This changeset contextualizes the usage of `nonce_life` filter by passing the `$action` parameter. It allows to alterate the default lifespan of nonces on a case by case basis.
Props giuseppemazzapica, dwainm, DrewAPicture, jorbin, audrasjb, SergeyBiryukov, costdev, antonvlasenko.
Fixes#35188.
git-svn-id: https://develop.svn.wordpress.org/trunk@54218 602fd350-edb4-49c9-b593-d223f7449a82
When extracting the email and name from a “From” header, the last character of the name is incorrectly trimmed when a space is not included between the name and the opening `<`.
Though the space is required for the header to be compliant with RFC5322 (see https://www.rfc-editor.org/rfc/rfc5322#section-3.4), the absence of a space can be ignored here. PHPMailer accepts the name and email as separate parameters and constructs the header correctly later on.
Props hakanca, mikehansenme, SergeyBiryukov, kovshenin, mattyrob, drewapicture, desrosj.
Fixes#19847.
git-svn-id: https://develop.svn.wordpress.org/trunk@53900 602fd350-edb4-49c9-b593-d223f7449a82
This introduces the following new filters:
* `wp_send_new_user_notification_to_admin`
* `wp_send_new_user_notification_to_user`
Props janthiel, costdev, audrasjb, peterwilsoncc
Fixes#54874
git-svn-id: https://develop.svn.wordpress.org/trunk@53698 602fd350-edb4-49c9-b593-d223f7449a82
* Make the descriptions for `update_post_author_caches()` and `update_post_caches()` more specific.
* Move the unit test into its own file, for consistency with `update_post_cache()` tests. This also allows for using shared fixtures in case more tests are added in the future.
Follow-up to [53482].
See #55716.
git-svn-id: https://develop.svn.wordpress.org/trunk@53483 602fd350-edb4-49c9-b593-d223f7449a82
For a call to `WP_Query` or a post REST API request that contains posts from multiple authors, call the `cache_users` function, to ensure that all user data for post authors is primed in
a single database query. This results in far fewer database queries on multiple author sites.
Props spacedmonkey, timothyblynjacobs, peterwilsoncc.
Fixes#55716.
git-svn-id: https://develop.svn.wordpress.org/trunk@53482 602fd350-edb4-49c9-b593-d223f7449a82
Dynamically add `decoding="async"` to image tags on the front end of a site to instruct browsers to download them in parallel.
Modifies `wp_get_attachment_image()`, `get_avatar()` to include the attribute by default. Modifies `wp_filter_content_tags()` to add the attribute during the front-end render of the site.
Introduces `wp_img_tag_add_decoding_attr()` to take an image tag and modify it to include the attribute. Introduces the filter `wp_img_tag_add_decoding_attr` used to define the default value for the attribute.
Props adamsilverstein, ayeshrajans, costdev, flixos90, hellofromtonya, isaumya, michaelbourne, mihai2u, mitogh, sergiomdgomes, spacedmonkey, westonruter, peterwilsoncc.
Fixes#53232.
git-svn-id: https://develop.svn.wordpress.org/trunk@53480 602fd350-edb4-49c9-b593-d223f7449a82
This changeset ensures `wp_rand()` returns zero instead of a random number when both `$min` and `$max` values are equal to zero.
Fixes#55194.
git-svn-id: https://develop.svn.wordpress.org/trunk@53473 602fd350-edb4-49c9-b593-d223f7449a82
As per the PHP manual:
> If the `component` parameter is omitted, an associative array is returned.
> If the `component` parameter is specified, `parse_url()` returns a string (or an int, in the case of `PHP_URL_PORT`) instead of an array. If the requested component doesn't exist within the given URL, `null` will be returned.
Reference: [https://www.php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-returnvalues PHP Manual: parse_url(): Return Values]
In PHP 8.1, if the home URL does not have a "host" component, it would lead to a `substr(): Passing null to parameter #1 ($string) of type string is deprecated` notice.
Changing the logic around and adding validation for the return type value of `wp_parse_url()` prevents that.
Follow-up to [48601], [51606], [51622], [51626], [51629], [51630].
Props dennisatyoast, jrf.
See #54730.
git-svn-id: https://develop.svn.wordpress.org/trunk@52799 602fd350-edb4-49c9-b593-d223f7449a82
Adds a new `wp_mail_succeeded` action in `wp_mail` after the mail is sent. Also, adds a disclaimer to the hook's docblock, clarifying that the hook's firing doesn't necessarily mean the recipient received the mail, only that the mail was processed without any errors.
Props birgire, donmhico, johnbillion.
Fixes#53826.
git-svn-id: https://develop.svn.wordpress.org/trunk@52083 602fd350-edb4-49c9-b593-d223f7449a82
This changeset implements the refined lazy-loading behavior outlined in https://make.wordpress.org/core/2021/07/15/refining-wordpress-cores-lazy-loading-implementation/ in order to improve the Largest Contentful Paint metric, which can see a regression from images or iframes above the fold being lazy-loaded. Adjusting this so far has been possible for developers via filters and still is, however this enhancement brings a more accurate behavior out of the box for the majority of themes.
Specifically, this changeset skips the very first "content image or iframe" on the page from being lazy-loaded. "Content image or iframe" denotes any image or iframe that is found within content of any post in the current main query loop as well as any featured image of such a post. This applies both to "singular" as well as "archive" content: On a "singular" page the first image/iframe of the post is not lazy-loaded, while on an "archive" page the first image/iframe of the _first_ post in the query is not lazy-loaded.
This approach refines the lazy-loading behavior correctly for the majority of themes, which use a single-column layout for post content. For themes with multi-column layouts, a new `wp_omit_loading_attr_threshold` filter can be used to change how many of the first images/iframes are being skipped from lazy-loaded (default is `1`). For example, a theme using a three-column grid of latest posts for archives could use the filter to override the threshold to `3` on archive pages, so that the first three content images/iframes would not be lazy-loaded.
Props adamsilverstein, azaozz, flixos90, hellofromtonya, jonoaldersonwp, mte90, rviscomi, tweetythierry, westonruter.
Fixes#53675. See #50425.
git-svn-id: https://develop.svn.wordpress.org/trunk@52065 602fd350-edb4-49c9-b593-d223f7449a82
Share the `WP_User` instance for the current user between the functions `get_userdata()` and `wp_get_current_user()`. Both functions return the `$current_user` global for the current user.
Force refresh the `$current_user` global within `clean_user_cache()` by immediately re-calling `wp_set_current_user()` with the current user's ID. This ensures any changes to the current user's permissions or other settings are reflected in the global. As a side-effect this immediately rewarms the current user's cache.
Props chaion07, chriscct7, donmhico, hellofromtonya, lukecarbis, peterwilsoncc, rmccue, TimothyBlynJacobs.
Fixes#28020.
git-svn-id: https://develop.svn.wordpress.org/trunk@50790 602fd350-edb4-49c9-b593-d223f7449a82
The function `wp_text_diff` generated an invalid table structure if the $args parameter contained any values. This patch corrects the structure generated by `wp_text_diff` and related usages so that the column count matches the data generated. Additionally, this patch passes arguments to the Revisions screen so that the screen has column headings that reflect the content in each column. Improves the accessibility and usability of the Revisions table.
Props joedolson, mehulkaklotar, afercia, adamsilverstein, zodiac1978, jeremyfelt
Fixes#25473
git-svn-id: https://develop.svn.wordpress.org/trunk@50034 602fd350-edb4-49c9-b593-d223f7449a82
Using the canonical function name for PHP functions is strongly recommended, as aliases may be deprecated or removed without (much) warning.
This replaces all uses of the following:
* `join()` with `implode()`
* `sizeof()` with `count()`
* `is_writeable()` with `is_writable()`
* `doubleval()` with a `(float)` cast
In part, this is a follow-up to #47746.
Props jrf.
See #50767.
git-svn-id: https://develop.svn.wordpress.org/trunk@49193 602fd350-edb4-49c9-b593-d223f7449a82
Prior to the PHPMailer update in 5.5, old version of the PHPMailer was setting the validator to 'auto' resulting in a sophisticated logic for determining what email address validation should be used. But the new version defaults to 'php', possibly leading to rejection of email addresses which were fine prior to the upgrade. Let's use the WordPress core function `is_email()` so that it can be fully pluggable.
Fixes#50720.
Props david.binda, ayeshrajans, Synchro, SergeyBiryukov, whyisjake.
git-svn-id: https://develop.svn.wordpress.org/trunk@48645 602fd350-edb4-49c9-b593-d223f7449a82
Due to the varying server setups, `$_SERVER['SERVER_NAME'];` can't reliably ensure that there will be a relevant host that could be used as the hostname in an email. Since the `network_home_url()` is set at this point, and is filterable, this should better enable emails to be sent from the server.
Fixes#25239.
Props layotte, SergeyBiryukov, nacin, sreedoap, szepe.viktor, jesin, kitchin, mensmaximus, mt8.biz, Grzegorz.Janoszka, cbutlerjr, dd32, BjornW, neodjandre, BjornW, Ipstenu, ocean90, danielbachhuber, desmith, joemcgill, jdgrimes, riasat, derekakelly, swissspidy, lilmike, tsimmons, robert.peake, DavidAnderson, cloudstek, pigdog234, BjornW, rawrly, pessoft, RedSand, seayou, dvershinin, bastho, chesio, Starbuck, afragen, ocean90, whyisjake.
git-svn-id: https://develop.svn.wordpress.org/trunk@48601 602fd350-edb4-49c9-b593-d223f7449a82
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”
With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).
Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.
Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.
Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes#50413.
git-svn-id: https://develop.svn.wordpress.org/trunk@48121 602fd350-edb4-49c9-b593-d223f7449a82
Partially reverts [48059] as there's no full consensus on the removal of the text prefix. Further actions should be taken to improve consistency and accessibility of the admin notices. Keeps some improvements to the translatable strings from [48059].
Fixes#47656.
git-svn-id: https://develop.svn.wordpress.org/trunk@48115 602fd350-edb4-49c9-b593-d223f7449a82
The tag was supported in phpDocumentor 1.x, but is no longer supported in 2.x and 3.x.
Usage of static variables is considered an internal implementation detail and has no information value for someone reading the docs.
Props alishanvr, jrf.
Fixes#50426.
git-svn-id: https://develop.svn.wordpress.org/trunk@48109 602fd350-edb4-49c9-b593-d223f7449a82
For a number of years, most of the WordPress error messages have been prefixed with "Error:". However, these messages appear in a context where it's already clear an error occurred. Whether it's an error, a warning, or any other classification, that's not so relevant for users. The content of the message is the relevant part. The "Error:" prefix doesn't add great value while it does add unnecessary complexity for the message readability.
Also, revises some of these messages to improve clarity and removes HTML from translatable strings.
Props garrett-eclipse, ramiy, SergeyBiryukov, afercia, sabernhardt, quadthemes, audrasjb.
See #47003, #43037, #42945, #15887.
Fixes#47656.
git-svn-id: https://develop.svn.wordpress.org/trunk@48059 602fd350-edb4-49c9-b593-d223f7449a82
Now that WordPress Core supports PHP >= 5.6, the PHPMailer library can be updated to the latest version.
The PHPMailer files now reside in a new directory, `wp-includes/PHPMailer`. These files are copied verbatim from the library upstream and will make updating in the future easier. For backwards compatibility, the old files will remain and trigger deprecated file warnings.
The PHPMailer class is also now under the `PHPMailer\PHPMailer\PHPMailer` namespace. The `PHPMailer` class in the global namespace has been aliased for a seamless transition.
This upgrade also clears up a handful of PHP compatibility issues detailed in #49922.
For a full list of changes, see the PHPMailer GitHub: https://github.com/PHPMailer/PHPMailer/compare/v5.2.27...v6.1.6.
Props Synchro, SergeyBiryukov, desrosj, donmhico, ayeshrajans.
Fixes#41750.
git-svn-id: https://develop.svn.wordpress.org/trunk@48033 602fd350-edb4-49c9-b593-d223f7449a82
This reduces the number of `WordPress.PHP.StrictComparisons.LooseComparison` issues in half, from 1897 to 890.
Includes minor code layout fixes for better readability.
See #49542.
git-svn-id: https://develop.svn.wordpress.org/trunk@47808 602fd350-edb4-49c9-b593-d223f7449a82
Previously, the `@` operator was used to prevent possible warnings emitted by `parse_url()` in PHP < 5.3.3 when URL parsing failed.
Now that the minimum version of PHP required by WordPress is 5.6.20, this is no longer needed.
Props netpassprodsr, Howdy_McGee.
Fixes#49980. See #24780.
git-svn-id: https://develop.svn.wordpress.org/trunk@47617 602fd350-edb4-49c9-b593-d223f7449a82
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.
Includes minor code layout fixes for better readability.
See #49542.
git-svn-id: https://develop.svn.wordpress.org/trunk@47550 602fd350-edb4-49c9-b593-d223f7449a82
