Previously the _embed flag would embed all embeddable links in a response even if only a subset of the links were necessary. Now, a list of link relations can be passed in the _embed parameter to restrict the list of embedded objects.
Props rheinardkorf, adamsilverstein, jnylen0, cklosows, chrisvanpatten, TimothyBlynJacobs.
Fixes#39696.
git-svn-id: https://develop.svn.wordpress.org/trunk@47224 602fd350-edb4-49c9-b593-d223f7449a82
The <tfoot> element was allowed to precede the <tbody> element in HTML 5. However, that was changed in HTML 5.1 and <tfoot> must now follow <tbody>.
This removes the tfooot and instead uses a nav element for navigation between months.
Fixes: #39763
Props: isabel_brison, Harry Milatz, audrasjb, abhijitrakas, SergeyBiryukov
git-svn-id: https://develop.svn.wordpress.org/trunk@47223 602fd350-edb4-49c9-b593-d223f7449a82
For accessibility, the visual appearance and source order should match. Moving the toolbar to load in the new hook `wp_body_open` (5.2) fixes a long-standing source order problem.
Props jankimoradiya, afercia, SergeyBiryukov, audrasjb, ocean90, xkon, dinhtungdu.
Fixes#47053.
git-svn-id: https://develop.svn.wordpress.org/trunk@47221 602fd350-edb4-49c9-b593-d223f7449a82
Front Page, Posts Page, or Privacy Policy Page should now be marked as such on the added menu items.
Props garrett-eclipse.
Fixes#49374.
git-svn-id: https://develop.svn.wordpress.org/trunk@47211 602fd350-edb4-49c9-b593-d223f7449a82
The restictions mentioned for the parameter value should be consistenct.
Props pbiron, SergeyBiryukov.
Fixes#49384.
git-svn-id: https://develop.svn.wordpress.org/trunk@47210 602fd350-edb4-49c9-b593-d223f7449a82
These are language constructs, not function calls, so the parentheses are unnecessary.
This updates the PHPCS configuration file the enforce the sniff until it is moved from the `WordPress-Extra` ruleset to the `WordPress-Core` ruleset upstream.
Follow-up to [47198].
Props desrosj, jrf, GaryJ.
Fixes#49376.
git-svn-id: https://develop.svn.wordpress.org/trunk@47207 602fd350-edb4-49c9-b593-d223f7449a82
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.
This commit also includes:
* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
* `wp-admin/admin-header.php`
* `wp-admin/admin-footer.php`
* `wp-includes/version.php`
Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes#48082.
git-svn-id: https://develop.svn.wordpress.org/trunk@47198 602fd350-edb4-49c9-b593-d223f7449a82
This ensures the file containing the `WP_Object_Cache` class conforms to the coding standards.
For backward compatibility, the new file is included from `wp-includes/cache.php`.
Fixes#49373. See #49222.
git-svn-id: https://develop.svn.wordpress.org/trunk@47197 602fd350-edb4-49c9-b593-d223f7449a82
This allows the icons to be retrieved via `get_post_type_object()`.
Props m.usama.masood, michael.ecklund, SergeyBiryukov.
Fixes#38844.
git-svn-id: https://develop.svn.wordpress.org/trunk@47196 602fd350-edb4-49c9-b593-d223f7449a82
If the post status is not registered, assume it's not public, but still allow access to users with edit permissions (same as for a protected post status, e.g. `draft`), so that they could recover orphaned content.
Add unit tests.
Follow-up to [47178].
Props roytanck, SergeyBiryukov.
Fixes#48653.
git-svn-id: https://develop.svn.wordpress.org/trunk@47181 602fd350-edb4-49c9-b593-d223f7449a82
If the post status is not registered, assume it's not public.
Follow-up to [47178].
Props roytanck.
See #48653.
git-svn-id: https://develop.svn.wordpress.org/trunk@47179 602fd350-edb4-49c9-b593-d223f7449a82
With `map_meta_cap` enabled for a post type, the `read_post` capability for posts with a public status is supposed to be mapped to the post type's `read` capability.
When a post is left in the database after the post status is no longer present, and WP does a `read_post` check against it, a PHP notice was thrown, and the cap check always failed.
As a more graceful fallback, the cap is now mapped onto `edit_others_posts`, which allows highly privileged users to be able to access orphaned content.
A `_doing_it_wrong()` notice is also added, so that developers and site administrators are aware that the cap mapping is failing in the absence of the registered post status.
Follow-up to [34091], which introduced a similar approach to checking mapped caps against an unregistered post type.
Props roytanck, SergeyBiryukov.
Fixes#48653.
git-svn-id: https://develop.svn.wordpress.org/trunk@47178 602fd350-edb4-49c9-b593-d223f7449a82
Core did not include the navigation block PHP files.
This commit fixes the issue referred, and now the navigation block is executed on the frontend. The block still does not work as expected and throws an error during frontend execution. That problem is going to be fixed on the next WordPress package update.
This commit adds the file as it is on the npm package used.
Props gziolo.
Fixes#49348.
git-svn-id: https://develop.svn.wordpress.org/trunk@47176 602fd350-edb4-49c9-b593-d223f7449a82
* Change default value of the `$blog_id` parameter to match the documented type.
* Change the type of the `$reassign` parameter for consistency with `$user_id` and `$blog_id`.
* Add documentation for the return value.
See #49361.
git-svn-id: https://develop.svn.wordpress.org/trunk@47173 602fd350-edb4-49c9-b593-d223f7449a82
Starting with MySQL 5.7.5, the `ANSI` mode implies `ONLY_FULL_GROUP_BY`, which is already listed in `wpdb` as incompatible per [27072].
When `ANSI` is enabled on MySQL 5.7.5+, `ONLY_FULL_GROUP_BY` remains enabled even after being "unset" by `wpdb::set_sql_mode()`.
To prevent this, the `ANSI` mode should also be listed as incompatible. It is not enabled on default MySQL installations.
Props jnylen0.
Fixes#48377.
git-svn-id: https://develop.svn.wordpress.org/trunk@47171 602fd350-edb4-49c9-b593-d223f7449a82
The original script was deprecated in [30338] and removed in [32677].
Props Presskopp, ketuchetan.
Fixes#39448.
git-svn-id: https://develop.svn.wordpress.org/trunk@47164 602fd350-edb4-49c9-b593-d223f7449a82
This makes the function more consistent with `get_the_ID()` or `wp_get_post_parent_id()`, both returning an integer.
Props 0v3rth3d4wn.
Fixes#40096.
git-svn-id: https://develop.svn.wordpress.org/trunk@47160 602fd350-edb4-49c9-b593-d223f7449a82
Using all caps should be avoided for better readability and because screen readers may pronounce all-caps words as abbreviations.
Props afercia, ryokuhi, sabernhardt, garrett-eclipse.
See #47656, #43037, #42945.
git-svn-id: https://develop.svn.wordpress.org/trunk@47156 602fd350-edb4-49c9-b593-d223f7449a82
Store each generated embedded object in a temporary cache when querying for linked resources so that repeated links to the same resource do not trigger repeated queries or processing.
Props TimothyBlynJacobs.
Fixes#48838.
git-svn-id: https://develop.svn.wordpress.org/trunk@47138 602fd350-edb4-49c9-b593-d223f7449a82
The `ndash` standardly is the "through" indicator for showing inclusive dates and numbers, while the `mdash` is an interruptor and used as an aside.
Props mikejdent, garrett-eclipse.
Fixes#48286.
git-svn-id: https://develop.svn.wordpress.org/trunk@47134 602fd350-edb4-49c9-b593-d223f7449a82
This information was previously available on the Moderate Comment screen in the admin, but was missing from moderation emails.
Props imath, danieltj, andraganescu, galbaras, SergeyBiryukov.
Fixes#43805. See #43429.
git-svn-id: https://develop.svn.wordpress.org/trunk@47114 602fd350-edb4-49c9-b593-d223f7449a82
The prefix includes a link to the parent comment and the name of its author.
Props zodiac1978, imath, SergeyBiryukov.
Fixes#43429.
git-svn-id: https://develop.svn.wordpress.org/trunk@47111 602fd350-edb4-49c9-b593-d223f7449a82
Originally added in [4686], these constructor/destructor pairings were designed to prevent the objects from being destroyed before shutdown, when output buffers are flushed.
A deeper investigation reveals that this approach didn't quite work as expected and was later made redundant by introducing `wp_ob_end_flush_all()` in [5462].
Props wonderboymusic, nacin, Mte90, SergeyBiryukov.
Fixes#21402.
git-svn-id: https://develop.svn.wordpress.org/trunk@47107 602fd350-edb4-49c9-b593-d223f7449a82
The action is fired by both `switch_to_blog()` and `restore_current_blog()`, and previously it was difficult for callback functions to determine which function had fired it.
Props SergeyBiryukov, johnbillion, jeremyfelt.
Fixes#49265.
git-svn-id: https://develop.svn.wordpress.org/trunk@47105 602fd350-edb4-49c9-b593-d223f7449a82
The brackets were originally added in [16285] per W3C recommendation in https://www.w3.org/Addressing/URL/5.1_Wrappers.html to avoid wrapping the URL across multiple lines in plain text in older email clients.
This doesn't seem like a common issue in modern email clients, and the current implementation causes more issues than it solves. Since the URL is on a line by itself, it should not require any delimiters.
The URL in recovery mode email introduced in [44973] doesn't have angle brackets, so it's time to retire them in password reset email too if they're not used consistently.
Props donmhico, Otto42, sproutchris, iandunn, dd32, DaveWP196, sebastian.pisula, tommix, sablednah, julian.kimmig, Rahe, clayisland, arenddeboer, nicole2292, nagoke, squarecandy, eatingrules, SergeyBiryukov.
Fixes#21095, #23578, #44589.
git-svn-id: https://develop.svn.wordpress.org/trunk@47086 602fd350-edb4-49c9-b593-d223f7449a82
This ensures that the function has enough context to determine the necessity of replacing the month name with the correct form in locales that require it.
Props SergeyBiryukov, Rarst.
Fixes#48934.
git-svn-id: https://develop.svn.wordpress.org/trunk@47078 602fd350-edb4-49c9-b593-d223f7449a82
This is a follow-up for #48154, where we started including *.asset.php files to declare package dependencies.
This works well but creates warnings in environments where the package does not exist because WordPress was not fully built.
Props jeherve, swissspidy.
Fixes#49144.
git-svn-id: https://develop.svn.wordpress.org/trunk@47048 602fd350-edb4-49c9-b593-d223f7449a82
This patch integrates DependencyExtractionWebpackPlugin which was battle-tested in Gutenberg.
This will greatly simplify the process of upgrading npm packages which change after every Gutenberg release. It might even useful during the WordPress release cycle as we might need to publish more often as we discover critical bugs and regressions.
Props jonsurrell, adamsilverstein, youknowriad, ocean90, netweb.
Fixes#48154.
git-svn-id: https://develop.svn.wordpress.org/trunk@47035 602fd350-edb4-49c9-b593-d223f7449a82
* Only query post types with `'show_in_rest' => true` instead of looping over all post types and checking the `show_in_rest` property separately.
* Return from the `foreach()` loop as soon as the permission check succeeded.
Props pbiron, TimothyBlynJacobs, SergeyBiryukov.
Fixes#49118.
git-svn-id: https://develop.svn.wordpress.org/trunk@47034 602fd350-edb4-49c9-b593-d223f7449a82
Previously, `wp_favicon_request()` was introduced in [13205] to avoid a performance hit of serving a full 404 page on every favicon request.
While working as intended, that implementation did not provide a way for theme or plugin authors to manage the behavior of favicon requests.
This changeset implements the following logic (only applied if WordPress is installed in the root directory):
* If there is a Site Icon set in Customizer, redirect `/favicon.ico` requests to that icon.
* Otherwise, use the WordPress logo as a default icon.
* If a physical `/favicon.ico` file exists, do nothing, let the server handle the request.
Handling `/favicon.ico` is now more consistent with handling `/robots.txt` requests.
New functions and hooks:
* Introduce `is_favicon()` conditional tag to complement `is_robots()`.
* Introduce `do_favicon` action to complement `do_robots` and use it in template loader.
* Introduce `do_favicon()` function, hooked to the above action by default, to complement `do_robots()`.
* Introduce `do_faviconico` action to complement `do_robotstxt`, for plugins to override the default behavior.
* Mark `wp_favicon_request()` as deprecated in favor of `do_favicon()`.
Props jonoaldersonwp, birgire, joostdevalk, mukesh27, SergeyBiryukov.
Fixes#47398.
git-svn-id: https://develop.svn.wordpress.org/trunk@47018 602fd350-edb4-49c9-b593-d223f7449a82
Previously, the first available match was returned, regardless of the case, which was not always the expected result.
Props archon810, ben.greeley, tristangemus, vsamoletov, SergeyBiryukov.
Fixes#39768.
git-svn-id: https://develop.svn.wordpress.org/trunk@47010 602fd350-edb4-49c9-b593-d223f7449a82
This better aligns with the semantics of applying filters to the input and returning a result, rather than performing an action and outputting to the current buffer.
Props ljasinskipl, thefarlilacfield.
Fixes#37422.
git-svn-id: https://develop.svn.wordpress.org/trunk@47004 602fd350-edb4-49c9-b593-d223f7449a82
It's a single-use URL parameter that does not need to be passed to canonical URLs in the admin.
Props dlh.
Fixes#49017.
git-svn-id: https://develop.svn.wordpress.org/trunk@47002 602fd350-edb4-49c9-b593-d223f7449a82
* Clarify in the documentation that the function returns `false` on failure.
* Consistently pass the return value through the `get_feed_build_date` filter.
Props Rarst, dd32, azaozz, tellyworth.
Fixes#48957.
git-svn-id: https://develop.svn.wordpress.org/trunk@46974 602fd350-edb4-49c9-b593-d223f7449a82
[3525] allowed a difference up to 59 seconds between the post date/time and the current time to consider the post published instead of scheduled, but that didn't take start of a new minute into account.
Rapidly creating post fixtures in unit tests could encounter a one-second discrepancy between `current_time( 'mysql' )` and `gmdate( 'Y-m-d H:i:s' )`, returning values like `2019-12-16 23:43:00` vs. `2019-12-16 23:42:59`, respectively, and setting the post to a `future` status instead of `publish`.
[45851], while working as intended, made the issue somewhat more likely to occur.
This caused all sorts of occasional random failures in various tests on Travis, mostly on PHP 7.1.
Fixes#48145.
git-svn-id: https://develop.svn.wordpress.org/trunk@46968 602fd350-edb4-49c9-b593-d223f7449a82
- Fix PHP warnings in `wp_unique_filename()` when the destination directory is unreadable.
- Run the final name collision test only for files that are saved to the uploads directory.
- Update the unit tests to match.
Props eden159, audrasjb, azaozz.
Fixes#48960 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@46965 602fd350-edb4-49c9-b593-d223f7449a82
Prevent escaped unicode characters become unescaped in unsafe HTML during JSON decoding.
Props: aduth, epiqueras,
git-svn-id: https://develop.svn.wordpress.org/trunk@46896 602fd350-edb4-49c9-b593-d223f7449a82
`wp_kses_bad_protocol()` makes sure to validate that uri attributes don’t contain invalid/or not allowed protocols. While this works fine in most cases, there’s a risk that by using the colon html5 named entity, one is able to bypass this function.
Props: xknown, nickdaugherty, peterwilsoncc.
git-svn-id: https://develop.svn.wordpress.org/trunk@46895 602fd350-edb4-49c9-b593-d223f7449a82
This improves the appearance of various form controls in the admin and addresses some visual inconsistencies in WordPress 5.3.
Props afercia, audrasjb, jameskoster, GDragoN, azaozz, michaelarestad, murgroland, SamuelFernandez, chetan200891, veminom, dlh.
Fixes#48420.
git-svn-id: https://develop.svn.wordpress.org/trunk@46866 602fd350-edb4-49c9-b593-d223f7449a82
Previously, `post_date` or `comment_date` was assumed to be GMT, which is only true if the timezone string for the site matches GMT.
Add unit tests.
Props Rarst, smerriman, justdaiv, wonderboymusic, noyle.
Fixes#30429.
git-svn-id: https://develop.svn.wordpress.org/trunk@46864 602fd350-edb4-49c9-b593-d223f7449a82
This includes a speedup for signature verification on most platforms and bugfixes for 32-bit platforms.
Props paragoninitiativeenterprises, lukaswaudentio.
Fixes#48371.
git-svn-id: https://develop.svn.wordpress.org/trunk@46858 602fd350-edb4-49c9-b593-d223f7449a82
The `all_category_ids` cache key it relied on was removed in [5555] and never repopulated, causing invalid or unexpected results when using a persistent object cache.
Props itowhid06, johnjamesjacoby.
Fixes#48176.
git-svn-id: https://develop.svn.wordpress.org/trunk@46810 602fd350-edb4-49c9-b593-d223f7449a82
The `spl_object_hash()` function was introduced in PHP 5.2.0. As of PHP 5.3, the PHP SPL extension can no longer be disabled, so the `WP_Widget_Factory::hash_object()` workaround was removed in [46220].
See #48074.
git-svn-id: https://develop.svn.wordpress.org/trunk@46808 602fd350-edb4-49c9-b593-d223f7449a82
Synchronize documentation for `add_filter()`, `tests_add_filter()`, `_wp_filter_build_unique_id()`, `_test_filter_build_unique_id()`.
Add a note that `$tag` and `$priority` are no longer used in `_wp_filter_build_unique_id()` since [46220], and the function always returns a string now.
Props donmhico, remcotolsma, SergeyBiryukov.
Fixes#47407. See #48303.
git-svn-id: https://develop.svn.wordpress.org/trunk@46801 602fd350-edb4-49c9-b593-d223f7449a82
Overriding default PHP timezone with `date_default_timezone_set()`, while not recommended, should not inadvertently result in changing existing permalinks.
Add a unit test.
Props Rarst, steevithak, archon810, maciejmackowiak, Ov3rfly, Cybr, hometowntrailers, scvleon, miette49.
Fixes#48623.
git-svn-id: https://develop.svn.wordpress.org/trunk@46795 602fd350-edb4-49c9-b593-d223f7449a82
This addresses an inconsistency with `_deprecated_hook()`, which uses `is_null()` to check if `$replacement` was provided, however the previous default value was `false`.
Props shaampk1, felipeelia.
Fixes#48817.
git-svn-id: https://develop.svn.wordpress.org/trunk@46792 602fd350-edb4-49c9-b593-d223f7449a82
With the changes in [45908], `mysql2date()` works correctly for all local time inputs, but should not be used for UTC time inputs.
Add a unit test.
Props Rarst, lisota.
Fixes#48675.
git-svn-id: https://develop.svn.wordpress.org/trunk@46756 602fd350-edb4-49c9-b593-d223f7449a82
Every time an autoloaded option is updated or deleted, the `alloptions` cache is similarly updated. Due to the race condition, on any autoloaded option being updated, every other autoloaded option had its value set to the value at load time, causing a mismatch between the data in the persistent cache and the database.
This change introduces a `$force_cache` parameter for `wp_load_alloptions()` to force an update of the local `alloptions` cache from the persistent cache when an option is added, updated, or deleted, to minimize the chance of affecting other options.
Props fabifott, rmccue, tollmanz, johnjamesjacoby, spacedmonkey, dd32, jipmoors, tellyworth, jeremyclarke, joehoyle, boonebgorges, danielbachhuber, flixos90, jeichorn, mihdan, Grzegorz.Janoszka, SergeyBiryukov.
See #31245.
git-svn-id: https://develop.svn.wordpress.org/trunk@46753 602fd350-edb4-49c9-b593-d223f7449a82
