Commit Graph

616 Commits

Author SHA1 Message Date
whyisjake abc5355d75 General: WordPress updates
* XML-RPC: Improve error messages for unprivileged users.
* External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
* Embeds: Disable embeds on deactivated Multisite sites.
* Coding standards: Modify escaping functions to avoid potential false positives.
* XML-RPC: Return error message if attachment ID is incorrect.
* Upgrade/install: Improve logic check when determining installation status.
* Meta: Sanitize meta key before checking protection status.
* Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.

Brings the changes from [49380,49382-49388] to the 4.6 branch.

Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.

Built from https://develop.svn.wordpress.org/branches/4.6@49400


git-svn-id: http://core.svn.wordpress.org/branches/4.6@49159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-29 19:00:24 +00:00
whyisjake fea2ba3cd6 General: Backport several commits for release.
- Embeds: Ensure that the title attribute is set correctly on embeds.
- Editor: Prevent HTML decoding on by setting the proper editor context.
- Formatting: Ensure that wp_validate_redirect() sanitizes a wider variety of characters.
- Themes: Ensure a broken theme name is returned properly.
- Administration: Add a new filter to extend set-screen-option.
Merges [47947-47951] to the 4.6 branch.
Props xknown, sstoqnov, vortfu, SergeyBiryukov, whyisjake.

Built from https://develop.svn.wordpress.org/branches/4.6@47974


git-svn-id: http://core.svn.wordpress.org/branches/4.6@47744 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-10 18:55:16 +00:00
Pascal Birchler 98c13fefb2 Fix broken audio/video functions when sanitizing ID3 data
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

See #40075, #40085.

Merges [40400] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40461


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40337 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-17 13:07:36 +00:00
Jeremy Felt fe1162e5f1 Validate video and audio metadata.
Merge of [40148] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40150


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40089 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 08:04:35 +00:00
Aaron Campbell 38430b0533 Media: Improved media titles when created from filename.
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.

Merge of [38614] to the 4.6 branch.

Props joemcgill.
Fixes #37989.


Built from https://develop.svn.wordpress.org/branches/4.6@38615


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-17 06:27:31 +00:00
Jeremy Felt e860e24b6e Media: Sanitize upload filename.
Merge of [38538] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@38539


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-07 13:57:29 +00:00
Drew Jaynes 31f150080a Docs: Standardize references to "meta box" or "meta boxes" as two distinct words throughout core documentation per the core spelling guide.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@38029


git-svn-id: http://core.svn.wordpress.org/trunk@37970 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-10 00:56:28 +00:00
Drew Jaynes 7eb6471461 Docs: Fix minor formatting and syntax for wp-admin/* elements introduced in 4.6.
See #37318.

Built from https://develop.svn.wordpress.org/trunk@38024


git-svn-id: http://core.svn.wordpress.org/trunk@37965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-09 14:00:31 +00:00
Pascal Birchler a5580012a3 Docs: Fix a typo across some function and hook docs.
s/filterss/filters.

See #32246.
Built from https://develop.svn.wordpress.org/trunk@37961


git-svn-id: http://core.svn.wordpress.org/trunk@37902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-04 22:45:29 +00:00
Dominik Schilling 25e66e4f1e Text Changes: Unify permission error messages.
The new format looks like "Sorry, you are not allowed to <action>.". This provides a consistent experience for all error messages related to missing permissions. It also reduces the number of similar strings and allows translators to provide a consistent style in their language.

Props ramiy, Presskopp.
Fixes #34521.
Built from https://develop.svn.wordpress.org/trunk@37914


git-svn-id: http://core.svn.wordpress.org/trunk@37855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-29 15:16:29 +00:00
Joe McGill 04117fc392 Docs: Add missing variable reference for `wp_edit_form_attachment_display`.
This adds the missing `$post` reference in the inline docblock for
the `wp_edit_form_attachment_display` hook after [37879].

Props DrewAPicture.
See 36052.
Built from https://develop.svn.wordpress.org/trunk@37880


git-svn-id: http://core.svn.wordpress.org/trunk@37821 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-27 01:54:30 +00:00
Joe McGill f82e7ed434 Media: Add action to display attachments on the edit screen.
This adds a new action hook, `wp_edit_form_attachment_display` to
`edit_form_image_editor()`, which can be used as a fallback to render
previews of an attachment that isn't an image, audio, or video file
included in the media library.

Props georgestephanis.
Fixes #36502.
Built from https://develop.svn.wordpress.org/trunk@37879


git-svn-id: http://core.svn.wordpress.org/trunk@37820 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-26 22:37:27 +00:00
Drew Jaynes 1947f4d17c Docs: Apply inline `@see` tags to hooks referenced in DocBlocks for wp-admin/* files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.

See #36921.

Built from https://develop.svn.wordpress.org/trunk@37537


git-svn-id: http://core.svn.wordpress.org/trunk@37505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 17:28:27 +00:00
Drew Jaynes c3055cc190 Docs: Standardize hook docs in wp-admin/* to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37488


git-svn-id: http://core.svn.wordpress.org/trunk@37456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:01:30 +00:00
Drew Jaynes ac74c103a8 Docs: Fix some parameter alignment and backtick-escaping in two DocBlocks in wp-admin/includes/media.php.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@37484


git-svn-id: http://core.svn.wordpress.org/trunk@37452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 17:18:27 +00:00
Drew Jaynes c0d7dece23 Docs: Remove invalid inline `@link` tags from docs in wp-admin/includes/media.php.
See #36910.

Built from https://develop.svn.wordpress.org/trunk@37483


git-svn-id: http://core.svn.wordpress.org/trunk@37451 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 17:10:26 +00:00
Drew Jaynes fe3b007fdd Docs: Remove inline `@see` tags from function, class, and method references in inline docs.
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.

Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.

See #32246.

Built from https://develop.svn.wordpress.org/trunk@37342


git-svn-id: http://core.svn.wordpress.org/trunk@37308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-02 04:00:28 +00:00
Sergey Biryukov e081720b67 Docs: Fix typo in `get_image_send_to_editor()` description.
Props yoavf.
See #36349.
Built from https://develop.svn.wordpress.org/trunk@37194


git-svn-id: http://core.svn.wordpress.org/trunk@37160 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-13 07:28:28 +00:00
Andrew Ozz d47a15ed3c Media: fix erroneously inserting a rel attribute in `get_image_send_to_editor()`. Reverts most of [34259] and [34260] and adds a unit test.
Props joemcgill, azaozz.
Fixes #36084.
Built from https://develop.svn.wordpress.org/trunk@37035


git-svn-id: http://core.svn.wordpress.org/trunk@37002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-18 20:05:26 +00:00
Andrea Fercia 34ab7ae5ac Accessibility: Remove the title attributes from the old Media UI.
Also, adds better indication and attributes for the required form fields.
Moves some styles to `deprecated-media.css`.

Props andg, afercia.
Fixes #34944.
Built from https://develop.svn.wordpress.org/trunk@36879


git-svn-id: http://core.svn.wordpress.org/trunk@36846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-07 22:29:26 +00:00
Andrea Fercia aaa040eee9 CSS: Rename the handle for `deprecated-media.css` after [36341].
The `media` handle is now used for `media.css` thus the stylesheet
for the old media UI needs a different handle name.

See #35229.
Built from https://develop.svn.wordpress.org/trunk@36869


git-svn-id: http://core.svn.wordpress.org/trunk@36836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-06 15:38:28 +00:00
John Blackbourn a5d44337b2 Docs: `@param` fixes for a variety of docblocks.
See #32246

Built from https://develop.svn.wordpress.org/trunk@36232


git-svn-id: http://core.svn.wordpress.org/trunk@36199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-09 01:45:26 +00:00
Andrea Fercia ae1575bd80 Media: make the Image Editor usable with a keyboard.
For accessibility, all interactive controls must be operable from the keyboard.
Replaces `<div>`s used as UI controls with buttons. Groups some logically-related
form elements.

Fixes #28864.
Built from https://develop.svn.wordpress.org/trunk@36223


git-svn-id: http://core.svn.wordpress.org/trunk@36190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-08 19:13:26 +00:00
John Blackbourn 4836d6c700 Correct the position of the `$alt` parameter's `@param` doc in `image_add_caption()`.
See #32246

Built from https://develop.svn.wordpress.org/trunk@35918


git-svn-id: http://core.svn.wordpress.org/trunk@35882 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-14 03:01:25 +00:00
Ella Iseulde Van Dorpe 657d3b50af Make date format consistent across the admin
The 'date_format' and 'time_format' options shouldn't affect the backend.

See #30864


Built from https://develop.svn.wordpress.org/trunk@35811


git-svn-id: http://core.svn.wordpress.org/trunk@35775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-07 04:26:27 +00:00
Scott Taylor f2e9e98fa6 Media: in `media_send_to_editor()`, use `wp_json_encode()` instead of `addslashes()`.
Props TobiasBg.
Fixes #22135.

Built from https://develop.svn.wordpress.org/trunk@35677


git-svn-id: http://core.svn.wordpress.org/trunk@35641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-18 19:40:27 +00:00
Andrea Fercia 862cf19772 Media: Improve form fields labels association in the Edit Media screen.
Fixes #34548.
Built from https://develop.svn.wordpress.org/trunk@35493


git-svn-id: http://core.svn.wordpress.org/trunk@35457 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-03 16:02:25 +00:00
Sergey Biryukov 1c21783283 Don't use `<code>` in translatable string in `wp-admin/includes/media.php`.
Add translator commment.

Props ramiy.
Fixes #34499.
Built from https://develop.svn.wordpress.org/trunk@35439


git-svn-id: http://core.svn.wordpress.org/trunk@35403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-30 00:58:24 +00:00
Sergey Biryukov 654cb6542f Docs: Correct the type and description of `$post` parameter passed to the `attachment_fields_to_save` filter.
Props swissspidy.
Fixes #34404.
Built from https://develop.svn.wordpress.org/trunk@35374


git-svn-id: http://core.svn.wordpress.org/trunk@35338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-23 13:01:25 +00:00
Helen Hou-Sandí f3107e5842 Make some primary action buttons look primary.
* User deletion/removal
* Site status change (multisite)
* Network upgrade
* Import file upload
* Media browser upload

props Dezzy for the initial patch.
fixes #23738.

Built from https://develop.svn.wordpress.org/trunk@35182


git-svn-id: http://core.svn.wordpress.org/trunk@35148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-15 03:08:24 +00:00
Drew Jaynes 217b661703 Docs: Add missing descriptions for the `$wpdb` global in DocBlocks all the places.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@35170


git-svn-id: http://core.svn.wordpress.org/trunk@35136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-14 23:44:25 +00:00
Drew Jaynes 8b49acdd0e Docs: Specify the default image size in the `$size` parameter description for the `image_send_to_editor` hook.
See #34257. See #32246. See [35058].

Built from https://develop.svn.wordpress.org/trunk@35080


git-svn-id: http://core.svn.wordpress.org/trunk@35045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-12 17:18:24 +00:00
Drew Jaynes f7e92fc346 Docs: Normalize spacing in the DocBlock for `get_image_send_to_editor()` following [35056].
See #34257. See #32246.

Built from https://develop.svn.wordpress.org/trunk@35079


git-svn-id: http://core.svn.wordpress.org/trunk@35044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-12 17:16:24 +00:00
Drew Jaynes 9f5d887934 Docs: Normalize spacing in the `image_send_to_editor` hook doc following [35058].
See #34257. See #32246.

Built from https://develop.svn.wordpress.org/trunk@35059


git-svn-id: http://core.svn.wordpress.org/trunk@35024 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-12 16:19:23 +00:00
Drew Jaynes c12f0caefd Docs: Adjust documentation for the `$size` parameter in the `image_send_to_editor` hook doc to clarify the required order of width and height values when an array is passed.
Also adds the `array` type to the parameter documentation (already supported).

See #34257.

Built from https://develop.svn.wordpress.org/trunk@35058


git-svn-id: http://core.svn.wordpress.org/trunk@35023 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-12 16:17:24 +00:00
Drew Jaynes 4aea111b29 Docs: Fix syntax and properly mark optional parameters as such in the DocBlock for `get_image_send_to_editor()`.
Also fixes the return description, and adds the `$size` default value, missed in [35055].

See #34257. See #32246.

Built from https://develop.svn.wordpress.org/trunk@35056


git-svn-id: http://core.svn.wordpress.org/trunk@35021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-12 16:11:24 +00:00
Drew Jaynes 16738bf325 Docs: Adjust documentation for the `$size` parameter in `get_image_send_to_editor()` to clarify the required order of width and height values when passing an array.
Also adds the `array` type to the parameter documentation (already supported).

See #34257.

Built from https://develop.svn.wordpress.org/trunk@35055


git-svn-id: http://core.svn.wordpress.org/trunk@35020 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-12 16:08:25 +00:00
Sergey Biryukov 95da3826b9 Media: Return early from `media_sideload_image()` if `$file` didn't match the pattern for images.
Props MikeHansenMe, serpent7776.
Fixes #32755.
Built from https://develop.svn.wordpress.org/trunk@34984


git-svn-id: http://core.svn.wordpress.org/trunk@34949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-09 04:46:24 +00:00
Scott Taylor ddbd67a22e Media: in `wp_read_video|audio_metadata()`, set `GETID3_TEMP_DIR` to `get_temp_dir()` if it is not defined. This is a workaround for when `safe_mode` is enabled pre-PHP 5.3.
Props chriscct7, tomsommer.
Fixes #26265.

Built from https://develop.svn.wordpress.org/trunk@34866


git-svn-id: http://core.svn.wordpress.org/trunk@34831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 14:14:25 +00:00
Drew Jaynes 2de4cc7149 Docs: Add missing DocBlock summaries for a multitude of functions in wp-admin/includes/media.php.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@34823


git-svn-id: http://core.svn.wordpress.org/trunk@34788 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-05 02:44:25 +00:00
Scott Taylor 84da11d918 Pass `false` as the 2nd argument to `class_exists()` to disable autoloading and to not cause problems for those who define `__autoload()`.
Fixes #20523.

Built from https://develop.svn.wordpress.org/trunk@34348


git-svn-id: http://core.svn.wordpress.org/trunk@34312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-20 03:52:25 +00:00
Scott Taylor 63efd92b11 Media: In `get_image_send_to_editor()`, allow a custom value for `$rel`.
Props tychay.
Fixes #32074.

Built from https://develop.svn.wordpress.org/trunk@34259


git-svn-id: http://core.svn.wordpress.org/trunk@34223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-17 05:46:24 +00:00
Scott Taylor ab6d1fa247 Use `get_attached_file()` in `attachment_submitbox_metadata()`.
Props kitchin.
Fixes #33386.

Built from https://develop.svn.wordpress.org/trunk@34171


git-svn-id: http://core.svn.wordpress.org/trunk@34139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 04:18:25 +00:00
Scott Taylor 191400f9e6 Don't ever use the `guid` value when retrieving URLs for media, use `wp_get_attachment_url()`. Use `get_attached_file()` for path to file.
Fixes #33386.

Built from https://develop.svn.wordpress.org/trunk@34163


git-svn-id: http://core.svn.wordpress.org/trunk@34131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 02:50:25 +00:00
Scott Taylor 52498a8546 In `wp_media_upload_handler()`, replace a lingering instance of `media_upload_gallery()` with `wp_iframe(...)`
Props jeffstieler, antpb.
Fixes #17812. 

Built from https://develop.svn.wordpress.org/trunk@34003


git-svn-id: http://core.svn.wordpress.org/trunk@33972 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 17:24:23 +00:00
Scott Taylor ef87172270 `foreach` is a statement, not a function.
See #33491.

Built from https://develop.svn.wordpress.org/trunk@33734


git-svn-id: http://core.svn.wordpress.org/trunk@33702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-25 20:28:22 +00:00
Drew Jaynes c36c4efea6 Docs: Add a missing summary to the DocBlock for `wp_media_upload_handler()`.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@33670


git-svn-id: http://core.svn.wordpress.org/trunk@33637 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-20 21:01:25 +00:00
Ella Iseulde Van Dorpe dac985cdc4 Editor: Add Media should be a button
Props afercia.
Fixes #32969.

Built from https://develop.svn.wordpress.org/trunk@33298


git-svn-id: http://core.svn.wordpress.org/trunk@33270 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-16 19:38:23 +00:00
Konstantin Obenland 542e01162f Media: Remove `post_type` variable, unused since [32676].
Fixes #32948.

Built from https://develop.svn.wordpress.org/trunk@33263


git-svn-id: http://core.svn.wordpress.org/trunk@33235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-14 15:06:25 +00:00
Scott Taylor a0e373ef80 For doc block types, favor `bool` over the few remaining `boolean`s
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32964


git-svn-id: http://core.svn.wordpress.org/trunk@32935 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-27 01:03:25 +00:00