Use `wp_kses()` to clean comment_content for preg_match against the blacklist_keys. Also includes some initial unit tests for `wp_blacklist_check()`.
Previously, if a blacklisted key was used in comment_content split by an html tag the regex in `wp_blacklist_check()` would not find a match. Example: Where "springfield" was a blacklisted word, if the content of a comment included `spring<i>field</i>" `wp_blacklist_check()` would not return true.
Props cfinke.
Fixes#37208.
git-svn-id: https://develop.svn.wordpress.org/trunk@38047 602fd350-edb4-49c9-b593-d223f7449a82
When using `register_meta()` with the function signature from 4.5 and earlier, the `auth_{$type}_meta_{$key}` and `sanitize_{$type}_meta_{$key}` filters are used. Any calls to `register_meta()` expecting this behavior should continue to work. The new filters, which take advantage of object subtypes, should not be added unless the proper `$args` array is passed.
See #35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@38041 602fd350-edb4-49c9-b593-d223f7449a82
If auth and/or sanitize callbacks are specified in the arguments for
`register_meta()`, filters are added to handle these callbacks. These
should be removed when calling `unregister_meta_key()` to avoid
unintentional filtering.
See #35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@38040 602fd350-edb4-49c9-b593-d223f7449a82
To enhance accessibility for items without a link you can now define `tabindex="0"`, which makes descendant dropdowns accessible.
Props joedolson, afercia, ocean90.
Fixes#32495.
git-svn-id: https://develop.svn.wordpress.org/trunk@38035 602fd350-edb4-49c9-b593-d223f7449a82
40M isn't enough and can lead to an "out of memory" error. Change `test_wp_raise_memory_limit()` to test that `wp_raise_memory_limit()` doesn't *lower* the memory limit.
See [38015].
See #32075.
git-svn-id: https://develop.svn.wordpress.org/trunk@38016 602fd350-edb4-49c9-b593-d223f7449a82
* Don't lower memory limit if the current limit is greater than `WP_MAX_MEMORY_LIMIT`.
* Set `WP_MEMORY_LIMIT` and `WP_MAX_MEMORY_LIMIT` to current limit if the `memory_limit` setting can't be changed at runtime.
* Use `wp_convert_hr_to_bytes()` when parsing the value of the `memory_limit` setting because it can be a shorthand or an integer value.
* Introduce `wp_raise_memory_limit( $context )` to raise the PHP memory limit for memory intensive processes. This DRYs up some logic and includes the existing `admin_memory_limit` and `image_memory_limit` filters. The function can also be used for custom contexts, the `{$context}_memory_limit` filter allows to customize the limit.
* Introduce `wp_is_ini_value_changeable( $setting )` to determine whether a PHP ini value is changeable at runtime.
* Remove a `function_exists( 'memory_get_usage' )` check. Since PHP 5.2.1 support for memory limit is always enabled.
Related commits: [38011-38013]
Props jrf, A5hleyRich, swissspidy, ocean90.
Fixes#32075.
git-svn-id: https://develop.svn.wordpress.org/trunk@38015 602fd350-edb4-49c9-b593-d223f7449a82
This prevents false positives when the ID column's incrementor has exceeded the
hardcoded invalid ID.
Fixes#37308.
git-svn-id: https://develop.svn.wordpress.org/trunk@38005 602fd350-edb4-49c9-b593-d223f7449a82
When comment IDs are fetched from the cache rather than the database,
the subsequent `SELECT FOUND_ROWS()` query will not return the correct value.
To avoid unnecessary queries, we cache the results of the `found_comments`
query alongside the comment IDs.
Props spacedmonkey.
Fixes#37184.
git-svn-id: https://develop.svn.wordpress.org/trunk@38001 602fd350-edb4-49c9-b593-d223f7449a82
The array-compatibility object we started returning in r37428 unfortunately isn't enough like an array. In particular, `is_array()` checks fail, despite the object implementing ArrayAccess. Mea culpa.
This moves the WP_HTTP_Response object to a new http_response key in the array, and changes the value back to an actual array.
Fixes#37097.
See #33055.
git-svn-id: https://develop.svn.wordpress.org/trunk@37989 602fd350-edb4-49c9-b593-d223f7449a82
When enabled, the switch would override the theme's pseudo-plural `'% Comments'` string with a correct form of `_n( '%s Comment', '%s Comments', $number )`.
Historically, `comments_popup_link()` and `get_comments_number_text()` did not support plural forms and used a pseudo-plural style instead, so some locales were forced to come up with workarounds to display the number of comments in their language correctly.
This change should make those functions more i18n-friendly.
Fixes#13651.
git-svn-id: https://develop.svn.wordpress.org/trunk@37987 602fd350-edb4-49c9-b593-d223f7449a82
`arsort()` sorts the paths reverse-alphabetically while preserving the keys. It results in a longer path being listed before a shorter one with the same base directory(ies).
Props jdgrimes, ocean90.
Fixes#28441.
git-svn-id: https://develop.svn.wordpress.org/trunk@37983 602fd350-edb4-49c9-b593-d223f7449a82
Prevents displaying "Original:" without a title when adding a menu item without a title.
Props grapplerulrich, swissspidy.
Fixes#36729.
git-svn-id: https://develop.svn.wordpress.org/trunk@37953 602fd350-edb4-49c9-b593-d223f7449a82
Fixes mistake in the current behavior, where the sanitization callback ran before the validation callback. Now the validation callback will run before the sanitization.
Props schlessera, rachelbaker.
See #37247.
Fixes#37192.
git-svn-id: https://develop.svn.wordpress.org/trunk@37943 602fd350-edb4-49c9-b593-d223f7449a82
Reverses order where sanitization was being applied before validation originally in accordance with REST API logic.
Props westonruter, schlessera.
See #34893.
See #37192.
Fixes#37247.
git-svn-id: https://develop.svn.wordpress.org/trunk@37942 602fd350-edb4-49c9-b593-d223f7449a82
Resource hints allow browsers to prefetch specific pages or render them in the background to perform DNS lookups or to begin the connection handshake (DNS, TCP, TLS) in the background.
By default, `wp_resource_hints()` prints hints for "s.w.org" (the WordPress.org CDN) and for all scripts and styles which are enqueued from external hosts.
Use the `wp_resource_hints` filter to add custom domains and URLs for `dns-prefetch`, `preconnect`, `prefetch` or `prerender`.
Props voldemortensen, swissspidy.
Fixes#34292.
git-svn-id: https://develop.svn.wordpress.org/trunk@37920 602fd350-edb4-49c9-b593-d223f7449a82
This adds three new functions for getting/displaying attachment captions:
* `wp_get_attachment_caption` - Retrieves a caption for a specific attachment.
* `get_the_post_thumbnail_caption()` - Returns the post thumbnail caption.
* `the_post_thumbnail_caption()` - Displays the post thumbnail caption.
These are helpful for displaying a caption associated with an image directly
in a template, rather than using the caption shortcode.
This also introduces two new filters:
* `wp_get_attachment_caption` - Filters the value of `wp_get_attachment_caption()`.
* `the_post_thumbnail_caption` - Filters the display of the post thumbnail caption.
`the_post_thumbnail_caption()` is automatically filtered by `wptexturize()`,
`convert_smilies()`, and `convert_chars()` in `wp-includes/default-filters.php`.
Props flixos90, joemcgill.
Fixes#12235.
git-svn-id: https://develop.svn.wordpress.org/trunk@37915 602fd350-edb4-49c9-b593-d223f7449a82
The new format looks like "Sorry, you are not allowed to <action>.". This provides a consistent experience for all error messages related to missing permissions. It also reduces the number of similar strings and allows translators to provide a consistent style in their language.
Props ramiy, Presskopp.
Fixes#34521.
git-svn-id: https://develop.svn.wordpress.org/trunk@37914 602fd350-edb4-49c9-b593-d223f7449a82
The Link header allows clients to verify if a site has made the REST API available, as well as indicating how to access it.
Props danielbachhuber.
Fixes#35580.
git-svn-id: https://develop.svn.wordpress.org/trunk@37903 602fd350-edb4-49c9-b593-d223f7449a82
Provides a consistent way to query `$wpdb->site` for `WP_Network` objects based on domain, path, network ID, and (main) site ID.
Introduces and uses update_network_cache() and _prime_network_caches() to maintain a cached list of WP_Network objects for use in multiple queries.
Props flixos90.
See #32504.
git-svn-id: https://develop.svn.wordpress.org/trunk@37894 602fd350-edb4-49c9-b593-d223f7449a82
This changes the global `$wp_post_types` to an array of `WP_Post_Type` objects. `WP_Post_Type` includes methods to handle post type supports, rewrite rules, meta boxes, hooks, and taxonomies.
Each post type argument becomes a property of `WP_Post_Type`.
Props swissspidy, flixos90.
Fixes#36217.
git-svn-id: https://develop.svn.wordpress.org/trunk@37890 602fd350-edb4-49c9-b593-d223f7449a82
`the_post()` sets the `$in_the_loop` property to true which is unexpected in the admin if you're using filters which should only affect real loops.
Props ruud@joyo.
Fixes#27042.
git-svn-id: https://develop.svn.wordpress.org/trunk@37881 602fd350-edb4-49c9-b593-d223f7449a82
When no valid post exists for `get_the_modified_time` or `get_the_modified_date` calls, the result (`false`) is passed through the functions respective filters to maintain back-compat.
Introduces unit tests to ensure filters are applied and for the `get_the_modified_date` function.
Fixes#37059.
git-svn-id: https://develop.svn.wordpress.org/trunk@37866 602fd350-edb4-49c9-b593-d223f7449a82
When a filter or action hook is deprecated, the corresponding `apply_filters()`
or `do_action()` calls should be switched out with `apply_filters_deprecated()`
or `do_action_deprecated()`. The latter functions will throw a deprecation
before invoking the original hook.
Props solarissmoke, SergeyBiryukov, DrewAPicture.
Fixes#10441.
git-svn-id: https://develop.svn.wordpress.org/trunk@37861 602fd350-edb4-49c9-b593-d223f7449a82
In order to allow meta-related values of `orderby` to be handled properly,
the term query's `meta_query` object must run its `get_sql()` method before
`orderby` parsing.
Fixing this bug required addressing another bug in `WP_Meta_Query`, which
caused the table alias index not to be reset when calling `get_sql()`
multiple times on the same object.
Props littler.chicken.
Fixes#37151.
git-svn-id: https://develop.svn.wordpress.org/trunk@37860 602fd350-edb4-49c9-b593-d223f7449a82
This adds a new `post_stuck` action that fires when a post is made sticky and a `post_unstuck` action that fires when the sticky flag is removed again.
Props ojrask.
Fixes#35600.
git-svn-id: https://develop.svn.wordpress.org/trunk@37857 602fd350-edb4-49c9-b593-d223f7449a82
[37415] removed the requirement to call `load_plugin_textdomain()` / `load_theme_textdomain()`. This caused `unload_textdomain()` to not work properly anymore in these cases.
With this change, unloaded text domains need to be explicitly loaded manually if you want to use them again.
Props swissspidy, ocean90.
Fixes#37113. See #34114.
git-svn-id: https://develop.svn.wordpress.org/trunk@37855 602fd350-edb4-49c9-b593-d223f7449a82
[36510] allowed larger menus to be created in the Edit Menu screen by JSON-encoding the entire form into a single input field. However, it did not correctly handle nested arrays.
This introduces a new `_wp_expand_nav_menu_post_data()` helper function to handle this POST data which uses `array_replace_recursive()` internally. Since the latter is only available on PHP 5.3+, we add a compatibility function to ensure PHP 5.2 support.
Props ericlewis, neverything, swissspidy.
Fixes#36590 for trunk. See #14134.
git-svn-id: https://develop.svn.wordpress.org/trunk@37748 602fd350-edb4-49c9-b593-d223f7449a82
Custom permalink structures require at least one valid structure tag, e.g. `%postname%`. If none is included, it would leave users with broken permalinks.
Let's make sure this won't happen by validating the permalink structure.
Adds unit tests.
Props rockwell15 for initial patch.
Fixes#35936.
git-svn-id: https://develop.svn.wordpress.org/trunk@37747 602fd350-edb4-49c9-b593-d223f7449a82
Unifies the APIs for getting a post's modified date or time with getting a post's date or time.
Adds the `$post` parameter to the functions `get_the_modified_date` and `get_the_modified_time`.
Adds the `$post` parameter to the filters `get_the_modified_date` and `get_the_modified_time`.
Props Soean, lukecavanagh.
Fixes#37059.
git-svn-id: https://develop.svn.wordpress.org/trunk@37738 602fd350-edb4-49c9-b593-d223f7449a82