Registration is now based solely on object type, which allows the code around this to be simplified significantly.
In the process of making this adjustment:
* `register_meta()`, `unregister_meta_key()`, `get_registered_metadata()`, and `registered_meta_key_exists()` no longer return `WP_Error` objects.
* The recently introduced `wp_object_type_exists()` function and the restriction on object type has been removed.
Note: No guarantee of uniqueness is made across object subtypes. Registered meta keys should be uniquely prefixed to avoid conflict.
Fixes#35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@38095 602fd350-edb4-49c9-b593-d223f7449a82
This includes a new test in the emoji loader, to see if the browser supports rendering Unicode 9.0 emoji, as well as an update to `twemoji.js`, to load Unicode 9.0 twemoji images.
The default CDN location for loading Twemoji images has changed, moving to a versioned subdirectory. This allows updates without needing to purge the CDN.
Fixes#37361.
git-svn-id: https://develop.svn.wordpress.org/trunk@38087 602fd350-edb4-49c9-b593-d223f7449a82
When `$size` is passed to `image_get_intermediate_size()` as an array of width
and height values and an exact image size matching those values isn't available,
the function loops through the available attachment sizes and returns the
smallest image larger than the requested dimensions with the same aspect ratio.
The aspect ratio check is skipped for the 'thumbnail' size to provide a fallback
for small sizes when no other image option is available. This resulted in a poor
selection when the size requested was smaller than the 'thumbnail' dimensions
but a larger size matching the requested ratio existed.
This refactors the internals of `image_get_intermediate_size()` to ensure the
'thumbnail' size is only returned as a fallback to small sizes once all other
options have been considered, and makes the control flow easier to follow.
This also introduces a new helper function, `wp_image_matches_ratio()` for
testing whether the aspect ratios of two sets of dimensions match. This function
is also now used in `wp_calculate_image_srcset()` during the selection process.
Props flixos, joemcgill.
Fixes#34384, #34980.
git-svn-id: https://develop.svn.wordpress.org/trunk@38086 602fd350-edb4-49c9-b593-d223f7449a82
* Remove title attributes.
* Show "Install Now" and "Details" links if the importer isn't installed yet.
* Show a "Run Importer" link if the importer is installed. It also handles activation if the plugin isn't activated.
* Add `aria-label` attributes to each link.
* Unify the importer descriptions to make them independent from the plugin state. The API was changed in [meta3690].
* Adjust JavaScript callbacks for ajaxified importer installs.
Props afercia, swissspidy, ocean90.
See #24766.
Fixes#35191.
git-svn-id: https://develop.svn.wordpress.org/trunk@38075 602fd350-edb4-49c9-b593-d223f7449a82
Previously, `wp_mail()` implemented Reply-To as a generic header, using
PHPMailer's `addCustomHeader()`. As such, the email address portion of
the header was being incorrectly encoded when the name portion
contained UTF-8 characters. Switching to PHPMailer's more specific
`addReplyTo()` method fixes the issue.
For greater readability, the handling of all address-related headers
(To, CC, BCC, Reply-To) has been standardized.
Props szepe.viktor, iandunn, bpetty, stephenharris.
Fixes#21659.
git-svn-id: https://develop.svn.wordpress.org/trunk@38058 602fd350-edb4-49c9-b593-d223f7449a82
In some cases, images in the media library may contain spaces in
their filenames. This results in an invalid `srcset` attribute,
causing broken images on the front end. This change fixes the issue
by replacing spaces in URLs with URL encoded '%20' characters before
returning the `srcset` string.
Props underdude, joemcgill.
Fixes#36549.
git-svn-id: https://develop.svn.wordpress.org/trunk@38052 602fd350-edb4-49c9-b593-d223f7449a82
After [38047], also include the comment_content with html in the preg_match against blacklist keys to match urls.
Props ocean90.
Fixes#37208.
git-svn-id: https://develop.svn.wordpress.org/trunk@38048 602fd350-edb4-49c9-b593-d223f7449a82
Use `wp_kses()` to clean comment_content for preg_match against the blacklist_keys. Also includes some initial unit tests for `wp_blacklist_check()`.
Previously, if a blacklisted key was used in comment_content split by an html tag the regex in `wp_blacklist_check()` would not find a match. Example: Where "springfield" was a blacklisted word, if the content of a comment included `spring<i>field</i>" `wp_blacklist_check()` would not return true.
Props cfinke.
Fixes#37208.
git-svn-id: https://develop.svn.wordpress.org/trunk@38047 602fd350-edb4-49c9-b593-d223f7449a82
When using `register_meta()` with the function signature from 4.5 and earlier, the `auth_{$type}_meta_{$key}` and `sanitize_{$type}_meta_{$key}` filters are used. Any calls to `register_meta()` expecting this behavior should continue to work. The new filters, which take advantage of object subtypes, should not be added unless the proper `$args` array is passed.
See #35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@38041 602fd350-edb4-49c9-b593-d223f7449a82
If auth and/or sanitize callbacks are specified in the arguments for
`register_meta()`, filters are added to handle these callbacks. These
should be removed when calling `unregister_meta_key()` to avoid
unintentional filtering.
See #35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@38040 602fd350-edb4-49c9-b593-d223f7449a82
To enhance accessibility for items without a link you can now define `tabindex="0"`, which makes descendant dropdowns accessible.
Props joedolson, afercia, ocean90.
Fixes#32495.
git-svn-id: https://develop.svn.wordpress.org/trunk@38035 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a few accessibility issues, tweaks the design of the search form to match other Ajax search fields and improves compatibility with older browsers.
See #37230.
git-svn-id: https://develop.svn.wordpress.org/trunk@38033 602fd350-edb4-49c9-b593-d223f7449a82
40M isn't enough and can lead to an "out of memory" error. Change `test_wp_raise_memory_limit()` to test that `wp_raise_memory_limit()` doesn't *lower* the memory limit.
See [38015].
See #32075.
git-svn-id: https://develop.svn.wordpress.org/trunk@38016 602fd350-edb4-49c9-b593-d223f7449a82
* Don't lower memory limit if the current limit is greater than `WP_MAX_MEMORY_LIMIT`.
* Set `WP_MEMORY_LIMIT` and `WP_MAX_MEMORY_LIMIT` to current limit if the `memory_limit` setting can't be changed at runtime.
* Use `wp_convert_hr_to_bytes()` when parsing the value of the `memory_limit` setting because it can be a shorthand or an integer value.
* Introduce `wp_raise_memory_limit( $context )` to raise the PHP memory limit for memory intensive processes. This DRYs up some logic and includes the existing `admin_memory_limit` and `image_memory_limit` filters. The function can also be used for custom contexts, the `{$context}_memory_limit` filter allows to customize the limit.
* Introduce `wp_is_ini_value_changeable( $setting )` to determine whether a PHP ini value is changeable at runtime.
* Remove a `function_exists( 'memory_get_usage' )` check. Since PHP 5.2.1 support for memory limit is always enabled.
Related commits: [38011-38013]
Props jrf, A5hleyRich, swissspidy, ocean90.
Fixes#32075.
git-svn-id: https://develop.svn.wordpress.org/trunk@38015 602fd350-edb4-49c9-b593-d223f7449a82
This prevents false positives when the ID column's incrementor has exceeded the
hardcoded invalid ID.
Fixes#37308.
git-svn-id: https://develop.svn.wordpress.org/trunk@38005 602fd350-edb4-49c9-b593-d223f7449a82
When comment IDs are fetched from the cache rather than the database,
the subsequent `SELECT FOUND_ROWS()` query will not return the correct value.
To avoid unnecessary queries, we cache the results of the `found_comments`
query alongside the comment IDs.
Props spacedmonkey.
Fixes#37184.
git-svn-id: https://develop.svn.wordpress.org/trunk@38001 602fd350-edb4-49c9-b593-d223f7449a82
The array-compatibility object we started returning in r37428 unfortunately isn't enough like an array. In particular, `is_array()` checks fail, despite the object implementing ArrayAccess. Mea culpa.
This moves the WP_HTTP_Response object to a new http_response key in the array, and changes the value back to an actual array.
Fixes#37097.
See #33055.
git-svn-id: https://develop.svn.wordpress.org/trunk@37989 602fd350-edb4-49c9-b593-d223f7449a82
When enabled, the switch would override the theme's pseudo-plural `'% Comments'` string with a correct form of `_n( '%s Comment', '%s Comments', $number )`.
Historically, `comments_popup_link()` and `get_comments_number_text()` did not support plural forms and used a pseudo-plural style instead, so some locales were forced to come up with workarounds to display the number of comments in their language correctly.
This change should make those functions more i18n-friendly.
Fixes#13651.
git-svn-id: https://develop.svn.wordpress.org/trunk@37987 602fd350-edb4-49c9-b593-d223f7449a82
`arsort()` sorts the paths reverse-alphabetically while preserving the keys. It results in a longer path being listed before a shorter one with the same base directory(ies).
Props jdgrimes, ocean90.
Fixes#28441.
git-svn-id: https://develop.svn.wordpress.org/trunk@37983 602fd350-edb4-49c9-b593-d223f7449a82
Prevents displaying "Original:" without a title when adding a menu item without a title.
Props grapplerulrich, swissspidy.
Fixes#36729.
git-svn-id: https://develop.svn.wordpress.org/trunk@37953 602fd350-edb4-49c9-b593-d223f7449a82
Fixes mistake in the current behavior, where the sanitization callback ran before the validation callback. Now the validation callback will run before the sanitization.
Props schlessera, rachelbaker.
See #37247.
Fixes#37192.
git-svn-id: https://develop.svn.wordpress.org/trunk@37943 602fd350-edb4-49c9-b593-d223f7449a82
Reverses order where sanitization was being applied before validation originally in accordance with REST API logic.
Props westonruter, schlessera.
See #34893.
See #37192.
Fixes#37247.
git-svn-id: https://develop.svn.wordpress.org/trunk@37942 602fd350-edb4-49c9-b593-d223f7449a82
Resource hints allow browsers to prefetch specific pages or render them in the background to perform DNS lookups or to begin the connection handshake (DNS, TCP, TLS) in the background.
By default, `wp_resource_hints()` prints hints for "s.w.org" (the WordPress.org CDN) and for all scripts and styles which are enqueued from external hosts.
Use the `wp_resource_hints` filter to add custom domains and URLs for `dns-prefetch`, `preconnect`, `prefetch` or `prerender`.
Props voldemortensen, swissspidy.
Fixes#34292.
git-svn-id: https://develop.svn.wordpress.org/trunk@37920 602fd350-edb4-49c9-b593-d223f7449a82
This adds three new functions for getting/displaying attachment captions:
* `wp_get_attachment_caption` - Retrieves a caption for a specific attachment.
* `get_the_post_thumbnail_caption()` - Returns the post thumbnail caption.
* `the_post_thumbnail_caption()` - Displays the post thumbnail caption.
These are helpful for displaying a caption associated with an image directly
in a template, rather than using the caption shortcode.
This also introduces two new filters:
* `wp_get_attachment_caption` - Filters the value of `wp_get_attachment_caption()`.
* `the_post_thumbnail_caption` - Filters the display of the post thumbnail caption.
`the_post_thumbnail_caption()` is automatically filtered by `wptexturize()`,
`convert_smilies()`, and `convert_chars()` in `wp-includes/default-filters.php`.
Props flixos90, joemcgill.
Fixes#12235.
git-svn-id: https://develop.svn.wordpress.org/trunk@37915 602fd350-edb4-49c9-b593-d223f7449a82
The new format looks like "Sorry, you are not allowed to <action>.". This provides a consistent experience for all error messages related to missing permissions. It also reduces the number of similar strings and allows translators to provide a consistent style in their language.
Props ramiy, Presskopp.
Fixes#34521.
git-svn-id: https://develop.svn.wordpress.org/trunk@37914 602fd350-edb4-49c9-b593-d223f7449a82
The Link header allows clients to verify if a site has made the REST API available, as well as indicating how to access it.
Props danielbachhuber.
Fixes#35580.
git-svn-id: https://develop.svn.wordpress.org/trunk@37903 602fd350-edb4-49c9-b593-d223f7449a82
Provides a consistent way to query `$wpdb->site` for `WP_Network` objects based on domain, path, network ID, and (main) site ID.
Introduces and uses update_network_cache() and _prime_network_caches() to maintain a cached list of WP_Network objects for use in multiple queries.
Props flixos90.
See #32504.
git-svn-id: https://develop.svn.wordpress.org/trunk@37894 602fd350-edb4-49c9-b593-d223f7449a82
This changes the global `$wp_post_types` to an array of `WP_Post_Type` objects. `WP_Post_Type` includes methods to handle post type supports, rewrite rules, meta boxes, hooks, and taxonomies.
Each post type argument becomes a property of `WP_Post_Type`.
Props swissspidy, flixos90.
Fixes#36217.
git-svn-id: https://develop.svn.wordpress.org/trunk@37890 602fd350-edb4-49c9-b593-d223f7449a82
`the_post()` sets the `$in_the_loop` property to true which is unexpected in the admin if you're using filters which should only affect real loops.
Props ruud@joyo.
Fixes#27042.
git-svn-id: https://develop.svn.wordpress.org/trunk@37881 602fd350-edb4-49c9-b593-d223f7449a82
When no valid post exists for `get_the_modified_time` or `get_the_modified_date` calls, the result (`false`) is passed through the functions respective filters to maintain back-compat.
Introduces unit tests to ensure filters are applied and for the `get_the_modified_date` function.
Fixes#37059.
git-svn-id: https://develop.svn.wordpress.org/trunk@37866 602fd350-edb4-49c9-b593-d223f7449a82
When a filter or action hook is deprecated, the corresponding `apply_filters()`
or `do_action()` calls should be switched out with `apply_filters_deprecated()`
or `do_action_deprecated()`. The latter functions will throw a deprecation
before invoking the original hook.
Props solarissmoke, SergeyBiryukov, DrewAPicture.
Fixes#10441.
git-svn-id: https://develop.svn.wordpress.org/trunk@37861 602fd350-edb4-49c9-b593-d223f7449a82
In order to allow meta-related values of `orderby` to be handled properly,
the term query's `meta_query` object must run its `get_sql()` method before
`orderby` parsing.
Fixing this bug required addressing another bug in `WP_Meta_Query`, which
caused the table alias index not to be reset when calling `get_sql()`
multiple times on the same object.
Props littler.chicken.
Fixes#37151.
git-svn-id: https://develop.svn.wordpress.org/trunk@37860 602fd350-edb4-49c9-b593-d223f7449a82
This adds a new `post_stuck` action that fires when a post is made sticky and a `post_unstuck` action that fires when the sticky flag is removed again.
Props ojrask.
Fixes#35600.
git-svn-id: https://develop.svn.wordpress.org/trunk@37857 602fd350-edb4-49c9-b593-d223f7449a82
[37415] removed the requirement to call `load_plugin_textdomain()` / `load_theme_textdomain()`. This caused `unload_textdomain()` to not work properly anymore in these cases.
With this change, unloaded text domains need to be explicitly loaded manually if you want to use them again.
Props swissspidy, ocean90.
Fixes#37113. See #34114.
git-svn-id: https://develop.svn.wordpress.org/trunk@37855 602fd350-edb4-49c9-b593-d223f7449a82
[36510] allowed larger menus to be created in the Edit Menu screen by JSON-encoding the entire form into a single input field. However, it did not correctly handle nested arrays.
This introduces a new `_wp_expand_nav_menu_post_data()` helper function to handle this POST data which uses `array_replace_recursive()` internally. Since the latter is only available on PHP 5.3+, we add a compatibility function to ensure PHP 5.2 support.
Props ericlewis, neverything, swissspidy.
Fixes#36590 for trunk. See #14134.
git-svn-id: https://develop.svn.wordpress.org/trunk@37748 602fd350-edb4-49c9-b593-d223f7449a82
Custom permalink structures require at least one valid structure tag, e.g. `%postname%`. If none is included, it would leave users with broken permalinks.
Let's make sure this won't happen by validating the permalink structure.
Adds unit tests.
Props rockwell15 for initial patch.
Fixes#35936.
git-svn-id: https://develop.svn.wordpress.org/trunk@37747 602fd350-edb4-49c9-b593-d223f7449a82
Unifies the APIs for getting a post's modified date or time with getting a post's date or time.
Adds the `$post` parameter to the functions `get_the_modified_date` and `get_the_modified_time`.
Adds the `$post` parameter to the filters `get_the_modified_date` and `get_the_modified_time`.
Props Soean, lukecavanagh.
Fixes#37059.
git-svn-id: https://develop.svn.wordpress.org/trunk@37738 602fd350-edb4-49c9-b593-d223f7449a82
`WP_Site_Query` provides for a cleaner `prepare_items()` method. It significantly improves the search experience in the sites list table:
* In a subdomain configuration, domain and path are searched for a provided terms.
* In a subdirectory configuration, path is searched for a provided term.
* The full domain is searched in a subdomain configuration rather than the portion not matching the network's domain.
* Terms are searched as `%term%` by default. Adding `*` in the middle of a term will search `%te%rm%`.
Props flixos90, Fab1en.
Fixes#33185, #24833, #21837, #36675.
git-svn-id: https://develop.svn.wordpress.org/trunk@37736 602fd350-edb4-49c9-b593-d223f7449a82
Otherwise `wp_filter_pre_oembed_result()` could erroneously return the HTML of the current post instead of the intended result.
Props kraftbj.
See #36767.
git-svn-id: https://develop.svn.wordpress.org/trunk@37729 602fd350-edb4-49c9-b593-d223f7449a82
Prevent duplicate content issues with search engines and REST API endpoint response data.
Fixes#36390.
Props m_uysl for the initial patch.
git-svn-id: https://develop.svn.wordpress.org/trunk@37726 602fd350-edb4-49c9-b593-d223f7449a82
If not run immediately after, the `SELECT FOUND_ROWS()` query might refer to
a different query, such as the one used to populate the post cache for a split
query.
Introduced in [37692].
Fixes#36687.
git-svn-id: https://develop.svn.wordpress.org/trunk@37721 602fd350-edb4-49c9-b593-d223f7449a82
Gone are the days of isolation and feelings of "meh", brought on by The Bleak Screen of Sadness. For a shiny knight has arrived to usher our plugins and themes along their arduous journey of installation, updates, and the inevitable fate of ultimate deletion.
Props swissspidy, adamsilverstein, mapk, afragen, ocean90, ryelle, j-falk, michael-arestad, melchoyce, DrewAPicture, AdamSoucie, ethitter, pento, dd32, kraftbj, Ipstenu, jorbin, afercia, stephdau, paulwilde, jipmoors, khag7, svovaf, jipmoors, obenland.
Fixes#22029, #25828, #31002, #31529, #31530, #31773, #33637, #35032.
git-svn-id: https://develop.svn.wordpress.org/trunk@37714 602fd350-edb4-49c9-b593-d223f7449a82
This reduces the strictness of the duplicate check a little, but does prevent false duplicates for emoji or +1 comments by authors with matching names. The current logic was introduced all the way back in [2894].
Fixes#37093.
git-svn-id: https://develop.svn.wordpress.org/trunk@37713 602fd350-edb4-49c9-b593-d223f7449a82
The 'found_posts' filter must continue to run for plugins manipulating post
results via filter.
Props dd32.
Fixes#36687.
git-svn-id: https://develop.svn.wordpress.org/trunk@37712 602fd350-edb4-49c9-b593-d223f7449a82
When the post being embedded is from the same site, there's no reason to do an HTTP request for it. The data can be fetched directly using `get_oembed_response_data()`.
Fixes#36767 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@37708 602fd350-edb4-49c9-b593-d223f7449a82
Send back setting validities with full refreshes and selective refreshes so that invalid settings can have notifications displayed immediately before attempting save, and so that these notifications can be cleared as soon as the input is corrected.
* Splits out JS logic for listing controls into separate methods `wp.customize.Setting.prototype.findControls()` and `wp.customize.findControlsForSettings()`.
* Adds a `setting` property to the `data` on notifications added to controls that are synced from their settings.
* Adds `selective-refresh-setting-validities` message sent from preview to pane.
* Changes `WP_Customize_Manager::validate_setting_values()` to return when settings are valid as well as invalid.
* Adds `WP_Customize_Manager::prepare_setting_validity_for_js()`.
* Add setting validities to data exported to JS in Customizer Preview and in selective refresh responses.
Fixes#36944.
git-svn-id: https://develop.svn.wordpress.org/trunk@37700 602fd350-edb4-49c9-b593-d223f7449a82
Returning a non-null value from the new `posts_pre_query` filter will cause
`WP_Query` to skip its database query, so that posts data can be provided from
elsewhere. This is useful in cases where post data may be mirrored in a
separate location, such as an external search application.
Developers should note that the `WP_Query` properties generally used to
calculate pagination - specifically, `found_posts` and `max_num_pages`, which
are determined by default in `set_found_posts()` - must be provided explicitly
when using the `posts_pre_query` filter; since `WP_Query` will not be
contacting the database, it will have no access to `SELECT FOUND_ROWS()`.
The `WP_Query` instance is passed to `posts_pre_query` by reference, so that
these properties can be set manually if needed.
Props jpdavoutian, tlovett1.
Fixes#36687.
git-svn-id: https://develop.svn.wordpress.org/trunk@37692 602fd350-edb4-49c9-b593-d223f7449a82
`wp_get_canonical_url()` encapsulates the URL logic of `rel_canonical()` to provide a consistent way to retrieve the canonical URL for a post.
The new filter `get_canonical_url` allows to customize the canonical URL.
Props joostdevalk, jipmoors, DrewAPicture, ocean90.
Fixes#36168.
git-svn-id: https://develop.svn.wordpress.org/trunk@37685 602fd350-edb4-49c9-b593-d223f7449a82
Allows the fetching of terms based on `term_taxonomy_id`, or an array of
`term_taxonomy_ids`.
Props spacedmonkey.
Fixes#37074.
git-svn-id: https://develop.svn.wordpress.org/trunk@37683 602fd350-edb4-49c9-b593-d223f7449a82
When an object with private properties is cast directly to an array, those properties are no longer available with their original keys.
Props @flixos90.
See #36717.
git-svn-id: https://develop.svn.wordpress.org/trunk@37667 602fd350-edb4-49c9-b593-d223f7449a82
* One test per method
* Clarify existing tests.
* Add test for passing a "blog slug" string to `get_blog_details()`.
* Shared fixture of sites.
* Reduce number of sites created to only those necessary.
* Remove unnecessary networks creation.
See #36566.
git-svn-id: https://develop.svn.wordpress.org/trunk@37666 602fd350-edb4-49c9-b593-d223f7449a82
* Convert existing tests into a data provider and clarify expectations.
* Add shared test fixtures in preparation for future tests.
This passes with the `wp_get_sites()` from 4.5 and the deprecated version in trunk.
See #36566.
git-svn-id: https://develop.svn.wordpress.org/trunk@37662 602fd350-edb4-49c9-b593-d223f7449a82
When custom pagination parameters are passed to `wp_list_comments()`, a
secondary query must be performed to fetch the proper comments. See [36157].
This query should show comments of the same `comment_status` as the default
query initialized in `comments_template()`: show only comments that are
approved, or those that are unapproved but belong to the current user.
Props smerriman.
Fixes#37048.
git-svn-id: https://develop.svn.wordpress.org/trunk@37655 602fd350-edb4-49c9-b593-d223f7449a82
To ensure a clean run, the test suite drops all tables before installing, by simply looping over the table list and dropping them if they exist. This works well for Core, but may fail when a plugin has created a table with foreign key constraints in a previous test run.
Many plugins choose to base their test suite on the Core setup, so making life easier for them is a plus, even if Core doesn't directly need this change.
Props javorszky.
Fixes#37046.
git-svn-id: https://develop.svn.wordpress.org/trunk@37654 602fd350-edb4-49c9-b593-d223f7449a82
Defer to the new `get_sites()` replacement, offering fresh (...or cached) `WP_Site` objects via the new `WP_Site_Query`.
Props flixos90.
Fixes#36994.
git-svn-id: https://develop.svn.wordpress.org/trunk@37653 602fd350-edb4-49c9-b593-d223f7449a82
`term_id` and `term_taxonomy_id` become offset when running the entire test
suite.
Introduced in [37647].
See #37009.
git-svn-id: https://develop.svn.wordpress.org/trunk@37649 602fd350-edb4-49c9-b593-d223f7449a82
The change can cause fatal errors under certain conditions, like when the subclass has a different function signature for `widget()` or doesn't even implement the method.
See #35981.
git-svn-id: https://develop.svn.wordpress.org/trunk@37648 602fd350-edb4-49c9-b593-d223f7449a82
Move the REST API JSONP callback validation check into a separate function named `wp_check_jsonp_callback()`. This allows plugins to use the built-in validation when handling JSONP callbacks.
Extremely Important Note: If you send JSONP in your custom response, make sure you prefix the response with `/**/`. This will mitigate the Rosetta Flash exploit. You should also send the `X-Content-Type-Options:nosniff` header, or even better, use the REST API infrastructure.
Props rmccue.
Fixes#28523.
git-svn-id: https://develop.svn.wordpress.org/trunk@37646 602fd350-edb4-49c9-b593-d223f7449a82
[37623] used the wrong parameter name (count=true instead of fields=count).
For greater flexibility and forward compatibility with other potential changes
to the return value of `get_terms()`, we now do a looser check: any non-array
value is excluded from the filter.
Fixes#36992.
git-svn-id: https://develop.svn.wordpress.org/trunk@37634 602fd350-edb4-49c9-b593-d223f7449a82
Different tests are used for subdomain and subdirectory installs as domain and path are searched differently for each. Only trailing wildcard searches are tested because leading wildcards are not yet supported.
See #36675.
git-svn-id: https://develop.svn.wordpress.org/trunk@37633 602fd350-edb4-49c9-b593-d223f7449a82
- We already match URLs on their own line, add another regex to match URLs in their own paragraphs.
- Always exclude the `\s<>"` characters when matching.
- Add more unit tests.
Props iseulde, azaozz.
Fixes#25387.
git-svn-id: https://develop.svn.wordpress.org/trunk@37627 602fd350-edb4-49c9-b593-d223f7449a82
Hierarchical comment queries work by first fetching the IDs of top-level
comments, and then filling the descendant tree one level at a time based on the
top-level results. When top-level comment IDs are found in the cache,
`WP_Comment_Query` does not generate the SQL used to fetch these comments. In
this case, the `fill_descendants()` query does not have enough information
to fill children. As a result, descendant comments were failing to be filled
in cases where the top-level comments were found in the cache.
This was a minor bug previously, because comment caches were not maintained
between pageloads. Since comment caches are now persistent [37613], the problem
becomes evident anywhere that a persistent object cache is in use.
The solution is to cache parent-child relationships, so that when top-level
comments are found in the cache, descendant comments should be found there as
well.
Fixes#36487.
git-svn-id: https://develop.svn.wordpress.org/trunk@37625 602fd350-edb4-49c9-b593-d223f7449a82
Use of the 'get_terms' filter was consolidated in [37572], with the
introduction of `WP_Term_Query`. At that time, the result of 'count=true'
queries began being filtered by 'get_terms'. This breaks existing 'get_terms'
callbacks, which often assume that the returned value will be an array or a
`WP_Error` object.
Props JustinSainton.
Fixes#36992.
git-svn-id: https://develop.svn.wordpress.org/trunk@37623 602fd350-edb4-49c9-b593-d223f7449a82
The logic for determining the appropriate character set and collation to use is becoming more complex, particularly with the recent additions of [37522] and [37523]. As `init_charset()` has side effects, and makes use of constants instead of parameters, it's not possible to unit test this logic.
This commit splits the logic part of `init_charset()` out into a new method, `wpdb::determine_charset()`, along with appropriate unit tests.
See #32105, #37522.
Fixes#36917.
git-svn-id: https://develop.svn.wordpress.org/trunk@37601 602fd350-edb4-49c9-b593-d223f7449a82
Prior to [37572], arguments passed to `get_terms()` were passed immediately
through `wp_parse_args()`, which made it possible to pass arguments as a
querystring (`hide_empty=0`) rather than an array
(`array( 'hide_empty' => false )`). [37572] moved default argument parsing
into `WP_Term_Query`, while assuming that arguments passed to `get_terms()`
would be formatted as an array.
To provide compatibility, we now parse all args passed to `get_terms()` into
an array before processing.
See #35381.
git-svn-id: https://develop.svn.wordpress.org/trunk@37599 602fd350-edb4-49c9-b593-d223f7449a82
`CHAR` is redundant, since the `meta_value` column is `LONGTEXT`. Meanwhile,
use of `CAST()` causes MySQL to ignore any index that the administrator may
have added to the column.
A number of automated tests were doing searches for `CAST` in the SQL strings
generated by `WP_Meta_Query` (for reasons unrelated to the `CAST()` behavior).
These tests have been updated to expect the new query format.
Props ericlewis.
Fixes#36625.
git-svn-id: https://develop.svn.wordpress.org/trunk@37594 602fd350-edb4-49c9-b593-d223f7449a82
Since [37573], object relationship caches (`{$taxonomy}_relationships`)
contain term IDs rather than term objects. See #36814. As such, it's no longer
necessary to clear these caches when a term is updated; none of the data that's
changed on update (name, description, count, etc) is stored in the relationship
cache.
Fixes#36251.
git-svn-id: https://develop.svn.wordpress.org/trunk@37593 602fd350-edb4-49c9-b593-d223f7449a82
The process of lazy-loading can be resource intensive for object that have
terms in large numbers of taxonomies and are running a persistent object cache.
This new parameter allows the feature to be disabled in these cases.
Props DBrumbaugh10Up.
See #36953.
git-svn-id: https://develop.svn.wordpress.org/trunk@37589 602fd350-edb4-49c9-b593-d223f7449a82
In order to allow non-web initializations of WordPress (such as through wp-cli) to modify things like the check for maintenance mode, plugins.php and the associated functions must be available much earlier. The use of these functions earlier than the loading of plugins is not recommended in most use cases.
Fixes#36819. See #34936.
Props jorbin, danielbachhuber for documentation.
git-svn-id: https://develop.svn.wordpress.org/trunk@37588 602fd350-edb4-49c9-b593-d223f7449a82
`dbDelta()` compares the index definitions against the result of `SHOW INDEX FROM $table_name`. This requires a specific format so indices are not unnecessarily re-created. This format wasn't ensured, until now.
* Parse the raw index definition to extract the type, name and columns so a normalized definition can be built (#20263, #34873).
* Standardize on uppercase types (#34871) and on 'KEY'. 'INDEX' is only a synonym for 'KEY'.
* Escape index names with backticks (#20263).
* Normalize columns: Ignore ASC and DESC definitions (#34959), remove whitespaces (#34869) and escape column names with backticks (#20263).
* Add backticks to all index change queries (#20263).
Props ocean90, pento, kurtpayne.
Fixes#20263, #34869, #34871, #34873, #34959.
git-svn-id: https://develop.svn.wordpress.org/trunk@37583 602fd350-edb4-49c9-b593-d223f7449a82
`dbDelta()` already supported spatial fields (by virtue of not checking field types), so it's nice to round that out with spatial key support, too.
Fixes#36948.
git-svn-id: https://develop.svn.wordpress.org/trunk@37574 602fd350-edb4-49c9-b593-d223f7449a82
Previously, objects containing all data about a term were stored in each
object's term cache. Besides being wasteful, this approach caused invalidation
issues, as when a modified term count required a flush for all objects
belonging to the term.
Backward compatibility is maintained for plugins that continue to put object
data directly into the `{$taxonomy}_relationships` cache bucket.
Fixes#36814.
git-svn-id: https://develop.svn.wordpress.org/trunk@37573 602fd350-edb4-49c9-b593-d223f7449a82
[34529] introduced logic intended to prime the termmeta cache for certain
values of the `fields` parameter. There were a few bugs:
* The `all_with_object_id` param was misspelled.
* `term_id` was used instead of `ids`.
* The values being passed to `update_termmeta_cache()` in the case where `fields=ids` was not correct.
All of these would result in a failure to pre-fetch termmeta in some cases.
Props dlh.
Fixes#36932.
git-svn-id: https://develop.svn.wordpress.org/trunk@37567 602fd350-edb4-49c9-b593-d223f7449a82
This changeset adds a unit test factory so that bookmark/link fixtures can be
created during tests.
Why are we writing tests for functionality that has been deprecated for years?
Because it's the Right Thing to Do.
See #18356.
git-svn-id: https://develop.svn.wordpress.org/trunk@37563 602fd350-edb4-49c9-b593-d223f7449a82
When upgrading to `utf8mb4`, `TEXT` fields will be upgraded to `MEDIUMTEXT` (and likewise for all other `*TEXT` and `*BLOB` fields). This is to allow for the additional space requirements of `utf8mb4`.
On the subsequent upgrade, after the `utf8mb4` upgrade, `dbDelta()` would try and downgrade the fields to their original size again. At best, this it a waste of time, at worst, this could truncate any data larger than the original size. There's no harm in leaving them at their original size, so let's do that.
Fixes#36748.
git-svn-id: https://develop.svn.wordpress.org/trunk@37525 602fd350-edb4-49c9-b593-d223f7449a82
`wpdb::init_charset()` doesn't lend itself to being tested, so the unit test added in [37521] won't work under most circumstances.
See #32405.
git-svn-id: https://develop.svn.wordpress.org/trunk@37522 602fd350-edb4-49c9-b593-d223f7449a82
Some sites prefer to use locale-specific location settings. For example, the Swedish WordPress package use `utf8_swedish_ci`, instead of `utf8_unicode_ci`. When upgrading the connection to `utf8mb4`, we were overriding this to be `utf8mb4_unicode_ci`, instead of maintaining the use of the `_swedish_ci` variant.
The locale-specific collations do have extra collation rules just for that language, so it's useful to maintain compatibility.
Fixes#32405.
git-svn-id: https://develop.svn.wordpress.org/trunk@37521 602fd350-edb4-49c9-b593-d223f7449a82
Without a fixture that does not match the search term, it's possible for the
test to pass even if the search clause isn't built properly.
See #13992, #35381.
git-svn-id: https://develop.svn.wordpress.org/trunk@37519 602fd350-edb4-49c9-b593-d223f7449a82
Provides a consistent way to query `$wpdb->blogs` for `WP_Site` objects based on domain, path, site ID, network ID, and more.
Introduces and uses `update_site_cache()` and `_prime_site_caches()` to maintain a cached list of `WP_Site` objects for use in multiple queries.
Props spacedmonkey, flixos90, DrewAPicture, jeremyfelt, ocean90.
See #35791.
git-svn-id: https://develop.svn.wordpress.org/trunk@37477 602fd350-edb4-49c9-b593-d223f7449a82
When a setting is invalid, not only will it be blocked from being saved but all other settings will be blocked as well. This ensures that Customizer saves aren't partial but are more transactional. User will be displayed the error in a notification so that they can fix and re-attempt saving.
PHP changes:
* Introduces `WP_Customize_Setting::validate()`, `WP_Customize_Setting::$validate_callback`, and the `customize_validate_{$setting_id}` filter.
* Introduces `WP_Customize_Manager::validate_setting_values()` to do validation (and sanitization) for the setting values supplied, returning a list of `WP_Error` instances for invalid settings.
* Attempting to save settings that are invalid will result in the save being blocked entirely, with the errors being sent in the `customize_save_response`. Modifies `WP_Customize_Manager::save()` to check all settings for validity issues prior to calling their `save` methods.
* Introduces `WP_Customize_Setting::json()` for parity with the other Customizer classes. This includes exporting of the `type`.
* Modifies `WP_Customize_Manager::post_value()` to apply `validate` after `sanitize`, and if validation fails, to return the `$default`.
* Introduces `customize_save_validation_before` action which fires right before the validation checks are made prior to saving.
JS changes:
* Introduces `wp.customize.Notification` in JS which to represent `WP_Error` instances returned from the server when setting validation fails.
* Introduces `wp.customize.Setting.prototype.notifications`.
* Introduces `wp.customize.Control.prototype.notifications`, which are synced with a control's settings' notifications.
* Introduces `wp.customize.Control.prototype.renderNotifications()` to re-render a control's notifications in its notification area. This is called automatically when the notifications collection changes.
* Introduces `wp.customize.settingConstructor`, allowing custom setting types to be used in the same way that custom controls, panels, and sections can be made.
* Injects a notification area into existing controls which is populated in response to the control's `notifications` collection changing. A custom control can customize the placement of the notification area by overriding the new `getNotificationsContainerElement` method.
* When a save fails due to setting invalidity, the invalidity errors will be added to the settings to then populate in the controls' notification areas, and the first such invalid control will be focused.
Props westonruter, celloexpressions, mrahmadawais.
See #35210.
See #30937.
Fixes#34893.
git-svn-id: https://develop.svn.wordpress.org/trunk@37476 602fd350-edb4-49c9-b593-d223f7449a82
Introduce `ms_load_current_site_and_network`. This is used by core during the multisite bootstrap process to populate the `$current_site` and `$current_blog` globals based on a requested domain and path.
Return values from this function inform `ms-settings.php` as to whether a page view should continue, `ms_not_installed()` should fire, or a redirect to a new location should occur.
This was previously a procedural block in `ms-settings.php`. Wrapping this code and providing specific return values allows us to write tests that do not rely on the manual and repeated inclusion of `ms-settings.php`.
This should not be used by plugins or themes. Please.
See #34941.
git-svn-id: https://develop.svn.wordpress.org/trunk@37475 602fd350-edb4-49c9-b593-d223f7449a82
Use SVG images in supporting browsers, otherwise fall back to PNG images. Add the filters `emoji_svg_url` and `emoji_svg_ext`.
Introduces unit tests to check the Emoji CDN filters.
Fixes#36525
git-svn-id: https://develop.svn.wordpress.org/trunk@37471 602fd350-edb4-49c9-b593-d223f7449a82
When the options table is set to `utf8` instead of `utf8mb4`, emoji will be stripped from the blog name and description when they're saved. Instead of stripping them, they can be encode as HTML entities.
Fixes#36122.
git-svn-id: https://develop.svn.wordpress.org/trunk@37469 602fd350-edb4-49c9-b593-d223f7449a82
This allows the HTML5 `required` attribute to be added to the `select` element.
Props wzislam, pcarvalho.
Fixes#31909.
git-svn-id: https://develop.svn.wordpress.org/trunk@37465 602fd350-edb4-49c9-b593-d223f7449a82
Requests is a library very similar to WP_HTTP, with a high level of unit test coverage, and has a common lineage and development team. It also supports parallel requests.
See #33055.
git-svn-id: https://develop.svn.wordpress.org/trunk@37428 602fd350-edb4-49c9-b593-d223f7449a82
When no `$meta` arguments are passed to `wpmu_create_blog()`, `public` is set to `0` in the database for new sites. This is fine, but also does not match the default implied when most sites are created via `site-new.php`.
The only current use of the `$meta` argument in the tests is to (re)mark `public` as `0`. All existing tests pass with this change. Tests for `WP_Site_Query` can now rely on better default expectations.
See #36566.
git-svn-id: https://develop.svn.wordpress.org/trunk@37418 602fd350-edb4-49c9-b593-d223f7449a82
By initially scanning the `wp-content/languages` directory and loading available MO files just-in-time, plugins and themes do not need to manually load text domains anymore.
Props swissspidy, ocean90.
Fixes#34114
git-svn-id: https://develop.svn.wordpress.org/trunk@37415 602fd350-edb4-49c9-b593-d223f7449a82
The filter was being applied in `WP_Customize_Nav_Menu_Item_Setting::value()` but not in `WP_Customize_Nav_Menu_Item_Setting::value_as_wp_post_nav_menu_item()`.
Props celloexpressions, westonruter.
Fixes#35203.
git-svn-id: https://develop.svn.wordpress.org/trunk@37405 602fd350-edb4-49c9-b593-d223f7449a82
The test, introduced in [32207], used the incorrect syntax for 'meta_query' -
one fewer level of array-nesting than what `WP_Meta_Query` requires. This
slip uncovered a bug introduced into `WP_User_Query` in [30094], whereby
an incorrectly formatted 'meta_query' parameter would be properly parsed by
`WP_User_Query` when passed alongside `who=authors`.
We need to fix the inconsistent syntax in order to resolve#36724.
See #36724, #32019, #23849, #27026.
git-svn-id: https://develop.svn.wordpress.org/trunk@37359 602fd350-edb4-49c9-b593-d223f7449a82
This function provides a more convenient method for resetting the
PHPMailer instance than the previous technique of reaching into the global.
Props welcher.
Fixes#36658.
git-svn-id: https://develop.svn.wordpress.org/trunk@37358 602fd350-edb4-49c9-b593-d223f7449a82
Fixes warning related to a non-array argument for `array_merge()` in `WP_Customize_Widgets::customize_register()`.
See [37166].
See #36389.
Fixes#36660.
git-svn-id: https://develop.svn.wordpress.org/trunk@37352 602fd350-edb4-49c9-b593-d223f7449a82
Adds parity with setting instance being passed as second argument to `customize_sanitize_{$id}` and `customize_sanitize_js_{$id}`. Allows the actual ID of the (multidimensional) setting value being filtered to be inspected.
Props celloexpressions, westonruter.
Fixes#36452.
git-svn-id: https://develop.svn.wordpress.org/trunk@37350 602fd350-edb4-49c9-b593-d223f7449a82
`get_page_uri()` can now be called without an argument, which will return the page URI for the current post in the loop.
Props pollett.
Fixes#26284.
git-svn-id: https://develop.svn.wordpress.org/trunk@37345 602fd350-edb4-49c9-b593-d223f7449a82
Allows widgets to be registered which rely on dependency injection. Also will allow for new widget types to be created dynamically (e.g. a Recent Posts widget for each registered post type).
See #35990.
Props mdwheele, PeterRKnight, westonruter.
Fixes#28216.
git-svn-id: https://develop.svn.wordpress.org/trunk@37329 602fd350-edb4-49c9-b593-d223f7449a82
`WP_Query` discards most non-array date values ('year', 'monthnum', etc) by
casting to integer. Since [25138], the 'm' parameter has been handled
as a string; see #24884. However, the string-handling introduced in [25138]
blindly attempted to handle arrays and other non-scalar types as strings,
resulting in PHP notices and invalid MySQL syntax.
Props vortfu.
Fixes#36718.
git-svn-id: https://develop.svn.wordpress.org/trunk@37324 602fd350-edb4-49c9-b593-d223f7449a82
The tests for `is_blog_user()` and `is_user_member_of_blog()` should be refactored. Until then, we can shave several seconds from the test time by avoiding unnecessary loops of the same tests.
See #36566.
git-svn-id: https://develop.svn.wordpress.org/trunk@37318 602fd350-edb4-49c9-b593-d223f7449a82
`is_user_spammy()` falls back to the current user if one is not provided. There is no current user during authentication, so the result is always `false`. Pass a user to fill the void.
Adds tests for `wp_authenticate_spam_check()`.
Props websupporter.
Fixes#36546.
git-svn-id: https://develop.svn.wordpress.org/trunk@37316 602fd350-edb4-49c9-b593-d223f7449a82
Allow the adding of post-thumbnail support for one or more post_types without unsetting any previously added post_types. This matches the behavior of other uses of `add_theme_support()` and the expectations of a function with a prefix of “add”.
To unset post-thumbnail support use `remove_theme_support()` instead.
Fixes#22080
Props alexkingorg, jmichaelward, and flixos90.
git-svn-id: https://develop.svn.wordpress.org/trunk@37308 602fd350-edb4-49c9-b593-d223f7449a82
After [37299], the network IDs encountered by this test may be larger than "100".
This adjusts the test to respond accordingly until we have a better way to delete networks.
See #36566.
git-svn-id: https://develop.svn.wordpress.org/trunk@37300 602fd350-edb4-49c9-b593-d223f7449a82
[35244] changed the way that `WP_UnitTest_Generator_Sequence()` created an
incrementor for object fields (like 'post_name' and 'user_email'), by making
incrementor static across the entire run of the test suite. While this helped
to enforce uniqueness across the tests, it has the side effect of bumping the
incrementor between fields on the same object (so that, eg, the same post might
have `post_name` "post-12" but `post_title` "Post 13". By switching to a
technique that uses the same incrementor for each field belonging to a given
fixture, we conform better to the expectations of developers using
`WP_UnitTest_Factory`.
Fixes#35199.
git-svn-id: https://develop.svn.wordpress.org/trunk@37299 602fd350-edb4-49c9-b593-d223f7449a82
In particular, we want it to occur after shortcode handling. The smiley conversion routine doesn't have any concept of shortcode structure, so may inadvertantly replace a smiley with HTML inside a shortcode attribute, which will cause the shortcode to not be parsed correctly.
Props Unyson for the initial suggested fix.
Fixes#36306.
git-svn-id: https://develop.svn.wordpress.org/trunk@37298 602fd350-edb4-49c9-b593-d223f7449a82
Unicode 8 added `U+1F644`, "Face with Rolling Eyes", which matches our `:roll:` smiley. Continuing our ever present quest to rid the world of legacy smilies, we now translate that smiley into its emoji form.
Sadly, `:mrgreen:` remains sorely under-represented in the Unicode standard, I'm inclined to think that we should buy a voting membership of the Unicode Consortium, in order to rectify that situation. (Personally, I'm hoping for a green skin tone modifier.)
Fixes#36365.
git-svn-id: https://develop.svn.wordpress.org/trunk@37296 602fd350-edb4-49c9-b593-d223f7449a82
After [36647], the unit test generator sequence can put a 0 into the
'post_excerpt' field of a post fixture, causing false positives.
See [36520] for a parallel fix involving 'post_content'.
Fixes#36622.
git-svn-id: https://develop.svn.wordpress.org/trunk@37280 602fd350-edb4-49c9-b593-d223f7449a82
Adding the `singular` class per default to the list of body classes is breaking the layout of Twenty Eleven and other themes. Twenty Eleven adds the `.singular` class only to single pages if the page doesn't use specific page templates.
Props flixos90, swissspidy.
Fixes#36510.
git-svn-id: https://develop.svn.wordpress.org/trunk@37249 602fd350-edb4-49c9-b593-d223f7449a82
* These should have been included in [37236] and [37238].
* Simplifies parameter names in `test_get_network_by_path()`
See #36566.
git-svn-id: https://develop.svn.wordpress.org/trunk@37239 602fd350-edb4-49c9-b593-d223f7449a82
This also helps to get things in order before the introduction of a more testable multisite bootstrap function in #34941.
A `@todo` has been temporarily removed, to be re-introduced as a working test.
See #36566.
git-svn-id: https://develop.svn.wordpress.org/trunk@37238 602fd350-edb4-49c9-b593-d223f7449a82
* Remove unnecessary `setUp` and `tearDown` methods.
* Create networks and sites in `wpSetupBeforeClass` to share throughout.
* Destroy networks and sites in `wpTearDownAfterClass` to unpollute.
See #36566, #34941.
git-svn-id: https://develop.svn.wordpress.org/trunk@37234 602fd350-edb4-49c9-b593-d223f7449a82
* Use `wp_update_network_counts()` to update the database with the most current data before testing.
* Use `wp_update_network_counts()` to update the database with the most current data after deleting the sites created during the test.
* Create only 1 extra site in each test rather than 4. This shaves several seconds off the test time.
* Stop testing for an extra count now that we update the network counts properly. Previously we looked at `$site_count_start + 9` rather than 8. Now this is `+ 1`, which aligns with the actual number of sites created.
* Test 3 explicit conditions - default, filter applied as `true`, and filter applied as `false`.
* Reset data before testing assertion to avoid a suspended state.
See #36566.
git-svn-id: https://develop.svn.wordpress.org/trunk@37233 602fd350-edb4-49c9-b593-d223f7449a82