Previously, only the active theme was made available. This commit allows for all themes to be queried if the user has the `switch_themes` or `manage_network_themes` capabilities.
This commit also no longer exposes the `page`, `per_page`, `search` and `context` query parameters since they are not supported by this controller.
Props spacedmonkey, lpawlik, TimothyBlynJacobs.
Fixes#50152.
git-svn-id: https://develop.svn.wordpress.org/trunk@49925 602fd350-edb4-49c9-b593-d223f7449a82
This avoids a PHP notice if the post type is no longer registered.
Follow-up to [14595], [35480].
Props bobbingwide, hareesh-pillai.
Fixes#40309.
git-svn-id: https://develop.svn.wordpress.org/trunk@49924 602fd350-edb4-49c9-b593-d223f7449a82
This ensures that the entire list of `WP_Query` args are filterable in the posts controller.
Props Krstarica, TimothyBlynJacobs.
Fixes#42762.
git-svn-id: https://develop.svn.wordpress.org/trunk@49923 602fd350-edb4-49c9-b593-d223f7449a82
Previously, only the username was checked which caused a PHP warning in some server setups, for instance Shibboleth SSO, where the server only populates the `PHP_AUTH_USER` field.
Props MadtownLems, johnbillion, richard.tape, engahmeds3ed.
Fixes#52003.
git-svn-id: https://develop.svn.wordpress.org/trunk@49919 602fd350-edb4-49c9-b593-d223f7449a82
Previously `null` was returned because the server was accessing the incorrect variable.
Props atimmer, technosailor.
Fixes#52106.
git-svn-id: https://develop.svn.wordpress.org/trunk@49918 602fd350-edb4-49c9-b593-d223f7449a82
Trying to schedule cron jobs before WordPress is installed results in DB errors, which is suboptimal.
See #47577.
git-svn-id: https://develop.svn.wordpress.org/trunk@49909 602fd350-edb4-49c9-b593-d223f7449a82
This brings the accessibility improvements previously made for other areas of the admin in WordPress 5.3 to the installation screens too.
Follow-up to [46241-46244], [46247], [46248], [46293], [46425].
Props Maigret, audrasjb.
Fixes#51854.
git-svn-id: https://develop.svn.wordpress.org/trunk@49907 602fd350-edb4-49c9-b593-d223f7449a82
This ensures that the `$term_ids` array in `wp_queue_posts_for_term_meta_lazyload()` (an indexed array not keyed by ID) does not contain duplicate values.
Props denishua, akabarikalpesh.
Fixes#52144.
git-svn-id: https://develop.svn.wordpress.org/trunk@49905 602fd350-edb4-49c9-b593-d223f7449a82
This changeset modifies the Site Health panel for HTTPS to provide more accurate recommendations based on whether the environment is already set up for HTTPS.
* Introduces `wp_is_using_https()` to check whether the site is configured to use HTTPS (via its Site Address and WordPress Address).
* Introduces `wp_is_https_supported()` to check whether the environment supports HTTPS. This relies on a cron job which periodically checks support using a loopback request.
Props Clorith, flixos90, miinasikk, westonruter.
Fixes#47577.
git-svn-id: https://develop.svn.wordpress.org/trunk@49904 602fd350-edb4-49c9-b593-d223f7449a82
The modified checks of the `read_private_posts` capability could result in unexpected SQL queries when calling `WP_Query` with invalid parameters.
Reverts [49830], [49832] and [49833].
See #48556.
git-svn-id: https://develop.svn.wordpress.org/trunk@49899 602fd350-edb4-49c9-b593-d223f7449a82
This most notably affects the response when XML-RPC is disabled or when the supplied username and password is incorrect.
Props ericmann
Fixes#48213
git-svn-id: https://develop.svn.wordpress.org/trunk@49862 602fd350-edb4-49c9-b593-d223f7449a82
Related Gutenberg PR: https://github.com/WordPress/gutenberg/pull/25220.
It aligns with the latest changes added by aristath to the Gutenberg project. As part of styles splitting for core blocks, there was a special pattern introduced for how style handles are named. Ideally, we would apply it to all blocks but there might be some backward compatibility considerations so I left the handling for non-core blocks unchanged.
Props aristath.
See #50328.
git-svn-id: https://develop.svn.wordpress.org/trunk@49850 602fd350-edb4-49c9-b593-d223f7449a82
The dynamic portion of the hook name, `$action`, refers to the post action.
Props iandunn, jakub.tyrcha, nacin, wonderboymusic, Mte90, johnbillion
Fixes#16849
git-svn-id: https://develop.svn.wordpress.org/trunk@49845 602fd350-edb4-49c9-b593-d223f7449a82
This brings the behaviour inline with the `<title>` element of the page which always shows the author name.
Props Tkama, subrataemfluence
Fixes#44183
git-svn-id: https://develop.svn.wordpress.org/trunk@49843 602fd350-edb4-49c9-b593-d223f7449a82
After this change, the relevant `read_private_posts` capability is checked for
each queried post type. This ensures that private posts appear in search and
archive queries for users who have the ability to view those posts.
Props leogermani.
Fixes#13509, #48968, #48556.
git-svn-id: https://develop.svn.wordpress.org/trunk@49830 602fd350-edb4-49c9-b593-d223f7449a82
* Expands the capabilities of `wp_filter_content_tags()` to add the attribute to iframe tags if enabled.
* Modifies the default behavior of `wp_lazy_loading_enabled()` so that it returns `true` for `iframe` tags.
* Introduces a `wp_iframe_tag_add_loading_attr()` function.
* Introduces a `wp_iframe_tag_add_loading_attr` filter.
Like for images, the attribute is only added to iframes which have both `width` and `height` specified (see related #50367).
Props azaozz, flixos90, westonruter.
Fixes#50756.
git-svn-id: https://develop.svn.wordpress.org/trunk@49808 602fd350-edb4-49c9-b593-d223f7449a82
Canonical functions should be used instead of aliases, because aliases can be deprecated or removed withough much notice. See r49193.
Props SergeyBiryukov.
See #51056.
git-svn-id: https://develop.svn.wordpress.org/trunk@49805 602fd350-edb4-49c9-b593-d223f7449a82
When SimplePie parses HTTP headers, it combines multiple values for the same header into a comma-separated string. `WP_SimplePie_File` overrides the parsing, but was leaving them as an array instead.
That lead to a fatal error in PHP 8, because other parts of the codebase ended up passing an array to a function that expected a string.
Props david.binda, litemotiv, inc2734, NicolasKulka, hellofromTonya, mbabker, skithund, SergeyBiryukov, desrosj, timothyblynjacobs.
Fixes#51056. See #51956.
git-svn-id: https://develop.svn.wordpress.org/trunk@49803 602fd350-edb4-49c9-b593-d223f7449a82
Whether App Passwords are being used is a global featurel, not a per-network feature. This fixes issues on Multi Network installs if App Passwords are used on a different network from where they were created.
Props spacedmonkey.
Fixes#51939.
See [49752].
git-svn-id: https://develop.svn.wordpress.org/trunk@49764 602fd350-edb4-49c9-b593-d223f7449a82
Application Passwords uses Basic Authentication to transfer authentication details. If the site is already using Basic Auth, for instance to implement a private staging environment, then the REST API will treat this as an authentication attempt and would end up generating an error for any REST API request.
Now, Application Password authentication will only be attempted if Application Passwords is in use by a site. This is flagged by setting an option whenever an Application Password is created. An upgrade routine is added to set this option if any App Passwords already exist.
Lastly, creating an Application Password will be prevented if the site appears to already be using Basic Authentication.
Props chexwarrior, georgestephanis, adamsilverstein, helen, Clorith, marybaum, TimothyBlynJacobs.
Fixes#51939.
git-svn-id: https://develop.svn.wordpress.org/trunk@49752 602fd350-edb4-49c9-b593-d223f7449a82
This avoids an error on PHP 8 caused by calling `wp_imagecreatetruecolor()` with inputs that aren't numeric, or are less than 0.
Props hellofromtonya, Boniu91, metalandcoffee, SergeyBiryukov.
Fixes#51937.
git-svn-id: https://develop.svn.wordpress.org/trunk@49751 602fd350-edb4-49c9-b593-d223f7449a82
r49212 greatly improved the performance of `get_dirsize()`, but also changed the structure of the data stored in the `dirsize_cache` transient. It stored relative paths instead of absolute ones, and also removed the unnecessary `size` array.
That difference in data structures led to a fatal error in the following environment:
* PHP 8
* Multisite
* A custom `WP_CONTENT_DIR` which is not a child of WP's `ABSPATH` folder (e.g., [https://roots.io/bedrock/ Bedrock])
* The `upload_space_check_disabled` option set to `0`
After upgrading to WP 5.6, the `dirsize_cache` transient still had data in the old format. When `wp-admin.php/index.php` was visited, `get_space_used()` received an `array` instead of an `int`, and tried to divide it by another `int`. PHP 7 would silently cast the arguments to match data types, but [https://wiki.php.net/rfc/arithmetic_operator_type_checks PHP 8 throws a fatal error]:
`Uncaught TypeError: Unsupported operand types: array / int`
`recurse_dirsize()` was using `ABSPATH` to convert the absolute paths to relative ones, but some upload locations are not located under `ABSPATH`. In those cases, `$directory` and `$cache_path` were identical, and that triggered the early return of the old `array`, instead of the expected `int`.
In order to avoid that, this commit restores the absolute paths, but without the `size` array. It also adds a type check when returning cached values. Using absolute paths without `size` has the result of overwriting the old data, so that it matches the new format. The type check and upgrade routine are additional safety measures.
Props peterwilsoncc, janthiel, helen, hellofromtonya, francina, pbiron.
Fixes#51913. See #19879.
git-svn-id: https://develop.svn.wordpress.org/trunk@49744 602fd350-edb4-49c9-b593-d223f7449a82
Previously we returned a `WP_Error` instance saying that the password was not found which is inaccurate.
Props dlh.
Fixes#51922.
git-svn-id: https://develop.svn.wordpress.org/trunk@49739 602fd350-edb4-49c9-b593-d223f7449a82
@wordpress/components: 11.1.2 -> 11.1.3
This fixes an accessibility regression with VoiceOver not announcing the input label or an existing selection in the parent page dropdown under "Page Attributes" in the sidebar.
See https://github.com/WordPress/gutenberg/pull/27431 for more details.
Props isabel_brison, sarahricker, alexstine, kevin940726, talldanwp.
Fixes#51923.
git-svn-id: https://develop.svn.wordpress.org/trunk@49737 602fd350-edb4-49c9-b593-d223f7449a82
This enables, for example, the previous post status to be used by this hook without the need to first capture it on an earlier hook.
This also fixes the value of the `$fire_after_hooks` parameter in `get_default_post_to_edit()` so the `wp_after_insert_post` action correctly fires just once on the new post screen.
Props Collizo4sky, peterwilsoncc, hellofromTonya, TimothyBlynJacobs, SergeyBiryukov
Fixes#45114
git-svn-id: https://develop.svn.wordpress.org/trunk@49731 602fd350-edb4-49c9-b593-d223f7449a82
As a best practice, strings available for translation should contain entire sentences whenever possible.
Splitting a sentence in two parts and putting them back together after translation should be avoided, as the word order in other languages can be different from English.
Props tobifjellner, kebbet, audrasjb, mukesh27, hellofromTonya, azaozz, SergeyBiryukov.
Fixes#51893.
git-svn-id: https://develop.svn.wordpress.org/trunk@49722 602fd350-edb4-49c9-b593-d223f7449a82
The REST API requests in Site Health and App Passwords now include `_locale=user` in the request URL to ensure the user's locale is used instead of the site locale. Additionally, the `apiRequest` library now sends a JSON `Accept` header which is required by `determine_locale()` to respect the `_locale` query parameter.
The Site Health REST API controllers now manually load the default admin textdomain if not `is_admin()`. This allows for the Site Health tests to be translated even though the translations are part of the administration project and the REST API is not.
Props oglekler, kebbet, Clorith, TimothyBlynJacobs, ocean90, SergeyBiryukov, adamsilverstein.
Fixes#51871.
git-svn-id: https://develop.svn.wordpress.org/trunk@49716 602fd350-edb4-49c9-b593-d223f7449a82
