whyisjake
abc5355d75
General: WordPress updates
...
* XML-RPC: Improve error messages for unprivileged users.
* External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
* Embeds: Disable embeds on deactivated Multisite sites.
* Coding standards: Modify escaping functions to avoid potential false positives.
* XML-RPC: Return error message if attachment ID is incorrect.
* Upgrade/install: Improve logic check when determining installation status.
* Meta: Sanitize meta key before checking protection status.
* Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.
Brings the changes from [49380,49382-49388] to the 4.6 branch.
Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.
Built from https://develop.svn.wordpress.org/branches/4.6@49400
git-svn-id: http://core.svn.wordpress.org/branches/4.6@49159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-29 19:00:24 +00:00
John Blackbourn
f12b16a291
General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area.
...
Merges [41413] to the 4.6 branch
See #13377
Built from https://develop.svn.wordpress.org/branches/4.6@41414
git-svn-id: http://core.svn.wordpress.org/branches/4.6@41247 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 10:22:34 +00:00
Dominik Schilling
8631cb86cf
Dashboard: Don't escape widget titles in screen reader text.
...
Introduced in [37972]. The title for the Quick Draft widget contains HTML to provide a JS/no-JS version.
Merge of [38225] to the 4.6 branch.
Props SergeyBiryukov for review.
See #37595 .
See #37594 .
Built from https://develop.svn.wordpress.org/branches/4.6@38226
git-svn-id: http://core.svn.wordpress.org/branches/4.6@38167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-09 09:09:32 +00:00
Drew Jaynes
6c7148943b
Docs: Standardize capitalization of Ajax throughout core documentation per the core spelling guide.
...
Ajax, while considered an acronym for Asynchronous JavaScript and XML, is most commonly capitalized only in the first character.
Part props ocean90.
See #32246 .
Built from https://develop.svn.wordpress.org/trunk@38028
git-svn-id: http://core.svn.wordpress.org/trunk@37969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-10 00:51:30 +00:00
Sergey Biryukov
139387b7e5
Docs: Use 3-digit, x.x.x-style semantic versioning for `_doing_it_wrong()`, `_deprecated_function()`, `_deprecated_argument()`, and `_deprecated_file()` throughout core.
...
Props metodiew.
Fixes #36495 .
Built from https://develop.svn.wordpress.org/trunk@37985
git-svn-id: http://core.svn.wordpress.org/trunk@37926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-06 12:40:29 +00:00
Dominik Schilling
3d6fc45834
Dashboard: Don't add a "Configure" link to the toggle button.
...
The HTML for the toggle gets appended to the widget name which is later used for the widget title and the screen reader text of the toggle button. Storing the original widget name in the arguments allows us to use the name without the HTML for the screen reader text and doesn't require further changes by plugin developers.
Props nicholas_io, swissspidy.
Fixes #35021 .
Built from https://develop.svn.wordpress.org/trunk@37972
git-svn-id: http://core.svn.wordpress.org/trunk@37913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-05 15:22:29 +00:00
Andrew Ozz
c8d203e1a3
Autosave: improve the notice when the sessionStorage autosave is different than the content.
...
- Make it higher priority than the server autosave.
- Change it so the editors undo and redo can be used.
- Replace the restore link with a button.
- Add better explanation/help.
See #37025 .
Built from https://develop.svn.wordpress.org/trunk@37737
git-svn-id: http://core.svn.wordpress.org/trunk@37702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-17 03:02:29 +00:00
Boone Gorges
253686fae6
Store only term IDs in object term relationships caches.
...
Previously, objects containing all data about a term were stored in each
object's term cache. Besides being wasteful, this approach caused invalidation
issues, as when a modified term count required a flush for all objects
belonging to the term.
Backward compatibility is maintained for plugins that continue to put object
data directly into the `{$taxonomy}_relationships` cache bucket.
Fixes #36814 .
Built from https://develop.svn.wordpress.org/trunk@37573
git-svn-id: http://core.svn.wordpress.org/trunk@37541 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-26 04:50:27 +00:00
Drew Jaynes
6d7abb8fd3
Docs: The `$context` parameter in `remove_meta_box()` is not optional.
...
Fixes a copy pasta error introduced in [34952].
Props travisnorthcutt.
See #32246 .
Built from https://develop.svn.wordpress.org/trunk@37545
git-svn-id: http://core.svn.wordpress.org/trunk@37513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 20:57:28 +00:00
Drew Jaynes
1947f4d17c
Docs: Apply inline `@see` tags to hooks referenced in DocBlocks for wp-admin/* files.
...
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.
See #36921 .
Built from https://develop.svn.wordpress.org/trunk@37537
git-svn-id: http://core.svn.wordpress.org/trunk@37505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 17:28:27 +00:00
Drew Jaynes
c3055cc190
Docs: Standardize hook docs in wp-admin/* to use third-person singular verbs per the inline documentation standards for PHP.
...
See #36913 .
Built from https://develop.svn.wordpress.org/trunk@37488
git-svn-id: http://core.svn.wordpress.org/trunk@37456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:01:30 +00:00
Drew Jaynes
a54c2a7279
Docs: Remove/replace invalid inline `@link` tags from DocBlocks in wp-admin/includes/*.
...
See #36910 .
Built from https://develop.svn.wordpress.org/trunk@37485
git-svn-id: http://core.svn.wordpress.org/trunk@37453 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 17:22:27 +00:00
Drew Jaynes
fe3b007fdd
Docs: Remove inline `@see` tags from function, class, and method references in inline docs.
...
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.
Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.
See #32246 .
Built from https://develop.svn.wordpress.org/trunk@37342
git-svn-id: http://core.svn.wordpress.org/trunk@37308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-02 04:00:28 +00:00
Andrea Fercia
93c8cdbaed
Accessibility: improve the Star Ratings hiding empty elements for assistive technologies.
...
Fixes #36725 .
Built from https://develop.svn.wordpress.org/trunk@37330
git-svn-id: http://core.svn.wordpress.org/trunk@37296 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-30 14:33:29 +00:00
Sergey Biryukov
1bd88850f7
Administration: Introduce `admin_print_footer_scripts-$hook_suffix"`, a dynamic version of the `admin_print_footer_scripts` hook.
...
This is now more consistent with the generic `admin_print_scripts` and the dynamic `admin_print_scripts-$hook_suffix` hooks fired in `wp-admin/admin-header.php`.
Props tfrommen.
Fixes #34334 .
Built from https://develop.svn.wordpress.org/trunk@37279
git-svn-id: http://core.svn.wordpress.org/trunk@37245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-21 15:17:27 +00:00
Andrea Fercia
26148850c5
Accessibility: change the close "X" in the Media "Attach to existing content" modal in a button.
...
Props joedolson.
Fixes #36554 .
Built from https://develop.svn.wordpress.org/trunk@37231
git-svn-id: http://core.svn.wordpress.org/trunk@37197 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-17 16:58:26 +00:00
Nikolay Bachiyski
9b7a775413
Add nonce to AJAX action for script compression setting
...
Built from https://develop.svn.wordpress.org/trunk@37143
git-svn-id: http://core.svn.wordpress.org/trunk@37110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-30 18:21:25 +00:00
Konstantin Obenland
237f6a0e58
Customize: Introduce Logo support for themes.
...
Allows a common theme feature to have a common implementation provided by core and available in a consistent location for users.
See https://make.wordpress.org/core/2016/02/24/theme-logo-support/
Props kwight, enejb, jeherve, bhubbard, samhotchkiss, zinigor, eliorivero, adamsilverstein, melchoyce, ryan, mikeschroder, westonruter, pento, karmatosed, celloexpressions, obenland.
See #33755 .
Built from https://develop.svn.wordpress.org/trunk@36698
git-svn-id: http://core.svn.wordpress.org/trunk@36665 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 22:10:26 +00:00
Drew Jaynes
e66a510e0c
Docs: Update the type for `$callback` parameters to `callable` in DocBlocks for `add_settings_section()` and `add_settings_field()`.
...
Props aidanlane.
Fixes #35772 .
Built from https://develop.svn.wordpress.org/trunk@36642
git-svn-id: http://core.svn.wordpress.org/trunk@36609 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 18:05:27 +00:00
Dominik Schilling
3b3ded01a0
Media: Update some attach/detach strings in the columns view.
...
* Show a "Media attachment reattached."/"Media attachment detached." message when only one attachment was attached/detached.
* Use the string placeholder as `number_format_i18n()` returns a string.
* Add translator comments.
* Update help text to refer to the new dropdown menus.
* Add a more generic title to the attach modal.
Fixes #33237 .
Built from https://develop.svn.wordpress.org/trunk@36328
git-svn-id: http://core.svn.wordpress.org/trunk@36295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-15 22:29:25 +00:00
Sergey Biryukov
7270205975
Remove redundant title attribute from `wp_star_rating()`. Hide the visible number of ratings from assistive technologies.
...
This data is redundant, as the same information is already conveyed by the text hidden with `.screen-reader-text` class.
Props afercia.
Fixes #35141 .
Built from https://develop.svn.wordpress.org/trunk@36092
git-svn-id: http://core.svn.wordpress.org/trunk@36057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-26 00:48:27 +00:00
Sergey Biryukov
d5d5d64e3d
I18N: Use better context for post statuses.
...
See #35054 .
Built from https://develop.svn.wordpress.org/trunk@35903
git-svn-id: http://core.svn.wordpress.org/trunk@35867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-13 19:18:26 +00:00
Helen Hou-Sandí
e24681632e
Avoid potential fatal errors after [35718].
...
While these classes are intended for admin use, there are developers out there who include `wp-admin/includes/template.php` to access them in other contexts. There is no intention to continue to support this indefinitely, but a breaking change like that would need to happen very early in a cycle and communicated loudly.
In the meantime, if you're reading this commit message and you do the above, please update your code to not do that. Thank you :)
fixes #33413 .
Built from https://develop.svn.wordpress.org/trunk@35740
git-svn-id: http://core.svn.wordpress.org/trunk@35704 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-25 22:19:26 +00:00
Helen Hou-Sandí
2cdeac7cf6
Pass the `$post` object as context to `postmeta_form_keys`.
...
see #33885 , #18979 .
Built from https://develop.svn.wordpress.org/trunk@35730
git-svn-id: http://core.svn.wordpress.org/trunk@35694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-23 17:15:29 +00:00
Sergey Biryukov
bc1e479fd0
After [35718], update the location of some files in `This filter is documented in` docs.
...
Partially reverts [33954].
Fixes #33413 .
Built from https://develop.svn.wordpress.org/trunk@35725
git-svn-id: http://core.svn.wordpress.org/trunk@35689 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-22 03:51:28 +00:00
Andrew Nacin
1579e45d41
Simplify the include graph after work to split out classes.
...
see #33413 . More details there.
Built from https://develop.svn.wordpress.org/trunk@35718
git-svn-id: http://core.svn.wordpress.org/trunk@35682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-20 07:24:30 +00:00
Scott Taylor
1e3807c10d
`wp-admin/includes/template.php` is now a loader for 3 files made via `svn cp`:
...
* `Walker_Category_Checklist` class
* `WP_Internal_Pointers` class
* `template-functions.php`
This is BC for plugins that are loading `wp-admin/includes/template.php` for fun.
See #33413 .
Built from https://develop.svn.wordpress.org/trunk@34241
git-svn-id: http://core.svn.wordpress.org/trunk@34205 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-16 15:35:23 +00:00
Scott Taylor
ecc4106ed1
Add an argument to `parent_dropdown()`, `$post`, to allow it to be called for an arbitrary post.
...
Fixes #23162 .
Built from https://develop.svn.wordpress.org/trunk@34111
git-svn-id: http://core.svn.wordpress.org/trunk@34079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 03:20:25 +00:00
Helen Hou-Sandí
7f772bdaff
Comments: Fix inline edit/reply on small screens.
...
props ocean90, SergeyBiryukov.
fixes #33596 .
Built from https://develop.svn.wordpress.org/trunk@34094
git-svn-id: http://core.svn.wordpress.org/trunk@34062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-13 12:47:27 +00:00
Scott Taylor
821939d6d1
Quick Edit: fix an ID attribute name collision by renaming one of the author fields `author-name`.
...
Props afercia.
Fixes #33770 .
Built from https://develop.svn.wordpress.org/trunk@34070
git-svn-id: http://core.svn.wordpress.org/trunk@34038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-12 02:35:25 +00:00
Drew Jaynes
55f3b892fb
Docs: Add a changelog entry to the DocBlock for `touch_time()` to mention the shift from accessing the global `$comment` to using `get_comment()`.
...
See #33638 .
Built from https://develop.svn.wordpress.org/trunk@33979
git-svn-id: http://core.svn.wordpress.org/trunk@33948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 15:48:25 +00:00
Scott Taylor
246f2a6bd9
Use `get_comment()` instead of a global in `touch_time()`.
...
See #33638 .
Built from https://develop.svn.wordpress.org/trunk@33965
git-svn-id: http://core.svn.wordpress.org/trunk@33934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-09 03:05:24 +00:00
Boone Gorges
cc5eddda74
Allow `wp_terms_checklist()` to return markup rather than echoing it.
...
Props kevinlangleyjr.
Fixes #33720 .
Built from https://develop.svn.wordpress.org/trunk@33904
git-svn-id: http://core.svn.wordpress.org/trunk@33873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-04 21:25:25 +00:00
Scott Taylor
e73ee5ac98
Introduce `WP_Comment` class to model/strongly-type rows from the comments database table. Inclusion of this class is a pre-req for some more general comment cleanup and sanity.
...
* Takes inspiration from `WP_Post` and adds sanity to comment caching.
* Clarifies when the current global value for `$comment` is returned. The current implementation in `get_comment()` introduces side effects and an occasion stale global value for `$comment` when comment caches are cleaned.
* Strongly-types `@param` docs
* This class is marked `final` for now
Props wonderboymusic, nacin.
See #32619 .
Built from https://develop.svn.wordpress.org/trunk@33891
git-svn-id: http://core.svn.wordpress.org/trunk@33860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-03 18:17:24 +00:00
Helen Hou-Sandí
1f500055a6
Drop the hyphen from e-mail and standardize on email.
...
The AP Stylebook changed this in 2011, and we're woefully inconsistent, so let's go with the standard.
props morganestes, voldemortensen, niallkennedy (for patching on the previous AP style).
fixes #26156 .
Built from https://develop.svn.wordpress.org/trunk@33774
git-svn-id: http://core.svn.wordpress.org/trunk@33742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-28 03:17:21 +00:00
Sergey Biryukov
fc9961ca22
Make post meta box toggles accessible.
...
props joedolson.
fixes #33544 .
Built from https://develop.svn.wordpress.org/trunk@33762
git-svn-id: http://core.svn.wordpress.org/trunk@33730 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-26 15:23:24 +00:00
Scott Taylor
ef87172270
`foreach` is a statement, not a function.
...
See #33491 .
Built from https://develop.svn.wordpress.org/trunk@33734
git-svn-id: http://core.svn.wordpress.org/trunk@33702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-25 20:28:22 +00:00
John Blackbourn
6bd6069fc0
Remove all existing internal feature pointers.
...
Fixes #33289
Props obenland, ocean90, SergeyBiryukov
Built from https://develop.svn.wordpress.org/trunk@33593
git-svn-id: http://core.svn.wordpress.org/trunk@33560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-07 00:59:24 +00:00
Dion Hulse
765714ac0b
Switch to a more performant query in meta_form().
...
Props lumaraf, swissspidy, rarylson, pento
Fixes #24498
Built from https://develop.svn.wordpress.org/trunk@33390
git-svn-id: http://core.svn.wordpress.org/trunk@33358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-23 05:17:25 +00:00
Ella Iseulde Van Dorpe
262c1a7e54
Publish box: fix strange date format after change
...
Part props tyxla.
Fixes #30716 .
Built from https://develop.svn.wordpress.org/trunk@33340
git-svn-id: http://core.svn.wordpress.org/trunk@33312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-21 11:40:25 +00:00
Konstantin Obenland
c56a8ae0f7
Introducing Site Icon, favicon management for WordPress.
...
This v1 marries Jetpack's Site Icon module with the Media Modal, reusing code
from the Custom Header admin. For now, the core-provided icons will be limited
to a favicon, an iOS app icon, and a Windows tile icon, leaving `.ico` support
and additional icons to plugins to add.
Props obenland, tyxla, flixos90, jancbeck, markjaquith, scruffian.
See #16434 .
Built from https://develop.svn.wordpress.org/trunk@32994
git-svn-id: http://core.svn.wordpress.org/trunk@32965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-29 12:58:25 +00:00
Scott Taylor
a0e373ef80
For doc block types, favor `bool` over the few remaining `boolean`s
...
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32964
git-svn-id: http://core.svn.wordpress.org/trunk@32935 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-27 01:03:25 +00:00
Scott Taylor
587c570efa
After [32796], improve the accessibility and markup for instances of `touch_time()`.
...
Props rianrietveld, afercia.
Fixes #31714 .
Built from https://develop.svn.wordpress.org/trunk@32945
git-svn-id: http://core.svn.wordpress.org/trunk@32916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-25 19:30:25 +00:00
Helen Hou-Sandí
5a07e4bba4
Add "Scheduled" to post states.
...
props rclations.
fixes #32131 .
Built from https://develop.svn.wordpress.org/trunk@32902
git-svn-id: http://core.svn.wordpress.org/trunk@32873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-22 16:07:26 +00:00
Scott Taylor
c6a4512b1b
Add missing doc blocks to `wp-admin/includes/*`.
...
Fix some egregious uses of tabbing.
Some functions can simply return `apply_filters(...)` instead of setting a variable that is immediately returned.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32654
git-svn-id: http://core.svn.wordpress.org/trunk@32624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 20:17:26 +00:00
Scott Taylor
a51dfa3971
In the style of #30947 and `default-filters.php`, add 2 new files to `wp-admin/includes`:
...
`admin-filters.php`
`ms-admin-filters.php`
There are random actions and filters littered among files like `misc.php`. These files contain functions that won't work outside of admin context and are typically only loaded in files that have already loaded the admin bootstrap.
See #32529 .
Built from https://develop.svn.wordpress.org/trunk@32653
git-svn-id: http://core.svn.wordpress.org/trunk@32623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 17:04:26 +00:00
Scott Taylor
19a3aacc94
Add `@static*` annotations where they are missing.
...
Initialize all static vars that are not, most to `null`.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32650
git-svn-id: http://core.svn.wordpress.org/trunk@32620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 15:43:29 +00:00
Scott Taylor
282e28ad81
Add `@global` annotations to (the rest of the?) `wp-admin/*` files.
...
Does not include list table file changes.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32643
git-svn-id: http://core.svn.wordpress.org/trunk@32613 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 02:06:31 +00:00
Gary Pendergast
e3f1f8fed1
Ensure post titles are correctly escaped on the Dashboard.
...
Props helen, ocean90, dd32, pento.
Built from https://develop.svn.wordpress.org/trunk@32175
git-svn-id: http://core.svn.wordpress.org/trunk@32150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 07:39:25 +00:00
Sergey Biryukov
247fdbfe19
Remove hidden `user_id` input from `wp_comment_reply()`.
...
Since [31172], it caused the comment's `user_id` field to be unexpectedly changed to the user who edits the comment.
See [31776] for Edit Comment screen.
props dllh.
fixes #30307 .
Built from https://develop.svn.wordpress.org/trunk@31999
git-svn-id: http://core.svn.wordpress.org/trunk@31978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-03 13:28:26 +00:00