* `_deprecated_function()`
* `_deprecated_argument()`
* `_deprecated_constructor()`
* `_deprecated_file()`
The error level passed is `E_USER_DEPRECATED` for the deprecated function group and `E_USER_NOTICE` for `_doing_it_wrong()`.
Props jrf.
Fixes#36561.
git-svn-id: https://develop.svn.wordpress.org/trunk@46625 602fd350-edb4-49c9-b593-d223f7449a82
* `_deprecated_function()`
* `_deprecated_argument()`
* `_deprecated_constructor()`
* `_deprecated_file()`
Plugins and themes should be allowed to use these functions to throw appropriate error notices.
This brings them in line with newer `do_action_deprecated()` and `apply_filters_deprecated()` functions, which are not marked as private.
Props jrf.
Fixes#48251.
git-svn-id: https://develop.svn.wordpress.org/trunk@46602 602fd350-edb4-49c9-b593-d223f7449a82
This change introduces a new Composer script, `compat` that will scan the codebase for (detectable) potential PHP compatibility issues using the `PHP_CodeSniffer` and a custom ruleset based off of the `PHPCompayibilityWP` ruleset (`phpcompat.xml.dist`).
The command will be run as a separate job within each Travis build. While many compatibility issues and false positives have already been corrected in this commit and other Trac tickets, there are still some remaining. For that reason, the job is allowed to fail while the remainder of the potential compatibility issues are investigated and addressed. After those are resolved, the job should be set as required to pass to help prevent new compatibility issues from being introduced.
Props desrosj, jrf, all PHPCompatibilityWP and PHPCompatibility contributors.
Fixes#46152.
git-svn-id: https://develop.svn.wordpress.org/trunk@46290 602fd350-edb4-49c9-b593-d223f7449a82
The PHP native JSON extension has been bundled and compiled with PHP by default since version 5.2.0. Because the minimum version of PHP required by WordPress is now 5.6.20 (see #46594 and [45058]), JSON extension related polyfills and backwards compatibility code can now be removed.
This change removes code that supported JSON related functionality on older versions of PHP. This includes (but is not limited to) checks that `json_last_error()` exists, checking and setting the `JSON_UNESCAPED_SLASHES` and `JSON_PRETTY_PRINT` constants if not previously defined, and deprecating the `_wp_json_prepare_data()` function (which was 100% workaround code).
Follow up of [46205].
See #47699.
Props jrf, Clorith, pento.
git-svn-id: https://develop.svn.wordpress.org/trunk@46206 602fd350-edb4-49c9-b593-d223f7449a82
* Use strict checking when appropriate in `in_array()` checks.
* Improved comment formatting.
* Yoda and strict equality checks where appropriate.
See #36824.
git-svn-id: https://develop.svn.wordpress.org/trunk@46176 602fd350-edb4-49c9-b593-d223f7449a82
Removing the direct SQL query in `do_all_pings()` improves filterability.
As part of this change, the signature of `do_enclose()` is changed so that
a null `$content` parameter can be passed, with the `$content` then inferred
from the `$post` passed in the second parameter. In addition, the second
parameter was modified so that a post ID or a `WP_Post` object can be
provided. These changes make it possible to trigger enclosure checks with
a post ID alone (as in `do_all_pings()`) and also brings the function
signature in line with `do_trackbacks()` and `pingback()`.
Props dshanske, spacedmonkey, janw.oostendorp, mrmadhat, birgire.
See #36824.
git-svn-id: https://develop.svn.wordpress.org/trunk@46175 602fd350-edb4-49c9-b593-d223f7449a82
This commit expands the list of allowed protocols. It adds the `sms://` which can be used to open meessaging clients for mobile users.
Props rilwis, kraftbj
Fixes#39415
git-svn-id: https://develop.svn.wordpress.org/trunk@46172 602fd350-edb4-49c9-b593-d223f7449a82
Rather than relying `func_get_args()` to retrieve arbitrary function arguments, we can now use the spread operator to assign them directly to a variable.
Props jrf.
See #47678.
git-svn-id: https://develop.svn.wordpress.org/trunk@46126 602fd350-edb4-49c9-b593-d223f7449a82
Introduces the `wp_image_resize_identical_dimensions` filter so plugins and themes can determine whether a new image with identical dimensions should be created, defaults to false.
Props wpdennis, HKandulla, galbaras, azaozz.
See #32437.
git-svn-id: https://develop.svn.wordpress.org/trunk@46077 602fd350-edb4-49c9-b593-d223f7449a82
This changes the "discourage search engines" option to output a `noindex, nofollow` robots meta tag. `Disallow: /` is removed from the `robots.txt` to allow search engines to discover they are requested not to index the site.
Disallowing search engines from accessing a site in the `robots.txt` file can result in search engines listing a site with a fragment (a listing without content).
Props donmhico, jonoaldersonwp.
Fixes#43590.
git-svn-id: https://develop.svn.wordpress.org/trunk@45928 602fd350-edb4-49c9-b593-d223f7449a82
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.
Includes minor code layout fixes.
Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!
Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes#44360.
git-svn-id: https://develop.svn.wordpress.org/trunk@45926 602fd350-edb4-49c9-b593-d223f7449a82
To better support HTML and string calls to `wp_die()` without
outputting invalid HTML, wraps error messages in `<div>` rather than `<p>`.
Adds `.wp-die-message` CSS class for styling.
Props dinhtungdu, jeremyfelt, audrasjb, SergeyBiryukov, afercia, audrasjb, noisysocks.
Fixes#47580.
git-svn-id: https://develop.svn.wordpress.org/trunk@45909 602fd350-edb4-49c9-b593-d223f7449a82
Convert `date_i18n()` into a wrapper for `wp_date()`.
`wp_date()` is intended as a replacement for `date_i18n()` without legacy quirks in it. It accepts a true Unix timestamp (not summed with timezone offset) and an arbitrary timezone.
Props Rarst, mboynes, MikeHansenMe, rmccue, nacin.
Fixes#28636.
git-svn-id: https://develop.svn.wordpress.org/trunk@45901 602fd350-edb4-49c9-b593-d223f7449a82
Returning a `DateTimeImmutable` representation of the current moment in time, this allows for a more flexible and reliable use than `current_time()` provides.
Props Rarst.
Fixes#47464.
git-svn-id: https://develop.svn.wordpress.org/trunk@45883 602fd350-edb4-49c9-b593-d223f7449a82
Only use the legacy WP timestamp approach (a sum of timestamp and timezone offset) for `timestamp` and `U` formats without the `$gmt` flag.
Otherwise, make sure the function returns correct local time for any format.
Props Rarst, jdgrimes.
Fixes#40653.
git-svn-id: https://develop.svn.wordpress.org/trunk@45856 602fd350-edb4-49c9-b593-d223f7449a82
* `wp_timezone_string()` retrieves the timezone from current settings as a string. Uses the `timezone_string` option to get a proper timezone if available, otherwise falls back to an offset.
* `wp_timezone()` retrieves the timezone from current settings as a `DateTimeZone` object. Timezone can be based on a PHP timezone string or a `±HH:MM` offset.
Props Rarst, remcotolsma, johnjamesjacoby, rmccue.
Fixes#24730.
git-svn-id: https://develop.svn.wordpress.org/trunk@45853 602fd350-edb4-49c9-b593-d223f7449a82
Noteable changes:
- The `magic_quotes_runtime` and `magic_quotes_sybase` settings were removed in PHP 5.4, so no longer need to be set.
- Some functions that use external libraries can generate errors that can't be tested for, so are globally allowed to silence errors.
- Quite a few functions would cause errors if `safe_mode` was set. This setting was removed in PHP 5.4.
- Only a handful of `header()` calls needed corresponding `headers_sent()` checks for unit tests to pass, but more may need to be added as the nightlies builds are tested.
See #46732.
git-svn-id: https://develop.svn.wordpress.org/trunk@45611 602fd350-edb4-49c9-b593-d223f7449a82
Use of `date()` in core depends on PHP timezone set to UTC and not changed by third party code (which cannot be guaranteed).
`gmdate()` is functionally equivalent, but is not affected by PHP timezone setting: it's always UTC, which is the exact behavior the core needs.
Props nielsdeblaauw, Rarst.
Fixes#46438. See #44491.
git-svn-id: https://develop.svn.wordpress.org/trunk@45424 602fd350-edb4-49c9-b593-d223f7449a82
- Change `recurse_dirsize()` to accept an array of excluded paths.
- Change so we don't calculate the sizes of dirs in wp-content twice.
- Add the size in bytes to the "debug" into.
- Add a custom DOM event after the dir sizes request is done. Can be used by plugins to "daisy chain" more requests.
- Move "WordPress directory location" and "WordPress directory size" to the top in the "Directories and Sizes" section.
- Move "Theme directory location" to the "Active Theme" section.
- Fix labels capitalization.
Props xkon, afercia, Clorith, azaozz.
Fixes#46707.
git-svn-id: https://develop.svn.wordpress.org/trunk@45220 602fd350-edb4-49c9-b593-d223f7449a82
This fixes a bug introduced in [43392] which breaks file deletion on systems using stream wrappers, due to limitations of `realpath()`.
Props antonypuckey, pfiled.
Fixes#44563.
git-svn-id: https://develop.svn.wordpress.org/trunk@45177 602fd350-edb4-49c9-b593-d223f7449a82
This change brings more coherence between the subject lines of the various emails WordPress will send.
Props ramiy, pento.
Fixes#37940.
git-svn-id: https://develop.svn.wordpress.org/trunk@45137 602fd350-edb4-49c9-b593-d223f7449a82
- Prevent fatal errors from timeouts on the Tools => Site Health => Info tab.
- Use the `get_dirsize()` and `recurse_dirsize()` functions to calculate directory sizes. The results are cached.
- Introduce "timeout protection" in `recurse_dirsize()`.
Props pento, Clorith, xkon, afercia, jeremyfelt, azaozz.
Fixes#46645.
git-svn-id: https://develop.svn.wordpress.org/trunk@45104 602fd350-edb4-49c9-b593-d223f7449a82
In addition to AJAX, XML-RPC, JSON, and JSONP requests, `wp_die()` now handles XML requests correctly, returning information in the expected content type.
Props spacedmonkey, birgire.
Fixes#46026. See #44458.
git-svn-id: https://develop.svn.wordpress.org/trunk@45016 602fd350-edb4-49c9-b593-d223f7449a82
In addition to AJAX, XML-RPC, and JSON requests, `wp_die()` now handles JSONP requests correctly, returning information in the expected content type.
Props spacedmonkey, TimothyBlynJacobs.
Fixes#46025. See #44458.
git-svn-id: https://develop.svn.wordpress.org/trunk@45015 602fd350-edb4-49c9-b593-d223f7449a82
Introduce `validate_plugin_requirements()` for validating a plugin's WordPress and PHP version requirements.
Introduce `wp_is_wp_compatible()` and `wp_is_php_compatible()` for checking compatibility with the current WordPress or PHP version.
Props afragen, joyously, DrewAPicture, TimothyBlynJacobs, desrosj, flixos90, SergeyBiryukov.
See #43992.
git-svn-id: https://develop.svn.wordpress.org/trunk@44978 602fd350-edb4-49c9-b593-d223f7449a82
This change introduces the `wp_get_update_php_annotation()` function, which returns the message displayed when a host filters the direct PHP update or PHP update education URLs to indicate the information is site specific and provided by the host, not WordPress core.
It also updates `wp_update_php_annotation()` to accept a `$before` and `$after` parameter, which makes this notice more flexible for displaying in multiple locations within the admin area. Previously, the markup output in `wp_update_php_annotation()` was hardcoded, which was making it difficult to display it properly in multiple locations.
Props afragen, aaroncampbell, flixos90, TimothyBlynJacobs, desrosj.
Fixes#46044.
git-svn-id: https://develop.svn.wordpress.org/trunk@44935 602fd350-edb4-49c9-b593-d223f7449a82
Checking for the presence of the directory and returning early prevents PHP warnings when attempting to list files in a non-existent directory.
Props arena, garrett-eclipse.
Fixes#45136.
git-svn-id: https://develop.svn.wordpress.org/trunk@44910 602fd350-edb4-49c9-b593-d223f7449a82
A direct URL to where a user can update PHP for their website can now be specified in one of two ways:
- Defining the `WP_DIRECT_UPDATE_PHP_URL` environment variable.
- Returning a URL to the `wp_direct_php_update_url` filter.
When a URL is specified, an additional “Update PHP” button will be displayed at the bottom of the Core dashboard widget informing administrators that their site is running an outdated version of PHP (see [42832]).
Fixes#46074.
Props afragen, desrosj, lukecarbis.
git-svn-id: https://develop.svn.wordpress.org/trunk@44814 602fd350-edb4-49c9-b593-d223f7449a82
Also, fixes some indentation where spaces were used instead of tabs.
Props nielslange, mukesh27.
Fixes#45937.
git-svn-id: https://develop.svn.wordpress.org/trunk@44791 602fd350-edb4-49c9-b593-d223f7449a82
This was introduced in [44466]. Also, this changeset adds tests for `_wp_die_process_input()` so that this never happens again.
Props dd32.
See #45933.
git-svn-id: https://develop.svn.wordpress.org/trunk@44690 602fd350-edb4-49c9-b593-d223f7449a82
This allows more accurate filtering of the filename and extension given to uploaded files.
Props desrosj, Tkama.
Fixes#45707.
git-svn-id: https://develop.svn.wordpress.org/trunk@44677 602fd350-edb4-49c9-b593-d223f7449a82
This changeset adds support for a new `wp_die()` argument `exit`, which defaults to true and determines whether `wp_die()` should actually terminate the request. The new fatal error handler then calls `wp_die()` with that argument set to false, as calling `die()` or `exit` from a PHP shutdown function prevents other shutdown functions from being called.
Props schlessera, johnbillion.
Fixes#46038. See #44458.
git-svn-id: https://develop.svn.wordpress.org/trunk@44671 602fd350-edb4-49c9-b593-d223f7449a82
Prior to this change, each `wp_die()` handler had their own logic for how to parse arguments, causing inconsistencies and even breakage because the arguments possible to pass to `wp_die()` depended on the request context. Passing a `WP_Error` as `$message` for example used to be only support by the default handler, but not the AJAX and XML-RPC handlers.
With the fatal error protection, plus the new `wp_die()` handlers related to that, improving this support and compatibility has become more significant. Therefore this changeset introduces a private `_wp_die_process_input()` function that handles all function parameters consistently.
Props spacedmonkey, flixos90, schlessera.
Fixes#45933. See #44458.
git-svn-id: https://develop.svn.wordpress.org/trunk@44666 602fd350-edb4-49c9-b593-d223f7449a82
This changeset uses the API functions introduced in [44476] to link to the resource about updating PHP when highlighting a plugin's required PHP version is not met. It furthermore expands them, introducing a new `wp_update_php_annotation()` function that prints the markup to indicate that the default URL has been altered by the web host, allowing it to be reused universally.
Furthermore, this changeset adds missing `update_php` capability checks before displaying the information about updating PHP.
Props afragen.
Fixes#45986. See #43986, #45686.
git-svn-id: https://develop.svn.wordpress.org/trunk@44627 602fd350-edb4-49c9-b593-d223f7449a82
In addition to AJAX and XML-RPC requests, `wp_die()` now handles JSON requests correctly, returning information in the expected content type.
Props spacedmonkey.
See #45933, #44458.
git-svn-id: https://develop.svn.wordpress.org/trunk@44625 602fd350-edb4-49c9-b593-d223f7449a82
This changeset removes the hack that was used before to display more complex HTML markup than a simple message in the default PHP error template via `wp_die()`. By removing HTML markup from the arguments passed to `wp_die()` it furthermore paves the way for supporting other content types than the default.
The message and arguments can be modified with new `wp_php_error_message` and `wp_php_error_args` filters respectively.
Furthermore this changeset fixes a few issues of functions not existing which could potentially have caused fatal errors when executed early in the WordPress bootstrap process.
Props flixos90, spacedmonkey.
See #45933, #44458.
git-svn-id: https://develop.svn.wordpress.org/trunk@44624 602fd350-edb4-49c9-b593-d223f7449a82
WordPress has historically often used code like `preg_split( '/[\s,]+/', $var )` to parse a string of comma-separated values into an array. However, this approach was causing an empty string to not be parsed into an empty array as expected, but rather into an array with the empty string as its sole element.
This was among other areas causing problems in the REST API where passing an empty request parameter could cause that request to fail because, instead of it being ignored, that parameter would be compared against the valid values for it, which typically do not include an empty string.
Props david.binda, sstoqnov.
Fixes#43977.
git-svn-id: https://develop.svn.wordpress.org/trunk@44546 602fd350-edb4-49c9-b593-d223f7449a82
Instead of turning the return value of `stream_get_wrappers()` into a regex to match the scheme, we can instead extract the scheme and search the return value of `stream_get_wrappers()`.
Props schlessera, swissspidy.
Fixes#45553.
git-svn-id: https://develop.svn.wordpress.org/trunk@44506 602fd350-edb4-49c9-b593-d223f7449a82
After [42832], [42891] and [43006], this changeset refines the core notice informing about an outdated PHP version:
* The link to the Update PHP information page can now be adjusted using either a `WP_UPDATE_PHP_URL` environment variable, or a new `wp_update_php_url` filter.
* If that URL is different from the default one that points to https://wordpress.org/support/update-php/ or its localized equivalent, a note indicates that the linked resource has not been provided by WordPress itself, and the default URL is still linked to as an additional resource.
* The URL for the default information page has been updated to use the slug `update-php` instead of `upgrade-php`.
* `@since` annotations have been updated.
Going forward, admin areas that display information related to the PHP version should use the new function `wp_get_update_php_url()`.
Props afragen, fierevere, flixos90, markjaquith, miss_jwo, nerrad, pento, schlessera, SergeyBiryukov, spacedmonkey.
Fixes#45686. See #41191.
git-svn-id: https://develop.svn.wordpress.org/trunk@44476 602fd350-edb4-49c9-b593-d223f7449a82
This adds some special case handling in 'wp_check_filetype_and_ext()' that prevents some common file types from being blocked based on mismatched MIME checks, which were made more strict in WordPress 5.0.1.
Props Kloon, birgire, tellyworth, joemcgill.
See #45615.
git-svn-id: https://develop.svn.wordpress.org/trunk@44438 602fd350-edb4-49c9-b593-d223f7449a82
A static variable contains an integer that is incremented with each call. This number is returned with the optional prefix.
As such the returned value is not universally unique, but it is unique across the life of the PHP process.
Props westonruter, dlh.
See #44883.
git-svn-id: https://develop.svn.wordpress.org/trunk@43658 602fd350-edb4-49c9-b593-d223f7449a82
* Add a `human_readable_duration` function including tests.
* Add 'pixels' after image width/height.
* Add screen reader text for durations.
Props Presskopp, kiranpotphode, milindmore22, stormrockwell, afercia.
Fixes#39667.
git-svn-id: https://develop.svn.wordpress.org/trunk@43633 602fd350-edb4-49c9-b593-d223f7449a82
Previously, UTC context was implied, but could be unreliable due to being affected by plugins.
Props Rarst, rahulsprajapati, marco.marsala.
Fixes#37440.
git-svn-id: https://develop.svn.wordpress.org/trunk@43594 602fd350-edb4-49c9-b593-d223f7449a82
`$function`, `$message`, and `$version` have historically been passed to the `doing_it_wrong_run` action. It makes sense to pass those to the filter as well, so that one can conditionally determine the filter value to return.
Fixes#34183.
git-svn-id: https://develop.svn.wordpress.org/trunk@43587 602fd350-edb4-49c9-b593-d223f7449a82
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.
This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script.
- Auto-fixable coding standards issues will now cause Travis failures.
Fixes#44600.
git-svn-id: https://develop.svn.wordpress.org/trunk@43571 602fd350-edb4-49c9-b593-d223f7449a82
Some versions of PHP appear to have a memory leak that is occasionally triggered by calling `stream_get_wrappers()`. In order to avoid calling this, we can return early from `wp_is_stream()` when `$path` doesn't contain `://`.
Props pbiron, JPry, dontstealmyfish.
Fixes#44532.
git-svn-id: https://develop.svn.wordpress.org/trunk@43466 602fd350-edb4-49c9-b593-d223f7449a82
The docs for `date_i18n()` and its filter now correctly state that the `$gmt` parameter is only taken into account if no timestamp is provided. Furthermore, a bug with that parameter is fixed, as it is now ensured that the timezone used with it is `UTC`.
Props Rarst.
Fixes#38771.
git-svn-id: https://develop.svn.wordpress.org/trunk@43389 602fd350-edb4-49c9-b593-d223f7449a82
Prior to this change, `date_i18n()` only supported the `timezone_string` option, causing incorrect timezones to appear in formatted dates on sites that still rely on the `gmt_offset` option.
Props Rarst.
Fixes#34835.
git-svn-id: https://develop.svn.wordpress.org/trunk@43387 602fd350-edb4-49c9-b593-d223f7449a82
Erasing timezone with a regular expression is redundant, the date could be just formatted in the respective format instead.
Props Rarst.
Fixes#42542.
git-svn-id: https://develop.svn.wordpress.org/trunk@43384 602fd350-edb4-49c9-b593-d223f7449a82
Despite historical function name, the output does not conform to RFC3339 format, which must contain timezone.
Props Rarst.
See #42542.
git-svn-id: https://develop.svn.wordpress.org/trunk@43383 602fd350-edb4-49c9-b593-d223f7449a82
Despite previously being labeled as a Unix timestamp, in reality it's a sum of Unix timestamp and timezone offset in seconds.
Props Rarst.
See #38771.
git-svn-id: https://develop.svn.wordpress.org/trunk@43380 602fd350-edb4-49c9-b593-d223f7449a82
Previously, personal data exports were stored in `wp-content/uploads/exports`, which is generic enough that it's likely there are existing folders with that name, either created by plugins or manually by administrators. If that folder were reused by Core, then `wp_privacy_delete_old_export_files()` would delete all of the existing files inside it, which is almost certainly not what the site owner wants or expects.
To avoid that, the folder is being renamed to include a specific reference to Core, and a more verbose description of its purpose. With those factored in, it's very unlikely that there will be any conflicts with existing folders.
The `wp_privacy_exports_dir()` and `wp_privacy_exports_url()` functions were introduced to provide a canonical source for the location, and the `wp_privacy_exports_dir` and `wp_privacy_exports_url` filters were introduced to allow plugins to customize it.
Props johnjamesjacoby, allendav.
Fixes#44091.
git-svn-id: https://develop.svn.wordpress.org/trunk@43284 602fd350-edb4-49c9-b593-d223f7449a82
Previously, when a plugin updated its suggested privacy policy text, an admin notice was shown on all screens in the Administration Panels. That was done in order to make sure that administrators were aware of it, so that they could update their policy if needed. That was a very heavy-handed and intrusive approach, though, which leads to a poor user experience, and notice fatigue.
An alternative approach is to use bubble notifications in the menu, similar to when plugins have updates that need to be installed. That still makes it obvious that something needs the administrator's attention, but is not as distracting as a notice.
The notice will still appear on the Privacy page, though, since it is relevant to that screen, and provides an explanation of why the bubble is appearing.
Props azaozz, xkon, iandunn.
Fixes#43954. See #43953.
git-svn-id: https://develop.svn.wordpress.org/trunk@43223 602fd350-edb4-49c9-b593-d223f7449a82
r43046 introduced `wp_schedule_delete_old_privacy_export_files()` to schedule the `wp_privacy_delete_old_export_files` cron job, but it did not check to make sure it wasn't running in the context of the install process. When it did run in that context, it created a database error, because the necessary database tables don't exist at that point.
Checking the current context and returning early during the installation phase avoids that issue.
Props helen, timothyblynjacobs, iandunn.
Fixes#43952.
git-svn-id: https://develop.svn.wordpress.org/trunk@43162 602fd350-edb4-49c9-b593-d223f7449a82
`list_files()` is defined in `wp-admin/includes/file.php`, which is not included by `wp-cron.php`, so it needs to be included by the caller in order to avoid a fatal PHP error.
This bug was not detected during testing because the file _is_ included when executing jobs via `wp cron event run`.
Props mikejolley, iandunn.
See #43546.
See https://wordpress.slack.com/archives/C9695RJBW/p1525190405000860.
git-svn-id: https://develop.svn.wordpress.org/trunk@43059 602fd350-edb4-49c9-b593-d223f7449a82
The primary means of protecting the files is the CSPRN appended to the filename, but there is no reason to keep the files after the data subject has downloaded them, so deleting them provides an additional layer of protection. Previously this was done from `wp_privacy_generate_personal_data_export_file()`, but that does not guarantee that it will be run regularly, and on smaller sites that could result in export files being exposed for much longer than necessary.
`wp_privacy_delete_old_export_files()` was moved to a front end file, so that it can be called from `cron.php`.
This introduces the `wp_privacy_export_expiration` filter, which allows plugins to customize how long the exports are kept before being deleted.
`index.html` was added to the `$exclusions` parameter of `list_files()` to make sure that it isn't deleted. If it were, then poorly-configured servers would allow the directory to be traversed, exposing all of the exported files.
Props iandunn, desrosj.
See #43546.
git-svn-id: https://develop.svn.wordpress.org/trunk@43046 602fd350-edb4-49c9-b593-d223f7449a82
A new global multisite table `wp_blogmeta` is added to the database schema, and a set of `*_site_meta()` API functions are introduced.
The implementation fails gracefully when the new table is not yet available, which may happen especially shortly after the core update, before the network has been upgraded to the new database schema. The presence of the table is detected once and stored as a global setting on the main network.
Core does not yet use site metadata, but there are several use-cases to be implemented or explored in the near future, and it allows plugins to extend sites with arbitrary data, which will come in particularly handy with the upcoming REST API endpoint for sites.
Props spacedmonkey, johnjamesjacoby, jeremyfelt, flixos90.
Fixes#37923.
git-svn-id: https://develop.svn.wordpress.org/trunk@42836 602fd350-edb4-49c9-b593-d223f7449a82
While intended as a playful error message, `Cheatin’ uh?` can be interpreted as insulting or accusatory in an already stressful situation. This replaces Cheatin’ with more meaningful error messages, depending on the error that occurs.
Props ElectricFeet, EricMeyer, karmatosed, dd32, BandonRandon, melchoyce for language; dmsnell for original patch; peterwilsoncc.
Fixes#38332.
git-svn-id: https://develop.svn.wordpress.org/trunk@42648 602fd350-edb4-49c9-b593-d223f7449a82
WordPress' code just... wasn't.
This is now dealt with.
Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes#41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42343 602fd350-edb4-49c9-b593-d223f7449a82
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.
See #41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42228 602fd350-edb4-49c9-b593-d223f7449a82
This pattern occurs a handful of times across the codebase:
`<div class="foo<?php if ( $bar ) { echo ' baz'; } ?>">`
Unfortunately, it doesn't really play nicely with `phpcbf`, so all instances need to be removed in preperation for auto code formatting.
See #41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42217 602fd350-edb4-49c9-b593-d223f7449a82
This now treats files containing `./` as valid, and also treats files containing a trailing `../` as valid due to widespread use of this pattern in theme and plugin zip files.
Adds tests.
Props Ipstenu, borgesbruno, DavidAnderson, philipjohn, birgire
Fixes#42016, #36170
git-svn-id: https://develop.svn.wordpress.org/trunk@42011 602fd350-edb4-49c9-b593-d223f7449a82
Fixes the issue with plugins not being able to use the `kses_allowed_protocols` filter if `esc_url()` was called too early.
Props turtlepod, SergeyBiryukov.
Fixes#36033.
git-svn-id: https://develop.svn.wordpress.org/trunk@41990 602fd350-edb4-49c9-b593-d223f7449a82
When the `WP_Network::$blog_id` property is set manually, for example in the multisite bootstrap process, `get_main_site_id()` should use that value instead of running its own logic. The main logic for the function was therefore moved into the internal `WP_Network::get_main_site_id()` method, which is now being accessed by the function through the magic property handling for `WP_Network::$blog_id` (and its equivalent `WP_Network::$site_id`).
Props spacedmonkey, jeremyfelt.
Fixes#41936.
git-svn-id: https://develop.svn.wordpress.org/trunk@41861 602fd350-edb4-49c9-b593-d223f7449a82
This allows users who are using the admin area in a language other than the site language to read the notice on the login screen
(which explains that they need to log in again) in their chosen language.
Props Nikschavan, swissspidy
Fixes#40205
git-svn-id: https://develop.svn.wordpress.org/trunk@41692 602fd350-edb4-49c9-b593-d223f7449a82
To bring Core into line with the changes to `$wpdb->prepare()` in WordPress 4.8.2, query placeholders shouldn't be quoted.
Props jrf, johnjamesjacoby.
Fixes#41983.
git-svn-id: https://develop.svn.wordpress.org/trunk@41628 602fd350-edb4-49c9-b593-d223f7449a82
Calling the `count_users()` function is expensive, regardless of the counting strategy that's used, and it gets
slower the more users there are on a site. In order to speed up the Users screen in the admin area, calling
`count_users()` can be avoided entirely while still displaying the total count for users.
This introduces some new functions:
* `wp_is_large_user_count()`
* `wp_get_active_user_count()`
* `wp_update_active_user_count()`
A corresponding `wp_is_large_user_count` filter is also introduced.
Props tharsheblows, johnbillion
Fixes#38741
git-svn-id: https://develop.svn.wordpress.org/trunk@41613 602fd350-edb4-49c9-b593-d223f7449a82
This function can be used to easily get the main site ID of a given network via the optional `$network_id` parameter, which defaults to the current network. The existing `is_main_site()` now uses the new function internally and now accepts an optional `$network_id` parameter as well.
The main purpose of the new function at this point is to ensure that the `WP_Network::$blog_id` property is always set. Magic getters in the class have been adjusted to auto-fill the property when it is accessed and empty. Furthermore the function encapsulates logic that was previously part of `ms_load_current_site_and_network()` and has been replaced with a call to the function now.
Props spacedmonkey, jeremyfelt, johnjamesjacoby, flixos90.
Fixes#29684.
git-svn-id: https://develop.svn.wordpress.org/trunk@41380 602fd350-edb4-49c9-b593-d223f7449a82
The inline styles added to the `wp_die()` handler since [18534] increase file size of the error screen enough to prevent Internet Explorer from displaying a generic error page.
Props rfair404.
Fixes#37551.
git-svn-id: https://develop.svn.wordpress.org/trunk@41369 602fd350-edb4-49c9-b593-d223f7449a82
"Install" is not a noun, and while it might be acceptable to use the verb as a noun, it is not correct. Using the correct
noun, "installation", increases clarity, especially for non-native English speakers.
This change fixes the usage in user-facing text and in developer documentation.
Fixes#41620
git-svn-id: https://develop.svn.wordpress.org/trunk@41289 602fd350-edb4-49c9-b593-d223f7449a82
This reduces the chances of a site compromise going unnoticed, in the same way that the same notifications for user account email address changes reduces the chances of a user account compromise going unnoticed.
Props MatheusGimenez, johnbillion
Fixes#39117
git-svn-id: https://develop.svn.wordpress.org/trunk@41164 602fd350-edb4-49c9-b593-d223f7449a82
This prevents non-image fileypes from returning a mime type of
"application/octet-stream" when `exif_imagetype()` returns `false`.
Props blobfolio.
Fixes#40017.
git-svn-id: https://develop.svn.wordpress.org/trunk@40397 602fd350-edb4-49c9-b593-d223f7449a82
[39831] introduced more strict MIME type checking for uploads, which
resulted in unintetionally blocking several filetypes that were
previously valid. This change uses a more targeted approach to MIME
validation to restore previous behavior for most types.
Props blobfolio, iandunn, ipstenu, markoheijnen, xknown, joemcgill.
Fixes#39550, #39552.
git-svn-id: https://develop.svn.wordpress.org/trunk@40124 602fd350-edb4-49c9-b593-d223f7449a82
This prevents the "non-numeric value encountered" warning in PHP 7.1, caused by trying to increment an empty string on the first loop iteration.
Props drrobotnik for initial patch.
Fixes#39774.
git-svn-id: https://develop.svn.wordpress.org/trunk@40039 602fd350-edb4-49c9-b593-d223f7449a82
Partial revert of [38929].
This reverts the source code from the commit for #30210 to prevent valid but empty feeds from returning 404 file not found errors for the home and custom feeds.
The tests in the commit that remain applicable are retained.
Props pavelevap for reporting, stevenkword for initial patch.
See #30210.
Fixes#39157.
git-svn-id: https://develop.svn.wordpress.org/trunk@40030 602fd350-edb4-49c9-b593-d223f7449a82
This adds a new function `wp_get_image_mime()` which is used by
`wp_check_filetype_and_ext()` to validate image files using
`exif_imagetype()` if available instead of `getimagesize()`.
`getimagesize()` is less performant than `exif_imagetype()` and is
dependent on GD. If `exif_imagetype()` is not available, it falls back to
`getimagesize()` as before.
If `wp_check_filetype_and_ext()` can't validate the filetype, we now return
`false` for ext/MIME values.
See #11946.
git-svn-id: https://develop.svn.wordpress.org/trunk@39831 602fd350-edb4-49c9-b593-d223f7449a82
Adds context to one string used in two different contexts for the new user and new site signup email notification.
More to come.
See #38882
git-svn-id: https://develop.svn.wordpress.org/trunk@39323 602fd350-edb4-49c9-b593-d223f7449a82
Adds a `$locale` parameter to `wp_timezone_choice()` to only reload translations when necessary.
Props yale01.
See #38485.
git-svn-id: https://develop.svn.wordpress.org/trunk@39068 602fd350-edb4-49c9-b593-d223f7449a82
A theme can opt-in for tailored starter content to apply to the customizer when previewing the theme on a fresh install, when `fresh_site` is at its initial `1` value. Starter content is staged in the customizer and does not go live unless the changes are published. Initial starter content is added to Twenty Seventeen.
* The `fresh_site` flag is cleared when a published post or page is saved, when widgets are modified, or when the customizer state is saved.
* Starter content is registered via `starter-content` theme support, where the argument is an array containing `widgets`, `posts`, `nav_menus`, `options`, and `theme_mods`. Posts/pages in starter content are created with the `auto-draft` status, re-using the page/post stubs feature added to nav menus and the static front page controls.
* A `get_theme_starter_content` filter allows for plugins to extend a theme's starter content.
* Starter content in themes can/should re-use existing starter content items in core by using named placeholders.
* Import theme starter content into customized state when fresh site.
* Prevent original_title differences from causing refreshes if title is present.
* Ensure nav menu item url is set according to object when previewing.
* Make sure initial saved state is false if there are dirty settings without an existing changeset.
* Ensure dirty settings are cleaned upon changeset publishing.
Props helen, westonruter, ocean90.
Fixes#38114, #38533.
git-svn-id: https://develop.svn.wordpress.org/trunk@38991 602fd350-edb4-49c9-b593-d223f7449a82
In addition to `wp_list_filter()` for filtering a list of objects, and `wp_list_pluck()` for plucking a certain field out of each object in a list, this new function can be used for sorting a list of objects by specific fields. These functions are now all contained within the new `WP_List_Util()` class and `wp_list_sort()` is used in various parts of core for sorting lists.
This was previously committed in [38859] but got reverted in [38862] and [38863]. To fix the previous issues, `wp_list_sort()` supports now an additional argument to preserve array keys via `uasort()`.
Props flixos90, DrewAPicture, jorbin.
Fixes#37128.
git-svn-id: https://develop.svn.wordpress.org/trunk@38928 602fd350-edb4-49c9-b593-d223f7449a82
In addition to `wp_list_filter()` for filtering a list of objects, and `wp_list_pluck()` for plucking a certain field out of each object in a list, this new function can be used for sorting a list of objects by specific fields. These functions are now all contained within the new `WP_List_Util()` class and `wp_list_sort()` is used in various parts of core for sorting lists.
Props flixos90, DrewAPicture, jorbin.
Fixes#37128.
git-svn-id: https://develop.svn.wordpress.org/trunk@38859 602fd350-edb4-49c9-b593-d223f7449a82
One thing fairly common to the cache groups is a block of code to look to see when the cache was last changed, and if there isn't one, to set it for the current microtime(). It appears in 8 different places in core. This adds a new helper `wp_cache_get_last_changed` to DRY things up a bit.
Since `wp-includes/cache.php` isn't guaranteed to be loaded, this new function is in `wp-includes/functions.php`
Props spacedmonkey, desrosj.
Fixes#37464.
git-svn-id: https://develop.svn.wordpress.org/trunk@38849 602fd350-edb4-49c9-b593-d223f7449a82
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.
Love your REST API, WordPress! The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"
Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes#38373.
git-svn-id: https://develop.svn.wordpress.org/trunk@38832 602fd350-edb4-49c9-b593-d223f7449a82
`get_network()` falls back to the current network when called without any arguments. Between this and `get_current_network_id()`, we can replace almost all instances of the global `$current_site` and all instances of `get_current_site()`.
This effectively deprecates `get_current_site()`, something that we'll do in a future ticket.
Props flixos90.
Fixes#37414.
git-svn-id: https://develop.svn.wordpress.org/trunk@38814 602fd350-edb4-49c9-b593-d223f7449a82
Since there's no difference between using `date()` and `gmdate()` in WordPress, we can simply use the former in `date_i18n()` to reduce its complexity.
Adds tests.
Props jdgrimes for initial patch.
Fixes#37910.
git-svn-id: https://develop.svn.wordpress.org/trunk@38804 602fd350-edb4-49c9-b593-d223f7449a82
Restore `get_current_site()` to a multisite only function. Providing this in single site may be a possibility in the future, but should have a dedicated ticket and discussion.
See #37699.
git-svn-id: https://develop.svn.wordpress.org/trunk@38636 602fd350-edb4-49c9-b593-d223f7449a82
The manual query for the main network ID can now be replaced with a cached `get_networks()` query. This allows us to eliminate the `primary_network_id` cache key entirely.
Props spacedmonkey.
Fixes#37218.
git-svn-id: https://develop.svn.wordpress.org/trunk@38632 602fd350-edb4-49c9-b593-d223f7449a82
Additionally, update the `$message` parameter description in the DocBlock for `wp_die()` to make it explicitly clear messages derived from a passed `WP_Error` object will only be evaluated if not performing an Ajax or XML-RPC request (as both default handlers completely ignore `WP_Error` object messages).
See #37770.
git-svn-id: https://develop.svn.wordpress.org/trunk@38518 602fd350-edb4-49c9-b593-d223f7449a82
This new filter allows the smilies array to be modified with a filter, instead of having to directly access the global.
Props mte90, jorbin.
Fixes#35905.
git-svn-id: https://develop.svn.wordpress.org/trunk@38504 602fd350-edb4-49c9-b593-d223f7449a82
Defaults to `200` in all cases, but can be used, for example, to return a `403` when using `wp_send_json_error()`.
Fixes#35666
Props stephenharris
git-svn-id: https://develop.svn.wordpress.org/trunk@38422 602fd350-edb4-49c9-b593-d223f7449a82
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.
See #36335.
git-svn-id: https://develop.svn.wordpress.org/trunk@38411 602fd350-edb4-49c9-b593-d223f7449a82
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.
See #36335
git-svn-id: https://develop.svn.wordpress.org/trunk@38402 602fd350-edb4-49c9-b593-d223f7449a82
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.
The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php
We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php
When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.
The future is now.
See #36335.
git-svn-id: https://develop.svn.wordpress.org/trunk@38399 602fd350-edb4-49c9-b593-d223f7449a82
Registration is now based solely on object type, which allows the code around this to be simplified significantly.
In the process of making this adjustment:
* `register_meta()`, `unregister_meta_key()`, `get_registered_metadata()`, and `registered_meta_key_exists()` no longer return `WP_Error` objects.
* The recently introduced `wp_object_type_exists()` function and the restriction on object type has been removed.
Note: No guarantee of uniqueness is made across object subtypes. Registered meta keys should be uniquely prefixed to avoid conflict.
Fixes#35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@38095 602fd350-edb4-49c9-b593-d223f7449a82
Ajax, while considered an acronym for Asynchronous JavaScript and XML, is most commonly capitalized only in the first character.
Part props ocean90.
See #32246.
git-svn-id: https://develop.svn.wordpress.org/trunk@38028 602fd350-edb4-49c9-b593-d223f7449a82
* Don't lower memory limit if the current limit is greater than `WP_MAX_MEMORY_LIMIT`.
* Set `WP_MEMORY_LIMIT` and `WP_MAX_MEMORY_LIMIT` to current limit if the `memory_limit` setting can't be changed at runtime.
* Use `wp_convert_hr_to_bytes()` when parsing the value of the `memory_limit` setting because it can be a shorthand or an integer value.
* Introduce `wp_raise_memory_limit( $context )` to raise the PHP memory limit for memory intensive processes. This DRYs up some logic and includes the existing `admin_memory_limit` and `image_memory_limit` filters. The function can also be used for custom contexts, the `{$context}_memory_limit` filter allows to customize the limit.
* Introduce `wp_is_ini_value_changeable( $setting )` to determine whether a PHP ini value is changeable at runtime.
* Remove a `function_exists( 'memory_get_usage' )` check. Since PHP 5.2.1 support for memory limit is always enabled.
Related commits: [38011-38013]
Props jrf, A5hleyRich, swissspidy, ocean90.
Fixes#32075.
git-svn-id: https://develop.svn.wordpress.org/trunk@38015 602fd350-edb4-49c9-b593-d223f7449a82
In doing this, non-core object types are no longer forcibly blocked and are instead checked against `wp_object_type_exists()` which has a filterable return value. Still, filter that at your own risk.
props Faison for the initial patch.
see 35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@37991 602fd350-edb4-49c9-b593-d223f7449a82
`Pragma` is supposed to be a request header, but we've been including it in responses since the beginning of time.
This is a relic dating all the way back to b2, probably originally added because Internet Explorer version 5 and earlier didn't understand the `Cache-Control` header in responses, but they did (incorrectly) obey the `Pragma` header.
Internet Explorer 6 and 7 will obey the `Pragma` response header only if no other cache-related response headers are present (in our case, they are always present), and all other browsers ignore the `Pragma` response header.
Props geekysoft.
Fixes#37250.
git-svn-id: https://develop.svn.wordpress.org/trunk@37944 602fd350-edb4-49c9-b593-d223f7449a82
When a filter or action hook is deprecated, the corresponding `apply_filters()`
or `do_action()` calls should be switched out with `apply_filters_deprecated()`
or `do_action_deprecated()`. The latter functions will throw a deprecation
before invoking the original hook.
Props solarissmoke, SergeyBiryukov, DrewAPicture.
Fixes#10441.
git-svn-id: https://develop.svn.wordpress.org/trunk@37861 602fd350-edb4-49c9-b593-d223f7449a82
Moving to load.php introduces parity with other commonly evaluated `is_*()` functions such as `is_admin()` or `is_multisite()`. It also makes `is_ssl()` available much earlier in the loading process, such as for use in drop-ins like advanced-cache.php.
Props johnjamesjacoby.
Fixes#35844.
git-svn-id: https://develop.svn.wordpress.org/trunk@37677 602fd350-edb4-49c9-b593-d223f7449a82
Replaces unsecure links in documentation and translator comments with their secure versions.
Props johnpgreen, netweb
Fixes#36993
git-svn-id: https://develop.svn.wordpress.org/trunk@37674 602fd350-edb4-49c9-b593-d223f7449a82
Similar to `get_current_blog_id`, this can be used to get the ID of the `$current_site` global. If not available, it will fallback to the main network ID. In single site, this will return 1.
Props spacedmonkey, flixos90.
Fixes#33900.
git-svn-id: https://develop.svn.wordpress.org/trunk@37670 602fd350-edb4-49c9-b593-d223f7449a82
Adds the keyboard navigation query vars to `wp_removable_query_args()` and passes the results of said function to remove_query_var() inside the WP_List_Table pagination method.
Props EFAREM for the initial patch.
Fixes#35620.
git-svn-id: https://develop.svn.wordpress.org/trunk@37663 602fd350-edb4-49c9-b593-d223f7449a82
Move the REST API JSONP callback validation check into a separate function named `wp_check_jsonp_callback()`. This allows plugins to use the built-in validation when handling JSONP callbacks.
Extremely Important Note: If you send JSONP in your custom response, make sure you prefix the response with `/**/`. This will mitigate the Rosetta Flash exploit. You should also send the `X-Content-Type-Options:nosniff` header, or even better, use the REST API infrastructure.
Props rmccue.
Fixes#28523.
git-svn-id: https://develop.svn.wordpress.org/trunk@37646 602fd350-edb4-49c9-b593-d223f7449a82
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.
See #36921.
git-svn-id: https://develop.svn.wordpress.org/trunk@37543 602fd350-edb4-49c9-b593-d223f7449a82
Also use 'back-compat' in some inline comments where backward compatibility is the subject and shorthand feels more natural.
Note: 'backwards compatibility/compatibile' can also be considered correct, though it's primary seen in regular use in British English.
Props ocean90.
Fixes#36835.
git-svn-id: https://develop.svn.wordpress.org/trunk@37431 602fd350-edb4-49c9-b593-d223f7449a82
Rejoice, for your admins will feel more native to your surrounding computing environment and likely load faster, especially when offline, as they no longer have to talk to The Google Overlord.
At the time of introduction in 3.8, there were not good system fonts common to all platforms at the time. In the years since, Windows, Android, OS X, iOS, Firefox OS, and various flavors of Linux have all gotten their own (good) system UI fonts.
There will definitely be visual bugs, mainly around alignment and spacing; these should be documented and reported on the ticket and fixed more atomically so that our current and future selves have a better understanding of what happened and why.
The style remains registered, as it is almost certainly in use by themes and plugins.
props mattmiklic.
see #36753.
git-svn-id: https://develop.svn.wordpress.org/trunk@37361 602fd350-edb4-49c9-b593-d223f7449a82
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.
Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.
See #32246.
git-svn-id: https://develop.svn.wordpress.org/trunk@37342 602fd350-edb4-49c9-b593-d223f7449a82
Unicode 8 added `U+1F644`, "Face with Rolling Eyes", which matches our `:roll:` smiley. Continuing our ever present quest to rid the world of legacy smilies, we now translate that smiley into its emoji form.
Sadly, `:mrgreen:` remains sorely under-represented in the Unicode standard, I'm inclined to think that we should buy a voting membership of the Unicode Consortium, in order to rectify that situation. (Personally, I'm hoping for a green skin tone modifier.)
Fixes#36365.
git-svn-id: https://develop.svn.wordpress.org/trunk@37296 602fd350-edb4-49c9-b593-d223f7449a82
To improve the performance of `wp_upload_dir()` the result of `wp_mkdir_p()` was stored in a persistent cache, introduced in [36565]. But this becomes an issue when WordPress is scaled horizontally. You may end up caching a value for a server where the directory doesn't exist which will prevent further uploads on other servers because of the persistent cache.
The fix is to use a non-persistent cache.
Props azaozz, ocean90.
See #34359.
Fixes#36621.
git-svn-id: https://develop.svn.wordpress.org/trunk@37285 602fd350-edb4-49c9-b593-d223f7449a82
* Following pattern of `wp_get_mime_types()`, introduce `wp_get_ext_types()` function. New function returns a filtered list of file types with their extensions.
* Use this function in new tests for `wp_ext2type()`.
Props borgesbruno.
Fixes#35987.
git-svn-id: https://develop.svn.wordpress.org/trunk@37189 602fd350-edb4-49c9-b593-d223f7449a82
- Cache the output in non-persistent cache.
- Cache the result from `wp_mkdir_p()` in persistent cache (when present).
- Introduce `wp_get_upload_dir()` for use when not uploading files. It is equivalent to `wp_upload_dir()` but does not check for the existence or create the upload directory.
- Change tests to use the non-cached `_wp_upload_dir()`. They change options on the fly (should never be used in production) to simulate different environments.
- Introduce `_upload_dir_no_subdir()` and `_upload_dir_https()` to facilitate testing. These use the proper `upload_dir` filter to simulate different environments.
Props kovshenin, azaozz.
See #34359.
git-svn-id: https://develop.svn.wordpress.org/trunk@36565 602fd350-edb4-49c9-b593-d223f7449a82
Use the parameter for the deprecated constructor warning in `WP_Widget` to provide an indication to which widget is using the PHP4 style constructor.
Props sebastian.pisula.
Fixes#33440.
git-svn-id: https://develop.svn.wordpress.org/trunk@36541 602fd350-edb4-49c9-b593-d223f7449a82
* Uses a third-person singular verb in the summary
* Makes the return types more specific with `string|false` vs `string|bool`.
See #27152. See #32246.
git-svn-id: https://develop.svn.wordpress.org/trunk@36500 602fd350-edb4-49c9-b593-d223f7449a82
Multisite functions use the term "blog" to refer to what we now call a "site," e.g. `get_current_blog_id()`. These functions are here to stay because of our commitment to backwards compatibility. What we can do is set the documentation straight.
See #35417.
git-svn-id: https://develop.svn.wordpress.org/trunk@36417 602fd350-edb4-49c9-b593-d223f7449a82
Though this is technically still in the proposal stage, there is support from the core team and precedent in #16914
Props andizer.
Fixes#35333.
git-svn-id: https://develop.svn.wordpress.org/trunk@36273 602fd350-edb4-49c9-b593-d223f7449a82
For things like redirects `wp_get_referer()` should be used instead.
Props voldemortensen for initial patch.
Fixes#27152.
git-svn-id: https://develop.svn.wordpress.org/trunk@36266 602fd350-edb4-49c9-b593-d223f7449a82
Removes the title attribute and uses a `<button>` element instead of a `<div>`.
Also simplifies the CSS and takes care of the hover/focus style.
Fixes#35142.
git-svn-id: https://develop.svn.wordpress.org/trunk@36014 602fd350-edb4-49c9-b593-d223f7449a82
Also, when using spinners as background images, the re-painted area should be the
smallest possible one. See similar performance issue in #33311.
Fixes#34951.
git-svn-id: https://develop.svn.wordpress.org/trunk@35925 602fd350-edb4-49c9-b593-d223f7449a82
If the locale specifies that month names require a genitive case in certain formats like `'j F Y'` or `'j. F'`, the month name will be replaced with a correct form.
Fixes#11226.
git-svn-id: https://develop.svn.wordpress.org/trunk@35517 602fd350-edb4-49c9-b593-d223f7449a82
See [35097] for where the aforementioned hook was renamed to actually be dynamic, thus rendering creation of the extra `$hook` variable moot.
See #34264.
git-svn-id: https://develop.svn.wordpress.org/trunk@35098 602fd350-edb4-49c9-b593-d223f7449a82
The API uses this to do special operations on list responses (used
for collections), so we need to detect whether an array is
associative or numeric-indexed.
After much discussion, the bikeshed is to be painted green and gold.
See #33982.
git-svn-id: https://develop.svn.wordpress.org/trunk@34927 602fd350-edb4-49c9-b593-d223f7449a82
Following on from r34845, the JsonSerializable shim needs support
on the encoding side too. _wp_json_prepare_data handles this when
we've loaded the shim.
Props chriscct7.
See #33982.
git-svn-id: https://develop.svn.wordpress.org/trunk@34926 602fd350-edb4-49c9-b593-d223f7449a82
The `_network_option()` parameter order will be changing to accept `$network_id` first. The `_site_option()` functions will remain in use throughout core as our way of retrieving a network option for the current network.
See #28290.
git-svn-id: https://develop.svn.wordpress.org/trunk@34912 602fd350-edb4-49c9-b593-d223f7449a82
Various functions in load.php need to check whether WP is in installation mode.
Let's let them.
Props adamsilverstein.
See #31130.
git-svn-id: https://develop.svn.wordpress.org/trunk@34896 602fd350-edb4-49c9-b593-d223f7449a82
The `WP_INSTALLING` constant is a flag that WordPress sets in a number of
places, telling the system that options should be fetched directly from the
database instead of from the cache, that WP should not ping wordpress.org for
updates, that the normal "not installed" checks should be bypassed, and so on.
A constant is generally necessary for this purpose, because the flag is
typically set before the WP bootstrap, meaning that WP functions are not yet
available. However, it is possible - notably, during `wpmu_create_blog()` -
for the "installing" flag to be set after WP has already loaded. In these
cases, `WP_INSTALLING` would be set for the remainder of the process, since
there's no way to change a constant once it's defined. This, in turn, polluted
later function calls that ought to have been outside the scope of site
creation, particularly the non-caching of option data. The problem was
particularly evident in the case of the automated tests, where `WP_INSTALLING`
was set the first time a site was created, and remained set for the rest of the
suite.
The new `wp_installing()` function allows developers to fetch the current
installation status (when called without any arguments) or to set the
installation status (when called with a boolean `true` or `false`). Use of
the `WP_INSTALLING` constant is still supported; `wp_installing()` will default
to `true` if the constant is defined during the bootstrap.
Props boonebgorges, jeremyfelt.
See #31130.
git-svn-id: https://develop.svn.wordpress.org/trunk@34828 602fd350-edb4-49c9-b593-d223f7449a82
Replaces all uses of `*_site_option()` with the corresponding "network" function.
This excludes one usage in `wp-admin/admin-footer.php` that needs more investigation.
Props spacedmonkey.
See #28290.
git-svn-id: https://develop.svn.wordpress.org/trunk@34778 602fd350-edb4-49c9-b593-d223f7449a82
