Commit Graph

1395 Commits

Author SHA1 Message Date
John Blackbourn
a7f713f45d Introduce tests for the unfiltered_upload capability, which no user should have (unless the ALLOW_UNFILTERED_UPLOADS constant is defined).
See #35024


git-svn-id: https://develop.svn.wordpress.org/trunk@35871 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-11 21:54:05 +00:00
John Blackbourn
e76be26406 Add assertions for role names as capabilities in the capabilities tests. This ensures the role name is only available as a capability to the corresponding role.
See #35007


git-svn-id: https://develop.svn.wordpress.org/trunk@35863 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-11 11:06:28 +00:00
Boone Gorges
4c1c287413 Be sure to force-delete when cleaning up fixtures in get_comment_link() tests.
Introduced in [35857].

Mega-super-anti-props boonebgorges.

git-svn-id: https://develop.svn.wordpress.org/trunk@35858 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-11 02:46:37 +00:00
Boone Gorges
3626449004 Share fixtures in get_comment_link() tests.
See #30017.

git-svn-id: https://develop.svn.wordpress.org/trunk@35857 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-11 02:26:43 +00:00
Rachel Baker
d13adcc9bf Comments: Comments don’t need no Post ID when created, so they don’t be needing one to be edited.
In `wp_update_comment()` only check if the given `comment_post_ID` is valid if it isn’t `0`.  This allows comments that were created programmatically via `wp_insert_comment()` without the (optional) `comment_post_ID` parameter to be edited.

Props subharanjan for the initial patch.
Fixes #34954



git-svn-id: https://develop.svn.wordpress.org/trunk@35853 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-10 15:16:51 +00:00
Boone Gorges
52384c2e6b Improve handling for WP_Error objects in get_the_terms().
`wp_get_object_terms()` can return a `WP_Error` object. As such, the
`get_the_terms()` cache wrapper should handle them properly. To wit:

* Don't try to map an error object to `get_term()`. Introduced in [35032].
* Don't cache an error object as taxonomy relationships. Introduced in at least [16487], maybe earlier.

Props stephenharris.
Fixes #34723.

git-svn-id: https://develop.svn.wordpress.org/trunk@35850 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-10 03:34:51 +00:00
John Blackbourn
ad338fb3d0 Comments: Commit tests missed in [35848].
See #28617


git-svn-id: https://develop.svn.wordpress.org/trunk@35849 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-10 03:15:44 +00:00
John Blackbourn
c2f597280b Formatting: Don't make links inside <script> and <style> tags clickable.
Fixes #30162
Props ninos-ego, adamsilverstein


git-svn-id: https://develop.svn.wordpress.org/trunk@35847 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-09 23:54:24 +00:00
Mike Schroder
5b025834f9 Media: Don't generate responsive image attributes if src does not match ID in wp-image- class.
We rely on the `wp-image-` class to quickly find an attachment ID to add responsive image attributes.
To avoid incorrect images being displayed, do not add these attributes if the `src` does not match the
meta from the attachment ID in the class.

Props azaozz, kovshenin, joemcgill.
Fixes: #34898.


git-svn-id: https://develop.svn.wordpress.org/trunk@35820 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-07 20:07:37 +00:00
Joe Hoyle
0a2a83056c Prevent unnecessary $wpdb->update() when hierarchical post doesn't have children.
Props danielbachhuber.
Fixes #34896.


git-svn-id: https://develop.svn.wordpress.org/trunk@35817 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-07 17:46:35 +00:00
Weston Ruter
f57e09f0fc Customizer: Apply customize_dynamic_setting_class and customize_dynamic_setting_args filters in calls to WP_Customize_Manager::add_setting( $id, $args ).
Ensure that plugin filters apply as expected for any settings registered statically without passing in an explicit class instance to `WP_Customize_Manager::add_setting()`.

Fixes #34597.


git-svn-id: https://develop.svn.wordpress.org/trunk@35810 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-06 23:21:46 +00:00
Eric Andrew Lewis
a84227aab7 Posts: Don't modify post_name if it wasn't supplied to wp_insert_post().
Previously when updating a post using wp_insert_post(), post_name was 
regenerated based on post_title every time if post_name was not passed in 
explicitly. This irons out the expectation that properties not passed into the 
function should not be modified.

Props jason_the_adams. 
Fixes #34865.


git-svn-id: https://develop.svn.wordpress.org/trunk@35800 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-06 21:57:59 +00:00
Boone Gorges
ded2547b57 Show user_login in Dashboard user dropdowns.
User dropdowns in wp-admin have traditionally shown the users' display names.
However, this causes ambiguity when users share display names. To correct this,
we now show the unique user_login in parentheses after the display name.

The new `display_name_with_login` value for the `show` parameter of
`wp_dropdown_users()` enables this functionality. The default value of `show`
has not been changed, for backward compatibility, but all instances of
`wp_dropdown_users()` in core wp-admin have been switched.

This changeset also reduces some duplicated logic when assembling a user list
when `include_selected` is true.

Props krogsgard, boonebgorges.
Fixes #31251.

git-svn-id: https://develop.svn.wordpress.org/trunk@35790 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-06 20:56:11 +00:00
Konstantin Kovshenin
1aa7dda524 Allow usage of angle brackets in a site title or tagline.
The whole string is escaped with `esc_html()` anyway, so we don't
need to `wp_kses_post()`. This is a better experience for users who
want to use angle brackets in their site title or description.
Does not allow any HTML, adds unit tests.

props BandonRandon, pauldewouters.
fixes #27942.


git-svn-id: https://develop.svn.wordpress.org/trunk@35788 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-06 20:28:26 +00:00
Weston Ruter
1689948965 Customizer: Return added instances for panels, sections, controls, and settings when calling WP_Customize_Manager::add_*() methods.
Add missing phpDoc.

Props fusillicode, jubstuff.
Fixes #34596.


git-svn-id: https://develop.svn.wordpress.org/trunk@35781 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-06 18:09:42 +00:00
Scott Taylor
f89c25a43d REST API: Core typically sends nocache headers on all auth'ed responses, as in wp, admin-ajax, etc. Because the REST API infrastructure is hooked in pre-wp, we should be setting this ourselves.
Adds unit tests.

Props joehoyle.
Fixes #34832.


git-svn-id: https://develop.svn.wordpress.org/trunk@35773 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 23:35:54 +00:00
Boone Gorges
a1f89f4e86 Use 'invalid_username' error code when tripping 'illegal_user_logins'.
This gives us better compatibility with existing errors thrown by
`sanitize_user()`, especially in Multisite, where user_login has more
restrictions on allowed characters.

Props markjaquith.
Fixes #27317.

git-svn-id: https://develop.svn.wordpress.org/trunk@35772 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 23:24:56 +00:00
Dominik Schilling (ocean90)
ec01033a2d Unit Tests: Implement addWarning() method in SpeedTrapListener.
The method was introduced in PHPUnit 5.1.0, released today.

Fixes #34846.

git-svn-id: https://develop.svn.wordpress.org/trunk@35767 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 16:40:10 +00:00
Andrew Nacin
12b1cc4410 Embeds: Enforce, via unit tests, the no-ampersand rule for wp-embed.js.
fixes #34698.


git-svn-id: https://develop.svn.wordpress.org/trunk@35762 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-04 05:45:29 +00:00
Mark Jaquith
2ddab3adf8 Route HEAD API requests through the GET callback method
fixes #34837
props danielbachhuber

git-svn-id: https://develop.svn.wordpress.org/trunk@35758 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-03 16:34:00 +00:00
Scott Taylor
aad857409b Customize Unit Tests: also remove_action( 'after_setup_theme', 'twentysixteen_setup' ). TwentyFifteen is already removed.
See #31550.


git-svn-id: https://develop.svn.wordpress.org/trunk@35754 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-01 20:55:22 +00:00
Scott Taylor
69900349ca Media: don't use get_media_embedded_in_content() in wp_make_content_images_responsive().
Adds unit test.

Props azaozz.
Fixes #34807.


git-svn-id: https://develop.svn.wordpress.org/trunk@35753 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-01 20:49:13 +00:00
Scott Taylor
c8b7126cbf Unit Tests: fix responsive image unit tests. Correct the logic in video shortcode unit test for width.
Props joemcgill, wonderboymusic.
Fixes #34790.


git-svn-id: https://develop.svn.wordpress.org/trunk@35751 602fd350-edb4-49c9-b593-d223f7449a82
2015-12-01 20:44:54 +00:00
John Blackbourn
da2acf666a When a post is scheduled for publication, treat it the same as a published post when calculating the capabilities required to edit or delete it.
Fixes #33694


git-svn-id: https://develop.svn.wordpress.org/trunk@35747 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-29 02:24:15 +00:00
John Blackbourn
a8ea7d98b5 Ensure the correct error message is returned when a user attempts to comment on a post to which they do not have access.
Adds more tests.


git-svn-id: https://develop.svn.wordpress.org/trunk@35745 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-28 18:28:54 +00:00
Scott Taylor
663b7f28ff Upgrade: New themes are not automatically installed on upgrade. This can still be explicitly asked for by defining CORE_UPGRADE_SKIP_NEW_BUNDLED as false.
In `populate_options()`, if the theme specified by `WP_DEFAULT_THEME` doesn't exist, fall back to the latest core default theme. If we can't find a core default theme, `WP_DEFAULT_THEME` is the best we can do. 

Props nacin, jeremyfelt, dd32.
See #34306.


git-svn-id: https://develop.svn.wordpress.org/trunk@35738 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-25 21:44:02 +00:00
Scott Taylor
dc167a20e5 Add a unit test for wp_nav_menu() with container => ''
See #32464.



git-svn-id: https://develop.svn.wordpress.org/trunk@35736 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-25 18:18:37 +00:00
Dominik Schilling (ocean90)
d1ec5b6ac3 Passwords: Support the pre-4.3 behavior of wp_new_user_notification().
Hello, it's me again. A pluggable function named `wp_new_user_notification()`. A few months ago, after [33023], I have lost my second parameter `$plaintext_pass`. But thanks to [33620] I got a new one.
Bad idea - It hasn't had the same behavior as my previous parameter.
To solve that the second parameter got deprecated and reintroduced as the third parameter in [34116]. I was happy again, for a short time.
You remember my lost friend `$plaintext_pass`? No? Well, if its value was empty no notification was sent to the user. This behavior was still lost. And that's what this change is about: Don't notify a user if a plugin uses `wp_new_user_notification( $user_id )`.

You're asking if I'm happy now? Dunno, but maybe you have learned something about pluggable functions, have you?

Props danielbachhuber.
Fixes #34377.

git-svn-id: https://develop.svn.wordpress.org/trunk@35735 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-24 23:06:03 +00:00
Dominik Schilling (ocean90)
50c47fa78c HTTP Tests: Use login.wordpress.org/wp-login.php in test_get_response_cookies().
The old URL redirects to `login.wordpress.org` because it's the new canonical URL for all logins on wordpress.org.

Fixes #34782.

git-svn-id: https://develop.svn.wordpress.org/trunk@35734 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-24 21:59:23 +00:00
Sergey Biryukov
6f310a775d Users: Move the tests added in [35116] and [35618] to a more appropriate place and give them a better name.
See #28435, #29880.

git-svn-id: https://develop.svn.wordpress.org/trunk@35732 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-23 18:39:20 +00:00
Weston Ruter
89f49aad80 Customize: Ensure that a setting (especially a multidimensional one) can still be previewed when the post value to preview is set after preview() is invoked.
* Introduce `customize_post_value_set_{$setting_id}` and `customize_post_value_set` actions which are done when `WP_Customize_Manager::set_post_value()` is called.
* Clear the `preview_applied` flag for aggregated multidimensional settings when a post value is set. This ensures the new value is used instead of a previously-cached previewed value.
* Move `$is_preview` property from subclasses to `WP_Customize_Setting` parent class.
* Deferred preview: Ensure that when `preview()` short-circuits due to not being applicable that it will be called again later when the post value is set.
* Populate post value for updated-widget with the (unsanitized) JS-value in `WP_Customize_Widgets::call_widget_update()` so that value will be properly sanitized when accessed in `WP_Customize_Manager::post_value()`.

Includes unit tests with assertions to check the reported issues and validate the fixes.

Fixes defect introduced in [35007].
See #32103.
Fixes #34738.


git-svn-id: https://develop.svn.wordpress.org/trunk@35724 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-21 02:51:57 +00:00
Gary Pendergast
274bb41c04 Texturize: Only convert & to &#038; within text nodes.
Previously, `&` would be converted everywhere, which caused problems when it was converted within a `<script>`, for example.

`convert_chars()` is now removed from the `the_content` filter, as it was doing the same job as `wptexturize()`.

KSES correctly handles converting `&` within HTML attributes, so there's no need for `wptexturize()` and `convert_chars()` to do the same job.

Fixes #34698.



git-svn-id: https://develop.svn.wordpress.org/trunk@35709 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-19 23:31:00 +00:00
John Blackbourn
71c0c35c24 Ensure the count for users with no role remains accurate when users with multiple roles are present.
See #34495


git-svn-id: https://develop.svn.wordpress.org/trunk@35707 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-19 17:10:47 +00:00
John Blackbourn
4920716b4d Clean up the grammarian role so it doesn't pollute other tests.
See #24153


git-svn-id: https://develop.svn.wordpress.org/trunk@35705 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-19 16:46:43 +00:00
Scott Taylor
56d7611f09 Rewrite: alleviate conflicts between image attachment pages and posts when permalink structure is /%postname%/.
Adds unit test.

Props SergeyBiryukov.
Fixes #24612.


git-svn-id: https://develop.svn.wordpress.org/trunk@35679 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-18 19:58:01 +00:00
Scott Taylor
4aa34cf092 Media: when making images responsive, check if they already have a sizes attribute.
Adds unit test.

Props jaspermdegroot.
Fixes #34678.


git-svn-id: https://develop.svn.wordpress.org/trunk@35678 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-18 19:47:11 +00:00
John Blackbourn
355e768312 Update WP_REST_Response::as_error() to handle the new format error responses introduced in [35653].
Props danielbachhuber
Fixes #34551


git-svn-id: https://develop.svn.wordpress.org/trunk@35671 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-18 18:28:55 +00:00
Ryan McCue
52bdf9d6a5 REST API: Remove redundant "0" parameter.
This is just an artifact of how we parse the URL, and is already available
via $request->get_route()

Props danielbachhuber.
Fixes #34647.


git-svn-id: https://develop.svn.wordpress.org/trunk@35659 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-18 07:23:38 +00:00
Gary Pendergast
d55c605242 WPDB: Fall back to the connection charset when sanity checking strings.
If `DB_CHARSET` isn't defined (or is empty), `wpdb::$charset` will be empty, too. `wpdb::strip_invalid_text()` assumes that it isn't empty, however, so we need to fall back to the connection character set when we're running our sanity checks.

Fixes #34708.



git-svn-id: https://develop.svn.wordpress.org/trunk@35655 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-17 06:12:08 +00:00
Ryan McCue
6ad5ee9786 REST API: Update tests for [35653]
See #34551.


git-svn-id: https://develop.svn.wordpress.org/trunk@35654 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-17 05:26:30 +00:00
Ryan McCue
0a501976db REST API: Require namespace when registering routes.
Props danielbachhuber.
Fixes #34416.


git-svn-id: https://develop.svn.wordpress.org/trunk@35651 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-17 02:38:31 +00:00
John Blackbourn
002b44dc08 Revert [35639] pending investigation into failures on PHP 5.2.
See #19455


git-svn-id: https://develop.svn.wordpress.org/trunk@35641 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-16 00:53:30 +00:00
John Blackbourn
b32cf6875f On servers running PHP <= 5.4 which have magic_quotes_sybase enabled, the superglobals need to be magic-quoted before magic_quotes_sybase is subsequently disabled to avoid incorrect un-slashing. This must surely effect a miniscule number of servers, but so be it.
Fixes #19455
Props summerblue, kurtpayne, lucatume


git-svn-id: https://develop.svn.wordpress.org/trunk@35639 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-15 22:59:51 +00:00
Weston Ruter
0068d161b3 Customize: Exclude referer URL from being used for Close link if it is customize.php.
This fixes an edge case where the Close button could never link the user out of the Customizer, if the user initially accessed it without a `url` param and then clicked a link (provided by a plugin) that took them to another `customize.php` URL.

See #32637.


git-svn-id: https://develop.svn.wordpress.org/trunk@35635 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-13 05:24:28 +00:00
Sergey Biryukov
98cc2557ad Fix failing multisite test after [35629].
See #27317.

git-svn-id: https://develop.svn.wordpress.org/trunk@35631 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-12 17:11:46 +00:00
Sergey Biryukov
0cff629050 Users: After [35189], make 'illegal_user_logins' check case-insensitive.
Props juliobox.
Fixes #27317.

git-svn-id: https://develop.svn.wordpress.org/trunk@35629 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-12 16:29:45 +00:00
Scott Taylor
688c155dd8 Users: in wp_insert_user(), when a password isn't provided and the user exists, ensure that the password isn't wiped out.
Adds unit test.

Props leewillis77.
Fixes #29880.


git-svn-id: https://develop.svn.wordpress.org/trunk@35618 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-11 22:30:27 +00:00
Scott Taylor
5462b6c6e9 Mail: after [33124], add unit tests.
Props mdawaffe.
Fixes #28039.


git-svn-id: https://develop.svn.wordpress.org/trunk@35617 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-11 22:04:59 +00:00
Boone Gorges
c13a263830 When deleting a term, delete its metadata as well.
Props barryceelen.
Fixes #34626.

git-svn-id: https://develop.svn.wordpress.org/trunk@35585 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-09 03:35:56 +00:00
Weston Ruter
0e39b86500 Customize: Fix broken unit test for WP_Customize_Nav_Menu_Item_Setting::value_as_wp_post_nav_menu_item().
Fixes issue in [35580] which caused unit tests to fail while run under multisite.

Fixes #32812.



git-svn-id: https://develop.svn.wordpress.org/trunk@35583 602fd350-edb4-49c9-b593-d223f7449a82
2015-11-09 02:56:01 +00:00