Commit Graph

424 Commits

Author SHA1 Message Date
davidbaumwald 69e59764eb Grouped backports to the 4.6 branch.
- Comments: Prevent users who can not see a post from seeing comments on it.
- Shortcodes: Restrict media shortcode ajax to certain type.
- REST API: Ensure no-cache headers are sent when methods are overridden.
- Prevent unintended behavior when certain objects are unserialized.

Merges [56834], [56835], [56836], and [56838] to the 4.6 branch.
Props xknown, jorbin, joehoyle, timothyblynjacobs, peterwilsoncc, ehtis, tykoted, antpb, rmccue.
Built from https://develop.svn.wordpress.org/branches/4.6@56859


git-svn-id: http://core.svn.wordpress.org/branches/4.6@56370 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-10-12 18:10:52 +00:00
Drew Jaynes 6c7148943b Docs: Standardize capitalization of Ajax throughout core documentation per the core spelling guide.
Ajax, while considered an acronym for Asynchronous JavaScript and XML, is most commonly capitalized only in the first character.

Part props ocean90.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@38028


git-svn-id: http://core.svn.wordpress.org/trunk@37969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-10 00:51:30 +00:00
Dominik Schilling 3d6fc45834 Dashboard: Don't add a "Configure" link to the toggle button.
The HTML for the toggle gets appended to the widget name which is later used for the widget title and the screen reader text of the toggle button. Storing the original widget name in the arguments allows us to use the name without the HTML for the screen reader text and doesn't require further changes by plugin developers.

Props nicholas_io, swissspidy.
Fixes #35021.
Built from https://develop.svn.wordpress.org/trunk@37972


git-svn-id: http://core.svn.wordpress.org/trunk@37913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-05 15:22:29 +00:00
Peter Wilson 47d26cd9fb DOCS: Replace HTTP links with HTTPS.
Replaces unsecure links in documentation and translator comments with their secure versions.

Props johnpgreen, netweb

Fixes #36993

Built from https://develop.svn.wordpress.org/trunk@37674


git-svn-id: http://core.svn.wordpress.org/trunk@37640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-10 04:50:33 +00:00
Drew Jaynes 1947f4d17c Docs: Apply inline `@see` tags to hooks referenced in DocBlocks for wp-admin/* files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.

See #36921.

Built from https://develop.svn.wordpress.org/trunk@37537


git-svn-id: http://core.svn.wordpress.org/trunk@37505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 17:28:27 +00:00
Drew Jaynes c3055cc190 Docs: Standardize hook docs in wp-admin/* to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37488


git-svn-id: http://core.svn.wordpress.org/trunk@37456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:01:30 +00:00
Sergey Biryukov dc5815146e Dashboard: Display the comment counts in `wp_dashboard_right_now()` in the rare initial condition when there are 0 approved comments and only pending comments, so the AJAX count update could work.
Props afercia.
Fixes #35519.
Built from https://develop.svn.wordpress.org/trunk@37335


git-svn-id: http://core.svn.wordpress.org/trunk@37301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-01 11:06:28 +00:00
Scott Taylor be59d289b7 Dashboard: toggle the "View" link for comments when Approving / Unapproving from the Dashboard widget.
Fixes #35518.

Built from https://develop.svn.wordpress.org/trunk@37302


git-svn-id: http://core.svn.wordpress.org/trunk@37268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-22 21:30:28 +00:00
Andrea Fercia fd1f45a7cf Accessibility: Improve accessibility for the Plugin details modal.
The plugin details modal can be invoked from several screens. There's now a new
`.open-plugin-details-modal` CSS class to be used in combination with the
`.thickbox` CSS class that adds everything needed for accessibility.

- Adds an ARIA role `dialog` and an `aria-label` attribute to the modal
- Adds a `title` attribute to the iframe inside the modal
- Constrains tabbing within the modal
- Restores focus back in a proper place when closing the modal

Also, improves a bit the native Thickbox implementation: it should probably be
replaced with some more modern tool but at least keyboard focus should be moved
inside the modal.

Fixes #33305.
Built from https://develop.svn.wordpress.org/trunk@36964


git-svn-id: http://core.svn.wordpress.org/trunk@36932 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-10 22:37:26 +00:00
Drew Jaynes d59fdfd951 Docs: Add a missing `@since` version to the DocBlock for `wp_add_dashboard_widget()`.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@36878


git-svn-id: http://core.svn.wordpress.org/trunk@36845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-07 22:17:26 +00:00
Sergey Biryukov b80a516549 Docs: Add `wp_add_dashboard_widget()` parameter descriptions.
Props meitar for initial patch.
Fixes #36092.
Built from https://develop.svn.wordpress.org/trunk@36868


git-svn-id: http://core.svn.wordpress.org/trunk@36835 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-06 12:08:28 +00:00
Drew Jaynes 5c8a9e68b6 Docs: Add a more descriptive changelog entry to the hook doc for the `privacy_on_link_title` filter.
See #35049. See #35986.

Built from https://develop.svn.wordpress.org/trunk@36823


git-svn-id: http://core.svn.wordpress.org/trunk@36790 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-03 08:56:26 +00:00
Sergey Biryukov 5ed4b4ed7b I18N: Remove HTML tags from translatable string in `wp-admin/includes/dashboard.php`.
Props ramiy, SergeyBiryukov.
Fixes #36013.
Built from https://develop.svn.wordpress.org/trunk@36793


git-svn-id: http://core.svn.wordpress.org/trunk@36760 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-01 01:39:27 +00:00
Andrea Fercia 9308ec9513 Comments: Add missing placeholder for `printf()` after [36683].
Fixes #35392.
Built from https://develop.svn.wordpress.org/trunk@36767


git-svn-id: http://core.svn.wordpress.org/trunk@36734 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-28 21:39:26 +00:00
Andrea Fercia 43b722b8fc Accessibility: improve accessibility of the Dashboard "Recent Comments" widget.
- Makes the list of comments a list
- Always displays the title of the post the comment relates to, linked to the post itself and no more to the Edit screen
- Headings: changes the visible one in "Recent Comments" and adds a hidden "View more comments" heading before the views links
- Adds the pending status indicator to Pingbacks and Trackbacks

Props rachelbaker, afercia.

Fixes #35392.
Built from https://develop.svn.wordpress.org/trunk@36683


git-svn-id: http://core.svn.wordpress.org/trunk@36650 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 16:07:26 +00:00
Drew Jaynes 26bf8cda9b Docs: Add more complete information to DocBlocks for private core functions `_wp_dashboard_control_callback()` and `_wp_dashboard_recent_comments_row()`.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@36474


git-svn-id: http://core.svn.wordpress.org/trunk@36441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-03 20:20:26 +00:00
John Blackbourn a4facedfee Docs: Various docblock corrections.
See #32246

Built from https://develop.svn.wordpress.org/trunk@36250


git-svn-id: http://core.svn.wordpress.org/trunk@36217 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-10 01:26:25 +00:00
Andrea Fercia b4cc1cfc48 Accessibility: Remove title attributes from the Admin Dashboard.
Uses `aria-label` and `screen-reader-text` where appropriate. Also removes
the default title attribute output by `privacy_on_link_title`, preserving
the ability to use the filter.

Fixes #35049.
Built from https://develop.svn.wordpress.org/trunk@36172


git-svn-id: http://core.svn.wordpress.org/trunk@36139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-05 14:19:28 +00:00
Sergey Biryukov 34ce39c782 List tables: After [34006], remove unnecessary context from 'View' string, for consistency with other strings in the same context.
Props MikeHansenMe, subharanjan.
Fixes #34914.
Built from https://develop.svn.wordpress.org/trunk@35900


git-svn-id: http://core.svn.wordpress.org/trunk@35864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-13 18:37:26 +00:00
Pascal Birchler 54b8c3e53b Docs: Fix some minor DocBlock alignment issues.
See #32246.
Built from https://develop.svn.wordpress.org/trunk@35885


git-svn-id: http://core.svn.wordpress.org/trunk@35849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-12 15:37:28 +00:00
Pascal Birchler ba9475786a Dashboard: Do not show "Search Engines Discouraged" text when the `blog_public` option is not set.
Search engines are only discouraged from indexing the site when the option is explicitly set to `0`.

Fixes #34860.
Built from https://develop.svn.wordpress.org/trunk@35873


git-svn-id: http://core.svn.wordpress.org/trunk@35837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-11 22:03:26 +00:00
Ella Iseulde Van Dorpe 657d3b50af Make date format consistent across the admin
The 'date_format' and 'time_format' options shouldn't affect the backend.

See #30864


Built from https://develop.svn.wordpress.org/trunk@35811


git-svn-id: http://core.svn.wordpress.org/trunk@35775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-07 04:26:27 +00:00
Sergey Biryukov bfbd9e3ec3 Don't use `<a>` in translatable strings in `wp-admin/includes/dashboard.php'.
Add translator commments.

Props ramiy.
Fixes #34501.
Built from https://develop.svn.wordpress.org/trunk@35443


git-svn-id: http://core.svn.wordpress.org/trunk@35407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-30 01:33:25 +00:00
Scott Taylor 843d1c003b Dashboard: make tags used for headings more semantic.
Props Cheffheid, afercia.
Fixes #33558.

Built from https://develop.svn.wordpress.org/trunk@35414


git-svn-id: http://core.svn.wordpress.org/trunk@35378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-28 17:57:25 +00:00
Scott Taylor b0561ed6e4 Dashboard: use the `create_posts` cap on the post type object when determining if the Quick Press widget can be displayed.
Props jim912, ocean90, chriscct7.
Fixes #25681.

Built from https://develop.svn.wordpress.org/trunk@35282


git-svn-id: http://core.svn.wordpress.org/trunk@35248 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-20 05:49:24 +00:00
Drew Jaynes c6bffb6264 Docs: Fix some minor formatting in the `$query_args` parameter description for the `` filter doc.
See #8243. See #32246.

Built from https://develop.svn.wordpress.org/trunk@35004


git-svn-id: http://core.svn.wordpress.org/trunk@34969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-10 06:39:24 +00:00
Drew Jaynes 504ff07656 Dashboard: Introduce the `dashboard_recent_drafts_query_args` filter, making it possible to manipulate the post query arguments used in the 'Recent Drafts' dashboard widget.
Props iamfriendly.
Fixes #8243.

Built from https://develop.svn.wordpress.org/trunk@35003


git-svn-id: http://core.svn.wordpress.org/trunk@34968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-10 06:33:25 +00:00
Sergey Biryukov dfc4654172 Dashboard: Display year in Activity widget if the post date year is not the same as the current one.
Props GaryJ, chriscct7.
Fixes #26502.
Built from https://develop.svn.wordpress.org/trunk@34980


git-svn-id: http://core.svn.wordpress.org/trunk@34945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-09 04:26:24 +00:00
Jeremy Felt 9926983b66 Revert [34778], continue using `_site_option()` for the current network.
The `_network_option()` parameter order will be changing to accept `$network_id` first. The `_site_option()` functions will remain in use throughout core as our way of retrieving a network option for the current network.

See #28290.

Built from https://develop.svn.wordpress.org/trunk@34912


git-svn-id: http://core.svn.wordpress.org/trunk@34877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 17:11:25 +00:00
John Blackbourn 815635548a Switch the remaining user-facing links to wordpress.org over to HTTPS.
Fixes #27115

Built from https://develop.svn.wordpress.org/trunk@34783


git-svn-id: http://core.svn.wordpress.org/trunk@34748 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-02 22:46:28 +00:00
Jeremy Felt 54512d64cb MS: Use `*_network_option()` functions throughout core.
Replaces all uses of `*_site_option()` with the corresponding "network" function.

This excludes one usage in `wp-admin/admin-footer.php` that needs more investigation.

Props spacedmonkey.
See #28290.

Built from https://develop.svn.wordpress.org/trunk@34778


git-svn-id: http://core.svn.wordpress.org/trunk@34743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-02 19:08:26 +00:00
John Blackbourn aa35e473f7 `callback` is not a valid type in PHP, PSR-5, or phpDocumentor. `callable` should be used instead.
Fixes #34032

Built from https://develop.svn.wordpress.org/trunk@34566


git-svn-id: http://core.svn.wordpress.org/trunk@34530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-25 23:58:25 +00:00
Drew Jaynes 3229785656 Docs: Fix the syntax for a mid-file sectional comment in wp-admin/includes/dashboard.php.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@34565


git-svn-id: http://core.svn.wordpress.org/trunk@34529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-25 22:51:24 +00:00
Drew Jaynes 115c382132 Docs: Remove an inline comment duplicated by the DocBlock summary for `wp_dashboard_trigger_widget_control()`.
Props tyxla.
Fixes #34014.

Built from https://develop.svn.wordpress.org/trunk@34564


git-svn-id: http://core.svn.wordpress.org/trunk@34528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-25 22:50:26 +00:00
Scott Taylor 5b9af35c4c Comments: update Comment counts dynamically in the Right Now widget based on moderation actions in the Activity widget.
Fixes #10422.

Built from https://develop.svn.wordpress.org/trunk@34500


git-svn-id: http://core.svn.wordpress.org/trunk@34464 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-24 15:53:25 +00:00
Scott Taylor 3c1e05f7c9 Dashboard: 2 submit buttons don't need names.
Props garyc40, gizburdt.
Fixes #16345.

Built from https://develop.svn.wordpress.org/trunk@34382


git-svn-id: http://core.svn.wordpress.org/trunk@34346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 05:45:26 +00:00
Scott Taylor 58c3c30e8d After [33961], pass `$comment` to `comment_class()` where possible to avoid extra cache/db lookups.
See #33638.

Built from https://develop.svn.wordpress.org/trunk@34040


git-svn-id: http://core.svn.wordpress.org/trunk@34008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 06:12:24 +00:00
Scott Taylor 4465a83b95 After [34015], handle orphaned comments in the Dashboard comments widget. Pass full `$comment` versus just passing the comment ID when possible.
See #33710.

Built from https://develop.svn.wordpress.org/trunk@34038


git-svn-id: http://core.svn.wordpress.org/trunk@34006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 05:56:24 +00:00
Scott Taylor 6e22d94488 Add a "View" row action for approved comments on the Dashboard screen, remove the link labeled `#`.
Props rachelbaker, zeo.
Fixes #18885. 

Built from https://develop.svn.wordpress.org/trunk@34006


git-svn-id: http://core.svn.wordpress.org/trunk@33975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 17:49:24 +00:00
Sergey Biryukov c65f37f892 Correct description for `version` and `current_version` parameters in `wp_check_browser_version()` response.
Props extendwings.
Fixes #33753.
Built from https://develop.svn.wordpress.org/trunk@33932


git-svn-id: http://core.svn.wordpress.org/trunk@33901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-06 00:17:24 +00:00
Scott Taylor e73ee5ac98 Introduce `WP_Comment` class to model/strongly-type rows from the comments database table. Inclusion of this class is a pre-req for some more general comment cleanup and sanity.
* Takes inspiration from `WP_Post` and adds sanity to comment caching. 
* Clarifies when the current global value for `$comment` is returned. The current implementation in `get_comment()` introduces side effects and an occasion stale global value for `$comment` when comment caches are cleaned.
* Strongly-types `@param` docs
* This class is marked `final` for now

Props wonderboymusic, nacin.

See #32619.

Built from https://develop.svn.wordpress.org/trunk@33891


git-svn-id: http://core.svn.wordpress.org/trunk@33860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-03 18:17:24 +00:00
Sergey Biryukov 43194cea1c Add `'dashboard_secondary_items'` filter for the number of secondary link items in the 'WordPress News' dashboard widget.
props MikeHansenMe, DrewAPicture.
fixes #31434.
Built from https://develop.svn.wordpress.org/trunk@33833


git-svn-id: http://core.svn.wordpress.org/trunk@33801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-31 21:57:21 +00:00
Scott Taylor ef87172270 `foreach` is a statement, not a function.
See #33491.

Built from https://develop.svn.wordpress.org/trunk@33734


git-svn-id: http://core.svn.wordpress.org/trunk@33702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-25 20:28:22 +00:00
Gary Pendergast fe5a844be5 Capabilities: When creating an auto-draft, ensure that the current user still has permission to do so.
Built from https://develop.svn.wordpress.org/trunk@33357


git-svn-id: http://core.svn.wordpress.org/trunk@33329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-22 04:02:25 +00:00
John Blackbourn f3eba1581c Place the locale inside the md5 hash in the dashboard RSS feed widget transient key to prevent the transient timeout option name becoming longer than the allowed field size.
Props andg
Fixes #32804

Built from https://develop.svn.wordpress.org/trunk@33192


git-svn-id: http://core.svn.wordpress.org/trunk@33164 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 15:32:25 +00:00
John Blackbourn 1f7a3bc58d Append the current locale to dashboard RSS widget cache keys so they refresh accordingly when the locale is changed.
Fixes #32804
Props andg

Built from https://develop.svn.wordpress.org/trunk@33183


git-svn-id: http://core.svn.wordpress.org/trunk@33155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-12 22:07:25 +00:00
Helen Hou-Sandí 0b046085ae Show row actions on focus for the dashboard comment list.
see #25408.

Built from https://develop.svn.wordpress.org/trunk@33106


git-svn-id: http://core.svn.wordpress.org/trunk@33077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-07 15:26:24 +00:00
Scott Taylor 42d51a4f89 Add doc blocks to functions that are missing them.
If the function has no need for `@param` or `@return`, do an archeaological dig to find `@since`.

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32672


git-svn-id: http://core.svn.wordpress.org/trunk@32642 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-31 03:18:25 +00:00
Scott Taylor b3e0cfd25d Add (more) missing doc blocks to `wp-admin/includes/*`.
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32655


git-svn-id: http://core.svn.wordpress.org/trunk@32625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 21:17:27 +00:00
Scott Taylor a51dfa3971 In the style of #30947 and `default-filters.php`, add 2 new files to `wp-admin/includes`:
`admin-filters.php`
`ms-admin-filters.php`

There are random actions and filters littered among files like `misc.php`. These files contain functions that won't work outside of admin context and are typically only loaded in files that have already loaded the admin bootstrap.

See #32529.

Built from https://develop.svn.wordpress.org/trunk@32653


git-svn-id: http://core.svn.wordpress.org/trunk@32623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 17:04:26 +00:00