Before the docs implied the complexity of the function was O(1) by using the term "constant time", now we use the more descriptive term "Timing attack safe".
Props AramZS.
Fixes#32778.
git-svn-id: https://develop.svn.wordpress.org/trunk@35805 602fd350-edb4-49c9-b593-d223f7449a82
For accessibility, links inside lines or blocks of text should be always underlined.
Props walbo.
Fixes#34606.
git-svn-id: https://develop.svn.wordpress.org/trunk@35801 602fd350-edb4-49c9-b593-d223f7449a82
Previously when updating a post using wp_insert_post(), post_name was
regenerated based on post_title every time if post_name was not passed in
explicitly. This irons out the expectation that properties not passed into the
function should not be modified.
Props jason_the_adams.
Fixes#34865.
git-svn-id: https://develop.svn.wordpress.org/trunk@35800 602fd350-edb4-49c9-b593-d223f7449a82
Sometimes, it's easy to to type the the same word twice, especially if if it's a simple word. We probably shouldn't do do do (do do do doo) it, though.
(I've excluded external libs from this change.)
Fixes#34885.
git-svn-id: https://develop.svn.wordpress.org/trunk@35793 602fd350-edb4-49c9-b593-d223f7449a82
User dropdowns in wp-admin have traditionally shown the users' display names.
However, this causes ambiguity when users share display names. To correct this,
we now show the unique user_login in parentheses after the display name.
The new `display_name_with_login` value for the `show` parameter of
`wp_dropdown_users()` enables this functionality. The default value of `show`
has not been changed, for backward compatibility, but all instances of
`wp_dropdown_users()` in core wp-admin have been switched.
This changeset also reduces some duplicated logic when assembling a user list
when `include_selected` is true.
Props krogsgard, boonebgorges.
Fixes#31251.
git-svn-id: https://develop.svn.wordpress.org/trunk@35790 602fd350-edb4-49c9-b593-d223f7449a82
The whole string is escaped with `esc_html()` anyway, so we don't
need to `wp_kses_post()`. This is a better experience for users who
want to use angle brackets in their site title or description.
Does not allow any HTML, adds unit tests.
props BandonRandon, pauldewouters.
fixes#27942.
git-svn-id: https://develop.svn.wordpress.org/trunk@35788 602fd350-edb4-49c9-b593-d223f7449a82
New `network_site_new_created_user_pending` action fires before a new user will be created via the network site-new.php page.
Props mackensen
Fixes#33631
git-svn-id: https://develop.svn.wordpress.org/trunk@35786 602fd350-edb4-49c9-b593-d223f7449a82
Activation of a subdomain site is done through that new site's address. This address does not exist in the `wp_blogs` table until activation is complete.
In this case we need to make sure `public` is populated to avoid a PHP notice.
Props uglyrobot.
Fixes#24760.
git-svn-id: https://develop.svn.wordpress.org/trunk@35782 602fd350-edb4-49c9-b593-d223f7449a82
"Connected" because of REST API and cross-site embeds.
"Responsive" because of responsive images and under-the-hood tweaks.
See #34663.
git-svn-id: https://develop.svn.wordpress.org/trunk@35780 602fd350-edb4-49c9-b593-d223f7449a82
This gives us better compatibility with existing errors thrown by
`sanitize_user()`, especially in Multisite, where user_login has more
restrictions on allowed characters.
Props markjaquith.
Fixes#27317.
git-svn-id: https://develop.svn.wordpress.org/trunk@35772 602fd350-edb4-49c9-b593-d223f7449a82
In [34504], tabbing through row actions on comments that lacked links was broken. This restores the desired behavior and ensures that the row actions can be seen by no-js users.
Second Permanent Committer sign off was by WonderBoyMusic
See #15520Fixes#34791
Props afercia, azaozz
git-svn-id: https://develop.svn.wordpress.org/trunk@35771 602fd350-edb4-49c9-b593-d223f7449a82
In the data sent to us from the embedded iframe by postMessage(), the secret value is being used directly in a document.querySelectorAll() call without first being validated or escaped.
In theory, this could lead to some broken embeds.
Props mdawaffe.
Fixes#34831.
git-svn-id: https://develop.svn.wordpress.org/trunk@35761 602fd350-edb4-49c9-b593-d223f7449a82
Nikolay Bachiyski
John Blackbourn
Pascal Birchler
Mike Schroder
Andrea Fercia
Eric Andrew Lewis
Konstantin Kovshenin
Jeremy Felt
Gary Pendergast
Aaron D. Campbell
Michael Arestad
Boone Gorges
Rachel Baker
Drew Jaynes
Konstantin Obenland
Weston Ruter
Mark Jaquith
Andrew Nacin
Dion Hulse
Scott Taylor
Aaron Jorbin
Dominik Schilling (ocean90)
Helen Hou-Sandi
wonderboymusic