This resolves 80+ WPCS warnings in core:
{{{
Variable "$comment_ID" is not in valid snake_case format
}}}
While matching the database field of the same name, the `$comment_ID` variable did not follow the WordPress coding standards, and is now renamed to address that.
This affects:
* Function parameters in:
* `get_comment_author()`
* `comment_author()`
* `get_comment_author_email()`
* `comment_author_email()`
* `get_comment_author_link()`
* `comment_author_link()`
* `get_comment_author_IP()`
* `comment_author_IP()`
* `get_comment_author_rl()`
* `comment_author_url()`
* `get_comment_date()`
* `comment_date()`
* `get_comment_excerpt()`
* `comment_excerpt()`
* `get_comment_text()`
* `comment_text()`
* `get_comment_time()`
* `comment_time()`
* `get_comment_type()`
* `get_page_of_comment()`
* `wp_new_comment_notify_moderator()`
* `wp_new_comment_notify_postauthor()`
* `get_commentdata()`
* Internal variables in:
* `get_comment_ID()`
* `wp_new_comment()`
* `wp_xmlrpc_server::wp_deleteComment()`
* `wp_xmlrpc_server::wp_editComment()`
* `wp_xmlrpc_server::wp_newComment()`
* `wp_xmlrpc_server::pingback_ping()`
* Hook parameters in:
* `get_comment_author`
* `comment_author`
* `get_comment_author_email`
* `author_email`
* `get_comment_author_link`
* `get_comment_author_IP`
* `get_comment_author_url`
* `comment_url`
* `get_comment_excerpt`
* `comment_excerpt`
* `get_comment_ID`
* `get_comment_type`
* `get_page_of_comment`
* `comment_{$new_status}_{$comment->comment_type}`
* `comment_post`
* `notify_moderator`
* `notify_post_author`
* `commentrss2_item`
* `xmlrpc_call_success_wp_deleteComment`
* `xmlrpc_call_success_wp_editComment`
* `xmlrpc_call_success_wp_newComment`
* `pingback_post`
Note: The name change only affects variable names and DocBlocks.
The change does not affect:
* `comment_ID` as the `$orderby` value in `WP_Comment_Query::__construct()`
* `comment_ID` as the `$orderby` value in `WP_Comment::get_children()`
* `comment_ID` as part of `$commentarr` parameter in `wp_update_comment()`
The associated array keys still match the database field.
Follow-up to [53723].
Props krunal265, costdev, SergeyBiryukov.
Fixes#57671. See #56791.
git-svn-id: https://develop.svn.wordpress.org/trunk@55308 602fd350-edb4-49c9-b593-d223f7449a82
This avoids a fatal error if the function is disabled on certain environments.
Props theode, jokerrs, johnbillion, hellofromTonya, costdev, jrf, azaozz, SergeyBiryukov.
Fixes#55711.
git-svn-id: https://develop.svn.wordpress.org/trunk@55258 602fd350-edb4-49c9-b593-d223f7449a82
Formally deprecate `get_page_by_title()`. In its current form the function is unpredictable in that it may return a result that leads to a 404 error and will return different results depending on the database version/engine combination used.
It is recommended developers use `WP_Query` instead:
{{{
$query = new WP_Query(
array(
'post_type' => 'page',
'title' => 'Sample Page',
)
);
}}}
Props TimothyBlynJacobs, costdev, mukesh27, spacedmonkey, peterwilsoncc.
Fixes#57041.
git-svn-id: https://develop.svn.wordpress.org/trunk@55207 602fd350-edb4-49c9-b593-d223f7449a82
This is a major release and contains breaking changes.
Most important changes to be aware of for this release:
* All code is now namespaced. Though there is a full backward compatibility layer available and the old class names are still supported, using them will generate a deprecation notice (which can be silenced by plugins if they'd need to support multiple WP versions). See the [https://requests.ryanmccue.info/docs/upgrading.html upgrade guide] for more details.
* A lot of classes have been marked `final`. This should generally not affect userland code as care has been taken to not apply the `final` keyword to classes which are known to be extended in userland code.
* Extensive input validation has been added to Requests. When Requests is used as documented though, this will be unnoticable.
* A new `WpOrg\Requests\Requests::has_capabilities()` method has been introduced which can be used to address #37708.
* A new `WpOrg\Requests\Response::decode_body()` method has been introduced which may be usable to simplify some of the WP native wrapper code.
* Remaining PHP 8.0 compatibility fixed (support for named parameters).
* PHP 8.1 compatibility.
Release notes: https://github.com/WordPress/Requests/releases/tag/v2.0.0
For a full list of changes in this update, see the Requests GitHub:
https://github.com/WordPress/Requests/compare/v1.8.1...v2.0.0
This commit also resolves 2 blocking issues which previously caused the revert of [52244]:
* New Requests files are loaded into `wp-includes/Requests/src/`, matching the location of the library. In doing so, filesystems that are case-insensitive are not impacted (see #54582).
* Preload: During a Core update, the old Requests files are preloaded into memory before the update deletes the files. Preloading avoids fatal errors noted in #54562.
Follow-up to [50842], [51078], [52244], [52315], [52327], [52328].
Props jrf, schlessera, datagutten, wojsmol, dustinrue, soulseekah, szepeviktor. costdev, sergeybiryukov, peterwilsoncc, ironprogrammer, antonvlasenko, hellofromTonya, swissspidy, dd32, azaozz, TobiasBg, audrasjb.
Fixes#54504.
See #54582, #54562.
git-svn-id: https://develop.svn.wordpress.org/trunk@54997 602fd350-edb4-49c9-b593-d223f7449a82
When initially deprecated in [54240], `global_terms_enabled()` was incorrectly moved to the `wp-includes/ms-deprecated.php` file. This file is only loaded for multisite installs.
The function previously lived in `wp-includes/functions.php`, which is loaded for all sites. The proper deprecated file is `wp-includes/deprecated.php`.
Props vikasprogrammer, davidbaumwald, courane01, desrosj.
Fixes#21734.
git-svn-id: https://develop.svn.wordpress.org/trunk@54283 602fd350-edb4-49c9-b593-d223f7449a82
This commit introduces fluid typography block supports and switches to use the Style Engine for typography and colors.
The motivation for fluid typography block supports:
>"Fluid typography" describes how a site's font sizes adapt to every change in screen size, for example, growing larger as the viewport width increases, or smaller as it decreases.
>
>Font sizes can smoothly scale between minimum and maximum viewport widths.
Typography changes introduced from Gutenberg:
* Uses the Style Engine to generate the CSS and classnames in `wp_apply_typography_support()`.
* Introduces `wp_typography_get_preset_inline_style_value()` for backwards-compatibility.
* Introduces a private internal function called `wp_get_typography_value_and_unit()`, for checking and getting typography unit and value.
* Introduces a private internal function called `wp_get_computed_fluid_typography_value()`, for an internal implementation of CSS `clamp()`.
* Deprecates `wp_typography_get_css_variable_inline_style()`.
References:
* [https://github.com/WordPress/gutenberg/pull/40332 WordPress/gutenberg PR 40332] Style Engine: add typography and color to backend
* [https://github.com/WordPress/gutenberg/pull/39529 WordPress/gutenberg PR 39529] Block supports: add fluid typography
Follow-up to [53076], [52302], [52069], [51089], [50761], [49226].
Props ramonopoly, youknowriad, aristath, oandregal, aaronrobertshaw, cbirdsong, jorgefilipecosta, ironprogrammer, hellofromTonya.
See #56467.
git-svn-id: https://develop.svn.wordpress.org/trunk@54260 602fd350-edb4-49c9-b593-d223f7449a82
Following the update to replace the HTTP API internals with Requests library in WordPress 4.6, the return value of `wp_remote_retrieve_headers()` has changed from a simple array to an object which implements `ArrayAccess`.
Since `wp_get_http_headers()` directly returns the result of `wp_remote_retrieve_headers()`, its return value should reflect that change.
Includes:
* Updating the return value for the deprecated `wp_get_http()` function, which also directly returns the result of `wp_remote_retrieve_headers()`.
* Minor DocBlock formatting changes for some other HTTP API functions per the documentation standards.
Follow-up to [2416], [6390], [8092], [9013], [37428], [37989], [38730].
Props mhkuu.
See #54225, #55646.
git-svn-id: https://develop.svn.wordpress.org/trunk@54157 602fd350-edb4-49c9-b593-d223f7449a82
Follow-up #54337, [52069]. Part of https://github.com/WordPress/gutenberg/issues/41236. More details in https://github.com/WordPress/gutenberg/issues/33542.
Allow passing more than one script per block for `editorScript`, `script`, and `viewScript` fields in the `block.json` metadata file. This aligns with the previously added changes for `style` and `editorStyle` fields.
This change impacts the `WP_Block_Type` class and the REST API endpoint for block types. To ensure backward compatibiliy old names were soft deprecated in favor of new fields that work with array values and have `_handles` suffix.
Props zieladam, dlh, timothyblynjacobs, aristath, bernhard-reiter.
Fixes#56408.
git-svn-id: https://develop.svn.wordpress.org/trunk@54155 602fd350-edb4-49c9-b593-d223f7449a82
Previously, when using `switch_to_locale()` all current loaded text domains were unloaded and added to the `$l10n_unloaded` global. This prevented the just-in-time loading for text domains after a switch. The just-in-time loading was also only possible if the translations were stored in `WP_LANG_DIR`. Both issues have been fixed.
* Adds `WP_Textdomain_Registry` to keep track of the language directory paths for all plugins and themes.
* Updates all `load_*_textdomain()` functions to store the path in `WP_Textdomain_Registry`.
* Adds `$locale` parameter to `load_textdomain()` to specify the locale the translation file is for.
* Adds `$reloadable` parameter to `unload_textdomain()` to define whether a text domain can be loaded just-in-time again. This is used by `WP_Locale_Switcher::load_translations()`.
* Extends `_load_textdomain_just_in_time()` to also support text domains of plugins and themes with custom language directories.
* Fixes the incorrect `test_plugin_translation_after_switching_locale_twice()` test which should have caught this issue earlier.
* Adds a new test plugin and theme to test the loading of translations with a custom language directory.
* Deprecates the now unused and private `_get_path_to_translation()` and `_get_path_to_translation_from_lang_dir()` functions.
Previously added in [49236] and reverted in [49236] to investigate concerns which are now addressed here.
Props yoavf, swissspidy, dd32, ocean90.
See #26511.
Fixes#39210.
git-svn-id: https://develop.svn.wordpress.org/trunk@53874 602fd350-edb4-49c9-b593-d223f7449a82
- Deprecate `wp_get_attachment_thumb_file()`.
- Make `wp_get_attachment_thumb_url()` an alias of `wp_get_attachment_image_url()`. This fixes it to return the proper thumbnail URL and fall back to returning the URL to `image_meta['thumb']` if only that exists.
Props: markhowellsmead, mukesh27, csesumonpro, SergeyBiryukov, mikeschroder, killua99, joemcgill, mashukushibiki, mfgmicha, swissspidy, romulodl, nacin, JoshuaAbenazer, wonderboymusic, lonnylot, azaozz.
git-svn-id: https://develop.svn.wordpress.org/trunk@53685 602fd350-edb4-49c9-b593-d223f7449a82
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.
Follow-up to [11383], [13096], [51597], [53452].
Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes#55852.
git-svn-id: https://develop.svn.wordpress.org/trunk@53455 602fd350-edb4-49c9-b593-d223f7449a82
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.
This commit:
* Renames the `$echo` parameter to `$display` in:
* `the_category_ID()`
* `get_author_link()`
* `get_links()`
* `get_category_rss_link()`
* `get_author_rss_link()`
* Renames the `$string` parameter to `$text` in `wp_specialchars()`.
* Renames the `$string` parameter to `$message` in `debug_fwrite()`.
* Renames the `$string` parameter to `$content` in `wp_kses_js_entities()`.
Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242], [53243], [53245], [53246], [53257], [53269], [53270], [53271], [53272], [53273], [53274], [53275], [53276], [53277], [53281], [53283], [53284], [53285].
Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #55327.
git-svn-id: https://develop.svn.wordpress.org/trunk@53287 602fd350-edb4-49c9-b593-d223f7449a82
This ensures the code blocks are displayed correctly in the WordPress Code Reference.
Follow-up to [19304], [37541], [44021], [49992].
See #54729.
git-svn-id: https://develop.svn.wordpress.org/trunk@53087 602fd350-edb4-49c9-b593-d223f7449a82
This ensures the replacement functions are linked correctly in the WordPress Code Reference.
Follow-up to [38515], [43548], [49992], [51348], [51586], [52757], [53082].
See #54729.
git-svn-id: https://develop.svn.wordpress.org/trunk@53086 602fd350-edb4-49c9-b593-d223f7449a82
Reinstate the functions hard deprecated in [53076]: `wp_skip_border_serialization()`, `wp_skip_dimensions_serialization()` and `wp_skip_spacing_serialization()`.
Props ramonopoly.
See #55505.
git-svn-id: https://develop.svn.wordpress.org/trunk@53082 602fd350-edb4-49c9-b593-d223f7449a82
This changeset replaces contracted verb forms like `doesn't`, `can't`, or `isn't` with non-contracted forms like `does not`, `cannot`, or `is not`, for better consistency across the WordPress administration. It also updates some corresponding unit tests strings.
Props Presskopp, socalchristina, aandrewdixon, francina, SergeyBiryukov, JeffPaul, audrasjb, hellofromTonya.
Fixes#38913.
See #39176.
git-svn-id: https://develop.svn.wordpress.org/trunk@52978 602fd350-edb4-49c9-b593-d223f7449a82
This changeset is a backport for the following Gutenberg PRs:
- Fix duotone theme cache gutenberg#36236
- Fix duotone render in non-fse themes gutenberg#37954
- Duotone: Allow users to specify custom filters gutenberg#38442
Props oandregal, scruffian, Mamaduka.
See #55179.
git-svn-id: https://develop.svn.wordpress.org/trunk@52757 602fd350-edb4-49c9-b593-d223f7449a82
A general security rule is "Sanitize when you save, escape when you echo", and for the most part WordPress has well-named functions like `sanitize_email()` and others, with `esc_url_raw()` being a single exception that does not follow the naming.
This commit restores the previously deprecated `sanitize_url()` function as a valid alias of `esc_url_raw()`.
This better aligns with the naming with other `sanitize_*()` functions:
* `sanitize_bookmark()`
* `sanitize_bookmark_field()`
* `sanitize_category()`
* `sanitize_category_field()`
* `sanitize_comment_cookies()`
* `sanitize_email()`
* `sanitize_file_name()`
* `sanitize_hex_color()`
* `sanitize_hex_color_no_hash()`
* `sanitize_html_class()`
* `sanitize_key()`
* `sanitize_meta()`
* `sanitize_mime_type()`
* `sanitize_option()`
* `sanitize_post()`
* `sanitize_post_field()`
* `sanitize_sql_orderby()`
* `sanitize_term()`
* `sanitize_term_field()`
* `sanitize_text_field()`
* `sanitize_textarea_field()`
* `sanitize_title()`
* `sanitize_title_for_query()`
* `sanitize_title_with_dashes()`
* `sanitize_trackback_urls()`
* `sanitize_user()`
* `sanitize_user_field()`
Follow-up to [11383], [13096].
Props Ipstenu, aadilali.
Fixes#53876.
git-svn-id: https://develop.svn.wordpress.org/trunk@51597 602fd350-edb4-49c9-b593-d223f7449a82
This improves the logic within `excerpt_remove_blocks()` to better handle `innerBlocks`. This prevents an empty excerpt from being returned when `core/columns`, `core/column`, and `core/group` blocks are present.
This issue has been surfaced in the Query Loop block, where excerpts can be set to display.
Props aristath.
Fixes#53604.
git-svn-id: https://develop.svn.wordpress.org/trunk@51348 602fd350-edb4-49c9-b593-d223f7449a82
Add support for uploading, editing and saving WebP images when supported by the server.
Add 'image/webp' to supported mime types. Correctly identify WebP images and sizes even when PHP doesn't support WebP. Resize uploaded WebP files (when supported) and use for front end markup.
Props markoheijne, blobfolio, Clorith, joemcgill, atjn, desrosj, spacedmonkey, marylauc, mikeschroder, hellofromtonya, flixos90.
Fixes#35725.
git-svn-id: https://develop.svn.wordpress.org/trunk@50810 602fd350-edb4-49c9-b593-d223f7449a82
Previously, all logic utilizing `getimagesize()` was supressing errors making it difficult to debug usage of the function.
A new `wp_getimagesize()` function has been added to allow the errors to no longer be suppressed when `WP_DEBUG` is enabled.
Props Howdy_McGee, SergeyBiryukov, mukesh27, davidbaumwald, noisysocks, hellofromTonya.
Fixes#49889.
git-svn-id: https://develop.svn.wordpress.org/trunk@50146 602fd350-edb4-49c9-b593-d223f7449a82
This changeset introduces a filter-based Robots API, providing central control over the `robots` meta tag.
* Introduces `wp_robots()` function which should be called anywhere a `robots` meta tag should be included.
* Introduces `wp_robots` filter which allows adding or modifying directives for the `robots` meta tag. The `wp_robots()` function is entirely filter-based, i.e. if no filter is added to `wp_robots`, no directives will be present, and therefore the entire `robots` meta tag will be omitted.
* Introduces the following `wp_robots` filter functions which replace similar existing functions that were manually rendering a `robots` meta tag:
* `wp_robots_noindex()` replaces `noindex()`, which has been deprecated.
* `wp_robots_no_robots()` replaces `wp_no_robots()`, which has been deprecated.
* `wp_robots_sensitive_page()` replaces `wp_sensitive_page_meta()`, which has been deprecated. Its rendering of the `referrer` meta tag has been moved to another new function `wp_strict_cross_origin_referrer()`.
Migration to the new functions is straightforward. For example, a call to `add_action( 'wp_head', 'wp_no_robots' )` should be replaced with `add_filter( 'wp_robots', 'wp_robots_no_robots' )`.
Plugins and themes that render their own `robots` meta tags are encouraged to switch to rely on the `wp_robots` filter in order to use the central management layer now provided by WordPress core.
Props adamsilverstein, flixos90, timothyblynjacobs, westonruter.
See #51511.
git-svn-id: https://develop.svn.wordpress.org/trunk@49992 602fd350-edb4-49c9-b593-d223f7449a82
Previously, when using `switch_to_locale()` all current loaded text domains were unloaded and added to the `$l10n_unloaded` global. This prevented the just-in-time loading for text domains after a switch. The just-in-time loading was also only possible if the translations were stored in `WP_LANG_DIR`. Both issues have been fixed.
* Adds `WP_Textdomain_Registry` to keep track of the language directory paths for all plugins and themes.
* Updates all `load_*_textdomain()` functions to store the path in `WP_Textdomain_Registry`.
* Adds `$reloadable` parameter to `unload_textdomain()` to define whether a text domain can be loaded just-in-time again. This is used by `WP_Locale_Switcher::load_translations()`.
* Extends `_load_textdomain_just_in_time()` to also support text domains of plugins and themes with custom language directories.
* Fixes the incorrect `test_plugin_translation_after_switching_locale_twice()` test which should have catch this issue earlier.
* Adds a new test plugin/theme to test the loading of translations with a custom language directory.
* Deprecates the now unused and private `_get_path_to_translation()` and `_get_path_to_translation_from_lang_dir()` functions.
Props yoavf, swissspidy, dd32, ocean90.
See #26511.
Fixes#39210.
git-svn-id: https://develop.svn.wordpress.org/trunk@49236 602fd350-edb4-49c9-b593-d223f7449a82
The reason for introducing `wp_slash_strings_only()` in [46454] was to keep non-string values untouched.
Later, `wp_slash()` itself was updated in [48433] to prevent changing non-string values.
To avoid confusion, `wp_slash_strings_only()` is now deprecated.
Props ayeshrajans, ocean90.
Fixes#50635.
git-svn-id: https://develop.svn.wordpress.org/trunk@49188 602fd350-edb4-49c9-b593-d223f7449a82
In PHP 8, the GD extension uses `GdImage` objects instead of resources for its underlying data structures.
This updates the existing `is_resource()` calls for image resources in core to accomodate for `GdImage` instances as well.
Props ayeshrajans, jrf.
Fixes#50833.
git-svn-id: https://develop.svn.wordpress.org/trunk@48798 602fd350-edb4-49c9-b593-d223f7449a82
There are two pieces in here:
1) The update to change blacklist to blocklist is moved to disallowed_list. "Block" has a meaning in our code, and there could be ambiguity between this code and code related to blocks.
2) This improves backwards compatibility for code that was accessing the now deprecated code.
Previously: [48477], [48405], [48400], [48121], [48122], [48124], [48142], [48566]
Props: desrosj, SergeyBiryukov, johnjamesjacoby
Fixes: #50413
git-svn-id: https://develop.svn.wordpress.org/trunk@48575 602fd350-edb4-49c9-b593-d223f7449a82
This was missed in [48142] which renamed `add_option_allowed_list()` to `add_allowed_options()` for better readability. The two functions should have consistent names.
See #50413.
git-svn-id: https://develop.svn.wordpress.org/trunk@48566 602fd350-edb4-49c9-b593-d223f7449a82
The new names make the purpose more clear. It also adds consistency with the `$allowed_options` global variable.
Also in this change, the `wp-deprecated` dependency has been removed from the password strength meter in favor of a `window.console.log()` call to avoid adding 3 dependencies for one deprecated notice.
Props SergeyBiryukov, ocean90, desrosj
Fixes#50413.
git-svn-id: https://develop.svn.wordpress.org/trunk@48142 602fd350-edb4-49c9-b593-d223f7449a82
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”
With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).
Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.
Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.
Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes#50413.
git-svn-id: https://develop.svn.wordpress.org/trunk@48121 602fd350-edb4-49c9-b593-d223f7449a82
The `register_globals` directive in PHP was deprecated in version 5.3 and removed entirely in 5.4.
Now that WordPress only supports PHP 5.6.20 and newer, the `wp_unregister_GLOBALS()` function can be deprecated.
Props ayeshrajans, desrosj, SergeyBiryukov.
Fixes#49938.
git-svn-id: https://develop.svn.wordpress.org/trunk@47612 602fd350-edb4-49c9-b593-d223f7449a82
Previously, it was accidentally made available only in admin context.
Follow-up to [44606], [47245].
Props garrett-eclipse, johnjamesjacoby, r-a-y, Dono12.
Fixes#49802.
git-svn-id: https://develop.svn.wordpress.org/trunk@47555 602fd350-edb4-49c9-b593-d223f7449a82
