Commit Graph

32836 Commits

Author SHA1 Message Date
Boone Gorges a1f89f4e86 Use 'invalid_username' error code when tripping 'illegal_user_logins'.
This gives us better compatibility with existing errors thrown by
`sanitize_user()`, especially in Multisite, where user_login has more
restrictions on allowed characters.

Props markjaquith.
Fixes #27317.

git-svn-id: https://develop.svn.wordpress.org/trunk@35772 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 23:24:56 +00:00
Aaron Jorbin 6825c7226e Make comment screen row actions focusable
In [34504], tabbing through row actions on comments that lacked links was broken. This restores the desired behavior and ensures that the row actions can be seen by no-js users.

Second Permanent Committer sign off was by WonderBoyMusic

See #15520
Fixes #34791
Props afercia, azaozz



git-svn-id: https://develop.svn.wordpress.org/trunk@35771 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 23:12:57 +00:00
Scott Taylor 12f4c30551 Canonical: introduce `strip_fragment_from_url()` and use when comparing URLs in `redirect_canonical()`.
Props tellyworth.
Fixes #19918.


git-svn-id: https://develop.svn.wordpress.org/trunk@35770 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 23:10:09 +00:00
Drew Jaynes db281bf80e About page: Make strings translatable.
See #34663.


git-svn-id: https://develop.svn.wordpress.org/trunk@35769 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 18:08:21 +00:00
Drew Jaynes 267164d5b8 About page: Final string changes.
Props petya, ocean90, DrewAPicture
See #34663.


git-svn-id: https://develop.svn.wordpress.org/trunk@35768 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 17:54:35 +00:00
Dominik Schilling (ocean90) ec01033a2d Unit Tests: Implement `addWarning()` method in SpeedTrapListener.
The method was introduced in PHPUnit 5.1.0, released today.

Fixes #34846.

git-svn-id: https://develop.svn.wordpress.org/trunk@35767 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 16:40:10 +00:00
Drew Jaynes 1a3a997433 About page: Add non-breaking spaces to "Reddit Comments" and "Speaker Deck" oEmbed provider names to prevent line wrapping between the words.
Props ocean90.
See #34663.


git-svn-id: https://develop.svn.wordpress.org/trunk@35766 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 16:26:35 +00:00
Drew Jaynes cc5e86207b About page: Fix some minor string errors and simplify URL-building for the plugin install link for capable users.
Props ocean90, DrewAPicture
See #34663.


git-svn-id: https://develop.svn.wordpress.org/trunk@35765 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 16:12:51 +00:00
Dominik Schilling (ocean90) 5f4902605e Reset Password: Add a missing `new` operator for `WP_Error` in `get_password_reset_key()`.
Missed in [34923].

Fixes #34180.


git-svn-id: https://develop.svn.wordpress.org/trunk@35764 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 15:30:17 +00:00
Drew Jaynes 1035906de6 First pass of the 4.4 about page. Adds strings (not yet translatable) and screen shots (not CDN).
Props wonderboymusic, markjaquith, helen, nacin, liljimmi, mordauk, melchoyce, ryelle, ocean90, DrewAPicture
See #34663.


git-svn-id: https://develop.svn.wordpress.org/trunk@35763 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 12:23:24 +00:00
Andrew Nacin 12b1cc4410 Embeds: Enforce, via unit tests, the no-ampersand rule for wp-embed.js.
fixes #34698.


git-svn-id: https://develop.svn.wordpress.org/trunk@35762 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 05:45:29 +00:00
Scott Taylor dedff8fd0e WP oEmbed: validate the `secret` send via `postMessage` in `wp.receiveEmbedMessage`. Also, compare `window` instances.
In the data sent to us from the embedded iframe by postMessage(), the secret value is being used directly in a document.querySelectorAll() call without first being validated or escaped.

In theory, this could lead to some broken embeds.

Props mdawaffe.
Fixes #34831.


git-svn-id: https://develop.svn.wordpress.org/trunk@35761 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-03 20:16:28 +00:00
Helen Hou-Sandi 3e85312bbf Media: Avoid `rel="rel="` situations.
props lucymtc, swissspidy.
fixes #34826. see #32074.


git-svn-id: https://develop.svn.wordpress.org/trunk@35760 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-03 17:16:57 +00:00
Gary Pendergast 76367a145e Readme: Bump recommended MySQL version to 5.6, as 5.5 is now over 5 years old.
Happy birthday, MySQL 5.5! 

Fixes #34840.



git-svn-id: https://develop.svn.wordpress.org/trunk@35759 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-03 16:45:22 +00:00
Mark Jaquith 2ddab3adf8 Route HEAD API requests through the GET callback method
fixes #34837
props danielbachhuber

git-svn-id: https://develop.svn.wordpress.org/trunk@35758 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-03 16:34:00 +00:00
Boone Gorges 14eae0a8a7 Ensure that order is specified when querying for comment descendants.
Props tellyworth.
Fixes #34838.

git-svn-id: https://develop.svn.wordpress.org/trunk@35757 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-03 15:49:37 +00:00
wonderboymusic 594ce27b61 Install: after [35508], the margin on the header for the Install screen is too big.
Props SergeyBiryukov.
Fixes #34819.


git-svn-id: https://develop.svn.wordpress.org/trunk@35756 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-01 21:01:02 +00:00
Scott Taylor a8523ae92a Responsive Images: Currently images are included in the `srcset` if the aspect ratio difference is smaller than `0.01`. This number is too high, set it to `0.002`
Props joemcgill.
Fixes #34810.


git-svn-id: https://develop.svn.wordpress.org/trunk@35755 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-01 20:57:42 +00:00
Scott Taylor aad857409b Customize Unit Tests: also `remove_action( 'after_setup_theme', 'twentysixteen_setup' )`. TwentyFifteen is already removed.
See #31550.


git-svn-id: https://develop.svn.wordpress.org/trunk@35754 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-01 20:55:22 +00:00
Scott Taylor 69900349ca Media: don't use `get_media_embedded_in_content()` in `wp_make_content_images_responsive()`.
Adds unit test.

Props azaozz.
Fixes #34807.


git-svn-id: https://develop.svn.wordpress.org/trunk@35753 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-01 20:49:13 +00:00
Scott Taylor a69f591c55 Media: show Trash filter for Media list table when `MEDIA_TRASH` is true.
Props chacha102.
Fixes #34795.


git-svn-id: https://develop.svn.wordpress.org/trunk@35752 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-01 20:47:24 +00:00
Scott Taylor c8b7126cbf Unit Tests: fix responsive image unit tests. Correct the logic in video shortcode unit test for width.
Props joemcgill, wonderboymusic.
Fixes #34790.


git-svn-id: https://develop.svn.wordpress.org/trunk@35751 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-01 20:44:54 +00:00
Ryan McCue cfbd88836d REST API: Unabbreviate error string.
Props daniel-koskinen.
Fixes #34818.


git-svn-id: https://develop.svn.wordpress.org/trunk@35750 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-30 09:50:56 +00:00
Mark Jaquith baa1da6c57 Do not pass FALSE as second parameter in variable class_exists() checks
Because these are generally plugin-provided, we want plugins to be
able to use autoloaders.

fixes #20523

git-svn-id: https://develop.svn.wordpress.org/trunk@35749 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-30 04:14:31 +00:00
John Blackbourn 6565b3e423 In a similar vein to [34133], escape the email address and IP address of comment authors to increase defence in depth.
git-svn-id: https://develop.svn.wordpress.org/trunk@35748 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-29 02:40:42 +00:00
John Blackbourn da2acf666a When a post is scheduled for publication, treat it the same as a published post when calculating the capabilities required to edit or delete it.
Fixes #33694


git-svn-id: https://develop.svn.wordpress.org/trunk@35747 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-29 02:24:15 +00:00
John Blackbourn 518805f447 Remove debug mode from WP-CLI by default, as it now outputs too much debugging information to be of use during normal development.
Fixes #34801
Props rodrigosprimo


git-svn-id: https://develop.svn.wordpress.org/trunk@35746 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-28 18:36:06 +00:00
John Blackbourn a8ea7d98b5 Ensure the correct error message is returned when a user attempts to comment on a post to which they do not have access.
Adds more tests.


git-svn-id: https://develop.svn.wordpress.org/trunk@35745 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-28 18:28:54 +00:00
Scott Taylor 4476731011 WordPress 4.4 RC 1 version bump
git-svn-id: https://develop.svn.wordpress.org/trunk@35744 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-25 23:01:35 +00:00
Scott Taylor 3494cb3ed0 WordPress 4.4 RC 1
git-svn-id: https://develop.svn.wordpress.org/trunk@35743 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-25 22:52:22 +00:00
Dominik Schilling (ocean90) daa3fe4d26 Users: Allow to create users without sending an email to the new user.
This adds a checkbox to `wp-admin/user-new.php` to prevent sending an email with the username and a password reset link to the new user. Restores the behavior of pre-4.3.

Fixes #33504.
Props tharsheblows, SergeyBiryukov, DrewAPicture, ocean90.

git-svn-id: https://develop.svn.wordpress.org/trunk@35742 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-25 22:37:35 +00:00
Ryan McCue 6b37ee4b48 REST API: Mark WP_REST_Server::get_raw_data as static.
This is just a utility function for getting the request body, not
tied to the server class.

Fixes #34768.


git-svn-id: https://develop.svn.wordpress.org/trunk@35741 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-25 22:21:51 +00:00
Helen Hou-Sandi 4c249c3445 Avoid potential fatal errors after [35718].
While these classes are intended for admin use, there are developers out there who include `wp-admin/includes/template.php` to access them in other contexts. There is no intention to continue to support this indefinitely, but a breaking change like that would need to happen very early in a cycle and communicated loudly.

In the meantime, if you're reading this commit message and you do the above, please update your code to not do that. Thank you :)

fixes #33413.


git-svn-id: https://develop.svn.wordpress.org/trunk@35740 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-25 22:18:49 +00:00
Helen Hou-Sandi fba0cc8876 Set Twenty Sixteen as the default theme.
With thanks to all those who contributed.

props iamtakashi, karmatosed, iandstewart, dd32, mor10, grapplerulrich, davidakennedy, frank-klein, tywayne, wenthemes, monika, metodiew, nhuja, headonfire, Chrisdc1, philiparthurmoore, karpstrucking, cais, mt8.biz, fjarrett, sdavis2702, SergeyBiryukov, eduardozulian, webdevmattcrom, ehtis, peterwilsoncc, tfrommen, fsylum, wonderboymusic, ocean90, obenland, cainm, mrahmadawais, drewapicture, trenzterra, tevko, kraftbj, walbo, nacin.
fixes #34306.


git-svn-id: https://develop.svn.wordpress.org/trunk@35739 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-25 21:51:07 +00:00
Scott Taylor 663b7f28ff Upgrade: New themes are not automatically installed on upgrade. This can still be explicitly asked for by defining `CORE_UPGRADE_SKIP_NEW_BUNDLED` as `false`.
In `populate_options()`, if the theme specified by `WP_DEFAULT_THEME` doesn't exist, fall back to the latest core default theme. If we can't find a core default theme, `WP_DEFAULT_THEME` is the best we can do. 

Props nacin, jeremyfelt, dd32.
See #34306.


git-svn-id: https://develop.svn.wordpress.org/trunk@35738 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-25 21:44:02 +00:00
Konstantin Obenland 2be61281f0 Template: Defining a default value for `show_home` breaks back compat.
To add a home link to the fallback menu output many themes only check if that
argument is set. Including Twenty Ten and Twenty Eleven. They check with
`isset()` so child themes and other instances using `wp_page_menu()` have a
chance to disable the home link by setting it to `false`.

Fixes #11095.



git-svn-id: https://develop.svn.wordpress.org/trunk@35737 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-25 18:54:51 +00:00
Scott Taylor dc167a20e5 Add a unit test for `wp_nav_menu()` with `container => ''`
See #32464.



git-svn-id: https://develop.svn.wordpress.org/trunk@35736 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-25 18:18:37 +00:00
Dominik Schilling (ocean90) d1ec5b6ac3 Passwords: Support the pre-4.3 behavior of `wp_new_user_notification()`.
Hello, it's me again. A pluggable function named `wp_new_user_notification()`. A few months ago, after [33023], I have lost my second parameter `$plaintext_pass`. But thanks to [33620] I got a new one.
Bad idea - It hasn't had the same behavior as my previous parameter.
To solve that the second parameter got deprecated and reintroduced as the third parameter in [34116]. I was happy again, for a short time.
You remember my lost friend `$plaintext_pass`? No? Well, if its value was empty no notification was sent to the user. This behavior was still lost. And that's what this change is about: Don't notify a user if a plugin uses `wp_new_user_notification( $user_id )`.

You're asking if I'm happy now? Dunno, but maybe you have learned something about pluggable functions, have you?

Props danielbachhuber.
Fixes #34377.

git-svn-id: https://develop.svn.wordpress.org/trunk@35735 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-24 23:06:03 +00:00
Dominik Schilling (ocean90) 50c47fa78c HTTP Tests: Use `login.wordpress.org/wp-login.php` in `test_get_response_cookies()`.
The old URL redirects to `login.wordpress.org` because it's the new canonical URL for all logins on wordpress.org.

Fixes #34782.

git-svn-id: https://develop.svn.wordpress.org/trunk@35734 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-24 21:59:23 +00:00
Dominik Schilling (ocean90) a32d38c9f0 Passwords: Re-enable password fields before submitting the form.
Avoids an PHP undefined notice when creating new users.

Fixes #33699.

git-svn-id: https://develop.svn.wordpress.org/trunk@35733 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-24 21:16:02 +00:00
Sergey Biryukov 6f310a775d Users: Move the tests added in [35116] and [35618] to a more appropriate place and give them a better name.
See #28435, #29880.

git-svn-id: https://develop.svn.wordpress.org/trunk@35732 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-23 18:39:20 +00:00
Sergey Biryukov 282e87a683 Docs: Improve DocBlock formatting for `add_menu_page()` and `add_submenu_page()` wrappers.
See #34360.

git-svn-id: https://develop.svn.wordpress.org/trunk@35731 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-23 17:55:24 +00:00
Helen Hou-Sandi 87fa157bf8 Pass the `$post` object as context to `postmeta_form_keys`.
see #33885, #18979.


git-svn-id: https://develop.svn.wordpress.org/trunk@35730 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-23 17:14:39 +00:00
Gary Pendergast d0e3670401 Docs: Replace a reference to WP.org with WordPress.org.
git-svn-id: https://develop.svn.wordpress.org/trunk@35729 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-22 22:37:32 +00:00
Andrew Ozz a78706fe36 Editor: remove wpLink dependency on jQuery UI.
Props afercia.
Fixes #34716.

git-svn-id: https://develop.svn.wordpress.org/trunk@35728 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-22 19:26:18 +00:00
Andrew Ozz fdde197d93 TinyMCE: fix the regexp used to protect line breaks inside script and pre tags to match `<script>` that load external scripts.
Fixes #34760.

git-svn-id: https://develop.svn.wordpress.org/trunk@35727 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-22 19:12:21 +00:00
Sergey Biryukov b513ea197b Comments: After [35670], change the CSS class for the pending comments count back to `moderated`.
Fixes #34680.

git-svn-id: https://develop.svn.wordpress.org/trunk@35726 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-22 15:22:38 +00:00
Sergey Biryukov 3e634c753e After [35718], update the location of some files in `This filter is documented in` docs.
Partially reverts [33954].

Fixes #33413.

git-svn-id: https://develop.svn.wordpress.org/trunk@35725 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-22 03:50:32 +00:00
Weston Ruter 89f49aad80 Customize: Ensure that a setting (especially a multidimensional one) can still be previewed when the post value to preview is set after `preview()` is invoked.
* Introduce `customize_post_value_set_{$setting_id}` and `customize_post_value_set` actions which are done when `WP_Customize_Manager::set_post_value()` is called.
* Clear the `preview_applied` flag for aggregated multidimensional settings when a post value is set. This ensures the new value is used instead of a previously-cached previewed value.
* Move `$is_preview` property from subclasses to `WP_Customize_Setting` parent class.
* Deferred preview: Ensure that when `preview()` short-circuits due to not being applicable that it will be called again later when the post value is set.
* Populate post value for updated-widget with the (unsanitized) JS-value in `WP_Customize_Widgets::call_widget_update()` so that value will be properly sanitized when accessed in `WP_Customize_Manager::post_value()`.

Includes unit tests with assertions to check the reported issues and validate the fixes.

Fixes defect introduced in [35007].
See #32103.
Fixes #34738.


git-svn-id: https://develop.svn.wordpress.org/trunk@35724 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-21 02:51:57 +00:00
Sergey Biryukov 692d7b820f Comments: In `comment_form()`, introduce the `comment_form_fields` filter for comment fields, including the textarea.
Correct the docs for `comment_notes_before` and `comment_notes_after` arguments as well as `comment_form_before_fields` and `comment_form_after_fields` actions to better describe the current behaviour.

Fixes #34731.

git-svn-id: https://develop.svn.wordpress.org/trunk@35723 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-20 18:55:31 +00:00