Previously, the WP_REST_Request object validated that top-level properties were defined, but this did not extend to those object's required properties. This adds validation to rest_validate_value_from_schema() directly.
Both the v3 and v4 JSON Schema syntax for required properties is supported.
Props sorenbronsted.
Fixes#48818.
git-svn-id: https://develop.svn.wordpress.org/trunk@47809 602fd350-edb4-49c9-b593-d223f7449a82
The logic for skipping previously removed meta boxes with the `core` priority should also apply to the `sorted` priority that is used when the boxes were manually reordered.
Add a unit test.
Props coolmann, franzarmas, SergeyBiryukov.
Fixes#50019.
git-svn-id: https://develop.svn.wordpress.org/trunk@47777 602fd350-edb4-49c9-b593-d223f7449a82
This avoids displaying duplicate content of the home page under different URLs with appended page numbers.
This change only affects the `<!--nextpage-->` pagination (`page` query variable) and not the regular multiple posts pagination (`paged` query variable).
The posts page does not support the `<!--nextpage-->` pagination, so requests for invalid page numbers should be redirected to the page permalink, applying the logic previously implemented for single posts or pages.
Follow-up to [34492], [47727].
Props jeremyfelt, sachit.tandukar, SergeyBiryukov.
Fixes#45337. See #40773, #28081, #11694.
git-svn-id: https://develop.svn.wordpress.org/trunk@47760 602fd350-edb4-49c9-b593-d223f7449a82
The array type, multi-types, and the additional properties keyword are now supported. Additionally, the filter recurses to an infinite depth.
Fixes#48819.
git-svn-id: https://develop.svn.wordpress.org/trunk@47758 602fd350-edb4-49c9-b593-d223f7449a82
[47755] and [47756] caused a schema change, so the wp-api-generated.js file needs to be updated.
git-svn-id: https://develop.svn.wordpress.org/trunk@47757 602fd350-edb4-49c9-b593-d223f7449a82
Rendering a block is idempotent, so a GET is the most natural request method. However, the maximum length of URLs prevented blocks with large attributes from being rendered.
Props ryankienstra.
Fixes#49680.
git-svn-id: https://develop.svn.wordpress.org/trunk@47756 602fd350-edb4-49c9-b593-d223f7449a82
This accepts a uuid of any version. A future commit could add support for restricting uuids to a specific version.
Props johnwatkins0.
Fixes#50053.
git-svn-id: https://develop.svn.wordpress.org/trunk@47753 602fd350-edb4-49c9-b593-d223f7449a82
This brings the behaviour inline with that of browsing terms or using the All Items tab, which correctly shows empty terms.
Props birgire, audrasjb
Fixes#45298
git-svn-id: https://develop.svn.wordpress.org/trunk@47747 602fd350-edb4-49c9-b593-d223f7449a82
This avoids displaying duplicate content of the same post under different URLs and ensures the canonical URL is correct.
Previously, requests for invalid page numbers were only redirected to the post permalink if the post was actually paginated using the `<!--nextpage-->` marker.
Follow-up to [34492].
Props jeremyfelt, prografika, sachit.tandukar, subrataemfluence, hronak, ekatherine, henry.wright, chesio, dd32, SergeyBiryukov.
Fixes#40773. See #45337, #28081, #11694.
git-svn-id: https://develop.svn.wordpress.org/trunk@47727 602fd350-edb4-49c9-b593-d223f7449a82
This solution extends the wp_insert_post_data filter to pass in addition to the slashed/sanitized/processed data, and the slashed/sanitized/unprocessed data, to also pass the initial slashed/unsanitized/unprocessed data which was passed into wp_insert_post(). This then allows plugins to have complete control over how sanitization is performed based on the post type.
Props westonruter, peterwilsoncc, sstoqnov, whyisjake, xknown.
git-svn-id: https://develop.svn.wordpress.org/trunk@47633 602fd350-edb4-49c9-b593-d223f7449a82
Add unit tests for `wp_handle_comment_submission()` and `wp_insert_comment()` receiving an empty type.
Follow-up to [47597].
Props ocean90, imath.
Fixes#49236.
git-svn-id: https://develop.svn.wordpress.org/trunk@47626 602fd350-edb4-49c9-b593-d223f7449a82
Switch to `home_url()` for consistency with other tests and to avoid confusion.
Props david.binda.
Fixes#49988.
git-svn-id: https://develop.svn.wordpress.org/trunk@47615 602fd350-edb4-49c9-b593-d223f7449a82
This is the first step to bring support for custom comment types into WordPress.
Add a scheduled upgrade routine to update the type value for existing comments, in batches of 100 at a time.
Props imath, aaroncampbell, jeremyfelt, dshanske.
Fixes#49236.
git-svn-id: https://develop.svn.wordpress.org/trunk@47597 602fd350-edb4-49c9-b593-d223f7449a82
A request has multiple parameter types, including "query" and "json." Updating a parameter could previously modify a key's value in the wrong parameter type, leading to confusing and self-contradictory response objects.
Props mnelson4, TimothyBlynJacobs, vagios, jnylen0.
Fixes#40838.
git-svn-id: https://develop.svn.wordpress.org/trunk@47559 602fd350-edb4-49c9-b593-d223f7449a82
The test incorrectly describes the behavior of `current_theme_supports( 'post-thumbnails' )` and only passes by accident.
Follow-up to [30148].
Fixes#49801.
git-svn-id: https://develop.svn.wordpress.org/trunk@47548 602fd350-edb4-49c9-b593-d223f7449a82
r45812 incorrectly introduced a delete_post permissions check into the get_item method, breaking some plugins which requested revisions when generating previews.
Props sorenbronsted, yohannp, TimothyBlynJacobs.
Fixes#49645.
git-svn-id: https://develop.svn.wordpress.org/trunk@47547 602fd350-edb4-49c9-b593-d223f7449a82
Previously elements would be a mixture of strings and integers depending on their numeric value.
Props progremzion, m.usama.masood
Fixes#48093
git-svn-id: https://develop.svn.wordpress.org/trunk@47526 602fd350-edb4-49c9-b593-d223f7449a82
Use rest_is_field_included when determining which additional fields to include to permit filtering by nested field properties.
Props Dudo, kadamwhite, TimothyBlynJacobs.
Fixes#49648.
git-svn-id: https://develop.svn.wordpress.org/trunk@47511 602fd350-edb4-49c9-b593-d223f7449a82
This complements `wpdb::db_version()`, which only returns a numeric version string and strips any additional information, e.g. vendor name.
Props clarinetlord, birgire, webaware, pento.
Fixes#40037. See #27703.
git-svn-id: https://develop.svn.wordpress.org/trunk@47451 602fd350-edb4-49c9-b593-d223f7449a82
URL polyfill from the polyfill-library library is not spec-conformant, in a way which negatively impacts its usability for pending revisions to the block editor. Specifically, there were revisions to the implementation of the wp-url script to detect URL validity by relying on thrown errors from the URL constructor, but this specific behavior is not implemented in this version of the polyfill.
There was another issue in r47238, which is that the test used to check whether the polyfill should be included is not accurate. This commit uses a different check and fixes the issue.
Props aduth.
Fixes: #49360.
git-svn-id: https://develop.svn.wordpress.org/trunk@47416 602fd350-edb4-49c9-b593-d223f7449a82
The parameter was previously used as the number of comments, marked as deprecated in [5101].
Given that it's been deprecated for the last 13 years, it should be safe to undeprecate and repurpose it for a cleaner function signature, instead of adding a fifth parameter.
Follow-up to [47276].
Fixes#48772.
git-svn-id: https://develop.svn.wordpress.org/trunk@47366 602fd350-edb4-49c9-b593-d223f7449a82
Permit passing an empty object as the string "?obj=". The type of the passed empty argument is inferred from the registered schema.
Props TimothyBlynJacobs, steffanhalv, schlessera, dd32.
Fixes#42961.
git-svn-id: https://develop.svn.wordpress.org/trunk@47362 602fd350-edb4-49c9-b593-d223f7449a82
Check a more exhaustive list of post type editing caps beyond "edit_post" to ensure custom user roles with access to to specific post types may still use block editor functionality depending on theme features.
Props miyauchi, TimothyBlynJacobs.
Fixes#46723.
git-svn-id: https://develop.svn.wordpress.org/trunk@47361 602fd350-edb4-49c9-b593-d223f7449a82
Several filters were introduced to the render_block method since the initial implementation of the block-renderer/ endpoints, causing the output of those endpoints to diverge from the rendered content of blocks on the frontend.
Props kadamwhite, TimothyBlynJacobs, miinasikk.
Fixes#49387.
git-svn-id: https://develop.svn.wordpress.org/trunk@47360 602fd350-edb4-49c9-b593-d223f7449a82
This resolves PHP notices in a few places in core where this capability is checked.
Props Mte90, johnbillion, dipesh.kakadiya, jipmoors, bamadesigner, dd32, johnjamesjacoby, xedin.unknown, flixos90, SergeyBiryukov.
Fixes#30991.
git-svn-id: https://develop.svn.wordpress.org/trunk@47357 602fd350-edb4-49c9-b593-d223f7449a82
Following [47260] a namespace such as "test-ns" prevents any namespace such as "test-ns/v1" from being found when matching routes.
While not best practice, this was an unintentional back-compat break; this patch restores the original behavior.
Props david.binda, TimothyBlynJacobs.
Fixes#48530.
git-svn-id: https://develop.svn.wordpress.org/trunk@47351 602fd350-edb4-49c9-b593-d223f7449a82
All schema types, not just objects, are permitted as the base type of a resource. A future patch could add validation support for those types, but this fix only prevents a PHP warning from being issued.
Props dhavalkasvala, johnwatkins0, birgire.
Fixes#48785.
git-svn-id: https://develop.svn.wordpress.org/trunk@47328 602fd350-edb4-49c9-b593-d223f7449a82
The documentation for register_setting has also been clarified to include all of the supported types and the flexibility of the show_in_rest parameter.
Fixes#42875.
Props perrywagle, dshanske, kadamwhite.
git-svn-id: https://develop.svn.wordpress.org/trunk@47325 602fd350-edb4-49c9-b593-d223f7449a82
`assertSame()` doesn't have the `$delta` parameter, only `assertEquals()` does.
Follow-up to [47313].
See #40364.
git-svn-id: https://develop.svn.wordpress.org/trunk@47318 602fd350-edb4-49c9-b593-d223f7449a82
This ensures that `wp_update_post()` does not unintentionally modify post tags if the post has several tags with the same name but different slugs.
Tags should only be modified if `tags_input` parameter was explicitly provided, and is different from the existing tags.
Props kaggdesign, SergeyBiryukov.
Fixes#45121.
git-svn-id: https://develop.svn.wordpress.org/trunk@47317 602fd350-edb4-49c9-b593-d223f7449a82
This allow for using these functions outside of the loop.
Props donmhico, garrett-eclipse, Hinjiriyo, imath.
Fixes#48772.
git-svn-id: https://develop.svn.wordpress.org/trunk@47276 602fd350-edb4-49c9-b593-d223f7449a82
* `erase_others_personal_data`
* `export_others_personal_data`
* `manage_privacy_options`
Previously mapped to `manage_options` or `manage_network` (on Multisite), these are now added to the Administrator role separately.
Additionally, `manage_privacy_options` is added to the Editor role.
Props garrett-eclipse, xkon, pbiron, desrosj, johnbillion, flixos90, juliobox, lakenh, Ov3rfly, ianatkins.
Fixes#44176.
git-svn-id: https://develop.svn.wordpress.org/trunk@47269 602fd350-edb4-49c9-b593-d223f7449a82
register_rest_field can be used to add properties to a schema, but no mechanism existed to alter existing properties like "content".
Running the schema through this filter lets plugins append additional sub-properties to existing schema definitions.
Props luisherranz, TimothyBlynJacobs, swissspidy, westonruter, kadamwhite.
Fixes#47779.
git-svn-id: https://develop.svn.wordpress.org/trunk@47265 602fd350-edb4-49c9-b593-d223f7449a82
Rule out groups of API endpoints by simple namespace string comparison to reduce the number of regex checks necessary when matching a route.
Props TimothyBlynJacobs.
Fixes#48530.
git-svn-id: https://develop.svn.wordpress.org/trunk@47260 602fd350-edb4-49c9-b593-d223f7449a82
Fully list which first-party core theme features are supported in the /themes endpoint response. This brings the REST API themes controller's response more in line with the output of get_theme_support().
Props adamboro, apieschel, koke, spacedmonkey, TimothyBlynJacobs.
See #49037.
git-svn-id: https://develop.svn.wordpress.org/trunk@47258 602fd350-edb4-49c9-b593-d223f7449a82
This adds a progress indicator for "Download Personal Data" and "Erase Personal Data" row actions, which can take a while with a lot of data.
Props garrett-eclipse, allendav, dominic_ks, xkon, karmatosed, birgire.
Fixes#44264.
git-svn-id: https://develop.svn.wordpress.org/trunk@47246 602fd350-edb4-49c9-b593-d223f7449a82
The function returns an instance of the `WP_User_Request` object itself, not its `$request_data` property.
Follow-up to [44606].
Props garrett-eclipse.
Fixes#46302.
git-svn-id: https://develop.svn.wordpress.org/trunk@47245 602fd350-edb4-49c9-b593-d223f7449a82
Previously the REST API did not account for server configurations where the Authorization header must be added using ModRewrite. This caused major DUX issues when trying to use custom authentication mechanisms.
Fixes#47077.
Props dshanske, cklosows.
git-svn-id: https://develop.svn.wordpress.org/trunk@47239 602fd350-edb4-49c9-b593-d223f7449a82
Pending block editor revisions for WordPress 5.4 will make use of `window.URL` and `window.DOMRect`. These are not available in Internet Explorer (or pre-Chromium Edge for `DOMRect`) and must be polyfilled to avoid script errors.
The changes make use of the existing polyfill pattern, and existing `polyfill-library` dependency. The dependency is bumped to the latest version, since the previous version did not include the `DOMRect` polyfill.
Props jorgefilipecosta.
Fixes#49360.
git-svn-id: https://develop.svn.wordpress.org/trunk@47238 602fd350-edb4-49c9-b593-d223f7449a82
Session tokens contain an IP address and user agent.
Props garrett-eclipse, nickylimjj, lakenh, xkon, rconde.
Fixes#45889.
git-svn-id: https://develop.svn.wordpress.org/trunk@47237 602fd350-edb4-49c9-b593-d223f7449a82
The value is used by the WordPress Events and News widget to show relevant WP community events.
The location information may include an IP address, location description, and latitude/longitude coordinates.
Props garrett-eclipse, coreymckrill, xkon.
Fixes#43921.
git-svn-id: https://develop.svn.wordpress.org/trunk@47236 602fd350-edb4-49c9-b593-d223f7449a82
When used as a noun referring to the "virtual" place, `Trash` should be capitalized.
Props garrett-eclipse, aandrewdixon, Presskopp.
Fixes#45317.
git-svn-id: https://develop.svn.wordpress.org/trunk@47233 602fd350-edb4-49c9-b593-d223f7449a82
Previously the _embed flag would embed all embeddable links in a response even if only a subset of the links were necessary. Now, a list of link relations can be passed in the _embed parameter to restrict the list of embedded objects.
Props rheinardkorf, adamsilverstein, jnylen0, cklosows, chrisvanpatten, TimothyBlynJacobs.
Fixes#39696.
git-svn-id: https://develop.svn.wordpress.org/trunk@47224 602fd350-edb4-49c9-b593-d223f7449a82
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.
This commit also includes:
* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
* `wp-admin/admin-header.php`
* `wp-admin/admin-footer.php`
* `wp-includes/version.php`
Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes#48082.
git-svn-id: https://develop.svn.wordpress.org/trunk@47198 602fd350-edb4-49c9-b593-d223f7449a82
This allows the icons to be retrieved via `get_post_type_object()`.
Props m.usama.masood, michael.ecklund, SergeyBiryukov.
Fixes#38844.
git-svn-id: https://develop.svn.wordpress.org/trunk@47196 602fd350-edb4-49c9-b593-d223f7449a82
Since MySQL 5.7, InnoDB engine supports `FULLTEXT` indexes, so forcing MyISAM is unnecessary.
Follow-up to [47193], which addressed the issue in `Tests_dbDelta::setUp()`, but missed other tests.
Props xkon, joonasvanhatapio, SergeyBiryukov.
Fixes#49367.
git-svn-id: https://develop.svn.wordpress.org/trunk@47195 602fd350-edb4-49c9-b593-d223f7449a82
* MySQL 8.0.11 changed the `GeometryCollection` data type name to `GeomCollection`, with the latter being the preferred name.
* MySQL 8.0.17 removed support for the display width attribute for integer data types. Previously, default display width of 20 digits was used: `BIGINT(20)`.
The affected tests now check the MySQL server version and use the appropriate data types.
This leaves one unresolved failure on MySQL 8.0.17+ to be addressed in the future, caused by the same `BIGINT` display width discrepancy coming from `wp_get_db_schema()`.
Props kaggdesign, ottok, jeremyfelt, SergeyBiryukov.
Fixes#44384, #49344. See #49364.
git-svn-id: https://develop.svn.wordpress.org/trunk@47184 602fd350-edb4-49c9-b593-d223f7449a82
MySQL 8.0.11 removed support for the `NO_AUTO_CREATE_USER` SQL mode, which was used in as an example of a mode compatible with WordPress.
`NO_AUTO_VALUE_ON_ZERO` is now used in the affected tests instead, which is supported on both MySQL 5.7.x and 8.0.x.
Props kaggdesign, jeremyfelt, afragen.
Fixes#44586. See #49344.
git-svn-id: https://develop.svn.wordpress.org/trunk@47183 602fd350-edb4-49c9-b593-d223f7449a82
If the post status is not registered, assume it's not public, but still allow access to users with edit permissions (same as for a protected post status, e.g. `draft`), so that they could recover orphaned content.
Add unit tests.
Follow-up to [47178].
Props roytanck, SergeyBiryukov.
Fixes#48653.
git-svn-id: https://develop.svn.wordpress.org/trunk@47181 602fd350-edb4-49c9-b593-d223f7449a82
With `map_meta_cap` enabled for a post type, the `read_post` capability for posts with a public status is supposed to be mapped to the post type's `read` capability.
When a post is left in the database after the post status is no longer present, and WP does a `read_post` check against it, a PHP notice was thrown, and the cap check always failed.
As a more graceful fallback, the cap is now mapped onto `edit_others_posts`, which allows highly privileged users to be able to access orphaned content.
A `_doing_it_wrong()` notice is also added, so that developers and site administrators are aware that the cap mapping is failing in the absence of the registered post status.
Follow-up to [34091], which introduced a similar approach to checking mapped caps against an unregistered post type.
Props roytanck, SergeyBiryukov.
Fixes#48653.
git-svn-id: https://develop.svn.wordpress.org/trunk@47178 602fd350-edb4-49c9-b593-d223f7449a82
Core did not include the navigation block PHP files.
This commit fixes the issue referred, and now the navigation block is executed on the frontend. The block still does not work as expected and throws an error during frontend execution. That problem is going to be fixed on the next WordPress package update.
This commit adds the file as it is on the npm package used.
Props gziolo.
Fixes#49348.
git-svn-id: https://develop.svn.wordpress.org/trunk@47176 602fd350-edb4-49c9-b593-d223f7449a82
This makes the function more consistent with `get_the_ID()` or `wp_get_post_parent_id()`, both returning an integer.
Props 0v3rth3d4wn.
Fixes#40096.
git-svn-id: https://develop.svn.wordpress.org/trunk@47160 602fd350-edb4-49c9-b593-d223f7449a82
Using all caps should be avoided for better readability and because screen readers may pronounce all-caps words as abbreviations.
Props afercia, ryokuhi, sabernhardt, garrett-eclipse.
See #47656, #43037, #42945.
git-svn-id: https://develop.svn.wordpress.org/trunk@47156 602fd350-edb4-49c9-b593-d223f7449a82
The produced ZIP archive will now include an `export.json` file along with the current `index.html`.
Props xkon.
Fixes#49029. See #46424.
git-svn-id: https://develop.svn.wordpress.org/trunk@47146 602fd350-edb4-49c9-b593-d223f7449a82
Store each generated embedded object in a temporary cache when querying for linked resources so that repeated links to the same resource do not trigger repeated queries or processing.
Props TimothyBlynJacobs.
Fixes#48838.
git-svn-id: https://develop.svn.wordpress.org/trunk@47138 602fd350-edb4-49c9-b593-d223f7449a82
This information was previously available on the Moderate Comment screen in the admin, but was missing from moderation emails.
Props imath, danieltj, andraganescu, galbaras, SergeyBiryukov.
Fixes#43805. See #43429.
git-svn-id: https://develop.svn.wordpress.org/trunk@47114 602fd350-edb4-49c9-b593-d223f7449a82
This ensures that the function has enough context to determine the necessity of replacing the month name with the correct form in locales that require it.
Props SergeyBiryukov, Rarst.
Fixes#48934.
git-svn-id: https://develop.svn.wordpress.org/trunk@47078 602fd350-edb4-49c9-b593-d223f7449a82
This patch integrates DependencyExtractionWebpackPlugin which was battle-tested in Gutenberg.
This will greatly simplify the process of upgrading npm packages which change after every Gutenberg release. It might even useful during the WordPress release cycle as we might need to publish more often as we discover critical bugs and regressions.
Props jonsurrell, adamsilverstein, youknowriad, ocean90, netweb.
Fixes#48154.
git-svn-id: https://develop.svn.wordpress.org/trunk@47035 602fd350-edb4-49c9-b593-d223f7449a82
Previously, `wp_favicon_request()` was introduced in [13205] to avoid a performance hit of serving a full 404 page on every favicon request.
While working as intended, that implementation did not provide a way for theme or plugin authors to manage the behavior of favicon requests.
This changeset implements the following logic (only applied if WordPress is installed in the root directory):
* If there is a Site Icon set in Customizer, redirect `/favicon.ico` requests to that icon.
* Otherwise, use the WordPress logo as a default icon.
* If a physical `/favicon.ico` file exists, do nothing, let the server handle the request.
Handling `/favicon.ico` is now more consistent with handling `/robots.txt` requests.
New functions and hooks:
* Introduce `is_favicon()` conditional tag to complement `is_robots()`.
* Introduce `do_favicon` action to complement `do_robots` and use it in template loader.
* Introduce `do_favicon()` function, hooked to the above action by default, to complement `do_robots()`.
* Introduce `do_faviconico` action to complement `do_robotstxt`, for plugins to override the default behavior.
* Mark `wp_favicon_request()` as deprecated in favor of `do_favicon()`.
Props jonoaldersonwp, birgire, joostdevalk, mukesh27, SergeyBiryukov.
Fixes#47398.
git-svn-id: https://develop.svn.wordpress.org/trunk@47018 602fd350-edb4-49c9-b593-d223f7449a82
This converts the arguments originally meant for `wpmu_create_blog()` to the ones used by `wp_insert_site()`.
Follow-up to [47011].
Fixes#47195.
git-svn-id: https://develop.svn.wordpress.org/trunk@47013 602fd350-edb4-49c9-b593-d223f7449a82
Map some arguments for backward compatibility with `wpmu_create_blog()` previously used there.
Props davidbaumwald, danielbachhuber, jeremyfelt, SergeyBiryukov.
See #47195.
git-svn-id: https://develop.svn.wordpress.org/trunk@47011 602fd350-edb4-49c9-b593-d223f7449a82
Previously, the first available match was returned, regardless of the case, which was not always the expected result.
Props archon810, ben.greeley, tristangemus, vsamoletov, SergeyBiryukov.
Fixes#39768.
git-svn-id: https://develop.svn.wordpress.org/trunk@47010 602fd350-edb4-49c9-b593-d223f7449a82
r46896 was intended to have included unit tests for the block serialization functions added as part of the changeset.
Props: @aduth.
Fixes: #49048
git-svn-id: https://develop.svn.wordpress.org/trunk@46997 602fd350-edb4-49c9-b593-d223f7449a82
* Clarify in the documentation that the function returns `false` on failure.
* Consistently pass the return value through the `get_feed_build_date` filter.
Props Rarst, dd32, azaozz, tellyworth.
Fixes#48957.
git-svn-id: https://develop.svn.wordpress.org/trunk@46974 602fd350-edb4-49c9-b593-d223f7449a82
- Fix PHP warnings in `wp_unique_filename()` when the destination directory is unreadable.
- Run the final name collision test only for files that are saved to the uploads directory.
- Update the unit tests to match.
Props eden159, audrasjb, azaozz.
Fixes#48960 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@46965 602fd350-edb4-49c9-b593-d223f7449a82
Prevent escaped unicode characters become unescaped in unsafe HTML during JSON decoding.
Props: aduth, epiqueras,
git-svn-id: https://develop.svn.wordpress.org/trunk@46896 602fd350-edb4-49c9-b593-d223f7449a82
`wp_kses_bad_protocol()` makes sure to validate that uri attributes don’t contain invalid/or not allowed protocols. While this works fine in most cases, there’s a risk that by using the colon html5 named entity, one is able to bypass this function.
Props: xknown, nickdaugherty, peterwilsoncc.
git-svn-id: https://develop.svn.wordpress.org/trunk@46895 602fd350-edb4-49c9-b593-d223f7449a82
Previously, `post_date` or `comment_date` was assumed to be GMT, which is only true if the timezone string for the site matches GMT.
Add unit tests.
Props Rarst, smerriman, justdaiv, wonderboymusic, noyle.
Fixes#30429.
git-svn-id: https://develop.svn.wordpress.org/trunk@46864 602fd350-edb4-49c9-b593-d223f7449a82
Previously, tests could create sequential objects with names like `Term 99`, `Term 100`, which by default would be returned in reverse order when sorted by name alphabetically, causing seemingly random test failures that are extremely hard to debug.
See #48145.
git-svn-id: https://develop.svn.wordpress.org/trunk@46830 602fd350-edb4-49c9-b593-d223f7449a82
Synchronize documentation for `add_filter()`, `tests_add_filter()`, `_wp_filter_build_unique_id()`, `_test_filter_build_unique_id()`.
Add a note that `$tag` and `$priority` are no longer used in `_wp_filter_build_unique_id()` since [46220], and the function always returns a string now.
Props donmhico, remcotolsma, SergeyBiryukov.
Fixes#47407. See #48303.
git-svn-id: https://develop.svn.wordpress.org/trunk@46801 602fd350-edb4-49c9-b593-d223f7449a82
Overriding default PHP timezone with `date_default_timezone_set()`, while not recommended, should not inadvertently result in changing existing permalinks.
Add a unit test.
Props Rarst, steevithak, archon810, maciejmackowiak, Ov3rfly, Cybr, hometowntrailers, scvleon, miette49.
Fixes#48623.
git-svn-id: https://develop.svn.wordpress.org/trunk@46795 602fd350-edb4-49c9-b593-d223f7449a82
With the changes in [45908], `mysql2date()` works correctly for all local time inputs, but should not be used for UTC time inputs.
Add a unit test.
Props Rarst, lisota.
Fixes#48675.
git-svn-id: https://develop.svn.wordpress.org/trunk@46756 602fd350-edb4-49c9-b593-d223f7449a82
This is only a wrapper for the `add_node()` method, but it's in widespread use both in core until [46642] and in thousands of plugins and themes. Deprecating it would have made sense when #19647 was originally opened but that's no longer the case.
Props whyisjake
Fixes#19647
git-svn-id: https://develop.svn.wordpress.org/trunk@46678 602fd350-edb4-49c9-b593-d223f7449a82
Make sure it actually tests the change in behavior, previously it passed both before and after the patch.
Add `wp_unslash()` to the last remaining instance of `$_POST['user_login']` that didn't have it.
See #38744.
git-svn-id: https://develop.svn.wordpress.org/trunk@46650 602fd350-edb4-49c9-b593-d223f7449a82
Move the test to a more appropriate place for consistency with `wp_sanitize_redirect()` and `wp_validate_redirect()` tests.
See #44317.
git-svn-id: https://develop.svn.wordpress.org/trunk@46649 602fd350-edb4-49c9-b593-d223f7449a82
The REST API supports filtering by terms across multiple taxonomies using an AND relation. This adds support for an OR relation by adding "tax_relation=OR" as a query parameter.
Props earnjam.
Fixes#44326.
git-svn-id: https://develop.svn.wordpress.org/trunk@46646 602fd350-edb4-49c9-b593-d223f7449a82
The tests for good redirects send headers that we can't handle in the test suite, so let's just remove them.
Unprops Jorbin.
Fixes#44317.
git-svn-id: https://develop.svn.wordpress.org/trunk@46645 602fd350-edb4-49c9-b593-d223f7449a82
This patch replaces all references to the add_menu() method with the add_node() one. (Also some code structure modifications for wp_admin_bar_appearance_menu().)
Fixes: #19647
Props: linuxologos, paulschreiber, morganestes, akibjorklund, nacin, whyisjake.
git-svn-id: https://develop.svn.wordpress.org/trunk@46642 602fd350-edb4-49c9-b593-d223f7449a82
Redirects should use redirect status codes and if you attempt to call wp_safe_redirect or wp_redirect with a non redirect status it can lead to undesired behavior and head scratching.
Fixes#44317.
Props spenserhale, johnbillion, mjnewman for initial patch.
git-svn-id: https://develop.svn.wordpress.org/trunk@46641 602fd350-edb4-49c9-b593-d223f7449a82
Allows a login to have an apostorphe. Which would normally be created as a mistake, but this allows the login to happen.
Fixes#38744
Props wpkuf, desrosj, socalchristina, bibliofille, santilinwp, nsubugak, sncoker, cafenoirdesign, whyisjake.
git-svn-id: https://develop.svn.wordpress.org/trunk@46640 602fd350-edb4-49c9-b593-d223f7449a82
* `_deprecated_function()`
* `_deprecated_argument()`
* `_deprecated_constructor()`
* `_deprecated_file()`
The error level passed is `E_USER_DEPRECATED` for the deprecated function group and `E_USER_NOTICE` for `_doing_it_wrong()`.
Props jrf.
Fixes#36561.
git-svn-id: https://develop.svn.wordpress.org/trunk@46625 602fd350-edb4-49c9-b593-d223f7449a82
Unix vs. Windows EOL style mismatches can cause misleading failures in tests using the heredoc syntax (`<<<`) or multiline strings as the expected result.
Fixes#31432. See #42594, #47411.
git-svn-id: https://develop.svn.wordpress.org/trunk@46612 602fd350-edb4-49c9-b593-d223f7449a82
There is no functional difference between `gmt_offset` and `timezone_string` timezone modes for the issue.
See #48384.
git-svn-id: https://develop.svn.wordpress.org/trunk@46583 602fd350-edb4-49c9-b593-d223f7449a82
Add `$source` parameter to `get_post_datetime()` to instantiate from local or UTC time in database.
Props Rarst, david.binda.
Reviewed by azaozz, SergeyBiryukov.
Fixes#48384.
git-svn-id: https://develop.svn.wordpress.org/trunk@46580 602fd350-edb4-49c9-b593-d223f7449a82
This is a follow-up to [46149] to avoid unnecessary breakage in case of using the old notation.
Props david.binda, jrf.
Reviewed by azaozz.
Fixes#48312.
git-svn-id: https://develop.svn.wordpress.org/trunk@46568 602fd350-edb4-49c9-b593-d223f7449a82
Introduce `make_clickable_rel` filter for the `rel` value that is added to URL matches converted to links.
This is a follow-up to [46349], which added the `rel="nofollow ugc"` attribute to existing `<a>` tags in comments via `wp_rel_ugc()`.
UGC stands for User Generated Content, and the `ugc` attribute value is recommended for links within user generated content, such as comments and forum posts.
See https://webmasters.googleblog.com/2019/09/evolving-nofollow-new-ways-to-identify.html.
Props blogginglife, SergeyBiryukov.
Reviewed by desrosj, audrasjb.
Fixes#48022.
git-svn-id: https://develop.svn.wordpress.org/trunk@46564 602fd350-edb4-49c9-b593-d223f7449a82
Introducing complex meta value handling in [45807] unintentionally removed value casting for empty scalar meta values.
Props TimothyBlynJacobs, chrisvanpatten, rmccue, kadamwhite.
Fixes#48363.
git-svn-id: https://develop.svn.wordpress.org/trunk@46563 602fd350-edb4-49c9-b593-d223f7449a82
Previously, searching for symbol references to replace with post or attachment IDs in array values resulted in a PHP warning.
Props timph, JarretC, SergeyBiryukov.
Fixes#45484.
git-svn-id: https://develop.svn.wordpress.org/trunk@46548 602fd350-edb4-49c9-b593-d223f7449a82
We decided to mark Social Links block as an experimental feature in Gutenberg. In effect, we are moving all related code from WordPress 5.3 release.
Props youknowriad.
Fixes#48263.
git-svn-id: https://develop.svn.wordpress.org/trunk@46543 602fd350-edb4-49c9-b593-d223f7449a82
Coding standards, ensure that nonce is valid with identical, rather then equal operator.
Props vortfu, xknown, whyisjake.
git-svn-id: https://develop.svn.wordpress.org/trunk@46477 602fd350-edb4-49c9-b593-d223f7449a82
Allows fallback previews (PDF by default, in core) to save image meta
after each size is generated to allow for resuming, and make sizes
immediately available.
Props azaozz, antpb, progremzion, mikeschroder.
See #48111.
git-svn-id: https://develop.svn.wordpress.org/trunk@46459 602fd350-edb4-49c9-b593-d223f7449a82
Slashing non-string data caused PUT requests containing unmodified meta arrays of integers to fail the check against the existing stored meta value, causing a 500 when posting an unmodified response body back to the server.
Props TimothyBlynJacobs, augustuswm.
Fixes#48264.
git-svn-id: https://develop.svn.wordpress.org/trunk@46454 602fd350-edb4-49c9-b593-d223f7449a82
Ensures that the ::get_rest_controller() method will always return an instanceof the expected controller class, or null.
Removes unused private static property $post_type_controllers.
Props dlh, TimothyBlynJacobs.
Fixes#45677.
git-svn-id: https://develop.svn.wordpress.org/trunk@46435 602fd350-edb4-49c9-b593-d223f7449a82
Removes a special-case prohibition against embedding 'self' which prevented ?_embed from being used with the /wp/v2/search endpoint.
Props TimothyBlynJacobs, chrisvanpatten, kadamwhite.
Fixes#47684.
git-svn-id: https://develop.svn.wordpress.org/trunk@46434 602fd350-edb4-49c9-b593-d223f7449a82
The `_publish_post_hook()` function checks for `WP_IMPORTING` before setting meta fields fir enclosures and pings, which means this test is doomed to fail.
The test can be re-implemented if the `WP_IMPORTING` constant gets moved to a function similar to how `wp_installing()` works for the `WP_INSTALLING` constant.
See #48014
git-svn-id: https://develop.svn.wordpress.org/trunk@46428 602fd350-edb4-49c9-b593-d223f7449a82
1. `POST /wp/v2/media`.
2. If the upload failed (HTTP 500 error), look for a response header with `X-WP-Upload-Attachment-ID` header that contains the newly created attachment ID.
3. `POST /wp/v2/media/{id}/post-process` with `{ "action": "create-image-subsizes" }`. This request may still fail, but it will save its progress.
4. On continued failure, `DELETE /wp/v2/media/{id}` to give up on the upload and instruct the user to resize their image before uploading.
Props TimothyBlynJacobs.
Fixes#47987.
git-svn-id: https://develop.svn.wordpress.org/trunk@46422 602fd350-edb4-49c9-b593-d223f7449a82
This prevents standalone percent symbols from being stripped out, e.g. in a default value like `100%`.
Props aristath, kuus, moonomo, westonruter, davetgreen, daviedR, katielgc, noisysocks, SergeyBiryukov.
Fixes#34290.
git-svn-id: https://develop.svn.wordpress.org/trunk@46395 602fd350-edb4-49c9-b593-d223f7449a82
Headings are the predominant mechanism for screen reader users to find information in a page. They also help all users to better identify the main sections of user interfaces.
- adds three new headings within the media modal
- improves plural form translation for "item selected" by using `wp.i18n`
- horizontally centers the media modal menu in the responsive view
Props kjellr, karmatosed, melchoyce, afercia.
See #47149.
Fixes#47610.
git-svn-id: https://develop.svn.wordpress.org/trunk@46375 602fd350-edb4-49c9-b593-d223f7449a82
Added missing @ticket for #47863 on `data_shortcode_parse_atts()`
Also cleans up some linter fixes that were missed.
Props garrett-eclipse, whyisjake.
ixes #47863.
git-svn-id: https://develop.svn.wordpress.org/trunk@46370 602fd350-edb4-49c9-b593-d223f7449a82
Ensure consistency between `shortcode_parse_attts()` when being used directly.
Props mauteri, birgire, SergeyBiryukov, kadamwhite, whyisjake.
Fixes#47863.
git-svn-id: https://develop.svn.wordpress.org/trunk@46369 602fd350-edb4-49c9-b593-d223f7449a82
If there is no global comment, or the input comment is null, return early to prevent warnings.
Fixes#41846
Props birgire, earnjam
git-svn-id: https://develop.svn.wordpress.org/trunk@46335 602fd350-edb4-49c9-b593-d223f7449a82
This function must not be modified to return anything due to existing themes which output the return value, for example via `echo get_template_part( ... )`.
See #40969
git-svn-id: https://develop.svn.wordpress.org/trunk@46328 602fd350-edb4-49c9-b593-d223f7449a82
In [46312] and [46313] we attempted to do some phpcs cleanup. This commit cleans up three issues that were introduced in [46309].
Fixes#48142.
Props: whyisjake, garrett-eclipse, desrosj
git-svn-id: https://develop.svn.wordpress.org/trunk@46314 602fd350-edb4-49c9-b593-d223f7449a82
`phpcbf` was able to clean up a few files. Tests were breaking as a result of code formatting.
Fixes#48142
Props whyisjake
git-svn-id: https://develop.svn.wordpress.org/trunk@46312 602fd350-edb4-49c9-b593-d223f7449a82
The current logic in TwentyFifteen (#30366) for making the sidebar sticky while still allowing to scroll through it when the sidebar height is larger than the viewport height is flawed and massively overcomplicated.
This can be mitigated by removing the admin bar specific logic and leaving most of the heavy lifting up to the browser.
Fixes#37536
Props DvanKooten, lukecavanagh, karmatosed, ianbelanger, davidbaumwald
git-svn-id: https://develop.svn.wordpress.org/trunk@46308 602fd350-edb4-49c9-b593-d223f7449a82
Completes work begun in #39953 to expose "date floating" status information to frontend clients via the REST API.
Props TimothyBlynJacobs.
Fixes#48113.
git-svn-id: https://develop.svn.wordpress.org/trunk@46279 602fd350-edb4-49c9-b593-d223f7449a82
After being imported in [46271], Twenty Twenty can now be set as the default theme in WordPress.
See #48110.
Props desrosj, ocean90.
git-svn-id: https://develop.svn.wordpress.org/trunk@46278 602fd350-edb4-49c9-b593-d223f7449a82
Cache REST controller references on their associated post type object to prevent unnecessary controller re-instantiation, which previously caused "rest_prepare_{$post_type}" and "rest_{$post_type}_query" to run twice per request.
Props TimothyBlynJacobs, patrelentlesstechnologycom.
Fixes#45677.
git-svn-id: https://develop.svn.wordpress.org/trunk@46272 602fd350-edb4-49c9-b593-d223f7449a82
Pass email data to the `wp_privacy_personal_data_email_content` filter.
Props garrett-eclipse, thakkarhardik, birgire.
Fixes#46303.
git-svn-id: https://develop.svn.wordpress.org/trunk@46265 602fd350-edb4-49c9-b593-d223f7449a82
Expose a date_floating property on all status objects to permit clients (including the block editor) to make correct decisions about date handling for posts of varying status.
Props mnelson4, earnjam, kadamwhite, jnylen0, nerrad, pento.
See #39953.
git-svn-id: https://develop.svn.wordpress.org/trunk@46252 602fd350-edb4-49c9-b593-d223f7449a82
This commit brings the Network-Admin Sites list page up-to-speed with other similar list-table powered pages, by adding links to filter the results by Site Status.
Includes a single unit test for the newly introduced `wp_count_sites()` multisite function, named to match the `wp_count_` function pattern from other list tables.
Fixes#37392. Props mnelson4, spacedmonkey, pbiron.
git-svn-id: https://develop.svn.wordpress.org/trunk@46251 602fd350-edb4-49c9-b593-d223f7449a82
Adds support for `flex`, `grid` and `column` layout techniques to the list of CSS attributes considered safe for inline CSS. The `\` character and CSS functions, eg `minmax()` are not yet supported.
Extends support of `border` properties to include `border-radius` and individual `background` properties to include all those implicitly supported by the shorthand attribute.
Props mrahmadawais, marybaum, birgire, peterwilsoncc, azaozz.
Fixes#37248.
See #47367.
git-svn-id: https://develop.svn.wordpress.org/trunk@46235 602fd350-edb4-49c9-b593-d223f7449a82
The `str_getcsv()` function was introduced in PHP 5.3.0, so no longer needs a polyfill.
Props jrf.
Fixes#48074.
git-svn-id: https://develop.svn.wordpress.org/trunk@46222 602fd350-edb4-49c9-b593-d223f7449a82
