Initialize `WP_Textdomain_Registry` in `wp_load_translations_early()`. This ensures the global `$wp_textdomain_registry` is set up prior to loading the translations.
Props azurseisme, TimothyBlynJacobs, costdev, ocean90, flixos90, swissspidy.
Fixes#57051.
git-svn-id: https://develop.svn.wordpress.org/trunk@54803 602fd350-edb4-49c9-b593-d223f7449a82
In [53874] the optional `$locale` parameter was added to `load_textdomain()`. While most `load_textdomain()` calls in core were were updated, some were missed. Passing the original locale avoids the need to call `determine_locale()` by `load_textdomain()` which is used as a fallback.
Props ocean90, swissspidy, desrosj.
See #57060.
git-svn-id: https://develop.svn.wordpress.org/trunk@54797 602fd350-edb4-49c9-b593-d223f7449a82
[54080] refactored the logic in `get_network_option()`, `update_network_option()` and `delete_network_option()` to use the metadata API. However, this change resulted in issues with large multisite installs that utilize memcached having network options > 1MB in size.
This change reverts [54080] and all related follow-up changes.
Reverts [54080], [54081], and [54082]. Partially reverts [54267] and [54402].
Props pavelschoffer, rebasaurus, johnbillion, spacedmonkey, desrosj, rinatkhaziev.
Fixes#56845.
See #37181.
git-svn-id: https://develop.svn.wordpress.org/trunk@54637 602fd350-edb4-49c9-b593-d223f7449a82
As the function can be used in a variety of contexts, the `_screen` suffix may not always be appropriate.
This commit aims to reduce confusion by renaming the newly added `is_login_screen()` function to `is_login()`, which better aligns with `is_admin()` and the related `is_*_admin()` function family.
While it does not save a lot of lines of code, this function aims to save developers some time that would otherwise be spent investigating the most reliable way to determine whether the current request is for the login screen.
Implementation details:
* By checking `wp_login_url()`, the function accounts for custom login locations set via the `login_url` filter.
* By checking `$_SERVER['SCRIPT_NAME']` directly, instead of `did_action( 'login_form_login' )` or `$pagenow` global, the function can work as early as possible, for example in a must-use plugin.
Follow-up to [53884].
Props azaozz.
Fixes#19898. See #56400.
git-svn-id: https://develop.svn.wordpress.org/trunk@54447 602fd350-edb4-49c9-b593-d223f7449a82
After some further discussion, it is apparent that the added clarity was subjective, and the `_screen` suffix may not always be appropriate, e.g. in Ajax context. To address any confusion with the existing names, the documentation for these functions can be updated instead.
Additionally, the `is_super_admin_user()` alias for `is_super_admin()` is reverted as well, which may be reconsidered in the future.
Follow-up to [54259].
Props azaozz, jrf, johnbillion, manfcarlo, Clorith.
See #56400.
git-svn-id: https://develop.svn.wordpress.org/trunk@54332 602fd350-edb4-49c9-b593-d223f7449a82
Following the introduction of `is_login_screen()` in [53884], it is time to reconsider the `is_*_admin()` functions:
* `is_admin()`: Determines whether the current request is for an administrative interface page.
* `is_blog_admin()`: Whether the current request is for a site's administrative interface, e.g. `/wp-admin/`.
* `is_network_admin()`: Whether the current request is for the network administrative interface, e.g. `/wp-admin/network/`.
* `is_user_admin()`: Whether the current request is for a user admin screen, e.g. `/wp-admin/user/`.
For someone new to WordPress, these names can be quite confusing, especially the last one. When using these functions, one always needs to remember that they don't actually check if the current user is a site administrator.
To complicate things further, there is one more similarly named function that does exactly the latter:
* `is_super_admin()`: Determines whether user is a site admin.
With the above in mind, this commit introduces aliases that better match the functionality and allow for more descriptive code:
* `is_admin()` → `is_admin_screen()`
* `is_blog_admin()` → `is_site_admin_screen()`
* `is_network_admin()` → `is_network_admin_screen()`
* `is_user_admin()` → `is_user_admin_screen()`
Additionally, `is_super_admin_user()` is introduced as an alias for `is_super_admin()`:
* `is_super_admin()` → `is_super_admin_user()`
Plugins and themes are encouraged to start using the newer function names to make code self-descriptive and bring more clarity. The older names are not deprecated at this time, though it may be up for discussion in the future.
Follow-up to [2481], [6412], [12393], [12732], [15558], [15481], [15746], [53884].
Props jrf, tobifjellner, SergeyBiryukov.
See #56400.
git-svn-id: https://develop.svn.wordpress.org/trunk@54259 602fd350-edb4-49c9-b593-d223f7449a82
This adjusts the check for the presence of the `WP_ENVIRONMENT_TYPE` constant to also confirm it is set to a non-empty value before using.
Props dd32, khokansardar, ramon-fincken.
Fixes#55741.
git-svn-id: https://develop.svn.wordpress.org/trunk@54239 602fd350-edb4-49c9-b593-d223f7449a82
Replace logic found in `get_network_option`, `update_network_option` and `delete_network_option` to use the metadata api. Using the metadata api has a number of benefits, such as consistency, default values and useful filters. This change also improves performance by priming the caches of all network options in a single database request.
Props spacedmonkey, swissspidy, sc0ttkclark, johnjamesjacoby, flixos90, jeremyfelt, pento, peterwilsoncc, mukesh27, desrosj.
Fixes#37181
git-svn-id: https://develop.svn.wordpress.org/trunk@54080 602fd350-edb4-49c9-b593-d223f7449a82
The function to check whether WordPress is not installed has evolved over time, ending up with duplicate conditionals.
This commit combines two conditionals into a single one and includes an early return.
Follow-up to [672], [676], [725], [1184], [1401], [1980], [2171], [2467], [2468], [2486], [2703], [3011], [3670], [12688], [12732], [12762], [13253], [29599], [30581], [34828].
See #55647.
git-svn-id: https://develop.svn.wordpress.org/trunk@53915 602fd350-edb4-49c9-b593-d223f7449a82
This should help determine whether the current request is for the login screen.
While it does not save a lot of lines of code, including this function in core aims to save developers some time that would otherwise be spent investigating the most reliable way to solve this problem.
Implementation details:
* By checking `wp_login_url()`, the function accounts for custom login locations set via the `login_url` filter.
* By checking `$_SERVER['SCRIPT_NAME']` directly, instead of `did_action( 'login_form_login' )` or `$pagenow` global, the function can work as early as possible, for example in a must-use plugin.
Follow-up to [2481], [6412], [12393], [12732], [15558], [15481], [15746].
Props dcowgill, scribu, donmhico, iandunn, wonderboymusic, nacin, robmiller, kitchin, chriscct7, tazotodua, davidbaumwald, SergeyBiryukov.
Fixes#19898.
git-svn-id: https://develop.svn.wordpress.org/trunk@53884 602fd350-edb4-49c9-b593-d223f7449a82
This renames the file containing the `wpdb` class to conform to the coding standards.
This commit also includes:
* A new `wp-db.php` that loads the new file, for anyone that may have been including the file directly.
* Replacing references to the old filename with the new filename.
Fixes#56268. See #55647.
git-svn-id: https://develop.svn.wordpress.org/trunk@53749 602fd350-edb4-49c9-b593-d223f7449a82
`phpversion()` return value and `PHP_VERSION` constant value are identical, but the latter is several times faster because it is a direct constant value lookup compared to a function call.
Props ayeshrajans, jrf, mukesh27, costdev, hellofromTonya, SergeyBiryukov.
Fixes#55680.
git-svn-id: https://develop.svn.wordpress.org/trunk@53426 602fd350-edb4-49c9-b593-d223f7449a82
When `add_filter( 'wp_is_application_passwords_available', '__return_false' )` exists, HTTPS requirement message is shown even if HTTPS is enabled on the site. This happens because `wp_is_application_passwords_available_for_user()` first invokes `wp_is_application_passwords_available()` which is filterable. The situation could happen if the `'wp_is_application_passwords_available_for_user'` filter returns `false`.
To fix this, the check for HTTPS (or if in a 'local' environment) is moved to a new function called `wp_is_application_passwords_supported()`. Then the return from this function is used as an OR condition for the Application Passwords section and for displaying the HTTPS required message.
Tests are included for both `wp_is_application_passwords_supported()` and `wp_is_application_passwords_available()`.
Follow-up to [51980], [51988].
Props davidbinda, SergeyBiryukov, ocean90, felipeelia, costdev, hellofromTonya.
Fixes#53658.
git-svn-id: https://develop.svn.wordpress.org/trunk@52398 602fd350-edb4-49c9-b593-d223f7449a82
If `SCRIPT_NAME'` does not exist (which can happen in cron jobs), the following happens:
* PHP 8.1+:
* `Warning: Undefined array key "SCRIPT_NAME"`
* `Deprecated: strpos(): Passing null to parameter #1 ($haystack) of type string is deprecated`
* PHP 8.0: `Warning: Undefined array key "SCRIPT_NAME"`
* PHP 5.6-7.4: No warning or notice
This commit checks if the key exists before passing it to `strpos()`. This resolves the warning, notice, and future error.
Follow-up to [3034], [3069], [12732].
Props audrasjb, costdev, hellofromTonya, karpstrucking, mcjambi, sergeybiryukov.
Fixes#54142.
git-svn-id: https://develop.svn.wordpress.org/trunk@52144 602fd350-edb4-49c9-b593-d223f7449a82
As of November 2021, the `HTTP/3` protocol is still officially an Internet Draft, but is already supported by 74% of running web browsers and, according to W3Techs, 23% of the top 10 million websites. It has been supported by Google Chrome (including Chrome for Android, and Microsoft Edge, which is based on it) since April 2020 and by Mozilla Firefox since May 2021. Safari 14 (on macOS Big Sur and iOS 14) has also implemented the protocol but support is hidden behind a feature flag.
Based on the wide support, this change adds `HTTP/3` as a valid HTTP protocol.
Props malthert.
Fixes#54404.
git-svn-id: https://develop.svn.wordpress.org/trunk@52087 602fd350-edb4-49c9-b593-d223f7449a82
Previously errors were not displayed or logged, but the original intention was only to prevent them from being displayed. Hiding them from logs makes problems like #53492 much harder to debug.
This makes the handling of errors in `ms-files` consistent with the REST API, `admin-ajax`, and XML-RPC.
Props iandunn, johnjamesjacoby.
Fixes#53493.
git-svn-id: https://develop.svn.wordpress.org/trunk@51358 602fd350-edb4-49c9-b593-d223f7449a82
In [37626] a filter was added to allow disabling the advanced cache dropin, but no similar filter was added for the object cache dropin. This corrects that oversight.
Fixes#53322.
git-svn-id: https://develop.svn.wordpress.org/trunk@51087 602fd350-edb4-49c9-b593-d223f7449a82
Adds timer_float which can be used to get the time elapsed so far during the PHP script. Should make it easier to display the page generation time in the footer of admin.
WordPress should expose timing data as a float in the most accurate manner possible. timer_stop() has two problems: it uses an initial timestamp generated later than it needs to be and its formatted return value can not reliably be used as a number (some locales swap commas and periods, for example).
Props andy, matt, jorbin.
Fixes#39163.
git-svn-id: https://develop.svn.wordpress.org/trunk@50786 602fd350-edb4-49c9-b593-d223f7449a82
In [49752] a check was added to prevent creating new Application Passwords if Basic Auth credentials were detected to prevent conflicts. This check takes place in WP-Admin, though a conflict would only arise if Basic Auth was used on the website's front-end.
This commit extracts the Basic Auth check into a reusable function, `wp_is_site_protected_by_basic_auth()`, which can be adjusted using a filter of the same name. This way, a site that uses Basic Auth to protect WP-Admin can still use the Application Passwords feature.
In the future, instead of requiring the use of a filter, WordPress could make a loopback request and check for a `WWW-Authenticate` header to make this detection more robust out of the box.
Props SeBsZ, archon810, aaroncampbell, ocean90, SergeyBiryukov, TimothyBlynJacobs.
Fixes#52066.
git-svn-id: https://develop.svn.wordpress.org/trunk@50006 602fd350-edb4-49c9-b593-d223f7449a82
Previously, we only supported `application/json` which prevented using subtypes like `application/activity+json`. This allows for the REST API to `json_decode` the body of requests using a JSON subtype `Content-Type`. Additionally, `wp_die()` now properly sends the error as JSON when a JSON subtype is specified in the `Accept` header.
Props pfefferle.
Fixes#49404.
git-svn-id: https://develop.svn.wordpress.org/trunk@49329 602fd350-edb4-49c9-b593-d223f7449a82
When the `mysql` extention isn't loaded and a custom db dropin is not in place, we give folks a nice error. However, we can't assume that the `WP_CONTENT_DIR` constant is set yet since this runs before we define default constants.
This fixes a PHP 8 error.
Props jorbin.
Merges [49161] to trunk.
See #50913.
git-svn-id: https://develop.svn.wordpress.org/trunk@49163 602fd350-edb4-49c9-b593-d223f7449a82
In WordPress 4.4 the REST API was first introduced. A few releases later in WordPress 4.7, the Content API endpoints were added, paving the way for Gutenberg and countless in-site experiences. In the intervening years, numerous plugins have built on top of the REST API. Many developers shared a common frustration, the lack of external authentication to the REST API.
This commit introduces Application Passwords to allow users to connect to external applications to their WordPress website. Users can generate individual passwords for each application, allowing for easy revocation and activity monitoring. An authorization flow is introduced to make the connection flow simple for users and application developers.
Application Passwords uses Basic Authentication, and by default is only available over an SSL connection.
Props georgestephanis, kasparsd, timothyblynjacobs, afercia, akkspro, andraganescu, arippberger, aristath, austyfrosty, ayesh, batmoo, bradyvercher, brianhenryie, helen, ipstenu, jeffmatson, jeffpaul, joostdevalk, joshlevinson, kadamwhite, kjbenk, koke, michael-arestad, Otto42, pekz0r, salzano, spacedmonkey, valendesigns.
Fixes#42790.
git-svn-id: https://develop.svn.wordpress.org/trunk@49109 602fd350-edb4-49c9-b593-d223f7449a82
These actions allow debugging tools to track `WP_Error` instances as they're created and subsequently passed between functions which check for error objects.
Props Shelob9, Mte90, TimothyBlynJacobs, johnbillion
Fixes#40568
git-svn-id: https://develop.svn.wordpress.org/trunk@49022 602fd350-edb4-49c9-b593-d223f7449a82
The intention of `wp_get_environment_type()` is to provide a consistent means of identifying the environment type, not of identifying a specific environment.
Actual environments should fit within one of the existing types: `local`, `development`, `staging`, or `production`. That should cover the types that plugins and themes might be concerned about when toggling functionality.
Props johnbillion, joostdevalk, TimothyBlynJacobs, jeremyfelt, batmoo, claytoncollie, Clorith, markjaquith, garrett-eclipse, GaryJ, elrae.
Fixes#50992.
git-svn-id: https://develop.svn.wordpress.org/trunk@48894 602fd350-edb4-49c9-b593-d223f7449a82
This gives developers a better control over their existing development workflow and ensures that `local` is not the exact same as `development` if it does not need to be.
Props claytoncollie, johnbillion, jeremyfelt, kreppar, dushakov, TimothyBlynJacobs, Ipstenu, khag7, knutsp, Clorith, markjaquith, joostdevalk, SergeyBiryukov.
Fixes#51064.
git-svn-id: https://develop.svn.wordpress.org/trunk@48856 602fd350-edb4-49c9-b593-d223f7449a82
Since `wp_get_environment_type()` runs too early for plugins to hook these filters, and the result is then cached in a static variable and cannot be changed later, the filters are not that useful.
The `WP_ENVIRONMENT_TYPES` and `WP_ENVIRONMENT_TYPE` constants and environment variables should be enough for now.
Follow-up to [47919], [48188], [48372].
Props Clorith, SergeyBiryukov.
Fixes#33161.
git-svn-id: https://develop.svn.wordpress.org/trunk@48662 602fd350-edb4-49c9-b593-d223f7449a82
This was intended as a temporary fix until `add_magic_quotes()` is modified to leave non-string values untouched, which has now been done.
Follow-up to [47370], [48205].
See #48605.
git-svn-id: https://develop.svn.wordpress.org/trunk@48206 602fd350-edb4-49c9-b593-d223f7449a82
* Rename the `wp_approved_environment_types` filter to `wp_environment_types`.
* Introduce `WP_ENVIRONMENT_TYPES` system variable and constant to complement the filter.
* Correct the argument type for the `wp_environment_types` filter.
* Cache the result in a static variable to ensure consistent return value.
* Rename the `stage` type to `staging`.
Follow-up to [47919].
Props dlh, dd32, TimothyBlynJacobs, johnbillion, pbiron.
See #33161.
git-svn-id: https://develop.svn.wordpress.org/trunk@48188 602fd350-edb4-49c9-b593-d223f7449a82
Partially reverts [48059] as there's no full consensus on the removal of the text prefix. Further actions should be taken to improve consistency and accessibility of the admin notices. Keeps some improvements to the translatable strings from [48059].
Fixes#47656.
git-svn-id: https://develop.svn.wordpress.org/trunk@48115 602fd350-edb4-49c9-b593-d223f7449a82
The tag was supported in phpDocumentor 1.x, but is no longer supported in 2.x and 3.x.
Usage of static variables is considered an internal implementation detail and has no information value for someone reading the docs.
Props alishanvr, jrf.
Fixes#50426.
git-svn-id: https://develop.svn.wordpress.org/trunk@48109 602fd350-edb4-49c9-b593-d223f7449a82
