* Allow `WP_Customize_Nav_Menus::insert_auto_draft_post()` to take full post array to pass to `wp_insert_post()`, except for `post_status`. Require `post_title`.
* Ensure empty `post_name` gets explicitly set to slugified `post_title`.
* Explicitly allow only `post_type` and `post_title` params in `WP_Customize_Nav_Menus::ajax_insert_auto_draft_post()`.
* Use `wp_update_post()` instead of `wp_publish_post()` to ensure unique slugs are assigned to published auto-draft posts.
* Re-use `WP_Customize_Nav_Menus::insert_auto_draft_post()` when inserting stubs from starter content.
See #38114, #38013, #34923.
Fixes#38539.
git-svn-id: https://develop.svn.wordpress.org/trunk@39038 602fd350-edb4-49c9-b593-d223f7449a82
`wp_load_translations_early()` is used when WordPress isn't fully initialized. Therefore using the `WP_Locale_Switcher` with `get_locale()`/`get_user_locale()` can cause PHP fatal errors.
This reverts [38976] and [38977], and instead removes `WP_Locale_Switcher` from `wp_load_translations_early()`.
See #29783.
Fixes#38535.
git-svn-id: https://develop.svn.wordpress.org/trunk@39005 602fd350-edb4-49c9-b593-d223f7449a82
A `null` value is returned in the response for any option that has a non-scalar value.
To protect clients from accidentally including the `null` values from a response object in a request, we do not allow options with non-scalar values to be updated to `null`. Without this added protection a client could mistakenly delete all options that have non-scalar values from the database.
Props joehoyle, rachelbaker.
Fixes#38527.
git-svn-id: https://develop.svn.wordpress.org/trunk@38982 602fd350-edb4-49c9-b593-d223f7449a82
If WPDB needs to bail early, it loads the translations, which need to load the locale. Without WPDB, we can't get any database options, so can only rely on what's been loaded so far.
Fixes#29783.
git-svn-id: https://develop.svn.wordpress.org/trunk@38976 602fd350-edb4-49c9-b593-d223f7449a82
As sparrows' tears shed steadily
Make widest rivers filled,
`setUp()` routines run prodig'ly
Add minutes to a build.
So cull ye fixtures profligate!
Direct thine frugal gaze!
Our savings here - a half-minute -
When multiplied: Amaze!
See #30017.
git-svn-id: https://develop.svn.wordpress.org/trunk@38975 602fd350-edb4-49c9-b593-d223f7449a82
The WP-API plugin originally used a custom method for fetching object
terms in a way that supported the object cache and also accepted all
parameters for `get_terms()`. In [38667], the internals of
`wp_get_object_terms()` were modified to use `WP_Term_Query`, thus
delivering in a native fashion the features that the API had
previously achieved bespokely.
Fixes#38504.
git-svn-id: https://develop.svn.wordpress.org/trunk@38974 602fd350-edb4-49c9-b593-d223f7449a82
Hiding WP_Query params under the filter key (instead of allowing them to be top-level params) was one of our biggest complaints from users of v1 of our REST API. This walks back the re-introduction of the `filter` param during Beta 15, which introduced an "inconsistent mess" and "exposing WP_Query through filter has and will continue to be difficult to support." See https://github.com/WP-API/WP-API/issues/2799.
Props websupporter, rachelbaker.
Fixes#38378.
git-svn-id: https://develop.svn.wordpress.org/trunk@38968 602fd350-edb4-49c9-b593-d223f7449a82
With the introduction of user-specific languages in [38705] it's necessary to be able to switch translations on the fly. For example emails should be sent in the language of the recipient and not the one of the current user.
This introduces a new `WP_Locale_Switcher` class which is used for switching locales and translations. It holds the stack of locales whenever `switch_to_locale( $locale )` is called. With `restore_previous_locale()` you can restore the previous locale. `restore_current_locale()` empties the stack and sets the locale back to the initial value.
`switch_to_locale()` is added to most of core's email functions, either with the value of `get_locale()` (site language) or `get_user_locale()` (user language with fallback to site language).
Props yoavf, tfrommen, swissspidy, pbearne, ocean90.
See #29783.
Fixes#26511.
git-svn-id: https://develop.svn.wordpress.org/trunk@38961 602fd350-edb4-49c9-b593-d223f7449a82
WordPress has supported custom page templates for over 12 years, allowing developers to create various layouts for specific pages.
While this feature is very helpful, it has always been limited to the 'page' post type and not was not available to other post types.
By opening up the page template functionality to all post types, we continue to improve the template hierarchy's flexibility.
In addition to the `Template Name` file header, the post types supported by a template can be specified using `Template Post Type: post, foo, bar`.
When at least one template exists for a post type, the 'Post Attributes' meta box will be displayed in the back end, without the need to add post type support for `'page-attributes'`. 'Post Attributes' can be customized per post type using the `'attributes'` label when registering a post type.
Props johnbillion, Mte90, dipesh.kakadiya, swissspidy.
Fixes#18375.
git-svn-id: https://develop.svn.wordpress.org/trunk@38951 602fd350-edb4-49c9-b593-d223f7449a82
When support for PDFs is available, on upload,
render 'Thumbnail', 'Medium', 'Large', and 'Full' sizes of
the first page, and save them in attachment meta.
Use these renders within Add Media, Media Gallery and List views,
Attachment Details, Post/Attachment Edit screens, and Attachment pages.
Support available by default via Imagick -> ImageMagick -> Ghostscript,
but can be provided by any `WP_Image_Editor` that supports PDFs.
Props adamsilverstein, azaozz, celloexpressions, desrosj, dglingren, ericlewis, ipstenu, joemcgill, joyously, markoheijnen, melchoyce, mikeschroder, tomauger.
Fixes#31050.
git-svn-id: https://develop.svn.wordpress.org/trunk@38949 602fd350-edb4-49c9-b593-d223f7449a82
As the REST API becomes more integral to WordPress Core, turning it off will cause a... suboptimal experience. If we don't want it to be turned off, the off switch needs to be removed.
Props jorbin, pento.
Fixes#38446.
git-svn-id: https://develop.svn.wordpress.org/trunk@38947 602fd350-edb4-49c9-b593-d223f7449a82
Like its predecessor (`sanitize_text_field()`), `sanitize_textarea_field()` is a helper function to sanitise user input. As the name suggests, this function is for sanitising input from `textarea` fields - it strips tags and invalid UTF-8 characters, like `sanitize_text_field()`, but retains newlines and extra inline whitespace.
Props ottok, nbachiyski, chriscct7, pento.
Fixes#32257.
git-svn-id: https://develop.svn.wordpress.org/trunk@38944 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a bug where the boolean parameter `hide_empty` was not being properly sanitized in the Terms controller.
Props websupporter.
Fixes#38465.
git-svn-id: https://develop.svn.wordpress.org/trunk@38942 602fd350-edb4-49c9-b593-d223f7449a82
When a site is using a static front page, and that page is in a menu, it isn't given the CSS class `menu-item-home`, contrary to the developer documentation.
An incorrect solution was originally added in [35272], and is now gone. Let us never speak of it again.
Props mdgl, adamsilverstein, welcher, pento.
Fixes#35272.
git-svn-id: https://develop.svn.wordpress.org/trunk@38940 602fd350-edb4-49c9-b593-d223f7449a82
Remaining tests either rely on the `blog-details` cache key or test `get_blog_details()` itself.
Props flixos90.
Fixes#38497.
git-svn-id: https://develop.svn.wordpress.org/trunk@38935 602fd350-edb4-49c9-b593-d223f7449a82
In addition to `wp_list_filter()` for filtering a list of objects, and `wp_list_pluck()` for plucking a certain field out of each object in a list, this new function can be used for sorting a list of objects by specific fields. These functions are now all contained within the new `WP_List_Util()` class and `wp_list_sort()` is used in various parts of core for sorting lists.
This was previously committed in [38859] but got reverted in [38862] and [38863]. To fix the previous issues, `wp_list_sort()` supports now an additional argument to preserve array keys via `uasort()`.
Props flixos90, DrewAPicture, jorbin.
Fixes#37128.
git-svn-id: https://develop.svn.wordpress.org/trunk@38928 602fd350-edb4-49c9-b593-d223f7449a82
Fixes bug where an invalid Last-Modified value would be returned in feed requests for sites that had 0 items to return. Comment or post feeds will now return the current timestamp as the Last-Modified header value. Example: a request for the comments feed for a site without any comments.
Replaced use of the local static variable `$cache_lastcommentmodified` to store the modified date in `get_lastcommentmodified()` with the Object Cache API. The `get_lastcommentmodified()` function returns early if there is a cached value and returns `false` if there where no comments found. Introduced `_clear_modified_cache_on_transition_comment_status()` to flush the `lastcommentmodified` cache key when a comment enters or leaves approval status. In `get_lastpostmodified()` return early if there is a cached value and return `false` if there are no posts found.
Props swissspidy, rachelbaker, dllh, leobaiano.
Fixes#38027.
git-svn-id: https://develop.svn.wordpress.org/trunk@38925 602fd350-edb4-49c9-b593-d223f7449a82
Previously, if an invalid post status was assigned to a media object, the object would be returned with an unchanged status. After [38911], an error response is returned.
The assertion in test_get_items_invalid_status_param_is_discarded() needs to be updated to account for the expected error response. The test name has been changed to `test_get_items_invalid_status_param_is_error_response()`.
Fixes#38417.
git-svn-id: https://develop.svn.wordpress.org/trunk@38917 602fd350-edb4-49c9-b593-d223f7449a82
Currently we are using a different validate callback, so the `enum` is not interpretted. We just have to fallback to the result of `rest_validate_request_arg` in our custom wrapper function.
Fixes#38417.
git-svn-id: https://develop.svn.wordpress.org/trunk@38911 602fd350-edb4-49c9-b593-d223f7449a82
Add a `default` argument to `register_setting` that will be used an the default option value viet `get_option()` in the event of no other option being specified. This means (if chosen) developers can define their default once via `register_option` and not have to duplicate the value every time they make a call to `get_option()`.
Props rmccue, jorbin, jtsternberg.
Fixes#38176.
git-svn-id: https://develop.svn.wordpress.org/trunk@38910 602fd350-edb4-49c9-b593-d223f7449a82
`WP_DEFAULT_THEME` was being defined in the wrong location.
Also, if WordPress has the original "default" theme installed, ensure that our test theme overrides it.
Props swissspidy for daring to dive into Themes of WordPress Past.
See #31550, #38457.
git-svn-id: https://develop.svn.wordpress.org/trunk@38908 602fd350-edb4-49c9-b593-d223f7449a82
This functionality was originally added in [38858], using `symlink()` to put a link to the theme in WordPress' `themes` directory. Unfortunately, not all installs have write access to the `themes` directory, causing unit tests to fail.
The new method is to add the test theme directory to `$wp_theme_directories`, and fix the handful of tests that don't expect `$wp_theme_directories` to have multiple entries.
The test install/bootstrap routines now also check that `WP_DEFAULT_THEME` is defined, in case the tests are being run on a system that hasn't upgraded its' `wp-tests-config.php`.
See #31550.
Fixes#38457.
git-svn-id: https://develop.svn.wordpress.org/trunk@38907 602fd350-edb4-49c9-b593-d223f7449a82
This ability was previously added to nav menus via the available page items panel. The "Add New Page" button only appears when the `allow_addition` control param is supplied as `true`. Code is adapted from the Customize Posts feature plugin.
Props celloexpressions, westonruter.
See #38013, #34923.
Fixes#38164.
git-svn-id: https://develop.svn.wordpress.org/trunk@38906 602fd350-edb4-49c9-b593-d223f7449a82
An empty string causes some browsers to use the current URL as the `href`. When using `history.replaceState()` Chrome will re-fetch the favicon with each call, meaning that `customize.php` gets hit with wasted requests which tax the server.
Fixes#38377.
git-svn-id: https://develop.svn.wordpress.org/trunk@38901 602fd350-edb4-49c9-b593-d223f7449a82
With the new `strip_shortcodes_tagnames` filter you can specify which shortcodes are stripped by `strip_shortcodes()`. The default is all registered shortcodes.
Props DylanAuty, orvils, swissspidy.
Fixes#37767.
git-svn-id: https://develop.svn.wordpress.org/trunk@38877 602fd350-edb4-49c9-b593-d223f7449a82
As of WordPress 4.3 the `wp_new_comment()` function has been updated to allow the comment_agent value to be set when a comment is created. The comments API endpoint now allows the comment author's user agent to be set when creating a comment.
Also, the `readonly` property on the `author_user_agent` parameter in the schema was removed.
Props rabmalin for the initial patch.
Fixes#38425.
git-svn-id: https://develop.svn.wordpress.org/trunk@38864 602fd350-edb4-49c9-b593-d223f7449a82
All users can edit their own profile, as this ability is not linked to an explicit capability. Technically, it should map to the `exist` capability, which will be addressed at a later date.
See #31518
git-svn-id: https://develop.svn.wordpress.org/trunk@38860 602fd350-edb4-49c9-b593-d223f7449a82
In addition to `wp_list_filter()` for filtering a list of objects, and `wp_list_pluck()` for plucking a certain field out of each object in a list, this new function can be used for sorting a list of objects by specific fields. These functions are now all contained within the new `WP_List_Util()` class and `wp_list_sort()` is used in various parts of core for sorting lists.
Props flixos90, DrewAPicture, jorbin.
Fixes#37128.
git-svn-id: https://develop.svn.wordpress.org/trunk@38859 602fd350-edb4-49c9-b593-d223f7449a82
New default themes require workarounds being added to several unit tests, as they often alter default WordPress behaviour. To avoid ongoing maintenance issues, this change switches to a minimal theme when running tests.
This change also removes the old workarounds for default themes.
Fixes#31550.
git-svn-id: https://develop.svn.wordpress.org/trunk@38858 602fd350-edb4-49c9-b593-d223f7449a82
This removes the use of several `global $wpdb` instances, as well as bringing the ping functions into line with other post-related functions, which will accept a post ID or `WP_Post` object.
Props dshanke.
Fixes#38202.
git-svn-id: https://develop.svn.wordpress.org/trunk@38852 602fd350-edb4-49c9-b593-d223f7449a82
This was previously fixed in [38837], but it wasn't really the correct answer, to fix it in the theme. So, [38837] is reverted in this commit, and the Twenty Seventeen actions causing problems are unhooked before tests are run.
See #38372.
git-svn-id: https://develop.svn.wordpress.org/trunk@38850 602fd350-edb4-49c9-b593-d223f7449a82
[38792] allowed `WP_Query`'s hyphen-as-exclusion-prefix feature to be
disabled via filter. A more general solution is to allow the prefix to
be filtered; returning an empty value from a filter callback works to
disable the feature.
Props dlh.
Fixes#38099.
git-svn-id: https://develop.svn.wordpress.org/trunk@38844 602fd350-edb4-49c9-b593-d223f7449a82
There are some tests who's outcome can be affected by the default theme, so we need to ensure the Twenty Seventeen functionality is unhooked while the tests are running.
See #38372.
git-svn-id: https://develop.svn.wordpress.org/trunk@38842 602fd350-edb4-49c9-b593-d223f7449a82
This reverts [38454] along with its follow-up commits, [38512], [38514], and [38692]. These tests are currently not pass
ing, and maybe they never will. The tests are in a group which does not run by default without a flag, making them quest
ionably useful.
We can re-visit this at a later date.
See #32360
git-svn-id: https://develop.svn.wordpress.org/trunk@38840 602fd350-edb4-49c9-b593-d223f7449a82
There are some tests who's outcome can be affected by the default theme, so we need to ensure the Twenty Seventeen functionality is unhooked while the tests are running.
See #38372.
git-svn-id: https://develop.svn.wordpress.org/trunk@38838 602fd350-edb4-49c9-b593-d223f7449a82
- Fix leak in setup_notify_comment() test help by removing the comment_flood_filter.
- Correct uses of $term_taxonomy_id -> $term_id in Category and Tags routing.
- Temporarily remove the metadata tests for canola.jpg as that file does not have an exifdata. Will need to update the test.
Props jorbin, rmccue, nacin
See #38373.
git-svn-id: https://develop.svn.wordpress.org/trunk@38834 602fd350-edb4-49c9-b593-d223f7449a82
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.
Love your REST API, WordPress! The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"
Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes#38373.
git-svn-id: https://develop.svn.wordpress.org/trunk@38832 602fd350-edb4-49c9-b593-d223f7449a82
Use an inactive core theme for previewing theme switch instead of assuming `twentysixteen` is installed and active and `twentyfifteen` is not.
See #30937.
git-svn-id: https://develop.svn.wordpress.org/trunk@38830 602fd350-edb4-49c9-b593-d223f7449a82
* Custom CSS is associated with a given theme and is displayed in an inline `style` element at the `wp_head` hook after the `wp_print_styles` is called so that it overrides any enqueued stylesheets.
* A `wp_get_custom_css()` function is used for accessing the CSS associated with the current theme (or another theme) and a `wp_get_custom_css` filter for manipulating it.
* CSS is managed in customizer via a new "Additional CSS" section with a single `textarea` control.
* `WP_Customize_Section::$description_hidden` is introduced for hiding extended descriptions in customizer sections behind a help toggle as done with panels.
* CSS is stored in a `custom_css` post type with the theme (stylesheet) slug as the `post_name`.
* `WP_Customize_Custom_CSS_Setting` is introduced to handle validation of CSS, previewing, and persisting the CSS to the `custom_css` post type.
* The `custom_css` setting is tied to a new `unfiltered_css` capability which maps to `unfiltered_html` by default.
* Escaping the message in the notification template is removed to allow markup (`code` tags) to be rendered.
See https://make.wordpress.org/core/2016/10/11/feature-proposal-better-theme-customizations-via-custom-css-with-live-previews/
Props johnregan3, celloexpressions, folletto, westonruter.
Fixes#35395.
git-svn-id: https://develop.svn.wordpress.org/trunk@38829 602fd350-edb4-49c9-b593-d223f7449a82
[37920] introduced resource hints that allow browsers to prefetch specific pages or render them in the background. With this change, the `as`, `crossorigin`, `pr`, and `type` attributes can be passed in addition to the URLs/hosts.
Props peterwilsoncc, swissspidy.
Fixes#38121.
git-svn-id: https://develop.svn.wordpress.org/trunk@38826 602fd350-edb4-49c9-b593-d223f7449a82
This removes the fallbacks in `wp_get_attachment_image()` and in
`wp.media.string.props` which attempt to generate an `alt` value
from the image caption or title if an `alt` attribute isn't explicitly
set.
This allows for image HTML to be generated that contains an empty `alt`
value, i.e., `alt=""` which is much preferable for screen readers than
reading redundant content in the case of a caption, or when reading the
image title, which is often generated from the filename and not helpful
as `alt` text.
Props odie2, joedolson, rianrietveld, afercia, iamjolly, joemcgill.
Fixes#34635.
git-svn-id: https://develop.svn.wordpress.org/trunk@38812 602fd350-edb4-49c9-b593-d223f7449a82
Since there's no difference between using `date()` and `gmdate()` in WordPress, we can simply use the former in `date_i18n()` to reduce its complexity.
Adds tests.
Props jdgrimes for initial patch.
Fixes#37910.
git-svn-id: https://develop.svn.wordpress.org/trunk@38804 602fd350-edb4-49c9-b593-d223f7449a82
WordPress 4.4 introduced "hyphen exclusion" for search terms, so that
"foo -bar" would return posts containing "foo" AND not containing "bar".
The new filter 'wp_query_use_hyphen_for_exclusion' allows developers
to disable this feature when it's known that their content will contain
semantically important leading hyphens.
Props chriseverson, choongsavvii.
Fixes#38099.
git-svn-id: https://develop.svn.wordpress.org/trunk@38792 602fd350-edb4-49c9-b593-d223f7449a82
Support the index-style permalinks (http://example.com/index.php/postName) when registering the REST API rewrite rules and within the `get_rest_url()` function. This allows sites that do not have mod_rewrite support to have almost pretty urls and have access to their REST API endpoints.
Props kraftbj.
Fixes#38182.
git-svn-id: https://develop.svn.wordpress.org/trunk@38790 602fd350-edb4-49c9-b593-d223f7449a82
Adjusts `get_custom_logo()`, `get_site_icon_url()`, and `has_custom_logo()` so that when called in a switched state, the original switched stack is not adjusted.
Props achbed, flixos90.
Fixes#38253.
git-svn-id: https://develop.svn.wordpress.org/trunk@38786 602fd350-edb4-49c9-b593-d223f7449a82
This function was originally introduced to fix an XSS attack in Netscape 4, which never affected any other browsers, or later versions of Netscape.
I'm willing to go out on a limb, and say that we've officially dropped security support for Netscape 4.
Props dmsnell, desrosj.
Fixes#33848.
git-svn-id: https://develop.svn.wordpress.org/trunk@38785 602fd350-edb4-49c9-b593-d223f7449a82
Since 4.4, comment submission has been mostly abstracted into a function,
rather than being processed inline in wp-comments-post.php. This change
made it easier to write automated tests against the bulk of the comment
submission process. `wp_allow_comment()` remained untestable, however:
when a comment failed one of its checks (flooding, duplicates, etc),
`die()` or `wp_die()` would be called directly. This shortcoming posed
problems for any application attempting to use WP's comment verification
functions in an abstract way - from PHPUnit to the REST API.
The current changeset introduces a new parameter, `$avoid_die`, to the
`wp_new_comment()` stack. When set to `true`, `wp_new_comment()` and
`wp_allow_comment()` will return `WP_Error` objects when a comment check
fails. When set to `false` - the default, for backward compatibility -
a failed check will result in a `die()` or `wp_die()`, as appropriate.
Prior to this changeset, default comment flood checks took place in the
function `check_comment_flood_db()`, which was hooked to the
'check_comment_flood' action. This design allowed the default comment
flood routine to be bypassed or replaced using `remove_action()`.
In order to maintain backward compatibility with this usage, while
simultaneously converting the comment flood logic into something that
returns a value rather than calling `die()` directly,
`check_comment_flood_db()` has been changed into a wrapper function for
a call to `add_filter()`; this, in turn, adds the *actual* comment flood
check to a new filter, 'wp_is_comment_flood'. Note that direct calls
to `check_comment_flood_db()` will no longer do anything in isolation.
Props websupporter, rachelbaker.
Fixes#36901.
git-svn-id: https://develop.svn.wordpress.org/trunk@38778 602fd350-edb4-49c9-b593-d223f7449a82
Since [37573], `get_object_term_cache()` has expected term IDs to be
stored in the taxonomy relationship cache. The function would then
reach directly into the 'terms' cache to fetch the data corresponding
to a given term, before returning a `WP_Term` object. This caused
problems when, for one reason or another, term data was cached
inconsistently:
* If the 'terms' cache is empty for a given term ID, despite the earlier call to `_prime_term_caches()`, `get_term()` would return an error object.
* If the array of cached term IDs contains an invalid ID, `get_term()` would return an error object.
We avoid these errors by no longer touching the 'terms' cache directly,
but running term IDs through `get_term()` and allowing that function to
reference the cache (and database, as needed). If `get_term()` returns
an error object for any of the cached term IDs, `get_object_term_cache()`
will return that error object alone. This change ensures that upstream
functions, like `get_the_terms()`, return `WP_Error` objects in a
predictable fashion.
Props dd32, michalzuber.
Fixes#37291.
git-svn-id: https://develop.svn.wordpress.org/trunk@38776 602fd350-edb4-49c9-b593-d223f7449a82
Hiding the `$wpdb` global behind a property decreases the readability of the code, as well as causing irrelevant output when dumping an object.
Reverts [38275], [38278], [38279], [38280], [38387].
See #37699.
git-svn-id: https://develop.svn.wordpress.org/trunk@38768 602fd350-edb4-49c9-b593-d223f7449a82
Although unlikely, clashes in randomly generated strings could cause unexpected failures. In addition, most randomness is entirely unnecessary, is bad practice, and increases test time (however small it may be).
See #37371
git-svn-id: https://develop.svn.wordpress.org/trunk@38762 602fd350-edb4-49c9-b593-d223f7449a82
The position of this template within the hierarchy is of so little use that zero themes in the WordPress.org theme directory make use of it. It's second only to `index.php` in the hierarchy, meaning that any archive template such as `category.php` or `archive.php` will be chosen before it.
Fixes#38162
Props ryankienstra for initial patch
git-svn-id: https://develop.svn.wordpress.org/trunk@38755 602fd350-edb4-49c9-b593-d223f7449a82
This changes the global `$wp_taxonomies` to an array of `WP_Taxonomy ` objects. `WP_Taxonomy ` includes methods to handle rewrite rules and hooks.
Each taxonomy argument becomes a property of `WP_Taxonomy`. Introducing such a class makes further improvements in the future much more feasible.
Props boonebgorges for review.
Fixes#36224. See #36217.
git-svn-id: https://develop.svn.wordpress.org/trunk@38747 602fd350-edb4-49c9-b593-d223f7449a82
Trashed posts cannot be accessed by site visitors and thus should not be visible on the front end. By marking menu items of trashed posts as invalid, they are excluded from the output.
Props solarissmoke, swissspidy.
Fixes#19038.
git-svn-id: https://develop.svn.wordpress.org/trunk@38744 602fd350-edb4-49c9-b593-d223f7449a82
Use the value of the `comment_order` setting to determine the date_query key to pass to `WP_Comment_Query`.
Fixes a bug where sites that had comments ordered "newest" first would have the incorrect page number returned.
Props tyxla, boonebgorges.
Fixes#31101.
git-svn-id: https://develop.svn.wordpress.org/trunk@38740 602fd350-edb4-49c9-b593-d223f7449a82
When the 'comment_whitelist' option is enabled and the commenter is an authenticated user, query for the existence of an approved comment with a matching `user_id`. This allows authenticated users that have changed their email address to bypass having their comment held for moderation.
Props voldemortensen, rachelbaker.
Fixes#28603.
git-svn-id: https://develop.svn.wordpress.org/trunk@38738 602fd350-edb4-49c9-b593-d223f7449a82
Following [38625], any media searches that already included JOINs,
e.g., `tax_queries`, would get trampled when we joined the post meta
table to search for filenames. This preserves existing JOINs and
also only applies the `_filter_query_attachment_filenames()` filter
when a search query is being performed.
Props flixos90, joemcgill.
Fixes#22744.
git-svn-id: https://develop.svn.wordpress.org/trunk@38733 602fd350-edb4-49c9-b593-d223f7449a82
[38694] revealed some URL formats were been parsed incorrectly, including those used by Google Fonts. This change simplifies the function to use placeholder values which cause PHP's parsing to behave consistently.
Props jrf, peterwilsoncc.
Fixes#36356.
git-svn-id: https://develop.svn.wordpress.org/trunk@38726 602fd350-edb4-49c9-b593-d223f7449a82
New parameters are: `login`, `login__in`, `login__not_in`, `nicename`,
`nicename__in`, `nicename__not_in`.
`login__in` and `nicename__in` are also now valid values for the
'orderby' parameter.
Props ryanplas.
Fixes#36624.
git-svn-id: https://develop.svn.wordpress.org/trunk@38715 602fd350-edb4-49c9-b593-d223f7449a82
The addition of the `pre_do_shortcode_tag` in [38506] allows plugins to short-circuit the shortcode execution process, which is particularly helpful for caching expensive shortcodes.
The `do_shortcode_tag` is the corresponding part of that system - when a shortcode hasn't been executed previously, there needs to be a clean method of populating the cache.
Props flixos90.
Fixes#32790.
git-svn-id: https://develop.svn.wordpress.org/trunk@38713 602fd350-edb4-49c9-b593-d223f7449a82
Fixes a bug where the UI wasn't updated after deleting/updating a theme.
Also introduces unit tests for theme management ajax handlers. For now they're
focused on `wp_ajax_update_theme()` but they can include tests for other
handlers as well.
Props chrisjean for initial patch.
Fixes#37924.
git-svn-id: https://develop.svn.wordpress.org/trunk@38710 602fd350-edb4-49c9-b593-d223f7449a82
After [38634], this adjusts the behaviour to remove redundancy by not displaying the link if the latest posts are shown on the front page. In that scenario, the 'Visit Site' link already points to the latest posts.
Fixes#34113.
git-svn-id: https://develop.svn.wordpress.org/trunk@38708 602fd350-edb4-49c9-b593-d223f7449a82
By enabling the user to select their preferred locale when editing the profile, we allow for greater personalization of the WordPress admin and therefore a better user experience.
The back end will be displayed in the user's individual locale while the locale used on the front end equals the one set for the whole site. If the user didn't specify a locale, the site's locale will be used as a fallback. The new `locale` property of the `WP_User` class can be used to retrieve the user's locale setting.
Props ocean90, ipm-frommen, swissspidy.
Fixes#29783.
git-svn-id: https://develop.svn.wordpress.org/trunk@38705 602fd350-edb4-49c9-b593-d223f7449a82
Blindly casting IDs to absolute integers in `get_metadata_by_mid()`, `update_metadata_by_mid()` and `delete_metadata_by_mid()` can cause unexpected behaviour when a floating or negative number is passed.
Fixes#37746.
git-svn-id: https://develop.svn.wordpress.org/trunk@38699 602fd350-edb4-49c9-b593-d223f7449a82
This introduces the singular `edit_term`, `delete_term`, and `assign_term` meta capabilities for terms, and switches the base capability name for tags from `manage_categories` to `manage_post_tags` and the corresponding `edit_post_tags`, `delete_post_tags`, and `assign_post_tags`.
All of these capabilities ultimately map to `manage_categories` so by default there is no change in the behaviour of the capabilities for categories, tags, or custom taxonomies. The `map_meta_cap` filter and the `capabilities` argument when registering a taxonomy now allow for control over editing, deleting, and assigning individual terms, as well as a separation of capabilities for tags from those of categories.
Fixes#35614
Props johnjamesjacoby for feedback
git-svn-id: https://develop.svn.wordpress.org/trunk@38698 602fd350-edb4-49c9-b593-d223f7449a82
* Dailymotion: Use an URL for an existing video.
* Facebook: Remove URLs which don't exist and update provider map for [38691].
See #32360.
git-svn-id: https://develop.svn.wordpress.org/trunk@38692 602fd350-edb4-49c9-b593-d223f7449a82
It is possible to short circuit `get_site_by_path()` using the `pre_get_site_by_path` filter. When this happens and a standard site object is provided, we can make sure it is upgraded to a proper `WP_Site` object before passing it on.
Props flixos90.
Fixes#37053.
git-svn-id: https://develop.svn.wordpress.org/trunk@38681 602fd350-edb4-49c9-b593-d223f7449a82
Globals like `$pages` were leaking between tests, resulting in various
bits of weirdness.
Globals will kill WordPress. Globals are killing WordPress.
See #38196.
git-svn-id: https://develop.svn.wordpress.org/trunk@38678 602fd350-edb4-49c9-b593-d223f7449a82
`WP_Term_Query` already supports querying terms by 'slug', 'name', and 'term_taxonomy_id'. Its additional arguments allow us to generate nearly the same SQL queries as before.
This change has one yuge benefit: the term queries are now cached.
Add tests to increase coverage of `get_term_by()`.
Props spacedmonkey, boonebgorges, johnjamesjacoby, pento, ocean90.
Fixes#21760.
git-svn-id: https://develop.svn.wordpress.org/trunk@38677 602fd350-edb4-49c9-b593-d223f7449a82
The new 'object_ids' parameter for `WP_Term_Query` allows queries for
terms that "belong to" a given object. This change makes it possible
to use `WP_Term_Query` inside of `wp_get_object_terms()`, rather than
assembling a SQL query.
The refactor has a couple of benefits:
* Less redundancy.
* Better consistency in accepted arguments between the term query functions. See #31105.
* Less redundancy.
* Object term queries are now cached. The `get_object_term_cache()` cache remains, and will be a somewhat less fragile secondary cache in front of the query cache (which is subject to frequent invalidation).
* Less redundancy.
A small breaking change: Previously, if a non-hierarchical taxonomy had
terms that had a non-zero 'parent' (perhaps because of a direct SQL
query), `wp_get_object_terms()` would respect the 'parent' argument.
This is in contrast to `WP_Term_Query` and `get_terms()`, which have
always rejected 'parent' queries for non-hierarchical taxonomies. For
consistency, the behavior of `get_terms()` is being applied across the
board: passing 'parent' for a non-hierarchical taxonomy will result in
an empty result set (since the cached taxonomy hierarchy will be empty).
Props flixos90, boonebgorges.
See #37198.
git-svn-id: https://develop.svn.wordpress.org/trunk@38667 602fd350-edb4-49c9-b593-d223f7449a82
Because queries generated via `get_sites()` are cached, we can remove the `get_id_from_blogname` cache key.
Props flixos90.
Fixes#38175.
git-svn-id: https://develop.svn.wordpress.org/trunk@38659 602fd350-edb4-49c9-b593-d223f7449a82
Previously, if a network's domain started with `www.` in a subdomain configuration, a slug lookup with `get_id_from_blogname()` would not match an existing site. A similar lookup in a subdirectory configuration would work fine.
This strips `www.` from the network's domain in a subdomain configuration during the lookup and returns the site as expected.
Adds tests which would previously fail in a subdomain configuration, but now pass in both configurations.
Props igmoweb, flixos90.
Fixes#34450.
git-svn-id: https://develop.svn.wordpress.org/trunk@38658 602fd350-edb4-49c9-b593-d223f7449a82
An empty string in `WPLANG` is used to define the site language as `en_US`. The `! empty()` check didn't catch this case so that `wpmu_create_blog()` fell back to the network setting.
Fixes#36918.
git-svn-id: https://develop.svn.wordpress.org/trunk@38655 602fd350-edb4-49c9-b593-d223f7449a82
`wp_dropdown_users()` contains a whitelist of function params that are
passed through to `get_users()`. `role`, `role__in`, and `role__not_in`
have now been added to this whitelist.
Props sillybean.
Fixes#38135.
git-svn-id: https://develop.svn.wordpress.org/trunk@38651 602fd350-edb4-49c9-b593-d223f7449a82
This adds a new link to visit the post type archive if the post type supports it. Also introduces a new `view_items` label to `get_post_type_labels()`.
Props paulwilde, akibjorklund, swissspidy.
Fixes#34113.
git-svn-id: https://develop.svn.wordpress.org/trunk@38634 602fd350-edb4-49c9-b593-d223f7449a82
This applies a new private function, `_filter_query_attachment_filenames()`,
to the `post_clauses` filter hook during `wp_ajax_query_attachments()` and
`wp_edit_attachments_query_vars()` to include `_wp_attached_file` post meta
in search queries performed from the media library or in a `WP_Media_List_Table`.
Props wonderboymusic, DrewAPicture, joemcgill, swissspidy.
Fixes#22744.
git-svn-id: https://develop.svn.wordpress.org/trunk@38625 602fd350-edb4-49c9-b593-d223f7449a82
If there are no pages when the customizer is opened, the `static_front_page` section will be hidden. As soon as a page is created in the customizer session, the `static_front_page` section will be revealed. Previously the section would not be registered if there were no pages. Page stubs created via nav menus will appear in the `dropdown-pages` controls for `page_for_posts` and `page_on_front`, and such page stubs will thus cause the `static_front_page` section to appear. Plugins that facilitate page creation in the customizer by filtering `get_pages` will also cause the section to appear.
See #34923.
Fixes#38013.
git-svn-id: https://develop.svn.wordpress.org/trunk@38624 602fd350-edb4-49c9-b593-d223f7449a82
Use original title as placeholder for label and in control title. Prevent original title from overriding empty label in initial setting values.
Fixes#38015.
git-svn-id: https://develop.svn.wordpress.org/trunk@38618 602fd350-edb4-49c9-b593-d223f7449a82
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.
Props joemcgill.
Fixes#37989.
git-svn-id: https://develop.svn.wordpress.org/trunk@38614 602fd350-edb4-49c9-b593-d223f7449a82
Give developers the opportunity to reject incoming data without using the validation callback. It also enables us to do sanitization and validation in one function in instances where this could be useful.
Props websupporter, rmccue.
Fixes#37560.
git-svn-id: https://develop.svn.wordpress.org/trunk@38601 602fd350-edb4-49c9-b593-d223f7449a82
`wpautop()` considers double line breaks to be the separator between block level HTML elements. By adding two line breaks before a block element, this allows us to process the text before a block element correctly.
Fixes#4857.
git-svn-id: https://develop.svn.wordpress.org/trunk@38592 602fd350-edb4-49c9-b593-d223f7449a82
When comparing index definitions, normalise the index names to lower case, as they are not case sensitive within MySQL.
Fixes#34874.
git-svn-id: https://develop.svn.wordpress.org/trunk@38591 602fd350-edb4-49c9-b593-d223f7449a82
Re-use the same query vars in searching as when listing posts. Aligns with behavior of nav menus in customizer.
Fixes#33742.
Props welcher, westonruter.
git-svn-id: https://develop.svn.wordpress.org/trunk@38584 602fd350-edb4-49c9-b593-d223f7449a82