter themselves.
Fixes #37638.


git-svn-id: https://develop.svn.wordpress.org/trunk@38765 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-09 20:07:16 +00:00
John Blackbourn
b4f01bb97f Build/Test Tools: Continue eliminating randomness in tests.
See [38762]
See #37371


git-svn-id: https://develop.svn.wordpress.org/trunk@38763 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-09 01:29:04 +00:00
John Blackbourn
c91be6f1fe Build/Test Tools: Begin eliminating unnecessary randomness in tests.
Although unlikely, clashes in randomly generated strings could cause unexpected failures. In addition, most randomness is entirely unnecessary, is bad practice, and increases test time (however small it may be).

See #37371


git-svn-id: https://develop.svn.wordpress.org/trunk@38762 602fd350-edb4-49c9-b593-d223f7449a82
2016-10-09 01:11:14 +00:00