Prior to this change, `date_i18n()` only supported the `timezone_string` option, causing incorrect timezones to appear in formatted dates on sites that still rely on the `gmt_offset` option.
Props Rarst.
Fixes#34835.
git-svn-id: https://develop.svn.wordpress.org/trunk@43387 602fd350-edb4-49c9-b593-d223f7449a82
Erasing timezone with a regular expression is redundant, the date could be just formatted in the respective format instead.
Props Rarst.
Fixes#42542.
git-svn-id: https://develop.svn.wordpress.org/trunk@43384 602fd350-edb4-49c9-b593-d223f7449a82
Despite historical function name, the output does not conform to RFC3339 format, which must contain timezone.
Props Rarst.
See #42542.
git-svn-id: https://develop.svn.wordpress.org/trunk@43383 602fd350-edb4-49c9-b593-d223f7449a82
Despite previously being labeled as a Unix timestamp, in reality it's a sum of Unix timestamp and timezone offset in seconds.
Props Rarst.
See #38771.
git-svn-id: https://develop.svn.wordpress.org/trunk@43380 602fd350-edb4-49c9-b593-d223f7449a82
Previously, personal data exports were stored in `wp-content/uploads/exports`, which is generic enough that it's likely there are existing folders with that name, either created by plugins or manually by administrators. If that folder were reused by Core, then `wp_privacy_delete_old_export_files()` would delete all of the existing files inside it, which is almost certainly not what the site owner wants or expects.
To avoid that, the folder is being renamed to include a specific reference to Core, and a more verbose description of its purpose. With those factored in, it's very unlikely that there will be any conflicts with existing folders.
The `wp_privacy_exports_dir()` and `wp_privacy_exports_url()` functions were introduced to provide a canonical source for the location, and the `wp_privacy_exports_dir` and `wp_privacy_exports_url` filters were introduced to allow plugins to customize it.
Props johnjamesjacoby, allendav.
Fixes#44091.
git-svn-id: https://develop.svn.wordpress.org/trunk@43284 602fd350-edb4-49c9-b593-d223f7449a82
Previously, when a plugin updated its suggested privacy policy text, an admin notice was shown on all screens in the Administration Panels. That was done in order to make sure that administrators were aware of it, so that they could update their policy if needed. That was a very heavy-handed and intrusive approach, though, which leads to a poor user experience, and notice fatigue.
An alternative approach is to use bubble notifications in the menu, similar to when plugins have updates that need to be installed. That still makes it obvious that something needs the administrator's attention, but is not as distracting as a notice.
The notice will still appear on the Privacy page, though, since it is relevant to that screen, and provides an explanation of why the bubble is appearing.
Props azaozz, xkon, iandunn.
Fixes#43954. See #43953.
git-svn-id: https://develop.svn.wordpress.org/trunk@43223 602fd350-edb4-49c9-b593-d223f7449a82
r43046 introduced `wp_schedule_delete_old_privacy_export_files()` to schedule the `wp_privacy_delete_old_export_files` cron job, but it did not check to make sure it wasn't running in the context of the install process. When it did run in that context, it created a database error, because the necessary database tables don't exist at that point.
Checking the current context and returning early during the installation phase avoids that issue.
Props helen, timothyblynjacobs, iandunn.
Fixes#43952.
git-svn-id: https://develop.svn.wordpress.org/trunk@43162 602fd350-edb4-49c9-b593-d223f7449a82
`list_files()` is defined in `wp-admin/includes/file.php`, which is not included by `wp-cron.php`, so it needs to be included by the caller in order to avoid a fatal PHP error.
This bug was not detected during testing because the file _is_ included when executing jobs via `wp cron event run`.
Props mikejolley, iandunn.
See #43546.
See https://wordpress.slack.com/archives/C9695RJBW/p1525190405000860.
git-svn-id: https://develop.svn.wordpress.org/trunk@43059 602fd350-edb4-49c9-b593-d223f7449a82
The primary means of protecting the files is the CSPRN appended to the filename, but there is no reason to keep the files after the data subject has downloaded them, so deleting them provides an additional layer of protection. Previously this was done from `wp_privacy_generate_personal_data_export_file()`, but that does not guarantee that it will be run regularly, and on smaller sites that could result in export files being exposed for much longer than necessary.
`wp_privacy_delete_old_export_files()` was moved to a front end file, so that it can be called from `cron.php`.
This introduces the `wp_privacy_export_expiration` filter, which allows plugins to customize how long the exports are kept before being deleted.
`index.html` was added to the `$exclusions` parameter of `list_files()` to make sure that it isn't deleted. If it were, then poorly-configured servers would allow the directory to be traversed, exposing all of the exported files.
Props iandunn, desrosj.
See #43546.
git-svn-id: https://develop.svn.wordpress.org/trunk@43046 602fd350-edb4-49c9-b593-d223f7449a82
A new global multisite table `wp_blogmeta` is added to the database schema, and a set of `*_site_meta()` API functions are introduced.
The implementation fails gracefully when the new table is not yet available, which may happen especially shortly after the core update, before the network has been upgraded to the new database schema. The presence of the table is detected once and stored as a global setting on the main network.
Core does not yet use site metadata, but there are several use-cases to be implemented or explored in the near future, and it allows plugins to extend sites with arbitrary data, which will come in particularly handy with the upcoming REST API endpoint for sites.
Props spacedmonkey, johnjamesjacoby, jeremyfelt, flixos90.
Fixes#37923.
git-svn-id: https://develop.svn.wordpress.org/trunk@42836 602fd350-edb4-49c9-b593-d223f7449a82
While intended as a playful error message, `Cheatin’ uh?` can be interpreted as insulting or accusatory in an already stressful situation. This replaces Cheatin’ with more meaningful error messages, depending on the error that occurs.
Props ElectricFeet, EricMeyer, karmatosed, dd32, BandonRandon, melchoyce for language; dmsnell for original patch; peterwilsoncc.
Fixes#38332.
git-svn-id: https://develop.svn.wordpress.org/trunk@42648 602fd350-edb4-49c9-b593-d223f7449a82
WordPress' code just... wasn't.
This is now dealt with.
Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes#41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42343 602fd350-edb4-49c9-b593-d223f7449a82
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.
See #41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42228 602fd350-edb4-49c9-b593-d223f7449a82
This pattern occurs a handful of times across the codebase:
`<div class="foo<?php if ( $bar ) { echo ' baz'; } ?>">`
Unfortunately, it doesn't really play nicely with `phpcbf`, so all instances need to be removed in preperation for auto code formatting.
See #41057.
git-svn-id: https://develop.svn.wordpress.org/trunk@42217 602fd350-edb4-49c9-b593-d223f7449a82
This now treats files containing `./` as valid, and also treats files containing a trailing `../` as valid due to widespread use of this pattern in theme and plugin zip files.
Adds tests.
Props Ipstenu, borgesbruno, DavidAnderson, philipjohn, birgire
Fixes#42016, #36170
git-svn-id: https://develop.svn.wordpress.org/trunk@42011 602fd350-edb4-49c9-b593-d223f7449a82
Fixes the issue with plugins not being able to use the `kses_allowed_protocols` filter if `esc_url()` was called too early.
Props turtlepod, SergeyBiryukov.
Fixes#36033.
git-svn-id: https://develop.svn.wordpress.org/trunk@41990 602fd350-edb4-49c9-b593-d223f7449a82
When the `WP_Network::$blog_id` property is set manually, for example in the multisite bootstrap process, `get_main_site_id()` should use that value instead of running its own logic. The main logic for the function was therefore moved into the internal `WP_Network::get_main_site_id()` method, which is now being accessed by the function through the magic property handling for `WP_Network::$blog_id` (and its equivalent `WP_Network::$site_id`).
Props spacedmonkey, jeremyfelt.
Fixes#41936.
git-svn-id: https://develop.svn.wordpress.org/trunk@41861 602fd350-edb4-49c9-b593-d223f7449a82
This allows users who are using the admin area in a language other than the site language to read the notice on the login screen
(which explains that they need to log in again) in their chosen language.
Props Nikschavan, swissspidy
Fixes#40205
git-svn-id: https://develop.svn.wordpress.org/trunk@41692 602fd350-edb4-49c9-b593-d223f7449a82
To bring Core into line with the changes to `$wpdb->prepare()` in WordPress 4.8.2, query placeholders shouldn't be quoted.
Props jrf, johnjamesjacoby.
Fixes#41983.
git-svn-id: https://develop.svn.wordpress.org/trunk@41628 602fd350-edb4-49c9-b593-d223f7449a82
Calling the `count_users()` function is expensive, regardless of the counting strategy that's used, and it gets
slower the more users there are on a site. In order to speed up the Users screen in the admin area, calling
`count_users()` can be avoided entirely while still displaying the total count for users.
This introduces some new functions:
* `wp_is_large_user_count()`
* `wp_get_active_user_count()`
* `wp_update_active_user_count()`
A corresponding `wp_is_large_user_count` filter is also introduced.
Props tharsheblows, johnbillion
Fixes#38741
git-svn-id: https://develop.svn.wordpress.org/trunk@41613 602fd350-edb4-49c9-b593-d223f7449a82
This function can be used to easily get the main site ID of a given network via the optional `$network_id` parameter, which defaults to the current network. The existing `is_main_site()` now uses the new function internally and now accepts an optional `$network_id` parameter as well.
The main purpose of the new function at this point is to ensure that the `WP_Network::$blog_id` property is always set. Magic getters in the class have been adjusted to auto-fill the property when it is accessed and empty. Furthermore the function encapsulates logic that was previously part of `ms_load_current_site_and_network()` and has been replaced with a call to the function now.
Props spacedmonkey, jeremyfelt, johnjamesjacoby, flixos90.
Fixes#29684.
git-svn-id: https://develop.svn.wordpress.org/trunk@41380 602fd350-edb4-49c9-b593-d223f7449a82
The inline styles added to the `wp_die()` handler since [18534] increase file size of the error screen enough to prevent Internet Explorer from displaying a generic error page.
Props rfair404.
Fixes#37551.
git-svn-id: https://develop.svn.wordpress.org/trunk@41369 602fd350-edb4-49c9-b593-d223f7449a82
"Install" is not a noun, and while it might be acceptable to use the verb as a noun, it is not correct. Using the correct
noun, "installation", increases clarity, especially for non-native English speakers.
This change fixes the usage in user-facing text and in developer documentation.
Fixes#41620
git-svn-id: https://develop.svn.wordpress.org/trunk@41289 602fd350-edb4-49c9-b593-d223f7449a82
This reduces the chances of a site compromise going unnoticed, in the same way that the same notifications for user account email address changes reduces the chances of a user account compromise going unnoticed.
Props MatheusGimenez, johnbillion
Fixes#39117
git-svn-id: https://develop.svn.wordpress.org/trunk@41164 602fd350-edb4-49c9-b593-d223f7449a82
This prevents non-image fileypes from returning a mime type of
"application/octet-stream" when `exif_imagetype()` returns `false`.
Props blobfolio.
Fixes#40017.
git-svn-id: https://develop.svn.wordpress.org/trunk@40397 602fd350-edb4-49c9-b593-d223f7449a82
[39831] introduced more strict MIME type checking for uploads, which
resulted in unintetionally blocking several filetypes that were
previously valid. This change uses a more targeted approach to MIME
validation to restore previous behavior for most types.
Props blobfolio, iandunn, ipstenu, markoheijnen, xknown, joemcgill.
Fixes#39550, #39552.
git-svn-id: https://develop.svn.wordpress.org/trunk@40124 602fd350-edb4-49c9-b593-d223f7449a82
This prevents the "non-numeric value encountered" warning in PHP 7.1, caused by trying to increment an empty string on the first loop iteration.
Props drrobotnik for initial patch.
Fixes#39774.
git-svn-id: https://develop.svn.wordpress.org/trunk@40039 602fd350-edb4-49c9-b593-d223f7449a82
Partial revert of [38929].
This reverts the source code from the commit for #30210 to prevent valid but empty feeds from returning 404 file not found errors for the home and custom feeds.
The tests in the commit that remain applicable are retained.
Props pavelevap for reporting, stevenkword for initial patch.
See #30210.
Fixes#39157.
git-svn-id: https://develop.svn.wordpress.org/trunk@40030 602fd350-edb4-49c9-b593-d223f7449a82
This adds a new function `wp_get_image_mime()` which is used by
`wp_check_filetype_and_ext()` to validate image files using
`exif_imagetype()` if available instead of `getimagesize()`.
`getimagesize()` is less performant than `exif_imagetype()` and is
dependent on GD. If `exif_imagetype()` is not available, it falls back to
`getimagesize()` as before.
If `wp_check_filetype_and_ext()` can't validate the filetype, we now return
`false` for ext/MIME values.
See #11946.
git-svn-id: https://develop.svn.wordpress.org/trunk@39831 602fd350-edb4-49c9-b593-d223f7449a82
Adds context to one string used in two different contexts for the new user and new site signup email notification.
More to come.
See #38882
git-svn-id: https://develop.svn.wordpress.org/trunk@39323 602fd350-edb4-49c9-b593-d223f7449a82
Adds a `$locale` parameter to `wp_timezone_choice()` to only reload translations when necessary.
Props yale01.
See #38485.
git-svn-id: https://develop.svn.wordpress.org/trunk@39068 602fd350-edb4-49c9-b593-d223f7449a82
A theme can opt-in for tailored starter content to apply to the customizer when previewing the theme on a fresh install, when `fresh_site` is at its initial `1` value. Starter content is staged in the customizer and does not go live unless the changes are published. Initial starter content is added to Twenty Seventeen.
* The `fresh_site` flag is cleared when a published post or page is saved, when widgets are modified, or when the customizer state is saved.
* Starter content is registered via `starter-content` theme support, where the argument is an array containing `widgets`, `posts`, `nav_menus`, `options`, and `theme_mods`. Posts/pages in starter content are created with the `auto-draft` status, re-using the page/post stubs feature added to nav menus and the static front page controls.
* A `get_theme_starter_content` filter allows for plugins to extend a theme's starter content.
* Starter content in themes can/should re-use existing starter content items in core by using named placeholders.
* Import theme starter content into customized state when fresh site.
* Prevent original_title differences from causing refreshes if title is present.
* Ensure nav menu item url is set according to object when previewing.
* Make sure initial saved state is false if there are dirty settings without an existing changeset.
* Ensure dirty settings are cleaned upon changeset publishing.
Props helen, westonruter, ocean90.
Fixes#38114, #38533.
git-svn-id: https://develop.svn.wordpress.org/trunk@38991 602fd350-edb4-49c9-b593-d223f7449a82
In addition to `wp_list_filter()` for filtering a list of objects, and `wp_list_pluck()` for plucking a certain field out of each object in a list, this new function can be used for sorting a list of objects by specific fields. These functions are now all contained within the new `WP_List_Util()` class and `wp_list_sort()` is used in various parts of core for sorting lists.
This was previously committed in [38859] but got reverted in [38862] and [38863]. To fix the previous issues, `wp_list_sort()` supports now an additional argument to preserve array keys via `uasort()`.
Props flixos90, DrewAPicture, jorbin.
Fixes#37128.
git-svn-id: https://develop.svn.wordpress.org/trunk@38928 602fd350-edb4-49c9-b593-d223f7449a82
In addition to `wp_list_filter()` for filtering a list of objects, and `wp_list_pluck()` for plucking a certain field out of each object in a list, this new function can be used for sorting a list of objects by specific fields. These functions are now all contained within the new `WP_List_Util()` class and `wp_list_sort()` is used in various parts of core for sorting lists.
Props flixos90, DrewAPicture, jorbin.
Fixes#37128.
git-svn-id: https://develop.svn.wordpress.org/trunk@38859 602fd350-edb4-49c9-b593-d223f7449a82
One thing fairly common to the cache groups is a block of code to look to see when the cache was last changed, and if there isn't one, to set it for the current microtime(). It appears in 8 different places in core. This adds a new helper `wp_cache_get_last_changed` to DRY things up a bit.
Since `wp-includes/cache.php` isn't guaranteed to be loaded, this new function is in `wp-includes/functions.php`
Props spacedmonkey, desrosj.
Fixes#37464.
git-svn-id: https://develop.svn.wordpress.org/trunk@38849 602fd350-edb4-49c9-b593-d223f7449a82
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.
Love your REST API, WordPress! The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"
Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes#38373.
git-svn-id: https://develop.svn.wordpress.org/trunk@38832 602fd350-edb4-49c9-b593-d223f7449a82
`get_network()` falls back to the current network when called without any arguments. Between this and `get_current_network_id()`, we can replace almost all instances of the global `$current_site` and all instances of `get_current_site()`.
This effectively deprecates `get_current_site()`, something that we'll do in a future ticket.
Props flixos90.
Fixes#37414.
git-svn-id: https://develop.svn.wordpress.org/trunk@38814 602fd350-edb4-49c9-b593-d223f7449a82
Since there's no difference between using `date()` and `gmdate()` in WordPress, we can simply use the former in `date_i18n()` to reduce its complexity.
Adds tests.
Props jdgrimes for initial patch.
Fixes#37910.
git-svn-id: https://develop.svn.wordpress.org/trunk@38804 602fd350-edb4-49c9-b593-d223f7449a82
Restore `get_current_site()` to a multisite only function. Providing this in single site may be a possibility in the future, but should have a dedicated ticket and discussion.
See #37699.
git-svn-id: https://develop.svn.wordpress.org/trunk@38636 602fd350-edb4-49c9-b593-d223f7449a82
The manual query for the main network ID can now be replaced with a cached `get_networks()` query. This allows us to eliminate the `primary_network_id` cache key entirely.
Props spacedmonkey.
Fixes#37218.
git-svn-id: https://develop.svn.wordpress.org/trunk@38632 602fd350-edb4-49c9-b593-d223f7449a82
Additionally, update the `$message` parameter description in the DocBlock for `wp_die()` to make it explicitly clear messages derived from a passed `WP_Error` object will only be evaluated if not performing an Ajax or XML-RPC request (as both default handlers completely ignore `WP_Error` object messages).
See #37770.
git-svn-id: https://develop.svn.wordpress.org/trunk@38518 602fd350-edb4-49c9-b593-d223f7449a82
This new filter allows the smilies array to be modified with a filter, instead of having to directly access the global.
Props mte90, jorbin.
Fixes#35905.
git-svn-id: https://develop.svn.wordpress.org/trunk@38504 602fd350-edb4-49c9-b593-d223f7449a82
Defaults to `200` in all cases, but can be used, for example, to return a `403` when using `wp_send_json_error()`.
Fixes#35666
Props stephenharris
git-svn-id: https://develop.svn.wordpress.org/trunk@38422 602fd350-edb4-49c9-b593-d223f7449a82
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.
See #36335.
git-svn-id: https://develop.svn.wordpress.org/trunk@38411 602fd350-edb4-49c9-b593-d223f7449a82
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.
See #36335
git-svn-id: https://develop.svn.wordpress.org/trunk@38402 602fd350-edb4-49c9-b593-d223f7449a82
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.
The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php
We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php
When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.
The future is now.
See #36335.
git-svn-id: https://develop.svn.wordpress.org/trunk@38399 602fd350-edb4-49c9-b593-d223f7449a82
Registration is now based solely on object type, which allows the code around this to be simplified significantly.
In the process of making this adjustment:
* `register_meta()`, `unregister_meta_key()`, `get_registered_metadata()`, and `registered_meta_key_exists()` no longer return `WP_Error` objects.
* The recently introduced `wp_object_type_exists()` function and the restriction on object type has been removed.
Note: No guarantee of uniqueness is made across object subtypes. Registered meta keys should be uniquely prefixed to avoid conflict.
Fixes#35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@38095 602fd350-edb4-49c9-b593-d223f7449a82
Ajax, while considered an acronym for Asynchronous JavaScript and XML, is most commonly capitalized only in the first character.
Part props ocean90.
See #32246.
git-svn-id: https://develop.svn.wordpress.org/trunk@38028 602fd350-edb4-49c9-b593-d223f7449a82
* Don't lower memory limit if the current limit is greater than `WP_MAX_MEMORY_LIMIT`.
* Set `WP_MEMORY_LIMIT` and `WP_MAX_MEMORY_LIMIT` to current limit if the `memory_limit` setting can't be changed at runtime.
* Use `wp_convert_hr_to_bytes()` when parsing the value of the `memory_limit` setting because it can be a shorthand or an integer value.
* Introduce `wp_raise_memory_limit( $context )` to raise the PHP memory limit for memory intensive processes. This DRYs up some logic and includes the existing `admin_memory_limit` and `image_memory_limit` filters. The function can also be used for custom contexts, the `{$context}_memory_limit` filter allows to customize the limit.
* Introduce `wp_is_ini_value_changeable( $setting )` to determine whether a PHP ini value is changeable at runtime.
* Remove a `function_exists( 'memory_get_usage' )` check. Since PHP 5.2.1 support for memory limit is always enabled.
Related commits: [38011-38013]
Props jrf, A5hleyRich, swissspidy, ocean90.
Fixes#32075.
git-svn-id: https://develop.svn.wordpress.org/trunk@38015 602fd350-edb4-49c9-b593-d223f7449a82
In doing this, non-core object types are no longer forcibly blocked and are instead checked against `wp_object_type_exists()` which has a filterable return value. Still, filter that at your own risk.
props Faison for the initial patch.
see 35658.
git-svn-id: https://develop.svn.wordpress.org/trunk@37991 602fd350-edb4-49c9-b593-d223f7449a82
`Pragma` is supposed to be a request header, but we've been including it in responses since the beginning of time.
This is a relic dating all the way back to b2, probably originally added because Internet Explorer version 5 and earlier didn't understand the `Cache-Control` header in responses, but they did (incorrectly) obey the `Pragma` header.
Internet Explorer 6 and 7 will obey the `Pragma` response header only if no other cache-related response headers are present (in our case, they are always present), and all other browsers ignore the `Pragma` response header.
Props geekysoft.
Fixes#37250.
git-svn-id: https://develop.svn.wordpress.org/trunk@37944 602fd350-edb4-49c9-b593-d223f7449a82
When a filter or action hook is deprecated, the corresponding `apply_filters()`
or `do_action()` calls should be switched out with `apply_filters_deprecated()`
or `do_action_deprecated()`. The latter functions will throw a deprecation
before invoking the original hook.
Props solarissmoke, SergeyBiryukov, DrewAPicture.
Fixes#10441.
git-svn-id: https://develop.svn.wordpress.org/trunk@37861 602fd350-edb4-49c9-b593-d223f7449a82
Moving to load.php introduces parity with other commonly evaluated `is_*()` functions such as `is_admin()` or `is_multisite()`. It also makes `is_ssl()` available much earlier in the loading process, such as for use in drop-ins like advanced-cache.php.
Props johnjamesjacoby.
Fixes#35844.
git-svn-id: https://develop.svn.wordpress.org/trunk@37677 602fd350-edb4-49c9-b593-d223f7449a82
Replaces unsecure links in documentation and translator comments with their secure versions.
Props johnpgreen, netweb
Fixes#36993
git-svn-id: https://develop.svn.wordpress.org/trunk@37674 602fd350-edb4-49c9-b593-d223f7449a82
Similar to `get_current_blog_id`, this can be used to get the ID of the `$current_site` global. If not available, it will fallback to the main network ID. In single site, this will return 1.
Props spacedmonkey, flixos90.
Fixes#33900.
git-svn-id: https://develop.svn.wordpress.org/trunk@37670 602fd350-edb4-49c9-b593-d223f7449a82
Adds the keyboard navigation query vars to `wp_removable_query_args()` and passes the results of said function to remove_query_var() inside the WP_List_Table pagination method.
Props EFAREM for the initial patch.
Fixes#35620.
git-svn-id: https://develop.svn.wordpress.org/trunk@37663 602fd350-edb4-49c9-b593-d223f7449a82
Move the REST API JSONP callback validation check into a separate function named `wp_check_jsonp_callback()`. This allows plugins to use the built-in validation when handling JSONP callbacks.
Extremely Important Note: If you send JSONP in your custom response, make sure you prefix the response with `/**/`. This will mitigate the Rosetta Flash exploit. You should also send the `X-Content-Type-Options:nosniff` header, or even better, use the REST API infrastructure.
Props rmccue.
Fixes#28523.
git-svn-id: https://develop.svn.wordpress.org/trunk@37646 602fd350-edb4-49c9-b593-d223f7449a82
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.
See #36921.
git-svn-id: https://develop.svn.wordpress.org/trunk@37543 602fd350-edb4-49c9-b593-d223f7449a82
Also use 'back-compat' in some inline comments where backward compatibility is the subject and shorthand feels more natural.
Note: 'backwards compatibility/compatibile' can also be considered correct, though it's primary seen in regular use in British English.
Props ocean90.
Fixes#36835.
git-svn-id: https://develop.svn.wordpress.org/trunk@37431 602fd350-edb4-49c9-b593-d223f7449a82
Rejoice, for your admins will feel more native to your surrounding computing environment and likely load faster, especially when offline, as they no longer have to talk to The Google Overlord.
At the time of introduction in 3.8, there were not good system fonts common to all platforms at the time. In the years since, Windows, Android, OS X, iOS, Firefox OS, and various flavors of Linux have all gotten their own (good) system UI fonts.
There will definitely be visual bugs, mainly around alignment and spacing; these should be documented and reported on the ticket and fixed more atomically so that our current and future selves have a better understanding of what happened and why.
The style remains registered, as it is almost certainly in use by themes and plugins.
props mattmiklic.
see #36753.
git-svn-id: https://develop.svn.wordpress.org/trunk@37361 602fd350-edb4-49c9-b593-d223f7449a82
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.
Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.
See #32246.
git-svn-id: https://develop.svn.wordpress.org/trunk@37342 602fd350-edb4-49c9-b593-d223f7449a82
Unicode 8 added `U+1F644`, "Face with Rolling Eyes", which matches our `:roll:` smiley. Continuing our ever present quest to rid the world of legacy smilies, we now translate that smiley into its emoji form.
Sadly, `:mrgreen:` remains sorely under-represented in the Unicode standard, I'm inclined to think that we should buy a voting membership of the Unicode Consortium, in order to rectify that situation. (Personally, I'm hoping for a green skin tone modifier.)
Fixes#36365.
git-svn-id: https://develop.svn.wordpress.org/trunk@37296 602fd350-edb4-49c9-b593-d223f7449a82
To improve the performance of `wp_upload_dir()` the result of `wp_mkdir_p()` was stored in a persistent cache, introduced in [36565]. But this becomes an issue when WordPress is scaled horizontally. You may end up caching a value for a server where the directory doesn't exist which will prevent further uploads on other servers because of the persistent cache.
The fix is to use a non-persistent cache.
Props azaozz, ocean90.
See #34359.
Fixes#36621.
git-svn-id: https://develop.svn.wordpress.org/trunk@37285 602fd350-edb4-49c9-b593-d223f7449a82
* Following pattern of `wp_get_mime_types()`, introduce `wp_get_ext_types()` function. New function returns a filtered list of file types with their extensions.
* Use this function in new tests for `wp_ext2type()`.
Props borgesbruno.
Fixes#35987.
git-svn-id: https://develop.svn.wordpress.org/trunk@37189 602fd350-edb4-49c9-b593-d223f7449a82
- Cache the output in non-persistent cache.
- Cache the result from `wp_mkdir_p()` in persistent cache (when present).
- Introduce `wp_get_upload_dir()` for use when not uploading files. It is equivalent to `wp_upload_dir()` but does not check for the existence or create the upload directory.
- Change tests to use the non-cached `_wp_upload_dir()`. They change options on the fly (should never be used in production) to simulate different environments.
- Introduce `_upload_dir_no_subdir()` and `_upload_dir_https()` to facilitate testing. These use the proper `upload_dir` filter to simulate different environments.
Props kovshenin, azaozz.
See #34359.
git-svn-id: https://develop.svn.wordpress.org/trunk@36565 602fd350-edb4-49c9-b593-d223f7449a82
Use the parameter for the deprecated constructor warning in `WP_Widget` to provide an indication to which widget is using the PHP4 style constructor.
Props sebastian.pisula.
Fixes#33440.
git-svn-id: https://develop.svn.wordpress.org/trunk@36541 602fd350-edb4-49c9-b593-d223f7449a82
* Uses a third-person singular verb in the summary
* Makes the return types more specific with `string|false` vs `string|bool`.
See #27152. See #32246.
git-svn-id: https://develop.svn.wordpress.org/trunk@36500 602fd350-edb4-49c9-b593-d223f7449a82
Multisite functions use the term "blog" to refer to what we now call a "site," e.g. `get_current_blog_id()`. These functions are here to stay because of our commitment to backwards compatibility. What we can do is set the documentation straight.
See #35417.
git-svn-id: https://develop.svn.wordpress.org/trunk@36417 602fd350-edb4-49c9-b593-d223f7449a82
Though this is technically still in the proposal stage, there is support from the core team and precedent in #16914
Props andizer.
Fixes#35333.
git-svn-id: https://develop.svn.wordpress.org/trunk@36273 602fd350-edb4-49c9-b593-d223f7449a82
For things like redirects `wp_get_referer()` should be used instead.
Props voldemortensen for initial patch.
Fixes#27152.
git-svn-id: https://develop.svn.wordpress.org/trunk@36266 602fd350-edb4-49c9-b593-d223f7449a82
Removes the title attribute and uses a `<button>` element instead of a `<div>`.
Also simplifies the CSS and takes care of the hover/focus style.
Fixes#35142.
git-svn-id: https://develop.svn.wordpress.org/trunk@36014 602fd350-edb4-49c9-b593-d223f7449a82
Also, when using spinners as background images, the re-painted area should be the
smallest possible one. See similar performance issue in #33311.
Fixes#34951.
git-svn-id: https://develop.svn.wordpress.org/trunk@35925 602fd350-edb4-49c9-b593-d223f7449a82
If the locale specifies that month names require a genitive case in certain formats like `'j F Y'` or `'j. F'`, the month name will be replaced with a correct form.
Fixes#11226.
git-svn-id: https://develop.svn.wordpress.org/trunk@35517 602fd350-edb4-49c9-b593-d223f7449a82
See [35097] for where the aforementioned hook was renamed to actually be dynamic, thus rendering creation of the extra `$hook` variable moot.
See #34264.
git-svn-id: https://develop.svn.wordpress.org/trunk@35098 602fd350-edb4-49c9-b593-d223f7449a82
The API uses this to do special operations on list responses (used
for collections), so we need to detect whether an array is
associative or numeric-indexed.
After much discussion, the bikeshed is to be painted green and gold.
See #33982.
git-svn-id: https://develop.svn.wordpress.org/trunk@34927 602fd350-edb4-49c9-b593-d223f7449a82
Following on from r34845, the JsonSerializable shim needs support
on the encoding side too. _wp_json_prepare_data handles this when
we've loaded the shim.
Props chriscct7.
See #33982.
git-svn-id: https://develop.svn.wordpress.org/trunk@34926 602fd350-edb4-49c9-b593-d223f7449a82
The `_network_option()` parameter order will be changing to accept `$network_id` first. The `_site_option()` functions will remain in use throughout core as our way of retrieving a network option for the current network.
See #28290.
git-svn-id: https://develop.svn.wordpress.org/trunk@34912 602fd350-edb4-49c9-b593-d223f7449a82
Various functions in load.php need to check whether WP is in installation mode.
Let's let them.
Props adamsilverstein.
See #31130.
git-svn-id: https://develop.svn.wordpress.org/trunk@34896 602fd350-edb4-49c9-b593-d223f7449a82
The `WP_INSTALLING` constant is a flag that WordPress sets in a number of
places, telling the system that options should be fetched directly from the
database instead of from the cache, that WP should not ping wordpress.org for
updates, that the normal "not installed" checks should be bypassed, and so on.
A constant is generally necessary for this purpose, because the flag is
typically set before the WP bootstrap, meaning that WP functions are not yet
available. However, it is possible - notably, during `wpmu_create_blog()` -
for the "installing" flag to be set after WP has already loaded. In these
cases, `WP_INSTALLING` would be set for the remainder of the process, since
there's no way to change a constant once it's defined. This, in turn, polluted
later function calls that ought to have been outside the scope of site
creation, particularly the non-caching of option data. The problem was
particularly evident in the case of the automated tests, where `WP_INSTALLING`
was set the first time a site was created, and remained set for the rest of the
suite.
The new `wp_installing()` function allows developers to fetch the current
installation status (when called without any arguments) or to set the
installation status (when called with a boolean `true` or `false`). Use of
the `WP_INSTALLING` constant is still supported; `wp_installing()` will default
to `true` if the constant is defined during the bootstrap.
Props boonebgorges, jeremyfelt.
See #31130.
git-svn-id: https://develop.svn.wordpress.org/trunk@34828 602fd350-edb4-49c9-b593-d223f7449a82
Replaces all uses of `*_site_option()` with the corresponding "network" function.
This excludes one usage in `wp-admin/admin-footer.php` that needs more investigation.
Props spacedmonkey.
See #28290.
git-svn-id: https://develop.svn.wordpress.org/trunk@34778 602fd350-edb4-49c9-b593-d223f7449a82
Also adds a couple of in-DocBlock examples illustrating single key and value, and associative array usage. Retains the note about the unescaped return value.
Props johnbillion.
See #33912.
git-svn-id: https://develop.svn.wordpress.org/trunk@34511 602fd350-edb4-49c9-b593-d223f7449a82
Also applies the function to the return URL when the Customizer is closed.
Fixes#32692
Props swissspidy, Mte90
git-svn-id: https://develop.svn.wordpress.org/trunk@33849 602fd350-edb4-49c9-b593-d223f7449a82
The good news is, the point of `wp_json_encode()` is to handle those non-UTF-8 characters. It'll totally just fix them up, no problem.
Anyway, we can just ignore those warnings.
Fixes#33524.
git-svn-id: https://develop.svn.wordpress.org/trunk@33747 602fd350-edb4-49c9-b593-d223f7449a82
* `_deprecated_constructor()` See [32989]
* `deprecated_constructor_trigger_error` See [32989]
* `get_main_network_id()` See [32775]
* `wp_post_preview_js()` See [32809]
See #32891.
git-svn-id: https://develop.svn.wordpress.org/trunk@33226 602fd350-edb4-49c9-b593-d223f7449a82
This function is one that can be called in core to indicate that a PHP4 style constructor is used. PHP4 style constructors are deprecated in PHP7.
Props jorbin, DrewAPicture for docs
See #31982
git-svn-id: https://develop.svn.wordpress.org/trunk@32989 602fd350-edb4-49c9-b593-d223f7449a82
Expand on the logic previously available as part of `is_main_network()` and provide a way to obtain the ID of the main network. Most useful in multi-network configurations.
Props @johnjamesjacoby for the initial patch.
Fixes#30294.
git-svn-id: https://develop.svn.wordpress.org/trunk@32775 602fd350-edb4-49c9-b593-d223f7449a82
Replace exisiting smilies with equivalent emoji, or with shiny new smiley images where no emoji existed.
Props batmoo, joen and mkaz for the original plugin upon which this is based.
Props pento, iseulde, kraftbj and peterwilsoncc for making the internet's dreams come true.
See #31242
git-svn-id: https://develop.svn.wordpress.org/trunk@31733 602fd350-edb4-49c9-b593-d223f7449a82
`wp_list_pluck()` will preserve the original array keys if no `$index_key`
parameter is provided. This changeset updates the documentation accordingly.
Props adamsilverstein.
Fixes#31316.
git-svn-id: https://develop.svn.wordpress.org/trunk@31451 602fd350-edb4-49c9-b593-d223f7449a82
* `get_metadata()` will return literally anything, needs to be `mixed`
* `wp()` and `WP_Query::__construct()` no longer just take a query string
* Clarify a few others
See #30799.
git-svn-id: https://develop.svn.wordpress.org/trunk@31212 602fd350-edb4-49c9-b593-d223f7449a82
Up to this point, various core elements' DocBlocks incorrectly included an `@internal` tag as a means for skipping the parsing process. When paired with a description (inline or otherwise), `@internal` is a valid tag meant to provide internal-only context, but not necessarily to skip parsing the entire element.
See #30987.
git-svn-id: https://develop.svn.wordpress.org/trunk@31170 602fd350-edb4-49c9-b593-d223f7449a82
Affects DocBlocks for the following core elements:
* Markdown-indent a code snippet in the description for `_deprecated_argument()`
* Markdown-indent a code snippet in the description for `wp_localize_script()`
* Backtick-escape HTML tags in two parameter descriptions for `wp_register()`
* Various DocBlock formatting in the description for `get_bloginfo()`
* Remove HTML tag from the summary for `_wp_render_title_tag()`
* Backtick-escape a HTML tag in the description for `get_archives_link()`
* Markdown-indent a code snippet in the description for `wp_admin_css_color()`
* Markdown-indent a code snippet in the description for the `welcome_panel` hook
Props rarst.
See #30473.
git-svn-id: https://develop.svn.wordpress.org/trunk@30541 602fd350-edb4-49c9-b593-d223f7449a82
The ability to pass an error code as short-hand to the `$title` and `$args` parameters was added in r30355. Changes also include cleaned-up formatting and line-wraps for other documentation in the DocBlock.
See [30355]. Fixes#10551.
git-svn-id: https://develop.svn.wordpress.org/trunk@30379 602fd350-edb4-49c9-b593-d223f7449a82
