The `blogger.getUsersBlogs` endpoint does not currently work on Multisite environments which require HTTPS.
This changes `wp_xmlrpc_server::_multisite_getUsersBlogs()` to call the method directly instead of relying on a new `IXR_Client` request, which only supports HTTP.
Props dd32.
Fixes#56492.
git-svn-id: https://develop.svn.wordpress.org/trunk@54468 602fd350-edb4-49c9-b593-d223f7449a82
The `wp_xmlrpc_server::_insert_post()` method creates a new post via `wp_insert_post()` or updates an existing one via `wp_update_post()`, which subsequently calls `wp_insert_post()`. However, the default/fallback values used in the function were not in line with the default/fallback values used in the `wp_insert_post()` function.
The `wp_insert_post()` function does a `wp_parse_args()` (array merge) of the received arguments with the defaults. If any of the received arguments are `null`, this would overwrite the default value, as seen in [https://3v4l.org/bfVlv array_merge() example], and lead to "passing null to non-nullable" deprecation notices on PHP 8.1 for certain arguments.
Unfortunately, the conditional logic within the `wp_xmlrpc_server::_insert_post()` function itself often uses an `isset()` to trigger certain code blocks, so syncing the defaults with those used in the `wp_insert_post()` function was not an option.
This commit:
* Updates the default/fallback values in the `$defaults` array only for those values where this would not lead to a change in the behavior of the function.
* Adds a safeguard function, filtering out all remaining `null` values from the `$post_data` array before it is passed on to the `wp_insert_post()` or `wp_update_post()` functions. Removing those values is safe as this means that these array keys will now:
* either be set to the default/fallback value as defined in `wp_insert_post()`.
* or not be set and for those values which don't have a default/fallback value in `wp_insert_post()`, the function does an `! empty()` or `isset()` check anyway and those array keys not being defined means that the result of those checks will remain the same.
Includes
* Removing a couple of conditions which are now redundant.
* Removing an `expectDeprecation()` in the `Tests_Date_XMLRPC` test class, which is now no longer needed.
Fixes various errors along the lines of:
{{{
36) Tests_XMLRPC_wp_newPost::test_no_content
json_decode(): Passing null to parameter #1 ($json) of type string is deprecated
/var/www/src/wp-includes/kses.php:2074
/var/www/src/wp-includes/class-wp-hook.php:307
/var/www/src/wp-includes/plugin.php:205
/var/www/src/wp-includes/post.php:2835
/var/www/src/wp-includes/post.php:2720
/var/www/src/wp-includes/post.php:4066
/var/www/src/wp-includes/class-wp-xmlrpc-server.php:1683
/var/www/src/wp-includes/class-wp-xmlrpc-server.php:1347
/var/www/tests/phpunit/tests/xmlrpc/wp/newPost.php:25
/var/www/vendor/bin/phpunit:123
}}}
Follow-up to [1563], [4793], [7900], [16824], [19848], [19873], [20632], [40677], [51968], [54320].
Props jrf.
See #55656.
git-svn-id: https://develop.svn.wordpress.org/trunk@54321 602fd350-edb4-49c9-b593-d223f7449a82
The `wp_xmlrpc_server::mw_newPost()` method creates a new post via `wp_insert_post()`, but the default/fallback values used in the function were not in line with the default/fallback values used in the `wp_insert_post()` function.
The `wp_insert_post()` function does a `wp_parse_args()` (array merge) of the received arguments with the defaults. If any of the received arguments are `null`, this would overwrite the default value, as seen in [https://3v4l.org/bfVlv array_merge() example], and lead to "passing null to non-nullable" deprecation notices on PHP 8.1 for certain arguments.
This commit:
* Ensures that all arguments are defined before they are `compact()`'ed together to the arguments array.
* Verifies that the default/fallback value of the arguments as set within the `wp_xmlrpc_server::mw_newPost()` method are the same as the default/fallback values used in the `wp_insert_post()` function.
* Verifies that arguments which do not have a default/fallback value defined in the `wp_insert_post()` function are handled correctly.
* This was not the case for `$post_name`, which would previously already get an empty string default value in the `wp_xmlrpc_server::mw_newPost()` function, but then in the `wp_insert_post()` function, this would prevent the slug generation from being activated. Fixed now by setting the default in the `wp_xmlrpc_server::mw_newPost()` function to `null`.
* The `page_template` argument was handled, but not documented in the `wp_insert_post()` function. The argument is now documented in the `wp_insert_post()` function DocBlock. Note: There are more than likely several other potential arguments missing from that list, but verifying the whole list is outside the scope of this particular commit.
Includes minor simplifications, such as:
* Setting a default ahead of an `if`, instead of in an `else` clause (as long as no function call is needed to set the default).
* Removing the unnecessary logic duplication in the `$post_status` switch.
* Using a combined concatenation + assignment operator for adding `$post_more`.
Fixes various errors along the lines of:
{{{
1) Tests_XMLRPC_mw_editPost::test_draft_not_prematurely_published
strpos(): Passing null to parameter #1 ($haystack) of type string is deprecated
/var/www/src/wp-includes/formatting.php:2497
/var/www/src/wp-includes/class-wp-hook.php:308
/var/www/src/wp-includes/plugin.php:205
/var/www/src/wp-includes/post.php:2835
/var/www/src/wp-includes/post.php:2720
/var/www/src/wp-includes/post.php:4066
/var/www/src/wp-includes/class-wp-xmlrpc-server.php:5616
/var/www/tests/phpunit/tests/xmlrpc/mw/editPost.php:315
...
23) Tests_XMLRPC_mw_editPost::test_draft_not_prematurely_published
json_decode(): Passing null to parameter #1 ($json) of type string is deprecated
/var/www/src/wp-includes/kses.php:2074
/var/www/src/wp-includes/class-wp-hook.php:307
/var/www/src/wp-includes/plugin.php:205
/var/www/src/wp-includes/post.php:2835
/var/www/src/wp-includes/post.php:2720
/var/www/src/wp-includes/post.php:4066
/var/www/src/wp-includes/class-wp-xmlrpc-server.php:5615
/var/www/tests/phpunit/tests/xmlrpc/mw/editPost.php:315
/var/www/vendor/bin/phpunit:123
}}}
Follow-up to [1563], [4793], [7900], [16824], [19848], [40677], [51968].
Props jrf.
See #55656.
git-svn-id: https://develop.svn.wordpress.org/trunk@54320 602fd350-edb4-49c9-b593-d223f7449a82
Dynamic (non-explicitly declared) properties are deprecated as of PHP 8.2 and are expected to become a fatal error in PHP 9.0.
There are a number of ways to mitigate this:
* If it is an accidental typo for a declared property: fix the typo.
* For known properties: declare them on the class.
* For unknown properties: add the magic `__get()`, `__set()`, et al. methods to the class or let the class extend `stdClass` which has highly optimized versions of these magic methods built in.
* For unknown ''use'' of dynamic properties, the `#[AllowDynamicProperties]` attribute can be added to the class. The attribute will automatically be inherited by child classes.
Trac ticket #56034 is open to investigate and handle the third and fourth type of situations, however it has become clear this will need more time and will not be ready in time for WP 6.1.
To reduce “noise” in the meantime, both in the error logs of WP users moving onto PHP 8.2, in the test run logs of WP itself, in test runs of plugins and themes, as well as to prevent duplicate tickets from being opened for the same issue, this commit adds the `#[AllowDynamicProperties]` attribute to all “parent” classes in WP.
The logic used for this commit is as follows:
* If a class already has the attribute: no action needed.
* If a class does not `extend`: add the attribute.
* If a class does `extend`:
- If it extends `stdClass`: no action needed (as `stdClass` supports dynamic properties).
- If it extends a PHP native class: add the attribute.
- If it extends a class from one of WP's external dependencies: add the attribute.
* In all other cases: no action — the attribute should not be needed as child classes inherit from the parent.
Whether or not a class contains magic methods has not been taken into account, as a review of the currently existing magic methods has shown that those are generally not sturdy enough and often even set dynamic properties (which they should not). See the [https://www.youtube.com/watch?v=vDZWepDQQVE live stream from August 16, 2022] for more details.
This commit only affects classes in the `src` directory of WordPress core.
* Tests should not get this attribute, but should be fixed to not use dynamic properties instead. Patches for this are already being committed under ticket #56033.
* While a number bundled themes (2014, 2019, 2020, 2021) contain classes, they are not a part of this commit and may be updated separately.
Reference: [https://wiki.php.net/rfc/deprecate_dynamic_properties PHP RFC: Deprecate dynamic properties].
Follow-up to [53922].
Props jrf, hellofromTonya, markjaquith, peterwilsoncc, costdev, knutsp, aristath.
See #56513, #56034.
git-svn-id: https://develop.svn.wordpress.org/trunk@54133 602fd350-edb4-49c9-b593-d223f7449a82
The `wp_new_comment()`, `wp_update_comment()`, and `wp_filter_comment()` functions already normalize the `user_ID` parameter internally to `user_id`, which matches the database field name.
This commit aims to bring some consistency when passing the parameter in core.
The corresponding `$user_ID` variable is also renamed to `$user_id` to match the other variables when not referring to the `$user_ID` global, which has an exception in the WordPress coding standards.
Follow-up to [8543], [8720], [12267], [12300], [26491], [28915], [28922], [34799], [49303].
See #55647, #56244.
git-svn-id: https://develop.svn.wordpress.org/trunk@53729 602fd350-edb4-49c9-b593-d223f7449a82
This fixes two WPCS warnings:
* `Variable "$comment_post_ID" is not in valid snake_case format`
* `Variable "$comment_author_IP" is not in valid snake_case format`
While matching the database fields of the same name, these variables did not follow the WordPress coding standards, and are now renamed to address that.
Note: The name change only affects internal variables and parameters for a few actions receiving a comment post ID:
* `edit_comment`
* `comment_id_not_found`
* `comment_closed`
* `comment_on_trash`
* `comment_on_draft`
* `comment_on_password_protected`
* `pre_comment_on_post`
The change does not affect parameters for functions receiving an array of comment data:
* `wp_insert_comment()`
* `wp_new_comment()`
* `wp_update_comment()`
* `wp_handle_comment_submission()`
The associated array keys still match the database fields: `comment_post_ID` and `comment_author_IP`.
Follow-up to [1706], [2894], [8720], [28427], [28437], [28457], [34799], [53720],
See #55647, #56244.
git-svn-id: https://develop.svn.wordpress.org/trunk@53723 602fd350-edb4-49c9-b593-d223f7449a82
This changes updates many strings to remove self-references to an undefined "we" collective across the WordPress Administration.
The goal of this change is to better match the guidelines and recommendations set forth in the make/core handbook, specifically:
> the word "we" should be avoided (…) unless its made very clear which group is speaking.
Props johnbillion, shital-patel, audrasjb, marybaum, SergeyBiryukov, peterwilsoncc, johnjamesjacoby, kebbet, costdev, chaion07, davidbaumwald.
Fixes#46057.
git-svn-id: https://develop.svn.wordpress.org/trunk@53131 602fd350-edb4-49c9-b593-d223f7449a82
This changeset replaces contracted verb forms like `doesn't`, `can't`, or `isn't` with non-contracted forms like `does not`, `cannot`, or `is not`, for better consistency across the WordPress administration. It also updates some corresponding unit tests strings.
Props Presskopp, socalchristina, aandrewdixon, francina, SergeyBiryukov, JeffPaul, audrasjb, hellofromTonya.
Fixes#38913.
See #39176.
git-svn-id: https://develop.svn.wordpress.org/trunk@52978 602fd350-edb4-49c9-b593-d223f7449a82
This renames the file containing the `WP_Http` class to conform to the coding standards.
This commit also includes:
- A new `class-http.php` that includes the new file, for anyone that may've been including the file directly.
- Replaces references to the old filename with the new filename.
Follow-up to [8516], [13274], [33748].
Fixes#54389. See #53359.
git-svn-id: https://develop.svn.wordpress.org/trunk@52026 602fd350-edb4-49c9-b593-d223f7449a82
When the XML-RPC endpoint is enabled, always return a HTTP `200 OK` status code in accordance with the XML-RPC specification. Continue to return an HTTP `405 Method Not Allowed` status code when the endpoint is disabled.
Props ariskataoka, johnbillion.
Fixes#52958.
git-svn-id: https://develop.svn.wordpress.org/trunk@50954 602fd350-edb4-49c9-b593-d223f7449a82
This avoids an "Undefined variable" PHP notice in the `::mt_supportedMethods()` and `::mt_supportedTextFilters()` methods.
Follow-up to [50353].
Props dd32.
Fixes#52524.
git-svn-id: https://develop.svn.wordpress.org/trunk@50499 602fd350-edb4-49c9-b593-d223f7449a82
This provides better context and makes the action easier to use when the call passes specific content in the payload of the request.
Props dd32.
Fixes#52524.
git-svn-id: https://develop.svn.wordpress.org/trunk@50353 602fd350-edb4-49c9-b593-d223f7449a82
This most notably affects the response when XML-RPC is disabled or when the supplied username and password is incorrect.
Props ericmann
Fixes#48213
git-svn-id: https://develop.svn.wordpress.org/trunk@49862 602fd350-edb4-49c9-b593-d223f7449a82
Throw an error for incorrect attachment IDs when requesting a media object to ensure return signature is correct and doesn't include incorrectly typed values within the object.
Props zieladam, peterwilsoncc, whyisjake.
Merges [49376] to trunk.
See #49905.
git-svn-id: https://develop.svn.wordpress.org/trunk@49385 602fd350-edb4-49c9-b593-d223f7449a82
The REST API and XML-RPC now uses the same detection methodology for empty comment content as `wp_handle_comment_submission()`. Specifically, comments now have their content trimmed and '0' is allowed.
Props jaswrks, rmccue, dd32, rachelbaker, Cawa-93, aduth, TimothyBlynJacobs.
Fixes#43177.
git-svn-id: https://develop.svn.wordpress.org/trunk@49303 602fd350-edb4-49c9-b593-d223f7449a82
Fix the first step of validating an anonymous commenters in which the length is checked prior to running regular expressions.
Follow up to [47808].
Fixes#51595.
git-svn-id: https://develop.svn.wordpress.org/trunk@49271 602fd350-edb4-49c9-b593-d223f7449a82
Remove redundant checks for `wp_update_comment()` results being `false`, as the function always returns a `WP_Error` object now if `$wp_error` is true.
Follow-up to [48154], [48215], [48216].
See #39732.
git-svn-id: https://develop.svn.wordpress.org/trunk@48218 602fd350-edb4-49c9-b593-d223f7449a82
The `wp_update_comment_data` filter introduced in 4.7 allows comment data to be filtered before it is updated in the database.
The patch aims to handle `WP_Error` as the filter above return value in a similar manner as is done for `wp_new_comment()`.
Fixes#39732.
Props: enricosorcinelli, swissspidy, gkloveweb, jnylen0, jbpaul17, afercia, SergeyBiryukov, audrasjb, imath, davidbaumwald.
git-svn-id: https://develop.svn.wordpress.org/trunk@48154 602fd350-edb4-49c9-b593-d223f7449a82
This reduces the number of `WordPress.PHP.StrictComparisons.LooseComparison` issues in half, from 1897 to 890.
Includes minor code layout fixes for better readability.
See #49542.
git-svn-id: https://develop.svn.wordpress.org/trunk@47808 602fd350-edb4-49c9-b593-d223f7449a82
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.
Includes minor code layout fixes for better readability.
See #49542.
git-svn-id: https://develop.svn.wordpress.org/trunk@47550 602fd350-edb4-49c9-b593-d223f7449a82
When used as a noun referring to the "virtual" place, `Trash` should be capitalized.
Props garrett-eclipse, aandrewdixon, Presskopp.
Fixes#45317.
git-svn-id: https://develop.svn.wordpress.org/trunk@47233 602fd350-edb4-49c9-b593-d223f7449a82
Previously, `post_date` or `comment_date` was assumed to be GMT, which is only true if the timezone string for the site matches GMT.
Add unit tests.
Props Rarst, smerriman, justdaiv, wonderboymusic, noyle.
Fixes#30429.
git-svn-id: https://develop.svn.wordpress.org/trunk@46864 602fd350-edb4-49c9-b593-d223f7449a82
Correct the documentation to clarify that array is the only acceptable type for `$args`.
Props bitcomplex, dkarfa.
Fixes#48046.
git-svn-id: https://develop.svn.wordpress.org/trunk@46148 602fd350-edb4-49c9-b593-d223f7449a82
The callback in these functions is always checked against a limited list of valid callbacks that can be safely changed to dynamic function calls.
Props jrf.
See #47678.
git-svn-id: https://develop.svn.wordpress.org/trunk@46144 602fd350-edb4-49c9-b593-d223f7449a82
