"Be more discrete." declared matt in [3155], and since then, "Silence is Golden" has been the calling card of placeholder index files. Historically, these have been php files, but [43012] changed that and added index.html files for privacy export generated folders.
The php silence files produce no visible content. This adds consistency with these new html files in that there will be no visible content. Silence will fall when the question is asked.
Fixes#44195.
Props audrasjb, rafsuntaskin, Ov3rfly, johnbillion, pento
git-svn-id: https://develop.svn.wordpress.org/trunk@43446 602fd350-edb4-49c9-b593-d223f7449a82
Display a notice with an explanation and the steps required to resolve the issue.
Props afragen, schlessera, flixos90, nerrad, melchoyce, boemedia, hedgefield, joyously, johnalarcon, lakenh, afercia, acirujano, ibantxillo, SergeyBiryukov.
Fixes#43986.
git-svn-id: https://develop.svn.wordpress.org/trunk@43436 602fd350-edb4-49c9-b593-d223f7449a82
This utility function allows for easy detection whether terms for a taxonomy are considered publicly viewable.
Props andizer.
Fixes#44466.
git-svn-id: https://develop.svn.wordpress.org/trunk@43386 602fd350-edb4-49c9-b593-d223f7449a82
This brings the name in line with user-facing language and similar names of existing related capabilities. Since the capability has not been part of any WordPress release, it can be renamed without any backward-compatibility implications.
Also missing props benhuberman for [43006].
Fixes#44457.
git-svn-id: https://develop.svn.wordpress.org/trunk@43381 602fd350-edb4-49c9-b593-d223f7449a82
Add a `_doing_it_wrong()` message describing the correct usage of the function.
Props kraftbj, azaozz, SergeyBiryukov, YuriV.
Fixes#44142.
git-svn-id: https://develop.svn.wordpress.org/trunk@43361 602fd350-edb4-49c9-b593-d223f7449a82
The line was copied from the emails that get sent when an email address changes, without considering if it made sense in the new context.
Props iandunn, ianbelanger, desrosj.
Fixes#44030.
git-svn-id: https://develop.svn.wordpress.org/trunk@43353 602fd350-edb4-49c9-b593-d223f7449a82
In many a strange and curious file of forgotten lore—
While I pondered, blaming Nacin, my notifications suddenly awakened,
As of someone quietly DMing;—DMing me, I can’t ignore.
“’Tis some contributor,” I muttered, “DMing me an idea or four—
Only this and nothing more.”
Ah, distinctly I remember, at WordCamp US, last December;
A mad proposal nearly laid me—down out cold—upon the floor.
Curious, I listened closely;—to a plan I agreed with, mostly—
A way to make our JavaScript—JavaScript which was a chore—
Maintainable, extendable, for the future, is what I saw.
Guten-ready for evermore.
Open here I switch to Slack, when, with many a patch and hack,
In there stepped Omar, a JavaScript developer hardcore;
Pronouncing all the changes fit; ready now to be commit;
“There’s nothing else for us to do,” DMing me, “It’s done!” he swore—
“No longer random guessing at which file need next be explored—
Let’s move on, we’re all aboard.”
Moved all together, grouped and managed, in folders all is packaged,
The code had all been cleaned and tidied, important parts moved to the fore,
“Though this change be useful here,” I said, “it is too large, I fear,
We couldn’t manage such a patch, we’ve done nothing like this before—
Tell me where doth go this change, change to make our codebase soar!”
Quoth Omar, “In WordPress Core.”
Props omarreis for shepherding this significant change.
Props adamsilverstein, aduth, atimmer, dingo_bastard, frank-klein, gziolo, herregroen, jaswrks, jeremyfelt, jipmoors, jorbin, netweb, ocean90, pento, tjnowell, and youknowriad for testing, feedback, discussion, encouragement, commiserations, etc.
I make no apologies for this commit message.
Fixes#43055.
git-svn-id: https://develop.svn.wordpress.org/trunk@43309 602fd350-edb4-49c9-b593-d223f7449a82
There doesn't appear to be any way for an attacker to introduce malicious input into the URL, unless a plugin is filtering the URL to add it, but it's better to be safe than sorry.
Props 1naveengiri, joyously.
Fixes#44115.
git-svn-id: https://develop.svn.wordpress.org/trunk@43290 602fd350-edb4-49c9-b593-d223f7449a82
Previously, personal data exports were stored in `wp-content/uploads/exports`, which is generic enough that it's likely there are existing folders with that name, either created by plugins or manually by administrators. If that folder were reused by Core, then `wp_privacy_delete_old_export_files()` would delete all of the existing files inside it, which is almost certainly not what the site owner wants or expects.
To avoid that, the folder is being renamed to include a specific reference to Core, and a more verbose description of its purpose. With those factored in, it's very unlikely that there will be any conflicts with existing folders.
The `wp_privacy_exports_dir()` and `wp_privacy_exports_url()` functions were introduced to provide a canonical source for the location, and the `wp_privacy_exports_dir` and `wp_privacy_exports_url` filters were introduced to allow plugins to customize it.
Props johnjamesjacoby, allendav.
Fixes#44091.
git-svn-id: https://develop.svn.wordpress.org/trunk@43284 602fd350-edb4-49c9-b593-d223f7449a82
Previously, the link used absolute positioning, in order to stick it at the bottom of the page. That was done in order to create visual separation between it and the "action" links, like "Lost Your Password?"
The absolute positioning can cause conflicts in some situations, though. For example, if extra text or error notices are added above the form, then the login link would be positioned on top of other elements.
Switching to relative positioning with extra margins avoids those issues, while maintaining the visual separation between the "action" links and the privacy policy link.
Props imath, melchoyce, desrosj, xkon, iandunn.
Fixes#44046.
git-svn-id: https://develop.svn.wordpress.org/trunk@43274 602fd350-edb4-49c9-b593-d223f7449a82
r43158 introduced a new admin pointer for the privacy tools added in 4.9.6. With the previous positioning, though, sometimes the `Dismiss` link would be fixed off screen, making it impossible for the user to dismiss the pointer. This happened when there were enough extra menu items, or when the viewport height was short enough.
This commit repositions the pointer to work around that problem. One down side of this workaround is that the arrow will not always be positioned next to the `Tools` menu, where it should be. That's an acceptable compromise given the current time constraints, though. A long term solution would be to make `WP_Pointer` robust enough to handle this use case.
Props imath, audrasjb, desrosj.
Fixes#44045.
git-svn-id: https://develop.svn.wordpress.org/trunk@43246 602fd350-edb4-49c9-b593-d223f7449a82
Previously, when a plugin updated its suggested privacy policy text, an admin notice was shown on all screens in the Administration Panels. That was done in order to make sure that administrators were aware of it, so that they could update their policy if needed. That was a very heavy-handed and intrusive approach, though, which leads to a poor user experience, and notice fatigue.
An alternative approach is to use bubble notifications in the menu, similar to when plugins have updates that need to be installed. That still makes it obvious that something needs the administrator's attention, but is not as distracting as a notice.
The notice will still appear on the Privacy page, though, since it is relevant to that screen, and provides an explanation of why the bubble is appearing.
Props azaozz, xkon, iandunn.
Fixes#43954. See #43953.
git-svn-id: https://develop.svn.wordpress.org/trunk@43223 602fd350-edb4-49c9-b593-d223f7449a82
Previously the pointer overlapped the menu in order to draw attention to the fact that it applies to both the `Tools` and `Settings` menus. That caused a conflict if the menu was collapsed, though, because the icons were covered by the pointer and therefore inaccessible.
Additionally, minor tweaks were made to the text order and formatting. The order of the two sections was swapped in the title and paragraph, in order to match the order of the corresponding menu items. The spacing around headings and paragraphs was tweaked to remove extraneous whitespace.
Props littler.chicken, desrosj, ianbelanger, melchoyce.
Fixes#43961.
git-svn-id: https://develop.svn.wordpress.org/trunk@43210 602fd350-edb4-49c9-b593-d223f7449a82
- Separate the guide text form the suggested policy text.
- Add table of content for easier navigation.
- Move the content to tools.php (prevents the settings menu of being open).
- Add a link to the guide from the Privacy settings screen.
Props melchoyce, azaozz.
See #43980.
git-svn-id: https://develop.svn.wordpress.org/trunk@43203 602fd350-edb4-49c9-b593-d223f7449a82
r42986 introduced the beginnings of an Ajax handler for processing requests to erase personal data. At the time, a method for marking requests as completed was planned, but had not yet been created. This commit introduces that mechanism, bringing the erasure process closer to completion.
Props coreymckrill, allendav.
Fixes#43922.
git-svn-id: https://develop.svn.wordpress.org/trunk@43185 602fd350-edb4-49c9-b593-d223f7449a82
r43008 refactored the request flow to make several improvements, but accidentally marked `completed` requests as `confirmed`. This commit restores the intended statuses, so that the data and corresponding UI reflect reality.
Props allendav, birgire.
Fixes#43913.
git-svn-id: https://develop.svn.wordpress.org/trunk@43183 602fd350-edb4-49c9-b593-d223f7449a82
Whenever an admin initiates a download or email of a personal data export, a fresh copy of the file is generated. Previously, a new filename was used each time, which could lead to situations where a URL that was emailed to a data subject is broken.
That can be avoided by reusing the same filename when building fresh archives.
Props desrosj, tz-media, allendav.
Fixes#43905.
git-svn-id: https://develop.svn.wordpress.org/trunk@43180 602fd350-edb4-49c9-b593-d223f7449a82
Previously the user was shown a message that the page was created, but might not understand that they still need to visit the page and publish it. Redirecting them to the page makes it more obvious that additional steps are involved.
Props Clorith, xkon, azaozz.
Fixes#43926.
git-svn-id: https://develop.svn.wordpress.org/trunk@43160 602fd350-edb4-49c9-b593-d223f7449a82
The new features are very important for some users, because of their GDPR obligations. They're also spread across multiple top-level menus, making them less discoverable. An admin pointer will help to ensure that users are aware of the new tools and how to find them.
Props desrosj, andreamiddleton, allendav, xkon.
Fixes#43942.
git-svn-id: https://develop.svn.wordpress.org/trunk@43158 602fd350-edb4-49c9-b593-d223f7449a82
The personal data export and erasure tools allow plugins to register their own callbacks, in order to add additional data to the export and erasure processes. Previously, these were registered without specifying a constant identifier in the array of callbacks. Using mutable integers makes it difficult for plugins to modify the callbacks of other plugins, though.
Using associative array keys instead provides a covenient and reliable way to identify and interact with another plugin's callbacks.
Props desrosj, allendav, ocean90.
Fixes#43931.
git-svn-id: https://develop.svn.wordpress.org/trunk@43154 602fd350-edb4-49c9-b593-d223f7449a82
In many common Multisite use cases, the network administrator will want to set a network-wide privacy policy -- via the `privacy_policy_url` filter -- for consistency and convenience. When that's done, the Privacy Settings screen on individual sites becomes unnecessary, and may confuse administrators of those sites when they see that their changes don't have any effect on the policy link in the footer.
Since we can't programatically determine which behavior the network admins would like, the safest default setting is to restrict the ability to super admins, and let them delegate it to individual site owners via a plugin, if they'd like to.
Fixes#43935.
git-svn-id: https://develop.svn.wordpress.org/trunk@43147 602fd350-edb4-49c9-b593-d223f7449a82
- Insert both the text and tutorial in new policy pages and highlight is brightly in the editor.
- Show only the suggested text in the policy postbox.
Props melchoyce, azaozz.
See #43473.
git-svn-id: https://develop.svn.wordpress.org/trunk@43146 602fd350-edb4-49c9-b593-d223f7449a82
The page was originally placed under `Tools` so that it would be grouped with the pages to export and erase personal data, since they're all part of the effort to bring privacy management tools to Core ahead of GDPR's deadline. After more consideration, though, it makes sense to move this page to the `Settings` menu, since it's fundamental purpose is to configure an option, rather than to facilitate a recurring task. This keeps all of the configuration pages in a single place, making them consistent and easier to find.
Exporting and erasing personal data are recurring tasks, so they still make sense under the `Tools` menu.
Props xkon, helen, melchoyce, allendav, desrosj, ocean90, azaozz.
Fixes#43873.
git-svn-id: https://develop.svn.wordpress.org/trunk@43145 602fd350-edb4-49c9-b593-d223f7449a82
In these contexts, "privacy policy" is not a proper noun, and therefore should not be capitalized.
The remaining uses are page titles and section headers, where capitalization is appropriate.
Props idea15, garrett-eclipse, allendav.
Fixes#43435.
git-svn-id: https://develop.svn.wordpress.org/trunk@43132 602fd350-edb4-49c9-b593-d223f7449a82
The previous sentence was gramatically awkward, and using the term "compliance" could accidentally be mistaken by a site owner for a promise by WordPress that their site will be compliant after using the tool, which is not necessarily true.
Props idea15, allendav, azaozz, iandunn.
See #43435.
git-svn-id: https://develop.svn.wordpress.org/trunk@43131 602fd350-edb4-49c9-b593-d223f7449a82
Personal data collection is more likely for registered users than casual visitors, and the privacy policy might have been updated since a user last logged in. Those changes could impact the collection of personal data from registered users, so it makes sense to provide a link to the policy before users log in.
Props voneff, xkon, melchoyce, chetan200891, desrosj.
Fixes#43721.
git-svn-id: https://develop.svn.wordpress.org/trunk@43120 602fd350-edb4-49c9-b593-d223f7449a82
Multisite networks have a variety of use cases, and in many of them single-site administrators are not trusted to take actions that affect the whole network, require making decisions about legal compliance, etc. By default, those actions should require super admin capabilities. Plugins can be used to override that behavior if a particular site's use case calls for it.
Props allendav, jeremyfelt, iandunn.
Fixes#43919.
git-svn-id: https://develop.svn.wordpress.org/trunk@43085 602fd350-edb4-49c9-b593-d223f7449a82
This runs immediately after the data export file has been successfully created, allowing plugins to introduce some workflow customizations. For example, a plugin could password-protect the export file, for peace of mind, even though the CSPRN in the filename makes brute force attacks nearly impossible.
See #43546.
git-svn-id: https://develop.svn.wordpress.org/trunk@43047 602fd350-edb4-49c9-b593-d223f7449a82
The primary means of protecting the files is the CSPRN appended to the filename, but there is no reason to keep the files after the data subject has downloaded them, so deleting them provides an additional layer of protection. Previously this was done from `wp_privacy_generate_personal_data_export_file()`, but that does not guarantee that it will be run regularly, and on smaller sites that could result in export files being exposed for much longer than necessary.
`wp_privacy_delete_old_export_files()` was moved to a front end file, so that it can be called from `cron.php`.
This introduces the `wp_privacy_export_expiration` filter, which allows plugins to customize how long the exports are kept before being deleted.
`index.html` was added to the `$exclusions` parameter of `list_files()` to make sure that it isn't deleted. If it were, then poorly-configured servers would allow the directory to be traversed, exposing all of the exported files.
Props iandunn, desrosj.
See #43546.
git-svn-id: https://develop.svn.wordpress.org/trunk@43046 602fd350-edb4-49c9-b593-d223f7449a82
`rand()` is deterministic and therefore offers much less protection in this context. `wp_generate_password()` is a convenient wrapper around `wp_rand()`, which uses `random_int()` to generate cryptographically-secure psuedorandom numbers.
See #43546.
git-svn-id: https://develop.svn.wordpress.org/trunk@43045 602fd350-edb4-49c9-b593-d223f7449a82
- really disables buttons when they look disabled (when navigation is at the first or last theme)
- when navigation is at the first or last theme, moves focus to the other navigation button, to avoid a focus loss
- improves the buttons visually hidden accessibility text
Props walbo, afercia.
Fixes#36627.
git-svn-id: https://develop.svn.wordpress.org/trunk@43020 602fd350-edb4-49c9-b593-d223f7449a82
By making the pagination links use the default style for buttons, color contrast
is improved and the CSS is simplified. Improves consistency with other UI controls.
Also, slightly increases the white space below the pagination links.
Props benoitchantre, afercia.
Fixes#41858.
git-svn-id: https://develop.svn.wordpress.org/trunk@43019 602fd350-edb4-49c9-b593-d223f7449a82
The updated version of the nag is shorter, more on point and less aggressive than the previous one. It integrates better with the other dashboard widgets and fixes several accessibility concerns. A yellow warning color is used when the current PHP version is outdated, a red error color is used when it is also insecure.
Props afercia, birgire, danieltj, flixos90, johnjamesjacoby, karmatosed, Luciano Croce, nerrad, pento, schlessera, SergeyBiryukov, sonjaleix.
Fixes#41191.
git-svn-id: https://develop.svn.wordpress.org/trunk@43006 602fd350-edb4-49c9-b593-d223f7449a82
This iterates on earlier versions of the code, in order to handle more edge cases. An arbitrary string like `or=\"` will now be stripped, as well as reachability scopes like `%eth0`.
Props eamax, soulseekah, iandunn.
Fixes#41083.
git-svn-id: https://develop.svn.wordpress.org/trunk@42968 602fd350-edb4-49c9-b593-d223f7449a82
* When show_split_view argument false, show title changes in a single column and only show title once if title is unchanged.
Props johnbillion, mbelchev.
Fixes#42402.
git-svn-id: https://develop.svn.wordpress.org/trunk@42966 602fd350-edb4-49c9-b593-d223f7449a82
This changeset adjusts the tone of the message to fit the usual core voice better and addresses accessibility concerns.
Props schlessera.
See #41191.
git-svn-id: https://develop.svn.wordpress.org/trunk@42891 602fd350-edb4-49c9-b593-d223f7449a82
Make `<br />` tags on the screen behave as line breaks again after [41836]. Add a missing fieldset + legend for better accessibility.
Props afercia, RavanH, obenland, garrett-eclipse.
Fixes#42724. See #34539.
git-svn-id: https://develop.svn.wordpress.org/trunk@42864 602fd350-edb4-49c9-b593-d223f7449a82
`edit_user()` can also update user roles but was still using the `edit_users` capability instead of the newer `promote_users` capability introduced in [14176].
This makes the role handling consistent with the bulk dropdown menu for role changes.
Props flixos90, johnjamesjacoby, ocean90.
Fixes#42564.
git-svn-id: https://develop.svn.wordpress.org/trunk@42855 602fd350-edb4-49c9-b593-d223f7449a82
A new global multisite table `wp_blogmeta` is added to the database schema, and a set of `*_site_meta()` API functions are introduced.
The implementation fails gracefully when the new table is not yet available, which may happen especially shortly after the core update, before the network has been upgraded to the new database schema. The presence of the table is detected once and stored as a global setting on the main network.
Core does not yet use site metadata, but there are several use-cases to be implemented or explored in the near future, and it allows plugins to extend sites with arbitrary data, which will come in particularly handy with the upcoming REST API endpoint for sites.
Props spacedmonkey, johnjamesjacoby, jeremyfelt, flixos90.
Fixes#37923.
git-svn-id: https://develop.svn.wordpress.org/trunk@42836 602fd350-edb4-49c9-b593-d223f7449a82
This new dashboard widget is shown on WordPress sites which are powered by a PHP version which WordPress considers outdated, in order to inform site owners about the resulting problems and to explain how to upgrade to a supported version. An education page for that purpose has been previously created that the widget links to. The link is translatable so that localized versions of the page can be referred to as they become available.
The nag follows the example of the Browse Happy dashboard widget and is only visible for administrators, or network administrators when using multisite. To determine whether it needs to be displayed, a new wordpress.org API introduced prior is called that handles the version logic in a centralized location.
Props flixos90, hedgefield, schlessera.
Fixes#41191.
git-svn-id: https://develop.svn.wordpress.org/trunk@42832 602fd350-edb4-49c9-b593-d223f7449a82
This allows referrer-restricted content from third parties (such as images and fonts) to continue working in the admin area.
Props aranwer104, qcmiao
Fixes#43285
git-svn-id: https://develop.svn.wordpress.org/trunk@42830 602fd350-edb4-49c9-b593-d223f7449a82
WordPress.org currently supports up to 5 million, and with the growth of WordPress, it's expected that that upper bound will increase in the future.
Fixes#43193.
git-svn-id: https://develop.svn.wordpress.org/trunk@42829 602fd350-edb4-49c9-b593-d223f7449a82
Add missing translator comments in `WP_Theme_Install_List_Table` and `wp_notify_postauthor()`.
Add missing commas in some translator comments.
Fixes#43523.
git-svn-id: https://develop.svn.wordpress.org/trunk@42827 602fd350-edb4-49c9-b593-d223f7449a82
* In initCrop, handle touch events in addition to mouse events.
* In imageSelect jQuery plugin, accept event.which of 0 as provided by touch events.
Props yahil, alexgso, joemcgill.
Fixes#41242.
git-svn-id: https://develop.svn.wordpress.org/trunk@42818 602fd350-edb4-49c9-b593-d223f7449a82
Fix an issue where the screen viewport resized to an oversized state on mobile devices after moving sub-menus.
Props kwonye.
Fixes#36884.
git-svn-id: https://develop.svn.wordpress.org/trunk@42817 602fd350-edb4-49c9-b593-d223f7449a82
Links within blocks and lines of text should always be underlined.
Props Travel_girl, chetan200891, Shital Patel.
Fixes#42647.
git-svn-id: https://develop.svn.wordpress.org/trunk@42810 602fd350-edb4-49c9-b593-d223f7449a82
For a number of years, the "Available Widgets" section has been off-limits for
keyboard users. Now it can be used also with the keyboard. This change introduces
also some improvements for assistive technologies.
- makes the widget toggles focusable and adds an `aria-expanded` attribute to indicate their state
- improves the toggles labelling to clarify context (add/edit)
- changes the controls to choose a sidebar from list items to buttons
- adds an `aria-label` attribute to the buttons to clarify their purpose
- adds an `aria-pressed` attribute to the buttons to indicate which one is selected
- improves color contrast of the selected button
- uses a `wp.a11y.speak()` message to announce to screen reader users when a widget has been added to a sidebar
- moves focus back to the toggle button when closing a widget
See #40677.
git-svn-id: https://develop.svn.wordpress.org/trunk@42794 602fd350-edb4-49c9-b593-d223f7449a82
Also, adds an `aria-describedby` attribute to associate the Admin Email field with its description.
Props dipesh.kakadiya, jackreichert, rianrietveld.
Fixes#37331.
git-svn-id: https://develop.svn.wordpress.org/trunk@42793 602fd350-edb4-49c9-b593-d223f7449a82
For a number of years, the link to the Widgets screen "Accessibility mode" lived
in the Screen Options panel, hidden by default. Many users, including assistive
technologies users, weren't able to find it or even aware it existed. By bringing
the link in the main screen, visible by default, this change makes the
"Accessibility mode" easily discoverable for everyone.
Props chetan200891, antonioeatgoat.
Fixes#42778.
git-svn-id: https://develop.svn.wordpress.org/trunk@42790 602fd350-edb4-49c9-b593-d223f7449a82
For better accessibility and semantics, user interface controls that perform an
action should be buttons. Links should exclusively be used for navigation.
Also, adds an `aria-expanded` attribute to communicate the expandable panel state
and improves the buttons spacing.
Props Cheffheid, audrasjb, afercia.
Fixes#38674.
git-svn-id: https://develop.svn.wordpress.org/trunk@42785 602fd350-edb4-49c9-b593-d223f7449a82
For better accessibility and semantics, user interface controls that perform an
action should be buttons. Links should exclusively be used for navigation.
Props Cheffheid, audrasjb.
Fixes#38671.
git-svn-id: https://develop.svn.wordpress.org/trunk@42784 602fd350-edb4-49c9-b593-d223f7449a82
The error response body size is limited to 1 KB by default to avoid taking up too much memory. The size can be increased using `download_url_error_max_body_size` filter.
Props soulseekah, campusboy1987, mihdan, SergeyBiryukov.
Fixes#43329.
git-svn-id: https://develop.svn.wordpress.org/trunk@42773 602fd350-edb4-49c9-b593-d223f7449a82
For better accessibility and semantics, user interface controls that perform an
action should be buttons. Links should exclusively be used for navigation.
Props Cheffeid, audrasjb, afercia.
See #43382, #38677.
Fixes#43376.
git-svn-id: https://develop.svn.wordpress.org/trunk@42767 602fd350-edb4-49c9-b593-d223f7449a82
At the time, having both `required` and `aria-required` meant a wider range of support for browsers and assistive technology. Today, it's safe to use just `required`.
Props shital-patel, afercia, audrasjb.
Fixes#43415.
git-svn-id: https://develop.svn.wordpress.org/trunk@42759 602fd350-edb4-49c9-b593-d223f7449a82
This tag has been used in the past, but should no longer be used. Just using the `static` keyword in code is enough for PhpDocumentor on PHP5+ to recognize static variables and methods, and PhpDocumentor will mark them as static.
Props birgire.
See #42803.
git-svn-id: https://develop.svn.wordpress.org/trunk@42747 602fd350-edb4-49c9-b593-d223f7449a82
This tag has been used in the past, but should no longer be used. Just using the `static` keyword in code is enough for PhpDocumentor on PHP5+ to recognize static variables and methods, and PhpDocumentor will mark them as static.
Props birgire.
See #42803.
git-svn-id: https://develop.svn.wordpress.org/trunk@42745 602fd350-edb4-49c9-b593-d223f7449a82
Trigger a keyup event when clearing the search field in response to closing the add item panel. The keyup event triggers a search and resets the results. Previously, the search field was cleared while the potentially blank search results were left in place making it impossible to select new menu items.
Props Blair jersyer, aranwer104, afercia.
Fixes#43333.
git-svn-id: https://develop.svn.wordpress.org/trunk@42744 602fd350-edb4-49c9-b593-d223f7449a82
Reverts unit test removal, instead changing them to expect the function to be deprecated.
Correct the version the ajax callback was deprecated.
Amends [42614].
Props dlh, ocean90.
Fixes#38922.
git-svn-id: https://develop.svn.wordpress.org/trunk@42737 602fd350-edb4-49c9-b593-d223f7449a82
For better accessibility and semantics, user interface controls that perform an
action should be buttons. Links should exclusively be used for navigation.
See #38677 / [42725].
Fixes#43382.
git-svn-id: https://develop.svn.wordpress.org/trunk@42727 602fd350-edb4-49c9-b593-d223f7449a82
WordCamps are celebrations of the local WordPress Community and once a local one is scheduled, people in that community should know it is coming. This adjusts the WordPress Events in the dashboard widgets to always display a WordCamp, even if there are multiple Meetups happening first.
Props iandunn, metalandcoffee, warmlaundry, alejandroxlopez, jorbin.
Fixes#41112.
git-svn-id: https://develop.svn.wordpress.org/trunk@42726 602fd350-edb4-49c9-b593-d223f7449a82
For better accessibility and semantics, user interface controls that perform an
action should be buttons. Links should exclusively be used for navigation. Also,
adds an `aria-expanded` attribute to the button to communicate to assistive
technologies the expanded / collapsed status of the Quick Edit form.
Props Cheffheid, audrasjb, afercia.
Fixes#38677.
git-svn-id: https://develop.svn.wordpress.org/trunk@42725 602fd350-edb4-49c9-b593-d223f7449a82
Although unitless zero is allowed for `<length>` CSS data type, it's invalid for `<time>` data type.
Props chetan200891, manuel_84, GaryJ.
Fixes#43195.
git-svn-id: https://develop.svn.wordpress.org/trunk@42689 602fd350-edb4-49c9-b593-d223f7449a82
This filter shows comments made by the current user, and copies the same filter functionality that's available on the post listing screens.
Props Iceable
Fixes#42379
git-svn-id: https://develop.svn.wordpress.org/trunk@42684 602fd350-edb4-49c9-b593-d223f7449a82
While intended as a playful error message, `Cheatin’ uh?` can be interpreted as insulting or accusatory in an already stressful situation. This replaces Cheatin’ with more meaningful error messages, depending on the error that occurs.
Props ElectricFeet, EricMeyer, karmatosed, dd32, BandonRandon, melchoyce for language; dmsnell for original patch; peterwilsoncc.
Fixes#38332.
git-svn-id: https://develop.svn.wordpress.org/trunk@42648 602fd350-edb4-49c9-b593-d223f7449a82
Previously, the Screen Options toggle and the related panel content
were hidden on small screens, preventing access to important settings,
including the ability to toggle the meta boxes visibility.
Props chetan200891.
Fixes#40985.
git-svn-id: https://develop.svn.wordpress.org/trunk@42644 602fd350-edb4-49c9-b593-d223f7449a82
As per the WordPress CSS coding standards, CSS properties with values that require quotes must use double quotes.
Also fixes some indentation and spacing.
Fixes#43220.
git-svn-id: https://develop.svn.wordpress.org/trunk@42641 602fd350-edb4-49c9-b593-d223f7449a82
Deprecate wp_ajax_ajax_tag_search and switch to using the REST API when searching tags in the tags meta box.
Props nacin, chriscct7, afercia, swissspidy, jnylen0, rmccue, ryelle.
Fixes#38922.
git-svn-id: https://develop.svn.wordpress.org/trunk@42614 602fd350-edb4-49c9-b593-d223f7449a82
A user should still be able to have the capability, even when language packs cannot be automatically installed. The automatic installation part is separate from that now.
Props flixos90.
Fixes#42697.
git-svn-id: https://develop.svn.wordpress.org/trunk@42606 602fd350-edb4-49c9-b593-d223f7449a82
JSHint inherits a license from JSLint that includes the clause "The Software shall be used for Good, not Evil." WordPress's license specifically allows grants the freedom to run the program, for any purpose. Please note, this is not an encouragement of evil. Rather than doing something evil, how about learning to love those around you. Instead of tweeting lies and saying people are "Not Good!", help your neighbor. In the words of Lin Manual Miranda, "Love is love is love is love is love is love is love is love, cannot be killed or swept aside."
This replaces JSHint with esprima, a part of the larger jQuery project, and a custom wrapper for some basic error checking within codemirror.
The existing JSHint configuration is kept in place in case someone wants to use that, but they can only do so for Good.
Fixes#42850
Props netweb for a spelling fix on a comment.
git-svn-id: https://develop.svn.wordpress.org/trunk@42547 602fd350-edb4-49c9-b593-d223f7449a82
Add `comments_list_table_query_args` filter to the Comments List Table.
Props soulseekah, birgire.
Fixes#42997.
git-svn-id: https://develop.svn.wordpress.org/trunk@42420 602fd350-edb4-49c9-b593-d223f7449a82
As decided in the JavaScript core chat. With a few reasons:
* It is visually cleaner when reading the source.
* This bring the JavaScript documentation closer to the PHP documentation.
The only disadvantage is that the JSDoc parser doesn't split out the summary and the description in the new format. We've decided to solve this when building the JavaScript documentation parser.
Props herregroen.
Fixes#42901.
git-svn-id: https://develop.svn.wordpress.org/trunk@42411 602fd350-edb4-49c9-b593-d223f7449a82
On the "Attachment Details" screen:
* The crop button is always 'enabled'.
* Clicking the crop button with no selection selects the entire image.
* Clicking the crop button with the entire image selected doesn't do anything.
* Clicking the crop button with a selection crops as expected.
Props sonjanyc, afercia, mikeschroder.
Fixes#30155.
git-svn-id: https://develop.svn.wordpress.org/trunk@42404 602fd350-edb4-49c9-b593-d223f7449a82
JSDoc takes it structural data from `@namespace`, `@lends` and `@memberOf`. This change fixes these tags for all JavaScript files in the wp-admin folder.
* Add jsdoc configuration to parse wp-admin/js files. Use `jsdoc -c jsdoc.conf.json` to generate JSDoc.
* Define all used namespaces using `@namespace`.
* Define each usage of the extend function as a prototype assignment using `@lends`.
* Add `@alias` if JSDoc cannot detect the correct name automatically.
This has previously been corrected for all `wp-includes` JavaScript files: [41351].
Props herregroen.
Fixes#42485.
git-svn-id: https://develop.svn.wordpress.org/trunk@42403 602fd350-edb4-49c9-b593-d223f7449a82
The `custom-header.js` file is only used on the `wp-admin/themes.php?page=custom-header` page. As that page is no longer linked from the UI the functions in the file are marked deprecated.
Props nicollle, jipmoors, diedeexterkate.
Fixes#42678.
git-svn-id: https://develop.svn.wordpress.org/trunk@42385 602fd350-edb4-49c9-b593-d223f7449a82
WordPress' code just... wasn't.
This is now dealt with.
Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes#41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42343 602fd350-edb4-49c9-b593-d223f7449a82
This allows showing a name when only the first or last name is provided.
Props shital-patel, antipole.
Fixes#42713.
git-svn-id: https://develop.svn.wordpress.org/trunk@42256 602fd350-edb4-49c9-b593-d223f7449a82
We have a handful of super long regexen that are written over multiple lines, as a collection of strings concatenated together. Each string is indented appropriately for the regex, but PHPCS doesn't recognised this, so defaults to removing the extra whitespace.
Disabling the `Squiz.Strings.ConcatenationSpacing.PaddingFound` rule for these blocks stops the extra whitespace from being removed.
See #41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42249 602fd350-edb4-49c9-b593-d223f7449a82
This fixes theme editing on Windows platforms where `validate_file()` will return `2` on a full file path.
Fixes#42609.
git-svn-id: https://develop.svn.wordpress.org/trunk@42244 602fd350-edb4-49c9-b593-d223f7449a82
While caching here seemed like a good idea in theory, in practice the cache would be often stale causing development issues.
We exclude common folders (such as `node_modules`) from the scanning to avoid directories which are not useful to the end-user, so as long as those exclusion lists are held up this shouldn't cause too much of a degredation in the future.
We may consider adding caching here again in the future if it's determined that it is really needed.
Props precies, ibenic, mariovalney, schlessera, and all the others who commented on the ticket(s).
This partually reverts [41806].
See #6531.
Fixes#42573.
git-svn-id: https://develop.svn.wordpress.org/trunk@42242 602fd350-edb4-49c9-b593-d223f7449a82
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.
See #41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42228 602fd350-edb4-49c9-b593-d223f7449a82
Using a filename which was generated from `time()` could cause two processes to try to use the same filename, causing unexpected behaviour.
Props jrchamp, bikecrazyy.
Fixes#42265.
git-svn-id: https://develop.svn.wordpress.org/trunk@42224 602fd350-edb4-49c9-b593-d223f7449a82
When the setup process reads `wp-config-sample.php`, it assumes that there are no spaces inside the brackes of the `define()`s. Unfortunately, this doesn't match our coding standards, so will no longer work correctly once we start enforcing them.
This also improves coding standards of the generated `wp-config.php` file.
See #41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42218 602fd350-edb4-49c9-b593-d223f7449a82
This pattern occurs a handful of times across the codebase:
`<div class="foo<?php if ( $bar ) { echo ' baz'; } ?>">`
Unfortunately, it doesn't really play nicely with `phpcbf`, so all instances need to be removed in preperation for auto code formatting.
See #41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42217 602fd350-edb4-49c9-b593-d223f7449a82
The fix in [41821] caused numeric folder names to be reindexed to 0..n when in the root directory (for example, `my-plugin/24/`).
Props edo888.
See #41524.
Fixes#42628 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@42214 602fd350-edb4-49c9-b593-d223f7449a82
The `meta_box_cb` argument was introduced in [25572] to allow plugin
authors to provide a custom callback for rendering their taxonomy's meta
box on the post edit screen. However, the routine used to handle the saving
of these custom taxonomy meta boxes was not customizable, but was instead
based simply on whether the taxonomy was hierarchicaly. See [13535].
The new `meta_box_sanitize_cb` argument defaults to the "tag" routine for
non-hierarchical taxonomies and the "category" routine for hierarchical ones,
thereby maintaining the current default behavior. Developers can override this
when the data passed from their `meta_box_cb` differs.
Props boonebgorges, ZaneMatthew, stephenharris.
Fixes#36514.
git-svn-id: https://develop.svn.wordpress.org/trunk@42211 602fd350-edb4-49c9-b593-d223f7449a82
This allows defining the constant as `false` to prevent access (rather than requiring the constant to be removed entirely).
Props tiagohillebrandt, munklefish.
See #11717.
Fixes#42622.
git-svn-id: https://develop.svn.wordpress.org/trunk@42205 602fd350-edb4-49c9-b593-d223f7449a82
In IE11 the `input` event erroneously gets triggered initially without any user input.
Amends [41648].
See #37661.
Fixes#42556 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@42187 602fd350-edb4-49c9-b593-d223f7449a82
Fixes an error since [41783] in which extra paragraphs could be added to content when switching editor tabs.
Props pento, adamsilverstein, aduth.
Fixes#42531.
git-svn-id: https://develop.svn.wordpress.org/trunk@42177 602fd350-edb4-49c9-b593-d223f7449a82
- When switching to the Text view, wait until after the Visual editor element has been hidden, before focussing the `<textarea>`.
- When switching to the Visual view, only scroll if the cursor is not visible on the current screen.
Fixes#42530.
git-svn-id: https://develop.svn.wordpress.org/trunk@42175 602fd350-edb4-49c9-b593-d223f7449a82
Also run CSS autoprefixer to add `-ms-` prefixes for CSS grid identifiers for IE11.
Props Presskopp.
Amends [42121].
See #42087.
Fixes#42524 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@42161 602fd350-edb4-49c9-b593-d223f7449a82
Simplify regular expression for checking URL validity to just do basic checks to confirm the value looks like a URL. Leave the complete validation to the server-side logic in `WP_Customize_Nav_Menu_Item_Setting::sanitize()` to avoid having to maintain two separate codebases for validating URLs.
Props westonruter, SergeyBiryukov for testing.
Amends [41697].
See #32816.
Fixes#42506 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@42153 602fd350-edb4-49c9-b593-d223f7449a82
Fixes issue where a drafted/scheduled changeset could inadvertently re-use the previous autosave revision in the preview while a user expects it to have been dismissed.
See #39896, [41597].
Fixes#42502 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@42144 602fd350-edb4-49c9-b593-d223f7449a82
Fixes issue where user may supply an invalid URL and be unable to save the widget on the Widgets admin screen without being told why.
Amends [41252].
See #41274.
Fixes#42488.
git-svn-id: https://develop.svn.wordpress.org/trunk@42140 602fd350-edb4-49c9-b593-d223f7449a82
When just doing `wp_publish_post()` for the changeset from `customize.php`, any option-based settings will fail to get saved because `WP_Customize_Manager` would have already been loaded with `settings_previewed`, resulting in `update_option()` calls being short-circuited. So an admin-ajax request to `customize_save` is used to work around this.
Props westonruter, jeremyfelt, dlh for testing, LittleBigThing for testing.
Amends [41626].
See #28721, #39221.
Fixes#42457 for trunk.
git-svn-id: https://develop.svn.wordpress.org/trunk@42138 602fd350-edb4-49c9-b593-d223f7449a82
Also fix PHP notice related to parent themes and WordPress.org theme query results.
Props dd32, obenland, celloexpressions, westonruter, atachibana for testing.
See #42406, #37661.
Fixes#42442.
git-svn-id: https://develop.svn.wordpress.org/trunk@42122 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a bug where files couldn't be accessed in multisite installs.
Props flixos90, westonruter.
Fixes#42420.
git-svn-id: https://develop.svn.wordpress.org/trunk@42115 602fd350-edb4-49c9-b593-d223f7449a82
* Consider both `selectedChangesetStatus` and `changesetStatus` states when deciding to disable.
* Factor out common logic into `canSwitchTheme` function on `ThemesPanel`.
* Keep Live Preview and Install buttons disabled in Themes controls and detail overlays when appropriate.
Props westonruter, dlh.
Amends [41788].
See #42126, #37661, #39896.
Fixes#42406.
git-svn-id: https://develop.svn.wordpress.org/trunk@42113 602fd350-edb4-49c9-b593-d223f7449a82
Prevent edits to 2-level deep theme files from returning a `disallowed_theme_file` error when attempting to save an edit. Aligns logic for gathering `$allowed_files` in `theme-editor.php` for listing files with the validation logic in `wp_edit_theme_plugin_file()`.
Amends [41806].
See #6531.
Fixes#42425.
git-svn-id: https://develop.svn.wordpress.org/trunk@42112 602fd350-edb4-49c9-b593-d223f7449a82
Prevent needlessly iterating over `controlConstructor` to find `type` when it is already supplied.
Amends [41750], [41726].
See #42083.
git-svn-id: https://develop.svn.wordpress.org/trunk@42048 602fd350-edb4-49c9-b593-d223f7449a82
Fixes UI bugs around theme updates in the Customizer. Theme versions now get updated and users are no longer left alone after a successful update.
Props rinkuyadav999, celloexpressions for initial patch.
Fixes#42365.
git-svn-id: https://develop.svn.wordpress.org/trunk@42046 602fd350-edb4-49c9-b593-d223f7449a82
* Let min hour be 0 and max be 23 in 24-hour time; let min hour be 1 and max be 12 in 12-hour time.
* Show error notification when an invalid date value is provided, not just when not a future date.
* Fix translation of custom validity message.
* Start checking for validity after all inputs have been initially populated.
* Remove support for being able to enter 24:00.
* Cease forcing date input elements from being casted to integers, to allow for invalid inputs to be detected.
Props westonruter, Presskopp, peterwilsoncc, atachibana for testing.
See #39896, #28721.
Fixes#42373.
git-svn-id: https://develop.svn.wordpress.org/trunk@42042 602fd350-edb4-49c9-b593-d223f7449a82
