* Custom CSS is associated with a given theme and is displayed in an inline `style` element at the `wp_head` hook after the `wp_print_styles` is called so that it overrides any enqueued stylesheets.
* A `wp_get_custom_css()` function is used for accessing the CSS associated with the current theme (or another theme) and a `wp_get_custom_css` filter for manipulating it.
* CSS is managed in customizer via a new "Additional CSS" section with a single `textarea` control.
* `WP_Customize_Section::$description_hidden` is introduced for hiding extended descriptions in customizer sections behind a help toggle as done with panels.
* CSS is stored in a `custom_css` post type with the theme (stylesheet) slug as the `post_name`.
* `WP_Customize_Custom_CSS_Setting` is introduced to handle validation of CSS, previewing, and persisting the CSS to the `custom_css` post type.
* The `custom_css` setting is tied to a new `unfiltered_css` capability which maps to `unfiltered_html` by default.
* Escaping the message in the notification template is removed to allow markup (`code` tags) to be rendered.
See https://make.wordpress.org/core/2016/10/11/feature-proposal-better-theme-customizations-via-custom-css-with-live-previews/
Props johnregan3, celloexpressions, folletto, westonruter.
Fixes#35395.
git-svn-id: https://develop.svn.wordpress.org/trunk@38829 602fd350-edb4-49c9-b593-d223f7449a82
This introduces the singular `edit_term`, `delete_term`, and `assign_term` meta capabilities for terms, and switches the base capability name for tags from `manage_categories` to `manage_post_tags` and the corresponding `edit_post_tags`, `delete_post_tags`, and `assign_post_tags`.
All of these capabilities ultimately map to `manage_categories` so by default there is no change in the behaviour of the capabilities for categories, tags, or custom taxonomies. The `map_meta_cap` filter and the `capabilities` argument when registering a taxonomy now allow for control over editing, deleting, and assigning individual terms, as well as a separation of capabilities for tags from those of categories.
Fixes#35614
Props johnjamesjacoby for feedback
git-svn-id: https://develop.svn.wordpress.org/trunk@38698 602fd350-edb4-49c9-b593-d223f7449a82
`register_meta()` has been altered to accept an array of arguments as the third parameter in order to support its usage beyond XML-RPC, notably in the REST API and other projects that may build on top of meta, such as a potential Fields API. Arguments are whitelisted to reserve the right for core to add more later.
New functions added to complement this expansion are:
* `registered_meta_key_exists()`
* `unregister_meta_key()`
* `get_registered_meta_keys()`
* `get_registered_metadata()`
* A "private" function for the aforementioned whitelisting.
There still need to be lots of tests written for previous and new behaviors, and many things are subject to change. Maybe things will explode. #yolo
props jeremyfelt, ericlewis, sc0ttkclark, helen, rmccue, ocean90, voldemortensen.
see #35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@37924 602fd350-edb4-49c9-b593-d223f7449a82
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.
Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.
See #32246.
git-svn-id: https://develop.svn.wordpress.org/trunk@37342 602fd350-edb4-49c9-b593-d223f7449a82
Moving these functions to `wp-includes/capabilities.php` allows plugins to access more than just `is_super_admin()` and `get_super_admin()` from the front end without including a file via `wp-admin/`. Add an `is_multisite()` check to prevent use of these on single site environments now that they have left `ms.php`..
Props johnjamesjacoby.
Fixes#21788.
git-svn-id: https://develop.svn.wordpress.org/trunk@37200 602fd350-edb4-49c9-b593-d223f7449a82
Multisite functions use the term "blog" to refer to what we now call a "site," e.g. `get_current_blog_id()`. These functions are here to stay because of our commitment to backwards compatibility. What we can do is set the documentation straight.
See #35417.
git-svn-id: https://develop.svn.wordpress.org/trunk@36416 602fd350-edb4-49c9-b593-d223f7449a82
Creates:
`class-wp-roles.php`
`class-wp-role.php`
`class-wp-user.php`
`capbilities-functions.php`
`capbilities.php` contains only top-level code. Class files only contains classes. Functions file only contains functions.
See #33413.
git-svn-id: https://develop.svn.wordpress.org/trunk@33752 602fd350-edb4-49c9-b593-d223f7449a82
Also avoid PHP notices because of orphaned comments in the comments list table.
Includes unit test.
props pento, dd32.
fixes#33154.
git-svn-id: https://develop.svn.wordpress.org/trunk@33614 602fd350-edb4-49c9-b593-d223f7449a82
Map `delete_site` as a meta capability to `manage_options` so that the ability to delete sites can be more granularly managed for individual site administrators on a multisite network.
Props thomaswm.
Fixes#30470.
git-svn-id: https://develop.svn.wordpress.org/trunk@31673 602fd350-edb4-49c9-b593-d223f7449a82
In PHP 5.3.0, `is_a()` is no longer deprecated, and will therefore no longer throw `E_STRICT` warnings.
To avoid warnings in PHP < 5.3.0, convert all `is_a()` calls to `$var instanceof WP_Class` calls.
`instanceof` does not throw any error if the variable being tested is not an object, it simply returns `false`.
Props markoheijnen, wonderboymusic.
Fixes#25672.
git-svn-id: https://develop.svn.wordpress.org/trunk@31188 602fd350-edb4-49c9-b593-d223f7449a82
Add `@property` annotations to `WP_User` and `WP_Post`.
Remove erroneous `@param`s from image editor class methods.
Officially add the property `$_column_headers` to `WP_List_Table`.
See #30799.
git-svn-id: https://develop.svn.wordpress.org/trunk@31127 602fd350-edb4-49c9-b593-d223f7449a82
* In `WP_Plugin_Install_List_Table`, use `public` instead of `var`
* In `WP_User`, `->data` is accessed directly on an instance if the constructor receives it: make it `public`
* In `WP_Locale`, every property is exported to a global and is already `public` via `var`, half of the properties are accessed directly already, make them all `public`
* In `WP_Rewrite`, several properties are accessed publicly in functions via the `$wp_rewrite` global, make those props `public`.
* In `WP_Rewrite`, the property `->comment_feed_structure` was misspelled as `->comments_feed_structure`
See #30799.
git-svn-id: https://develop.svn.wordpress.org/trunk@31078 602fd350-edb4-49c9-b593-d223f7449a82
The `allcaps` property of the `WP_User` class represents all of the caps of the user, not the caps of the user's role. Introduced in [26126].
Props dlh.
Fixes#30852.
git-svn-id: https://develop.svn.wordpress.org/trunk@31013 602fd350-edb4-49c9-b593-d223f7449a82
Affects DocBlocks for the following core elements:
* Two arguments in `_walk_bookmarks()`
* A code snippet in the class header for `WP_Roles`
* A code snippet in the class header for `WP_HTTP_Proxy`
* Inline code fixes in the summary and a parameter description for `WP_oEmbed::discover()`
* An argument description in `_WP_Editors::parse_settings()`
* Inline code fixes in the summary and a parameter description the `embed_oembed_discover` hook.
Props rarst.
See #30473.
git-svn-id: https://develop.svn.wordpress.org/trunk@30536 602fd350-edb4-49c9-b593-d223f7449a82
Introduce upload_plugins and upload_themes capabilities to allow blocking of plugin and theme uploads, versus the old hacky (and not secure) ways of just hiding UI tabs. These are simply meta capabilities that map to install_plugins and install_themes.
Also:
* Use the same nice design for the plugin upload screen as the theme upload screen.
* Better compatibility for the old install_themes_tabs filter added in [29002]. see #28578.
* Ensure using the install_plugins_tabs filter to remove the upload tab removes the new button.
* Use 'Add Plugins' instead of 'Install Plugins' to match 'Add Themes'.
fixes#29236.
git-svn-id: https://develop.svn.wordpress.org/trunk@29634 602fd350-edb4-49c9-b593-d223f7449a82
You can now allow users to access the Customizer, say for any user who can `edit_posts`, via `map_meta_cap` or `user_has_cap` filter. See ticket for examples.
props westonruter, nacin.
fixes#28605.
git-svn-id: https://develop.svn.wordpress.org/trunk@29170 602fd350-edb4-49c9-b593-d223f7449a82
Add `public` to methods/members of `WP_Role`.
Add `public` to methods/members of `WP_User` where appropriate. Don't set `private` where indicated until more study has occurred and tests have been written for compatibiliy with existing magic methods.
See #27881, #22234.
git-svn-id: https://develop.svn.wordpress.org/trunk@28531 602fd350-edb4-49c9-b593-d223f7449a82
