Commit Graph

2692 Commits

Author SHA1 Message Date
Gary Pendergast
d2a011c666 Emoji: Fix incorrect emoji encoding in PHP < 5.4.
[41701] included a bug with PHP < 5.4. Prior to then, `html_entity_decode()` decoded into `ISO-8859-1`, when we actually need it to use `UTF-8`.

Fixes #35293.



git-svn-id: https://develop.svn.wordpress.org/trunk@41702 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-03 09:56:45 +00:00
Gary Pendergast
d3e0b4bc16 Emoji: Bring Twemoji compatibility to PHP.
This was previously attempted in [41043], which unfortunately had severe performance issues, the regex it used was fatally slow on long posts.

This version now uses an array of all emoji that Twemoji supports, which maintains the accuracy of [41043], while being the same speed or only a few ms slower than the code prior to [41043].

As with [41043], the `grunt precommit:emoji` task detects when `twemoji.js` has changed, and regenerates the array.

Props jmdodd for feedback, suggestions, and insults where appropriate.
Fixes #35293. 🤞🏻



git-svn-id: https://develop.svn.wordpress.org/trunk@41701 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-03 07:11:28 +00:00
Jeremy Felt
5fc09374c2 Multisite: Introduce get_site_by().
`get_site_by()` is a replacement for `get_blog_details()` that uses `WP_Site_Query` to retrieve specific sites based on a given field and value.

Props flixos90, spacedmonkey.
Fixes #40180.


git-svn-id: https://develop.svn.wordpress.org/trunk@41698 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-03 04:09:50 +00:00
Weston Ruter
2e5f329cc9 Customize: Provide validation feedback for invalid Custom Link URLs in nav menu items.
Props RMarks, EGregor, umangvaghela123, andrew.taylor, celloexpressions, westonruter, voldemortensen.
Fixes #32816.


git-svn-id: https://develop.svn.wordpress.org/trunk@41697 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-03 03:43:01 +00:00
John Blackbourn
e95d1428d1 Build/Test tools: Correctly delete attachment files used in the media and post thumbnail tests.
Props atanasangelovdev

Fixes #38264 


git-svn-id: https://develop.svn.wordpress.org/trunk@41693 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-03 00:08:16 +00:00
Andrea Fercia
e2c4ae805f Quick/Bulk Edit: Improve the inline error messages styling.
- uses the core `notice` styles for the Quick Edit form inline error messages
- adds missing periods at the end of a few error messages

Props ocean90, karmatosed, melchoyce, afercia.
Fixes #35496.


git-svn-id: https://develop.svn.wordpress.org/trunk@41684 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-02 21:51:09 +00:00
Adam Silverstein
10488d5fdc WP-API JS Client: Improve support for meta.
* Add/fix `getMeta`, `getMetas`, `setMeta` and `setMetas` helpers for models that support meta.
* Add tests for new helpers, verify meta support for `Posts`, `Comments`, `Tags` and `Users`.
* Include meta data in fixture generation and fixture file driving tests.

Fixes #41055.


git-svn-id: https://develop.svn.wordpress.org/trunk@41678 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-02 18:39:30 +00:00
Adam Silverstein
f2eb141e77 Menus: Increase timeout for QUnit wpNavMenu trigger tests.
Fix an (intermittent) issue where the final assertion verifying all hooks have been triggered ran too early, resulting in the test failing. 

Fixes #31218.


git-svn-id: https://develop.svn.wordpress.org/trunk@41675 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-02 18:34:53 +00:00
Konstantin Obenland
4666f2fd39 Widgets: Revert format of sidebars_widgets.
Restores the data format of the `sidebars_widgets` theme mod to its pre [41555]
format. It can trigger PHP warnings after switching themes if that mod has not
been removed previously.

Fixes #39693.



git-svn-id: https://develop.svn.wordpress.org/trunk@41673 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-02 18:10:06 +00:00
Weston Ruter
ef14cd1952 Customize: Fix WP_Customize_Date_Time_Control to be re-usable for plugins and custom settings.
* Allow time fields to be omitted by constructing with `timeIncluded` as `false`.
* Ensure `reportValidity` is only called on a control when it is in an expanded section.
* Rename "ampm" to "meridian".
* Improve accessibility and fix HTML validation and style issues for both the date/time control and the preview link control.
* Fix styling of dropdowns and clean CSS.
* Improve accessibility of nav menus component.

Props westonruter, afercia, sayedwp, melchoyce.
Amends [41626].
See #39896.
Fixes #42022.


git-svn-id: https://develop.svn.wordpress.org/trunk@41670 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-02 04:11:50 +00:00
Weston Ruter
3fbb8ed287 Customize: Add infrastructure for trashing/reverting of unpublished changes; introduce full-screen OverlayNotification for trashing and theme install/preview.
* Introduce a new `wp.customize.previewer.trash()` JS API to trash the current changeset, along with logic to `WP_Customize_Manager` to handle deleting changeset drafts.
* Add `trashing` to `wp.customize.state` which is then used to update the UI.
* UI for trashing is pending design feedback. One possibility is to add a new trash button to Publish Settings section that invokes `wp.customize.previewer.trash()`.
* Improve logic for managing the visibility and disabled states for publish buttons.
* Prevent attempting `requestChangesetUpdate` while processing and bump processing while doing `save`.
* Update `changeset_date` state only if sent in save response.
* Merge `ThemesSection#loadThemePreview()` into `ThemesPanel#loadThemePreview()`.
* Remove unused `autosaved` state.
* Start autosaving and prompting at beforeunload after a change first happens. This is key for theme previews since even if a user did not make any changes, there were still dirty settings which would get stored in an auto-draft unexpectedly.
* Allow `Notification` to accept additional `classes` to be added to `container`.
* Introduce `OverlayNotification` and use for theme installing, previewing, and trashing. Such overlay notifications take over the entire window.

Props westonruter, celloexpressions.
See #37661, #39896, #21666, #35210.


git-svn-id: https://develop.svn.wordpress.org/trunk@41667 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-02 03:36:18 +00:00
Gary Pendergast
b4a6de9997 Database: Throw a notice if wpdb::prepare() is called with an incorrect number of arguments
`wpdb::prepare()` currently gives no information if the number of arguments passed doesn't match the number of placeholders in the query. This change gives an explicit notice that the call was incorrect.

Also fixes an enrelated term meta test that was triggering this new notice.

Props thekt12 for the initial patch.
Fixes #42040.



git-svn-id: https://develop.svn.wordpress.org/trunk@41662 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-02 02:10:14 +00:00
Jeremy Felt
e02c481487 Multisite: Use get_current_blog_id() instead of $wpdb->blogid.
`get_current_blog_id()` is more appropriate for determining the ID of the current site in most cases. This eliminates the need for the global `$wpdb` in several functions and is better than the implicit global used in admin pages.

Props bnap00, spacedmonkey.
Fixes #41684.


git-svn-id: https://develop.svn.wordpress.org/trunk@41661 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-02 01:43:48 +00:00
Adam Silverstein
625773bd8b REST API JavaScript Client: improve support for model deletion/trash.
Update the way and location the JavaScript client determines which models/endpoints require the `force=true` parameter when being deleted to avoid a `rest_trash_not_supported` error. Identify models with endpoints that support DELETE, excluding those that support the trash (posts and pages by default). Also, move the check into the default `wp.api.WPApiBaseModel.initialize()` function.

Props caercam, euthelup.
Fixes #40672.



git-svn-id: https://develop.svn.wordpress.org/trunk@41657 602fd350-edb4-49c9-b593-d223f7449a82
2017-10-01 13:06:43 +00:00
Felix Arntz
84daf097a0 Multisite: Fix wp_get_users_with_no_role() possibly including users with a role on a different site.
Prior to this change, when passing another site than the current one to `wp_get_users_with_no_role()` through its `$site_id` parameter, the function still used the roles available on the current site, which would cause users with other roles that possibly exist on the other site to show up as users without a role. Switching the site before retrieving the available rules fixes the issue.

Fixes #42015.


git-svn-id: https://develop.svn.wordpress.org/trunk@41654 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-30 04:09:11 +00:00
Felix Arntz
761c45157e Multisite: Fix count_users() possibly querying incorrect roles when passed a different site ID.
The `time` strategy in `count_users()` queries users by role. However, the roles queried for were not affected by passing another site than the current one through the `$site_id` parameter, causing users having roles that were not queried for to appear as users without a role. This changeset fixes the issue by switching the site before retrieving the roles to query for.

Fixes #42014.


git-svn-id: https://develop.svn.wordpress.org/trunk@41653 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-30 03:53:27 +00:00
Weston Ruter
6e74a9bf23 Embeds: Cache oEmbeds in an oembed_cache custom post type instead of postmeta when there is no global $post.
Add processing of embeds to rich Text widget.

Props swissspidy, westonruter, ocean90, johnbillion.
See #40854, #39994, #40935.
Fixes #34115.


git-svn-id: https://develop.svn.wordpress.org/trunk@41651 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-30 01:14:34 +00:00
Weston Ruter
c35fe07703 Customize: Introduce a new experience for discovering, installing, and previewing themes within the customizer.
Unify the theme-browsing and theme-customization experiences by introducing a comprehensive theme browser and installer directly accessible in the customizer. Replaces the customizer theme switcher with a full-screen panel for discovering/browsing and installing themes available on WordPress.org. Themes can now be installed and previewed directly in the customizer without entering the wp-admin context. Also includes an extensible framework for browsing and installing themes from other sources.

Also includes CSS auto-prefixing added via `grunt precommit:css`.

For details, see: https://make.wordpress.org/core/2016/10/03/feature-proposal-a-new-experience-for-discovering-installing-and-previewing-themes-in-the-customizer/

Previously [38813] but reverted in [39140].
Fixes #37661, #34843, #38666.
Props celloexpressions, folletto, westonruter, karmatosed, melchoyce, afercia.


git-svn-id: https://develop.svn.wordpress.org/trunk@41648 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-29 20:12:19 +00:00
John Blackbourn
6d399d4de8 Build/Test tools: Partially revert [41367] as gd and exif aren't actually required to run WordPress.
See #41851


git-svn-id: https://develop.svn.wordpress.org/trunk@41647 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-29 19:56:33 +00:00
Sergey Biryukov
cc08743ec5 Posts, Post Types: Correct test_submitting_comment_to_trashed_post_returns_error().
`wp_trash_post()` accepts a post ID, not a `WP_Post` object.

See #42030.

git-svn-id: https://develop.svn.wordpress.org/trunk@41644 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-29 15:09:39 +00:00
John Blackbourn
58140009e5 Build/Test tools: Update the WP_PHPUnit_Util_Getopt class for PHP 7.2 compatibility.
This removes usage of `each()` which is deprecated in PHP 7.2.

Props ayeshrajans

See #40109
Fixes #41525


git-svn-id: https://develop.svn.wordpress.org/trunk@41636 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-28 23:14:26 +00:00
John Blackbourn
4277df991d Build/Test tools: Update some test cases in anticipation of code formatting corrections.
These two tests assume a certain level of indentation in code which does not conform to core's coding
standards and will hopefully be corrected at some point in #41057.

See #41057


git-svn-id: https://develop.svn.wordpress.org/trunk@41635 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-28 22:55:54 +00:00
Dominik Schilling (ocean90)
c8ff7f6592 Embeds: In switched state, restore previous state if no post ID is found.
Fixes #40673.

git-svn-id: https://develop.svn.wordpress.org/trunk@41634 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-28 16:28:46 +00:00
Gary Pendergast
199aa17cda Database: Add support for connecting to IPv6 hosts
IPv4 addresses are scarce, overworked, and underpaid. They're ready to retire, but we just won't let them go. If you care about their wellbeing, switch to IPv6 today.

Props schlessera, birgire.
Fixes #41722.



git-svn-id: https://develop.svn.wordpress.org/trunk@41629 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-28 05:36:34 +00:00
Gary Pendergast
bd85b7a39b Options: Add new alloptions and pre_cache_alloptions filters.
`pre_cache_alloptions` is run before the alloptions array is inserted into the cache, and is valuable for sanity checking the options, particularly if your caching scheme has size limitations.

`alloptions` is run before returning the alloptions array, and is useful for when you have extra information that alloptions should return.

Props sebastian.pisula, keesiemeijer.
Fixes #33958.



git-svn-id: https://develop.svn.wordpress.org/trunk@41627 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-28 00:22:48 +00:00
Weston Ruter
a92bb89f4f Customize: Introduce drafting and scheduling for Customizer changesets.
* Incorporates code from the Customize Snapshots and Customize Posts feature plugins.
* Adds a new Publish Settings section for managing the changeset status, scheduled date, and frontend preview link.
* Updates Publish button to reflect the status selected in the Publish Settings (including Save Draft and Schedule).
* Deactivates the Themes section when a non-publish status selected, and deactivates the Publish Settings section when previewing a theme switch.
* Introduces an `outer` section type (`wp.customize.OuterSection` in JS) for the Publish Settings section to use and for available widgets and available nav menu panels to use in the future. These sections can be expanded while other sections are expanded.
* Introduces `WP_Customize_Date_Time_Control` in PHP and `wp.customize.DateTimeControl` in JS for managing a date/time value.
* Keeps track of scheduled time and proactively publish from the client when the time arrives, as opposed to waiting for WP Cron.
* Auto-publishes a scheduled changeset when attempting to access one that missed its schedule.
* Starts a new changeset if attempting to save a changeset that was previously publish.
* Adds `force` arg to `requestChangesetUpdate()` to force an update request even when there are no pending changes.
* Adds utils methods for `getCurrentTimestamp` and `getRemainingTime`.
* Adds new state values for `selectedChangesetStatus`, `changesetDate`, `selectedChangesetDate`.
* Fixes logic for when to short-circuit check to close Customizer when there are unsaved changes.
* Adds getter methods for `autosaved` and `branching` parameters, with the latter applying the `customize_changeset_branching` filter.
* Call to `establish_loaded_changeset` on the fly when `changeset_uuid()` is called if no changeset UUID was specififed.
* De-duplicates logic for dismissing auto-draft changesets.
* Includes unit tests.

Builds on [41597].
Props sayedwp, westonruter, melchoyce, JoshuaWold, folletto, stubgo, karmatosed, dlh, paaljoachim, afercia, johnregan3, utkarshpatel, valendesigns.
See #30937.
Fixes #39896, #28721, #39275.


git-svn-id: https://develop.svn.wordpress.org/trunk@41626 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-27 22:24:37 +00:00
Felix Arntz
621a95a23f Multisite: Improve initializing available roles when switch sites.
Switching the available roles and the current user's capabilities no longer happens in `switch_to_blog()` and `restore_current_blog()`, instead it has been moved to a new function `wp_switch_roles_and_user()` which is hooked into the site switching process. This allows to improve performance by temporarily unhooking the function when roles and capabilities do not need to be switched.

This change ensures that switching available roles now works closer to switching user capabilities, particularly the changes in [41624]. A new `WP_Roles::for_site( $site_id )` method has been introduced, and the `WP_Roles::_init()` method has been deprecated. It is furthermore possible to retrieve the site ID for which the available roles are currently initialized through a new `WP_Roles::get_site_id()`.

Props johnjamesjacoby, flixos90.
Fixes #38645.


git-svn-id: https://develop.svn.wordpress.org/trunk@41625 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-27 21:43:59 +00:00
Felix Arntz
8be3b4f729 Multisite: Initialize a user's roles correctly when setting them up for a different site.
While it has always been possible to initialize a user's roles and capabilities for another site than the current one in a multisite, the actual roles available were not switched prior to this change, possibly causing invalid roles to show up or actually valid capabilities not being available.

In order to fix this bug in a clean way, relevant parts of the `WP_User` class have been refactored. The ID of the site for which capabilities are currently initialized are now stored in a private property `WP_User::$site_id`. The `WP_User::for_blog( $blog_id )` and `WP_User::_init_caps( $cap_key )` methods have been deprecated in favor of `WP_User::for_site( $site_id )`. In addition, a new method `WP_User::get_site_id()` has been introduced to retrieve the site ID for which the user's capabilities are currently initialized.

Props ryanduff, jeremyfelt, flixos90.
Fixes #36961.


git-svn-id: https://develop.svn.wordpress.org/trunk@41624 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-27 21:09:11 +00:00
John Blackbourn
0ef31b8de5 Users: Remove the failing tests added in [41613] while they're investigated.
See #38741


git-svn-id: https://develop.svn.wordpress.org/trunk@41623 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-27 17:41:31 +00:00
Andrew Ozz
35ebd35801 TinyMCE: disable the tests for wptextpatterns plugin in PhantomJS.
See #42009

git-svn-id: https://develop.svn.wordpress.org/trunk@41620 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-27 16:21:24 +00:00
Pascal Birchler
cc4c7757c9 Upgrade/Install: Update unit tests after [41611].
See #40764.


git-svn-id: https://develop.svn.wordpress.org/trunk@41619 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-27 15:14:53 +00:00
John Blackbourn
1507df9d59 Users: Introduce the concept of a large site in order to speed up the Users screen when there are many users.
Calling the `count_users()` function is expensive, regardless of the counting strategy that's used, and it gets
slower the more users there are on a site. In order to speed up the Users screen in the admin area, calling
`count_users()` can be avoided entirely while still displaying the total count for users.

This introduces some new functions:

* `wp_is_large_user_count()`
* `wp_get_active_user_count()`
* `wp_update_active_user_count()`

A corresponding `wp_is_large_user_count` filter is also introduced.

Props tharsheblows, johnbillion

Fixes #38741


git-svn-id: https://develop.svn.wordpress.org/trunk@41613 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-27 13:03:03 +00:00
Pascal Birchler
4a6ecbfcd0 Themes: Adjust unit test after [41607].
Props ocean90.
See #40820.


git-svn-id: https://develop.svn.wordpress.org/trunk@41610 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-27 08:52:34 +00:00
Pascal Birchler
80bd8ac220 Embeds: Maintain switched state when embedding a post on Multisite.
Props bor0.
Fixes #40673.


git-svn-id: https://develop.svn.wordpress.org/trunk@41606 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-27 08:35:16 +00:00
Pascal Birchler
b3b2ac2a55 Themes: Report theme as broken that sets itself as its parent.
Props davilera.
Fixes #40820.


git-svn-id: https://develop.svn.wordpress.org/trunk@41601 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-26 08:53:20 +00:00
Pascal Birchler
14b593d669 Embeds: Improve performance when embedding a post on Multisite.
After [37798], this fixes embeds coming from a different site in the network.

Props imath.
Fixes #40673. See #36767. 


git-svn-id: https://develop.svn.wordpress.org/trunk@41600 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-26 08:39:57 +00:00
Konstantin Obenland
d33ab87371 Widgets: Merge orphaned widgets on theme switch
Merges orphaned widgets into the inactive sidebar when switching themes.

Props bpayton.
See #39693.


git-svn-id: https://develop.svn.wordpress.org/trunk@41594 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-25 16:18:31 +00:00
Weston Ruter
666912edf9 Widgets: Introduce Gallery widget for displaying image galleries.
* Galleries are managed in the widget in the same way they are managed in the post editor, both using the media manager.
* Gallery widget is merged from the Core Media Widgets v0.2.0 feature plugin and it extends `WP_Widget_Media` in the same way as is done for image, audio, and video widgets.
* Model syncing logic is updated to support booleans and arrays (of integers).
* Placeholder areas in media widgets are now clickable shortcuts for selecting media.
* Image widget placeholder is updated to match gallery widget where clicking preview is shortcut for editing media.

Props westonruter, joemcgill, timmydcrawford, m1tk00, obenland, melchoyce.
See #32417.
Fixes #41914.


git-svn-id: https://develop.svn.wordpress.org/trunk@41590 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-25 06:27:32 +00:00
Sergey Biryukov
784d983f59 XML-RPC: Update the string in test_parent_for_nonhierarchical() to match the string added in [41574].
Props netweb.
Fixes #41637.

git-svn-id: https://develop.svn.wordpress.org/trunk@41575 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-23 08:19:54 +00:00
Weston Ruter
a91d3980df Customize: Introduce extensible code editor Customizer control for CodeMirror.
* Adds `WP_Customize_Code_Editor_Control` and `wp.customize.CodeEditorControl()`.
* Control respects user preference for syntax highlighting, showing a textarea when user opts out.
* Code editor control takes the ad hoc code for Additional CSS and makes it reusable and extensible, for Additional CSS in core and plugins to use (such as Jetpack).
* Replace `settings` arg in `wp_enqueue_code_editor()` with separate args for `codemirror`, `csslint`, `jshint`, and `htmlhint`.
* Prefix `codemirror` script and style handles with `wp-` to prevent collisions, as also the object is exported as `wp.CodeMirror` in JS.
* Reduce indent size in Customizer code editor instances and Custom HTML widget to use tab size of 2 instead of 4 to save on space.

See #12423, #38707, #35395.
Fixes #41897.


git-svn-id: https://develop.svn.wordpress.org/trunk@41558 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 23:03:06 +00:00
Konstantin Obenland
9b7c97af26 Widgets: Improved sidebar mapping on theme switch
Builds on efforts brought forward in #17979.

This will send sidebars through three levels of mapping:

1. If both themes have only one sidebar, that gets mapped.
2. If both themes have sidebars with the same slug, they get mapped.
3. Sidebars that (even partially) match slugs from a similar kind of sidebar will get mapped.

Finally, if the theme has previously been active and we have a record of its 
sidebar configuration then, any unmapped sidebar will be restored to its 
previous state.

Props westonruter, obenland, alexvorn2, timmydcrawford.
See #39693.



git-svn-id: https://develop.svn.wordpress.org/trunk@41555 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-21 18:45:03 +00:00
Weston Ruter
ebb578b2d9 Widgets: Omit attributes from an Image widget's link when they are empty.
Props subrataemfluence, Nenad Obradovic, westonruter.
See #39993.
Fixes #41919.


git-svn-id: https://develop.svn.wordpress.org/trunk@41549 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-20 19:44:13 +00:00
Aaron D. Campbell
e95dc5a26f Database: Hardening to bring wpdb::prepare() inline with documentation.
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.



git-svn-id: https://develop.svn.wordpress.org/trunk@41496 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 17:55:33 +00:00
aaroncampbell
eb012314d0 Database: Hardening for wpdb::prepare()
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.



git-svn-id: https://develop.svn.wordpress.org/trunk@41470 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-19 14:47:46 +00:00
Weston Ruter
df1bf4a883 Customize: Add wp_is_uuid() validation function with optional second $version=4 parameter to enforce v4 random UUIDs.
Props jonathanbardo.
Fixes #39778.


git-svn-id: https://develop.svn.wordpress.org/trunk@41388 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-18 23:03:06 +00:00
Felix Arntz
e23004c344 Multisite: Introduce get_main_site_id().
This function can be used to easily get the main site ID of a given network via the optional `$network_id` parameter, which defaults to the current network. The existing `is_main_site()` now uses the new function internally and now accepts an optional `$network_id` parameter as well.

The main purpose of the new function at this point is to ensure that the `WP_Network::$blog_id` property is always set. Magic getters in the class have been adjusted to auto-fill the property when it is accessed and empty. Furthermore the function encapsulates logic that was previously part of `ms_load_current_site_and_network()` and has been replaced with a call to the function now.

Props spacedmonkey, jeremyfelt, johnjamesjacoby, flixos90.
Fixes #29684.


git-svn-id: https://develop.svn.wordpress.org/trunk@41380 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-15 11:14:49 +00:00
Boone Gorges
fb227caed1 Taxonomy: Force a DISTINCT term query when result count matters.
Generally, duplicate terms returned by a term query are eliminated in PHP,
after the database query takes place. This technique doesn't work properly
when the query parameters specify the `number` of results, since the results
of a `SELECT ... LIMIT x...` query may be deduplicated to a count less than
`x`. In these cases, we force the original query to be `DISTINCT`.

Props elvishp2006.
Fixes #41796.

git-svn-id: https://develop.svn.wordpress.org/trunk@41377 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-13 14:47:07 +00:00
Weston Ruter
dbace684e2 Editor: Add CodeMirror-powered code editor with syntax highlighting, linting, and auto-completion.
* Code editor is integrated into the Theme/Plugin Editor, Additional CSS in Customizer, and Custom HTML widget. Code editor is not yet integrated into the post editor, and it may not be until accessibility concerns are addressed.
* The CodeMirror component in the Custom HTML widget is integrated in a similar way to TinyMCE being integrated into the Text widget, adopting the same approach for integrating dynamic JavaScript-initialized fields.
* Linting is performed for JS, CSS, HTML, and JSON via JSHint, CSSLint, HTMLHint, and JSONLint respectively. Linting is not yet supported for PHP.
* When user lacks `unfiltered_html` the capability, the Custom HTML widget will report any Kses-invalid elements and attributes as errors via a custom Kses rule for HTMLHint.
* When linting errors are detected, the user will be prevented from saving the code until the errors are fixed, reducing instances of broken websites.
* The placeholder value is removed from Custom CSS in favor of a fleshed-out section description which now auto-expands when the CSS field is empty. See #39892.
* The CodeMirror library is included as `wp.CodeMirror` to prevent conflicts with any existing `CodeMirror` global.
* An `wp.codeEditor.initialize()` API in JS is provided to convert a `textarea` into CodeMirror, with a `wp_enqueue_code_editor()` function in PHP to manage enqueueing the assets and settings needed to edit a given type of code.
* A user preference is added to manage whether or not "syntax highlighting" is enabled. The feature is opt-out, being enabled by default.
* Allowed file extensions in the theme and plugin editors have been updated to include formats which CodeMirror has modes for: `conf`, `css`, `diff`, `patch`, `html`, `htm`, `http`, `js`, `json`, `jsx`, `less`, `md`, `php`, `phtml`, `php3`, `php4`, `php5`, `php7`, `phps`, `scss`, `sass`, `sh`, `bash`, `sql`, `svg`, `xml`, `yml`, `yaml`, `txt`.

Props westonruter, georgestephanis, obenland, melchoyce, pixolin, mizejewski, michelleweber, afercia, grahamarmfield, samikeijonen, rianrietveld, iseulde.
See #38707.
Fixes #12423, #39892.


git-svn-id: https://develop.svn.wordpress.org/trunk@41376 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-13 06:07:48 +00:00
Adam Silverstein
1b7475645a Add wp.hooks - JavaScript actions and filters.
Add a JavaScript hooks library with an API that mirrors the WordPress Plugin API; provides similar functionality and API to PHP hooks.

Called via the global `wp.hooks`, eg: `wp.hooks.addAction()`, etc. Adds:

* `addAction( 'hook', 'vendor/plugin/function', callback, priority )`
* `addFilter( 'hook', 'vendor/plugin/function', callback, priority )`
* `removeAction( 'hook', 'vendor/plugin/function' )`
* `removeFilter( 'hook',  'vendor/plugin/function' )`
* `removeAllActions( 'hook' )`
* `removeAllFilters( 'hook' )`
* `doAction( 'hook', arg1, arg2, moreArgs, finalArg )`
* `applyFilters( 'hook', content, arg1, arg2, moreArgs, finalArg )`
* `doingAction( 'hook' )`
* `doingFilter( 'hook' )`
* `didAction( 'hook' )`
* `didFilter( 'hook' )`
* `hasAction( 'hook' )`
* `hasFilter( 'hook' )`

Props adamsilverstein, jnylen0, aduth, kadamwhite, youknowriad, schlessera, mikeschinkel, azaozz, vhauri, CaptainN, scribu, carldanley, chetanchauhan, mgibbs189, stephenharris, justnorris, koopersmith, gcorne, TV productions, atimmer.

Fixes #21170.



git-svn-id: https://develop.svn.wordpress.org/trunk@41375 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-12 12:53:21 +00:00
Weston Ruter
594a41666b Customize: Add global notifications area.
* Displays an error notification in the global area when a save attempt is rejected due to invalid settings. An error notification is also displayed when saving fails due to a network error or server error.
* Introduces `wp.customize.Notifications` subclass of `wp.customize.Values` to contain instances of `wp.customize.Notification` and manage their rendering into a container.
* Exposes the global notification area as `wp.customize.notifications` collection instance.
* Updates the `notifications` object on `Control` to use `Notifications` rather than `Values` and to re-use the rendering logic from the former. The old `Control#renderNotifications` method is deprecated.
* Allows notifications to be dismissed by instantiating them with a `dismissible` property.
* Allows `wp.customize.Notification` to be extended with custom templates and `render` functions.
* Triggers a `removed` event on `wp.customize.Values` instances _after_ a value has been removed from the collection.

Props delawski, westonruter, karmatosed, celloexpressions, Fab1en, melchoyce, Kelderic, afercia, adamsilverstein.
See #34893, #39896.
Fixes #35210, #31582, #37727, #37269.


git-svn-id: https://develop.svn.wordpress.org/trunk@41374 602fd350-edb4-49c9-b593-d223f7449a82
2017-09-12 07:02:49 +00:00