This adds a pure PHP implementation of the cryptographic functions supported in PHP 7.2+. It provides the necessary backwards compatibility required to support signature verification and other security features going forward across all supported PHP versions.
Props paragoninitiativeenterprises
Fixes#45806. See #39309.
git-svn-id: https://develop.svn.wordpress.org/trunk@44953 602fd350-edb4-49c9-b593-d223f7449a82
WordPress' code just... wasn't.
This is now dealt with.
Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes#41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42343 602fd350-edb4-49c9-b593-d223f7449a82
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.
See #41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42228 602fd350-edb4-49c9-b593-d223f7449a82
The `__autoload()` function is deprecated in PHP 7.2, which means WordPress' own `__autoload()` compat function for PHP 5.2 needs to be moved into a separate file to prevent the PHP 7.2 compiler from complaining.
Props ayeshrajans
See #40109
git-svn-id: https://develop.svn.wordpress.org/trunk@41178 602fd350-edb4-49c9-b593-d223f7449a82
[37748] introduced `_wp_expand_nav_menu_post_data()` together with an `array_replace_recursive()` compatibility function for PHP 5.2.
Even though that compat function is tried and tested in other projects like BuddyPress, we need to add additional `isset()` checks in order to avoid 'Undefined index' notices in our case.
See #36590.
git-svn-id: https://develop.svn.wordpress.org/trunk@37750 602fd350-edb4-49c9-b593-d223f7449a82
[36510] allowed larger menus to be created in the Edit Menu screen by JSON-encoding the entire form into a single input field. However, it did not correctly handle nested arrays.
This introduces a new `_wp_expand_nav_menu_post_data()` helper function to handle this POST data which uses `array_replace_recursive()` internally. Since the latter is only available on PHP 5.3+, we add a compatibility function to ensure PHP 5.2 support.
Props ericlewis, neverything, swissspidy.
Fixes#36590 for trunk. See #14134.
git-svn-id: https://develop.svn.wordpress.org/trunk@37748 602fd350-edb4-49c9-b593-d223f7449a82
Replaces unsecure links in documentation and translator comments with their secure versions.
Props johnpgreen, netweb
Fixes#36993
git-svn-id: https://develop.svn.wordpress.org/trunk@37674 602fd350-edb4-49c9-b593-d223f7449a82
For PHP 5.2, SPL can be disabled. As SPL provides the support for multiple autoloaders, this needs to be shimmed if not available.
Fixes#36926.
git-svn-id: https://develop.svn.wordpress.org/trunk@37636 602fd350-edb4-49c9-b593-d223f7449a82
Both will be ignored from parsing as and serve as compat functions for PHP's `hash_hmac()`.
Introduced in [18111].
See #32246.
git-svn-id: https://develop.svn.wordpress.org/trunk@36021 602fd350-edb4-49c9-b593-d223f7449a82
Both will be ignored from parsing as and serve as compat functions for PHP's `mb_strlen()`, which is not enabled by default.
Introduced in [32114].
See #32246.
git-svn-id: https://develop.svn.wordpress.org/trunk@36019 602fd350-edb4-49c9-b593-d223f7449a82
Both will be ignored from parsing as and serve as compat functions for PHP's `mb_substr()`, which is not enabled by default.
Introduced in [17621].
See #32246.
git-svn-id: https://develop.svn.wordpress.org/trunk@36017 602fd350-edb4-49c9-b593-d223f7449a82
Before the docs implied the complexity of the function was O(1) by using the term "constant time", now we use the more descriptive term "Timing attack safe".
Props AramZS.
Fixes#32778.
git-svn-id: https://develop.svn.wordpress.org/trunk@35805 602fd350-edb4-49c9-b593-d223f7449a82
`random_compat` offers a set of compatible functions for older versions of PHP, filling in the gap by using other PHP extensions when available.
We still include our existing `wp_rand()` functionality as a fallback for when no proper CSPRNG exists on the system.
Take Two, this was previously committed in [34922] but had an issue on PHP 5.2 which sarciszewski has now resolved.
Props sarciszewski
See #28633
git-svn-id: https://develop.svn.wordpress.org/trunk@34981 602fd350-edb4-49c9-b593-d223f7449a82
`random_compat` offers a set of compatible functions for older versions of PHP, filling in the gap by using other PHP extensions when available.
We still include our existing `wp_rand()` functionality as a fallback for when no proper CSPRNG exists on the system.
Props sarciszewski
See #28633
git-svn-id: https://develop.svn.wordpress.org/trunk@34922 602fd350-edb4-49c9-b593-d223f7449a82
If the function has no need for `@param` or `@return`, do an archeaological dig to find `@since`.
See #32444.
git-svn-id: https://develop.svn.wordpress.org/trunk@32672 602fd350-edb4-49c9-b593-d223f7449a82
In PHP 5.3.0, `is_a()` is no longer deprecated, and will therefore no longer throw `E_STRICT` warnings.
To avoid warnings in PHP < 5.3.0, convert all `is_a()` calls to `$var instanceof WP_Class` calls.
`instanceof` does not throw any error if the variable being tested is not an object, it simply returns `false`.
Props markoheijnen, wonderboymusic.
Fixes#25672.
git-svn-id: https://develop.svn.wordpress.org/trunk@31188 602fd350-edb4-49c9-b593-d223f7449a82
* `JSON_PRETTY_PRINT` was introduced in PHP 5.4
* Now you can use it with lower PHP versions, without a notice
fixes#30139
see #28786
git-svn-id: https://develop.svn.wordpress.org/trunk@30075 602fd350-edb4-49c9-b593-d223f7449a82
* All WordPress files move to a src/ directory.
* New task runner (Grunt), configured to copy a built WordPress to build/.
* svn:ignore and .gitignore for Gruntfile.js, wp-config.php, and node.js.
* Remove Akismet external from develop.svn. Still exists in core.svn.
* Drop minified files from src/. The build process will now generate these.
props koop.
see #24976.
and see http://wp.me/p2AvED-1AI.
git-svn-id: https://develop.svn.wordpress.org/trunk@25001 602fd350-edb4-49c9-b593-d223f7449a82
