[34268] introduced cache priming for commentmeta, enabled by default. To
ensure performance on single post pages - where commentmeta is most likely
to cause performance issues - we disable up-front cache-priming. Instead, we
prime commentmeta caches for all comments in the loop the first time
`get_comment_meta()` is called on the page.
Props bradt, dd32, wonderboymusic, boonebgorges.
Fixes#16894.
git-svn-id: https://develop.svn.wordpress.org/trunk@34270 602fd350-edb4-49c9-b593-d223f7449a82
When there are hundreds of settings and controls (e.g. nav menu items and widget instances) the resulting object that is JSON-encoded can become very large, and `wp_json_encode()` can consume a lot of memory to serialize it. By breaking down the serialization into multiple calls the peak memory usage can be kept in line.
Moves logic out of `wp-admin/customize.php` into the `WP_Customize_Manager` class with new methods:
* `is_ios()`
* `get_document_title_template()`
* `get_preview_url()`/`set_preview_url()`
* `get_return_url()`/`set_return_url()`
* `get_autofocus()`/`set_autofocus()`
* `customize_pane_settings()`
Includes unit tests for these methods, for which the logic was formerly untestable in `customize.php`.
Fixes#33898.
git-svn-id: https://develop.svn.wordpress.org/trunk@34269 602fd350-edb4-49c9-b593-d223f7449a82
The new 'update_comment_meta_cache' parameter, which defaults to `true`, can
be used to disable this behavior.
`update_comment_cache()` has been updated to support an `$update_meta_cache`
parameter, which also updates to true; this matches the pattern we use for
priming post caches.
See #16894.
git-svn-id: https://develop.svn.wordpress.org/trunk@34268 602fd350-edb4-49c9-b593-d223f7449a82
[34106] moved post author notification to a hook, and in the process, missed
the 'spam' check. This changeset restores that check.
To make unit testing easier, the notification callbacks have been refactored
to return values: false when various conditions aren't met (eg, approved
comments should not trigger moderation emails), and the return value of the
`wp_notify_*()` function otherwise.
Props cfinke, kraftbj.
See #33587.
git-svn-id: https://develop.svn.wordpress.org/trunk@34250 602fd350-edb4-49c9-b593-d223f7449a82
[13216] introduced the 'public' argument for `register_taxonomy()`. This param
was used to set defaults for 'show_ui' and a number of other params, but it
never did anything itself.
With this changeset, taxonomies registered with `public=false` will no longer
be queryable on the front end, ie via taxonomy archive queries.
Props wpsmith, ocean90, nacin, ericlewis, boonebgorges.
Fixes#21949.
git-svn-id: https://develop.svn.wordpress.org/trunk@34247 602fd350-edb4-49c9-b593-d223f7449a82
The `user_login` field only allows 60 characters, and `user_nicename` allows
50. However, there are no protections in the interface, and few in the code,
that prevent the creation of users with values in excess of these limits. Prior
to recent changes in `$wpdb`, users were generally created anyway, MySQL
having performed the necessary truncation. More recently, the `INSERT`s and
`UPDATE`s simply fail, with no real feedback on the nature of the failure.
This changeset addresses the issue in a number of ways:
* On the user-new.php and network/user-new.php panels, don't allow input in excess of the maximum field length.
* In `wp_insert_user()`, throw an error if the value provided for `'user_login'` or `'user_nicename'` exceeds the maximum field length.
* In `wp_insert_user()`, when using `'user_login'` to generate a default value for `'user_nicename'`, ensure that the nicename is properly truncated, even when suffixed for uniqueness (username-2, etc).
Props dipesh.kakadiya, utkarshpatel, tommarshall, boonebgorges.
Fixes#33793.
git-svn-id: https://develop.svn.wordpress.org/trunk@34218 602fd350-edb4-49c9-b593-d223f7449a82
In `_unregister_post_type()` (unit tests), don't add query vars of non-viewable post types to `WP::public_query_vars`.
Adds unit test.
Fixes#30018.
git-svn-id: https://develop.svn.wordpress.org/trunk@34215 602fd350-edb4-49c9-b593-d223f7449a82
We already accept 'id'. `ID` more closely matches the database and
`WP_User` schemas.
Props Shelob9.
Fixes#33869.
git-svn-id: https://develop.svn.wordpress.org/trunk@34125 602fd350-edb4-49c9-b593-d223f7449a82
The second parameter `$plaintext_pass` was removed in [33023] and restored as `$notify` in [33620] with a different behavior. If you have a plugin overriding `wp_new_user_notification()` which hasn't been updated you would get a notification with your username and the password "both".
To prevent this the second parameter is now deprecated and reintroduced as the third parameter.
Adds unit tests.
Props kraftbj, adamsilverstein, welcher, ocean90.
Fixes#33654.
(Don't ask for new pluggables kthxbye)
git-svn-id: https://develop.svn.wordpress.org/trunk@34116 602fd350-edb4-49c9-b593-d223f7449a82
Post type objects are reponsible for mapping their capabilities to core caps.
As a result, when the post type is no longer registered, the caps are no
longer mapped. This causes problems when a post is left in the database after
the post type is no longer present, and WP does an 'edit_post' or other cap
check against it: a PHP notice is thrown, and the cap check always fails.
As a more graceful fallback, we map all post-type-dependent caps onto
'edit_others_posts', which allows highly privileged users to be able to
access orphaned content (such as comments belonging to disabled post types),
while minimizing the possibility of unintended privilege escalation.
We also add a `_doing_it_wrong()` notice, so that developers and site
administrators are aware that the cap mapping is failing in the absence of
the registered post type.
Props mitchoyoshitaka, DrewAPicture, imath, codeelite, boonebgorges, nofearinc, SergeyBiryukov, jorbin, dlh.
Fixes#16956.
git-svn-id: https://develop.svn.wordpress.org/trunk@34091 602fd350-edb4-49c9-b593-d223f7449a82
Since [29248], a table join has not been necessary to process the
`$excluded_terms` parameter of `get_adjacent_post()`. Aside from adding extra
overhead, this join meant that post records that don't have any corresponding
rows in `wp_term_relationships` were erroneously excluded from results.
Fixes#32833.
git-svn-id: https://develop.svn.wordpress.org/trunk@34088 602fd350-edb4-49c9-b593-d223f7449a82
Setting the default value of the `queried_object_id` property to `0` meant
that, when called early enough in the WP bootstrap, `get_queried_object()`
could short-circuit the normal query by fooling it into thinking that the
request was for a page with id 0. Setting the default value to `null` instead
avoids this problem.
Props gradyetc, jazbek.
Fixes#31355.
git-svn-id: https://develop.svn.wordpress.org/trunk@34073 602fd350-edb4-49c9-b593-d223f7449a82
`wp_delete_user()` and `wpmu_delete_user()` both require an `$id` parameter.
Previously, the functions did not verify that the value passed was, in fact,
a number. As such, passing an object or any other entity that would be cast
to int `1` would result in user 1 being deleted. We fix this by enforcing
the requirement that `$id` be numeric.
Props dipesh.kakadiya, utkarshpatel, juliobox.
Fixes#33800.
git-svn-id: https://develop.svn.wordpress.org/trunk@34034 602fd350-edb4-49c9-b593-d223f7449a82
Other users in a network can now be given capabilities to manage users without also having global super admin privileges.
* Users with `manage_network_users` can not edit super admins.
* Users with `manage_network_users` can not promote users to super admin.
* Uses of `is_super_admin()` in `user-new.php` are now updated to `manage_network_users`.
Props daniellandau, chriscct7.
Fixes#16860.
git-svn-id: https://develop.svn.wordpress.org/trunk@33988 602fd350-edb4-49c9-b593-d223f7449a82
An administrator in multisite can not edit users other than itself.
Props daniellandau for the initial patch.
See #16860.
git-svn-id: https://develop.svn.wordpress.org/trunk@33987 602fd350-edb4-49c9-b593-d223f7449a82
This also includes a unit test to ensure we're only recommending actively supported versions of PHP in the future.
Fixes#33758.
git-svn-id: https://develop.svn.wordpress.org/trunk@33937 602fd350-edb4-49c9-b593-d223f7449a82
There are no uses of `wp_list_comments()` in Core where `$comments` are passed as the 2nd argument.
Adds unit tests.
Props wonderboymusic, bradt.
Fixes#16894.
git-svn-id: https://develop.svn.wordpress.org/trunk@33925 602fd350-edb4-49c9-b593-d223f7449a82
Boone Gorges
Weston Ruter
Scott Taylor
Drew Jaynes
John Blackbourn
Dominik Schilling (ocean90)
Dion Hulse
Jeremy Felt
Andrew Ozz
Gary Pendergast