This complements the `page_menu_link_attributes` filter in `Walker_Page::start_el()` and the `nav_menu_link_attributes` filter in `Walker_Nav_Menu::start_el()`.
Props pbiron, audrasjb, afercia.
Fixes#40666. See #40359.
git-svn-id: https://develop.svn.wordpress.org/trunk@44957 602fd350-edb4-49c9-b593-d223f7449a82
This allows screen readers to properly announce each search landmark region independently.
Introduce `search_form_args` filter for the arguments used when generating the search form.
Props afercia, williampatton.
Fixes#42057.
git-svn-id: https://develop.svn.wordpress.org/trunk@44956 602fd350-edb4-49c9-b593-d223f7449a82
This adds code for soft verification of signatures for theme and plugin installs and updates, when provided by the update server. This experimental version does not reject unverified packages or failed signatures; it simply reports anonymous errors so we can evaluate its feasibility and detect incompatibilities.
This code relies on the new sodium_compat library for PHP versions prior to 7.2.
Props dd32, paragoninitiativeenterprises.
See #39309, #45806.
git-svn-id: https://develop.svn.wordpress.org/trunk@44954 602fd350-edb4-49c9-b593-d223f7449a82
This adds a pure PHP implementation of the cryptographic functions supported in PHP 7.2+. It provides the necessary backwards compatibility required to support signature verification and other security features going forward across all supported PHP versions.
Props paragoninitiativeenterprises
Fixes#45806. See #39309.
git-svn-id: https://develop.svn.wordpress.org/trunk@44953 602fd350-edb4-49c9-b593-d223f7449a82
As of `@wordpress/api-fetch@3.0.0` (introduced in 44812), the `apiFetch` nonce middleware must have its nonce value assigned explicitly, and will no longer listen for heartbeat ticks automatically. This changeset adds an inline script for the default registration of the `api-fetch` script handle to assign the nonce value in response to the heartbeat action. In doing so, it removes the now-unused, misnamed `rest-nonce` property from the heartbeat response, whose original introduction served as temporary compatibility with earlier versions of `@wordpress/api-fetch`.
See https://github.com/WordPress/gutenberg/pull/13451
See #45113
Props adamsilverstein, nerrad .
Fixes#46107 .
git-svn-id: https://develop.svn.wordpress.org/trunk@44949 602fd350-edb4-49c9-b593-d223f7449a82
Displaying the correct build date in feeds is as important today as it was twelve years ago when this ticket was opened.
Fix an issue where all feeds in WordPress showed the same date for their last build date (the datapoint is `lastBuildDate`, `updated` or `dc:date` depending on the feed type).
Introduce a new `get_last_build_date` filter to adjust the date used for `lastBuildDate`. Developers who previously filtered `get_lastcommentmodified` to alter feed dates should use this filter instead.
* `get_last_build_date` extracts the latest post (or comment) in the current WP_Query object.
* In all feed templates, use `get_last_build_date` vs `get_lastpostmodified( 'GMT' );`.
Props stevenkword, spacedmonkey, ryanshoover, mauteri, nacin, jorbin, MikeNGarrett, Denis-de-Bernardy, peaceablewhale.
Fixes#4575.
git-svn-id: https://develop.svn.wordpress.org/trunk@44948 602fd350-edb4-49c9-b593-d223f7449a82
In the media library gird view, properly limit the media attachment filter to available mime types, matching the list view.
Props itzmekhokan.
Fixes#43658.
git-svn-id: https://develop.svn.wordpress.org/trunk@44947 602fd350-edb4-49c9-b593-d223f7449a82
Introduced in [29630], this admin notice informs administrators (or network administrators on multisite installs) that the `WPLANG` constant is no longer needed when the locale returned by `get_locale()` does not match. After 5 years, the notice is being removed to avoid causing confusion for non-technical users.
The `_deprecated_argument()` call will persist to inform developers of the issue within log files.
Props flixos90, iworks, ocean90.
Fixes#39675.
git-svn-id: https://develop.svn.wordpress.org/trunk@44946 602fd350-edb4-49c9-b593-d223f7449a82
This change ensures that the values of time and date fields for comments and posts (both Classic Editor and quick edit) are consistently aligned in the center of the input fields. The block editor already enforces this alignment separately.
Props birgire, jainnidhi, melchoyce.
Fixes#43675.
git-svn-id: https://develop.svn.wordpress.org/trunk@44945 602fd350-edb4-49c9-b593-d223f7449a82
Screen reader users rely on the iframe title attribute to describe the contents of iframes. A meaningful title attribute allows to quickly identify the iframe content, so users can determine which iframe to enter and explore in detail or skip if desired.
Note: this is the only case where a title attribute is required for compliance with the W3C Web Content Accessibility Guidelines (WCAG).
- checks for oEmbed response of type `video` or `rich`
- checks if they use an iframe
- fetches the title (if any) from the oEmbed response
- adds the title to the embed iframe
Props bamadesigner, TomHarrigan, swissspidy, jrf, afercia.
Fixes#40245.
git-svn-id: https://develop.svn.wordpress.org/trunk@44942 602fd350-edb4-49c9-b593-d223f7449a82
This changeset introduces `$post` parameters to `get_the_content()` and
`wp_trim_excerpt()`. When a `$post` object is passed to one of these functions,
the functions will operate on the data from that object, rather than from the
post globals (`$authordata`, `$page`, etc). This ensures that the functions work
in a predictable manner when used outside of the regular post loop.
The global-mismatch problem is surfaced in cases where `get_the_excerpt()` is
called outside of the post loop, on posts that don't have a defined excerpt. In
these cases, the post globals - used to generate a fallback excerpt - may refer
to the incorrect object, resulting in PHP notices or other unpredictable
behavior. See #36934 for a related issue.
Props spacedmonkey, kraftbj, Shital Patel.
Fixes#42814.
git-svn-id: https://develop.svn.wordpress.org/trunk@44941 602fd350-edb4-49c9-b593-d223f7449a82
This change introduces the following new icons to the Dashicon font:
- `.dashicons-admin-site-alt (f11d)`
- `.dashicons-admin-site-alt2 (f11e)`
- `.dashicons-admin-site-alt3 (f11f)`
- `.dashicons-buddicons-activity (f452)`
- `.dashicons-buddicons-bbpress-logo (f12b)`
- `.dashicons-buddicons-buddypress-logo (f448)`
- `.dashicons-buddicons-community (f453)`
- `.dashicons-buddicons-forums (f449)`
- `.dashicons-buddicons-friends (f454)`
- `.dashicons-buddicons-groups (f456)`
- `.dashicons-buddicons-pm (f457)`
- `.dashicons-buddicons-replies (f451)`
- `.dashicons-buddicons-topics (f450)`
- `.dashicons-buddicons-tracking (f455)`
- `.dashicons-businessperson (f12e)`
- `.dashicons-businesswoman (f12f)`
- `.dashicons-color-picker (f131)`
- `.dashicons-editor-ltr (f129)`
- `.dashicons-editor-ol-rtl (f12c)`
- `.dashicons-email-alt2 (f10a)`
- `.dashicons-instagram (f12d)`
- `.dashicons-menu-alt (f10b)`
- `.dashicons-rest-api (f124)`
- `.dashicons-yes-alt (f12a)`
- `.dashicons-tide (f10d)`
These icons were added to the `.ttf, ` and `.eot` font files, as well as the SVG sprite. However, they were not added to the `.woff` font file. The new `dashicons.woff2` file should be utilized instead.
For instances where IE<11 needs to be supported, the `.woff` file will remain for backwards compatibility. However, if the new icons are needed in those scenarios, the WOFF format is now included as embedded within the `dashicons.css`.
Props EmpireOfLight, liljimmi, jaymanpandya, netweb, melchoyce, joen, folletto, nateallen, bahia0019, JeffPaul, desrosj, cathibosco1.
Fixes#41074.
git-svn-id: https://develop.svn.wordpress.org/trunk@44940 602fd350-edb4-49c9-b593-d223f7449a82
This brings the changes in [44937] to the WordPress Updates page in the admin. Now, when a site does not meet the minimum PHP version requirements for a plugin update, the user will not be able to update. Instead, they will be presented with educational information to guide them through the process of updating PHP.
Props afragen, miyauchi, TimothyBlynJacobs, desrosj.
Fixes#44350.
git-svn-id: https://develop.svn.wordpress.org/trunk@44939 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a case where saving in the block editor fails if there are two `_wpnonce` arguments in the request, one overriding the other so that `use_block_editor_for_post()` wasn't able to check the nonce properly.
Props Chouby.
See #45253.
git-svn-id: https://develop.svn.wordpress.org/trunk@44938 602fd350-edb4-49c9-b593-d223f7449a82
When a plugin states it requires a specific minimum PHP version (as defined in the `requires_php` field included in the plugin update API response), a user should not be allowed to update that plugin when the server does not satisfy the minimum PHP version.
When this scenario is encountered, the update buttons and links are disabled and links to educational resources about PHP are displayed to the user with a notice.
Props afragen, schlessera, desrosj.
Fixes#43987.
git-svn-id: https://develop.svn.wordpress.org/trunk@44937 602fd350-edb4-49c9-b593-d223f7449a82
This change utilizes the new parameters accepted by `wp_update_php_annotation()` introduced in [44935] to prevent nested `<p>` tags when displaying the PHP update annotation.
Props afragen, desrosj.
Fixes#46269.
git-svn-id: https://develop.svn.wordpress.org/trunk@44936 602fd350-edb4-49c9-b593-d223f7449a82
This change introduces the `wp_get_update_php_annotation()` function, which returns the message displayed when a host filters the direct PHP update or PHP update education URLs to indicate the information is site specific and provided by the host, not WordPress core.
It also updates `wp_update_php_annotation()` to accept a `$before` and `$after` parameter, which makes this notice more flexible for displaying in multiple locations within the admin area. Previously, the markup output in `wp_update_php_annotation()` was hardcoded, which was making it difficult to display it properly in multiple locations.
Props afragen, aaroncampbell, flixos90, TimothyBlynJacobs, desrosj.
Fixes#46044.
git-svn-id: https://develop.svn.wordpress.org/trunk@44935 602fd350-edb4-49c9-b593-d223f7449a82
The `validate_user_can_query_private_statuses` method is itself unused, and calls a parent class method previously removed in r39104.
Props dlh.
Fixes#45611.
git-svn-id: https://develop.svn.wordpress.org/trunk@44934 602fd350-edb4-49c9-b593-d223f7449a82
This changeset ensures `$request->set_url_params()` is called while fulfilling OPTIONS requests, where previously it was skipped because OPTIONS requests short-circuit the logic in `dispatch` which handles this setup for other request methods. Omitting the URL parameters prevented the Allow header from being set.
Props killua99, noisysocks.
Fixes#45753.
git-svn-id: https://develop.svn.wordpress.org/trunk@44933 602fd350-edb4-49c9-b593-d223f7449a82
By reordering the logic when handling the `confirmaction` action in `wp-login.php`, the need for a new `WP_Error` object to be created can be eliminated. The error message can be passed directly into a `wp_die()` call, matching the other validation errors in related code.
Props garrett-eclipse, birgire.
Fixes#44901.
git-svn-id: https://develop.svn.wordpress.org/trunk@44931 602fd350-edb4-49c9-b593-d223f7449a82
- adds a visually hidden text to give context to the lyrics
- the text is `Quote from Hello Dolly song, by Jerry Herman:`
- adds a `lang` HTML attribute (when the admin language is not English) to better support assistive technologies
- adds a `dir` HTML attribute to better support the LTR English lyrics with RTL languages
- CSS adjustments
Props audrasjb, SergeyBiryukov, danieltj, birgire, karmatosed, desrosj, afercia.
Fixes#43632.
git-svn-id: https://develop.svn.wordpress.org/trunk@44929 602fd350-edb4-49c9-b593-d223f7449a82
Prior to this change, querying sites early in the bootstrap process could potentially cause a fatal error, since at that stage the filter to bail on updating site meta cache if the respective database table has not been installed yet is not hooked in yet. This changeset forces the filter to be added if that is not already the case.
Props spacedmonkey.
Fixes#46167.
git-svn-id: https://develop.svn.wordpress.org/trunk@44925 602fd350-edb4-49c9-b593-d223f7449a82
- standardizes the Comment count string to `%s Comment in moderation', '%s Comments in moderation` so it can be bulk-updated
- adds the string as visually hidden text in the admin menu
- introduces an `updateInModerationText` JS simple function, responsible to correctly update all the related text using the data from the AJAX response
- adds a visually hidden text "1 Privacy Policy update" to the Privacy menu items count
- adds/improves translators comments
Changes that apply to all the count bubbles (Updates, plugins, etc.)
- makes the bubbles and their text slightly bigger
- improves the active menu item bubble contrast by changing the background color to red (option 2 in the screenshot attached in a previous comment)
Props adamsoucie, afercia.
Fixes#33030.
git-svn-id: https://develop.svn.wordpress.org/trunk@44924 602fd350-edb4-49c9-b593-d223f7449a82
For accessibility and usability, if an input error is detected, the item that is in error needs to be identified and the error needs to be described to the user in text (WCAG Success Criterion 3.3.1). The login form displays an error when the username field is empty or when the password field is empty. It omits to do so when both fields are empty.
This change restores the login form behavior to the one that used to work in WordPress 2.3 (!) and displays the related error messages also when both fields are empty.
Props birgire, audrasjb.
See #8938, #5405, #3708.
Fixes#42985.
git-svn-id: https://develop.svn.wordpress.org/trunk@44918 602fd350-edb4-49c9-b593-d223f7449a82
Improves the logic in `wp_schedule_single_event()` to ensure an identical event is not scheduled within ten minutes.
This moves the logic for checking for identical events to be self contained rather than relying on `wp_next_scheduled()` as this fails to account for events with a past timestamp when wp-cron fails to trigger or for multiple identical events being scheduled already.
Props bodohugobarwich.
Fixes#44818.
git-svn-id: https://develop.svn.wordpress.org/trunk@44917 602fd350-edb4-49c9-b593-d223f7449a82
The `populate_site_meta` filter can be used to modify the site meta added during the creation of a new site. This filter mirrors the approach used for networks in `populate_network_meta`.
Props spacedmonkey, davidbaumwald.
Fixes#46437.
git-svn-id: https://develop.svn.wordpress.org/trunk@44912 602fd350-edb4-49c9-b593-d223f7449a82
Checking for the presence of the directory and returning early prevents PHP warnings when attempting to list files in a non-existent directory.
Props arena, garrett-eclipse.
Fixes#45136.
git-svn-id: https://develop.svn.wordpress.org/trunk@44910 602fd350-edb4-49c9-b593-d223f7449a82
These changes address inaccuracies in current messages and makes them more informative.
Props birgire, garrett-eclipse, desrosj.
See #43438.
git-svn-id: https://develop.svn.wordpress.org/trunk@44908 602fd350-edb4-49c9-b593-d223f7449a82
By changing the way the post title is added to the array of data from `$post->post_title` to `get_the_title()`, the title can now be modified using the `the_title` filter. This ensures post titles returned in oEmbed responses are consistent with those that show on a site.
Props mheikkila, swissspidy.
Fixes#42826.
git-svn-id: https://develop.svn.wordpress.org/trunk@44907 602fd350-edb4-49c9-b593-d223f7449a82