Using script tag helper functions allows plugins to employ the `wp_script_attributes` and `wp_inline_script_attributes` filters to inject the `nonce` attribute to apply Content Security Policy (e.g. Strict CSP). Use of helper functions also simplifies logic in `WP_Scripts`.
* Update `wp_get_inline_script_tag()` to wrap inline script in CDATA blocks for XHTML-compatibility when not using HTML5.
* Ensure the `type` attribute is printed first in `wp_get_inline_script_tag()` for back-compat.
* Wrap existing `<script>` tags in output buffering to retain IDE supports.
* In `wp_get_inline_script_tag()`, append the newline to `$javascript` before it is passed into the `wp_inline_script_attributes` filter so that the CSP hash can be computed properly.
* In `the_block_template_skip_link()`, opt to enqueue the inline script rather than print it.
* Add `ext-php` to `composer.json` under `suggest` as previously it was an undeclared dependency for running PHPUnit tests.
* Update tests to rely on `DOMDocument` to compare script markup, normalizing unsemantic differences.
Props westonruter, spacedmonkey, flixos90, 10upsimon, dmsnell, mukesh27, joemcgill, swissspidy, azaozz.
Fixes#58664.
See #39941.
git-svn-id: https://develop.svn.wordpress.org/trunk@56687 602fd350-edb4-49c9-b593-d223f7449a82
In this commit, enhancements have been made by replacing manually constructed style tags with calls to `wp_add_inline_style`. Previously, numerous style tags were generated and output directly in the header, resulting in redundant code and bypassing the core's style enqueueing system. This approach made it challenging for third-party developers to manage and control the output of these style tags.
To ensure backward compatibility, the following functions have been deprecated and replaced:
- print_embed_styles
- print_emoji_styles
- wp_admin_bar_header
- _admin_bar_bump_cb
Backward compatibility shims have also been added, ensuring that if these functions were previously unhooked from there actions, they will continue to not output a style tag.
However, for the following functions, conversion to use inline styles was not feasible due to the potential disruption it might cause by changing the style tag IDs, potentially breaking JavaScript functionality for a number of plugins in the repository:
- custom-background
- wp-custom
These changes improve code maintainability and enhance the flexibility and control available to developers when managing style outputs within WordPress core.
Props spacedmonkey, hlunter, westonruter, flixos90.
Fixes#58775.
git-svn-id: https://develop.svn.wordpress.org/trunk@56682 602fd350-edb4-49c9-b593-d223f7449a82
The `$post_ID` variable is [546f59c678/WordPress/Sniffs/NamingConventions/ValidVariableNameSniff.php (L54) technically allowed in WPCS], as there is a global of the same name that needs to remain for backward compatibility. However, this name is mostly a remnant of legacy code, and switching to `$post_id` where appropriate brings more consistency with the rest of core.
Additionally, this commit resolves a few WPCS warnings in core:
{{{
Variable "$post_IDs" is not in valid snake_case format
}}}
This affects:
* Function parameters in:
* `add_meta()`
* `post_preview()`
* `WP_Embed::delete_oembed_caches()`
* `WP_Embed::cache_oembed()`
* `wp_get_post_cats()`
* `wp_set_post_cats()`
* `wp_unique_post_slug()`
* `wp_set_post_categories()`
* `wp_check_post_hierarchy_for_loops()`
* `wp_add_trashed_suffix_to_post_name_for_trashed_posts()`
* `wp_filter_wp_template_unique_post_slug()`
* `wp_xmlrpc_server::add_enclosure_if_new()`
* `wp_xmlrpc_server::attach_uploads()`
* `wp_xmlrpc_server::mt_getTrackbackPings()`
* Internal variables in:
* `wp_ajax_inline_save()`
* `wp_ajax_set_post_thumbnail()`
* `wp_ajax_get_post_thumbnail_html()`
* `edit_post()`
* `bulk_edit_posts()`
* `wp_write_post()`
* `WP_Embed::shortcode()`
* `wp_insert_post()`
* `wp_xmlrpc_server::_insert_post()`
* `wp_xmlrpc_server::blogger_getPost()`
* `wp_xmlrpc_server::blogger_newPost()`
* `wp_xmlrpc_server::blogger_editPost()`
* `wp_xmlrpc_server::blogger_deletePost()`
* `wp_xmlrpc_server::mw_getPost()`
* `wp_xmlrpc_server::mw_newPost()`
* `wp_xmlrpc_server::mw_editPost()`
* `wp_xmlrpc_server::mt_getPostCategories()`
* `wp_xmlrpc_server::mt_setPostCategories()`
* `wp_xmlrpc_server::mt_publishPost()`
* `wp_xmlrpc_server::pingback_ping()`
* Hook parameters in:
* `oembed_ttl`
* `embed_oembed_html`
* `wp_insert_post_parent`
* `add_trashed_suffix_to_trashed_posts`
* `pre_post_update`
* `edit_attachment`
* `attachment_updated`
* `add_attachment`
* `edit_post_{$post->post_type}`
* `edit_post`
* `post_updated`
* `save_post_{$post->post_type}`
* `save_post`
* `wp_insert_post`
* `pre_wp_unique_post_slug`
* `wp_unique_post_slug`
* `xmlrpc_call_success_blogger_newPost`
* `xmlrpc_call_success_blogger_editPost`
* `xmlrpc_call_success_blogger_deletePost`
* `xmlrpc_call_success_mw_newPost`
* `xmlrpc_call_success_mw_editPost`
Note: The name change only affects variable names and DocBlocks.
The change does not affect the `$post_ID` global still used in a few places.
Follow-up to [51399], [52958], [53723], [53729], [55190], [55308], [55334].
Props mahekkalola, tanjimtc71, SergeyBiryukov.
Fixes#57692.
git-svn-id: https://develop.svn.wordpress.org/trunk@55365 602fd350-edb4-49c9-b593-d223f7449a82
This aims to provide better context for translators and make it easier to determine that some strings contain hidden accessibility text and are not displayed in the UI.
Props kebbet, mercime, pavelevap, ocean90, swissspidy, Chouby, jipmoors, afercia, desrosj, costdev, audrasjb, SergeyBiryukov.
Fixes#29748.
git-svn-id: https://develop.svn.wordpress.org/trunk@55276 602fd350-edb4-49c9-b593-d223f7449a82
Adds `wp_theme_has_theme_json()` for public consumption, to replace the private internal Core-only `WP_Theme_JSON_Resolver::theme_has_support()` method. This new global function checks if a theme or its parent has a `theme.json` file.
For performance, results are cached as an integer `1` or `0` in the `'theme_json'` group with `'wp_theme_has_theme_json'` key. This is a non-persistent cache. Why? To make the derived data from `theme.json` is always fresh from the potential modifications done via hooks that can use dynamic data (modify the stylesheet depending on some option, settings depending on user permissions, etc.).
Also adds a new public function `wp_clean_theme_json_cache()` to clear the cache on `'switch_theme'` and `start_previewing_theme'`.
References:
* [https://github.com/WordPress/gutenberg/pull/45168 Gutenberg PR 45168] Add `wp_theme_has_theme_json` as a public API to know whether a theme has a `theme.json`.
* [https://github.com/WordPress/gutenberg/pull/45380 Gutenberg PR 45380] Deprecate `WP_Theme_JSON_Resolver:theme_has_support()`.
* [https://github.com/WordPress/gutenberg/pull/46150 Gutenberg PR 46150] Make `theme.json` object caches non-persistent.
* [https://github.com/WordPress/gutenberg/pull/45979 Gutenberg PR 45979] Don't check if constants set by `wp_initial_constants()` are defined.
* [https://github.com/WordPress/gutenberg/pull/45950 Gutenberg PR 45950] Cleaner logic in `wp_theme_has_theme_json`.
Follow-up to [54493], [53282], [52744], [52049], [50959].
Props oandregal, afragen, alexstine, aristath, azaozz, costdev, flixos90, hellofromTonya, mamaduka, mcsf, ocean90, spacedmonkey.
Fixes#56975.
git-svn-id: https://develop.svn.wordpress.org/trunk@55086 602fd350-edb4-49c9-b593-d223f7449a82
Calling the `wp_get_theme` function creates a instance of the `WP_Theme` class. This can be a performance issue, if all you need is one property of the class instance. This change replaces the usage of `wp_get_theme()->get_stylesheet()` with `get_stylesheet()` to improve performance.
Props spacedmonkey, flixos90, peterwilsoncc, desrosj.
Fixes#57057.
git-svn-id: https://develop.svn.wordpress.org/trunk@54817 602fd350-edb4-49c9-b593-d223f7449a82
Per the documentation standards, it should not be used outside of the default bundled themes.
Follow-up to [38767], [47055], [49697], [50956], [51003], [52069], [53255].
See #54729.
git-svn-id: https://develop.svn.wordpress.org/trunk@53331 602fd350-edb4-49c9-b593-d223f7449a82
Block themes without theme.json file used to have block-templates support disabled.
This commit brings this in sync with the behavior in the gutenberg plugin.
See #54335.
git-svn-id: https://develop.svn.wordpress.org/trunk@52347 602fd350-edb4-49c9-b593-d223f7449a82
Adds the required infrastructure to render block-based themes. This is sourced
from the Gutenberg plugin.
Fixes#54335.
Props bernhard-reiter, youknowriad, ntsekouras, hellofromtonya.
git-svn-id: https://develop.svn.wordpress.org/trunk@52062 602fd350-edb4-49c9-b593-d223f7449a82
When passing args to `WP_Query::__construct` method (in this case, but creating a `new WP_Query`, this one internally executes the `WP_Query::get_posts` method and stores the result in the `WP_Query::posts` property. When calling the `WP_Query::get_posts` again, the same SQL query gets executed, and the result is again stored in the `WP_Query::posts` property.
This was introduced in [51003].
Props david.binda, jorbin.
Fixes#53280. See #53176.
git-svn-id: https://develop.svn.wordpress.org/trunk@51144 602fd350-edb4-49c9-b593-d223f7449a82
With this patch, users will be able to create custom block based templates
and assign them to specific pages/posts.
Themes can also opt-out of this feature
Props bernhard-reiter, carlomanf.
Fixes#53176.
git-svn-id: https://develop.svn.wordpress.org/trunk@51003 602fd350-edb4-49c9-b593-d223f7449a82
