Commit Graph

103 Commits

Author SHA1 Message Date
audrasjb f28c97fa8c Grouped backports to the 5.7 branch.
- Editor: Bump @wordpress packages for the branch,
- Media: Refactor search by filename within the admin,
- REST API: Lockdown post parameter of the terms endpoint,
- Customize: Escape blogname option in underscores templates,
- Query: Validate relation in `WP_Date_Query`,
- Posts, Post types: Apply KSES to post-by-email content,
- General: Validate host on "Are you sure?" screen,
- Posts, Post types: Remove emails from post-by-email logs,
- Pings/trackbacks: Apply KSES to all trackbacks,
- Mail: Reset PHPMailer properties between use,
- Comments: Apply kses when editing comments,
- Widgets: Escape RSS error messages for display.

Merges [54521-54530] to the 5.7 branch.
Props audrasjb, costdev, cu121, dd32, davidbaumwald, ehtis, johnbillion, johnjamesjacoby, martinkrcho, matveb, oztaser, paulkevan, peterwilsoncc, ravipatel, SergeyBiryukov, talldanwp, timothyblynjacobs, tykoted, voldemortensen, vortfu, xknown.

Built from https://develop.svn.wordpress.org/branches/5.7@54553


git-svn-id: http://core.svn.wordpress.org/branches/5.7@54108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-17 17:55:21 +00:00
John Blackbourn 6f3a940e64 Plugins: Replace usage of `$this` in action and filter parameter docblocks with more appropriate variable names.
See #51800, #52217

Fixes #52243

Built from https://develop.svn.wordpress.org/trunk@49946


git-svn-id: http://core.svn.wordpress.org/trunk@49645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-08 14:30:14 +00:00
John Blackbourn dfe1f9b322 Docs: Promote many `bool` types to `true` or `false` where only that value is used.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49927


git-svn-id: http://core.svn.wordpress.org/trunk@49626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-03 22:04:04 +00:00
Peter Wilson aaf7710529 Query: Revert post-type specific capability changes.
The modified checks of the `read_private_posts` capability could result in unexpected SQL queries when calling `WP_Query` with invalid parameters.

Reverts [49830], [49832] and [49833].
See #48556.

Built from https://develop.svn.wordpress.org/trunk@49899


git-svn-id: http://core.svn.wordpress.org/trunk@49598 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-23 03:02:06 +00:00
Peter Wilson 08acf6606a Coding Standards: Minor fixes following [49830].
See #13509, #48968, #48556.

Built from https://develop.svn.wordpress.org/trunk@49832


git-svn-id: http://core.svn.wordpress.org/trunk@49551 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-18 00:19:05 +00:00
Boone Gorges f124a2e529 Query: Respect post-type specific capabilities when querying for multiple post types.
After this change, the relevant `read_private_posts` capability is checked for
each queried post type. This ensures that private posts appear in search and
archive queries for users who have the ability to view those posts.

Props leogermani.

Fixes #13509, #48968, #48556.
Built from https://develop.svn.wordpress.org/trunk@49830


git-svn-id: http://core.svn.wordpress.org/trunk@49549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-17 16:17:07 +00:00
Sergey Biryukov 43bbbf1176 Docs: Document the usage of `$wpdb` global in `WP_Query::get_posts()` and `::set_found_posts()`.
Props jontyravi.
Fixes #52027.
Built from https://develop.svn.wordpress.org/trunk@49792


git-svn-id: http://core.svn.wordpress.org/trunk@49515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-11 16:53:10 +00:00
John Blackbourn 42fcfa5b3d Docs: Various docblock corrections.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49789


git-svn-id: http://core.svn.wordpress.org/trunk@49512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-10 23:53:07 +00:00
John Blackbourn 40b738335b Docs: Corrections and improvements to docs for properties of the `WP_Query` class.
This also adds additional type hinting inside some methods to help IDEs.

See #51800

Built from https://develop.svn.wordpress.org/trunk@49700


git-svn-id: http://core.svn.wordpress.org/trunk@49423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-26 17:04:06 +00:00
John Blackbourn f4cda1b62f Docs: Upgrade more parameters in docblocks to used typed array notation.
See #51800, #41756

Built from https://develop.svn.wordpress.org/trunk@49693


git-svn-id: http://core.svn.wordpress.org/trunk@49416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-24 21:27:05 +00:00
John Blackbourn 35f6c356c1 Docs: Document parameters that accept an array of integers using typed array notation.
While many of these parameters also technically accept an array of numerical strings, they are all ultimately cast to an array of integers. Documenting them as such assists developers in understanding the expected types.

See #51800, #41756

Built from https://develop.svn.wordpress.org/trunk@49672


git-svn-id: http://core.svn.wordpress.org/trunk@49395 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-19 18:24:09 +00:00
Sergey Biryukov ee7ff18b54 Docs: Improve documentation for `WP_Query::is_archive()` per the documentation standards.
Follow-up to [49504].

See #50545.
Built from https://develop.svn.wordpress.org/trunk@49506


git-svn-id: http://core.svn.wordpress.org/trunk@49261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-05 09:44:05 +00:00
Sergey Biryukov f22633f20b Docs: Consistently place `@see` tags after `@since` in `WP_Query` methods, per the documentation standards.
See #50768.
Built from https://develop.svn.wordpress.org/trunk@49505


git-svn-id: http://core.svn.wordpress.org/trunk@49260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-05 09:42:10 +00:00
Helen Hou-Sandí cc74786052 General: Make some inline comments more descriptive.
Props jorbin.
Fixes #51683.

Built from https://develop.svn.wordpress.org/trunk@49474


git-svn-id: http://core.svn.wordpress.org/trunk@49233 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-02 18:04:07 +00:00
Sergey Biryukov 0e3147c40e Coding Standards: Replace alias PHP functions with the canonical names.
Using the canonical function name for PHP functions is strongly recommended, as aliases may be deprecated or removed without (much) warning.

This replaces all uses of the following:
* `join()` with `implode()`
* `sizeof()` with `count()`
* `is_writeable()` with `is_writable()`
* `doubleval()` with a `(float)` cast

In part, this is a follow-up to #47746.

Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49193


git-svn-id: http://core.svn.wordpress.org/trunk@48955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-18 17:27:06 +00:00
John Blackbourn 6b7ba33d68 Docs: Fix the types for some properties and parameters that use the generic `object` type.
See #50768

Built from https://develop.svn.wordpress.org/trunk@49119


git-svn-id: http://core.svn.wordpress.org/trunk@48881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-10 19:14:04 +00:00
Sergey Biryukov 897f004a9c General: Replace older-style PHP type conversion functions with type casts.
This improves performance, readability, and consistency throughout core.

* `intval()` → `(int)`
* `strval()` → `(string)`
* `floatval()` → `(float)`

Props ayeshrajans.
Fixes #42918.
Built from https://develop.svn.wordpress.org/trunk@49108


git-svn-id: http://core.svn.wordpress.org/trunk@48870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-08 21:15:13 +00:00
Sergey Biryukov 2670a6ad14 Docs: Synchronize descriptions of some query functions and their counterpart methods in `WP` and `WP_Query` classes:
* `set_query_var()`
* `get_query_var()`
* `get_queried_object()`
* `get_queried_object_id()`

Switch to third-person singular verbs, per the documentation standards.

See #50768, #42783.
Built from https://develop.svn.wordpress.org/trunk@49095


git-svn-id: http://core.svn.wordpress.org/trunk@48857 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-06 08:59:04 +00:00
Sergey Biryukov b66ff2f68d Docs: Fix typo in `*_pre_query` filter DocBlocks.
See #50768.
Built from https://develop.svn.wordpress.org/trunk@48985


git-svn-id: http://core.svn.wordpress.org/trunk@48747 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-17 10:45:03 +00:00
Sergey Biryukov 7c60a660f1 Code Modernization: Correct the check for negative post IDs in `WP_Query::parse_query()` to work as expected on PHP 8.
PHP 8 changes the way string to number comparisons are performed: https://wiki.php.net/rfc/string_to_number_comparison

In particular, checking if an empty string is less than zero in PHP 8 evaluates to `true`, not `false`.

For `WP_Query`, this resulted in unintentionally returning a 404 error for most of front-end requests, instead of the relevant content.

By explicitly casting the value to `int`, we make sure to compare both values as numbers, rather than a string and a number.

Follow-up to [38288].

Props trepmal.
See #50913.
Built from https://develop.svn.wordpress.org/trunk@48960


git-svn-id: http://core.svn.wordpress.org/trunk@48722 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-09 02:35:06 +00:00
Sergey Biryukov 7a8df073cd Docs: Correct alignment for some DocBlocks in `WP_Query::get_posts()`.
See #50768.
Built from https://develop.svn.wordpress.org/trunk@48816


git-svn-id: http://core.svn.wordpress.org/trunk@48578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-18 12:39:03 +00:00
John Blackbourn 57a3f803ae Docs: First pass at some inline docs fixes mostly made by PHPCBF.
See #49572, #50744
Built from https://develop.svn.wordpress.org/trunk@48586


git-svn-id: http://core.svn.wordpress.org/trunk@48348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 20:01:04 +00:00
John Blackbourn 124972f2c6 Docs: Further corrections and improvements to various inline docblocks.
See #49572
Built from https://develop.svn.wordpress.org/trunk@48576


git-svn-id: http://core.svn.wordpress.org/trunk@48338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 07:39:02 +00:00
Sergey Biryukov da43de528f Docs: Correct type and improve description for the `$fields` parameter of `WP_Query::parse_query()`.
Props ocean90, palmiak, johannadevos, noisysocks.
Fixes #44305.
Built from https://develop.svn.wordpress.org/trunk@48563


git-svn-id: http://core.svn.wordpress.org/trunk@48325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-22 11:37:02 +00:00
John Blackbourn 6b21db7fb9 Docs: Miscellaneous docblock corrections and improvements.
See #49572
Built from https://develop.svn.wordpress.org/trunk@48462


git-svn-id: http://core.svn.wordpress.org/trunk@48231 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-13 22:10:07 +00:00
Sergey Biryukov 8ef38d34fc Docs: Improve `@return` tags for various conditional tags.
Props stevenlinx, SergeyBiryukov.
Fixes #50626.
Built from https://develop.svn.wordpress.org/trunk@48426


git-svn-id: http://core.svn.wordpress.org/trunk@48195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-10 20:23:06 +00:00
Sergey Biryukov 3311bc8783 Docs: Improve documentation for `have_posts()`, `have_comments()`, and their `WP_Query` counterparts.
Props stevenlinx.
Fixes #50610.
Built from https://develop.svn.wordpress.org/trunk@48406


git-svn-id: http://core.svn.wordpress.org/trunk@48175 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-08 11:11:04 +00:00
Sergey Biryukov 4e3bad1770 Query: Make sure the `found_posts` property of `WP_Query` is always an integer, to match the documented type.
This makes the property consistent with similar properties of other classes:
* `WP_Comment_Query::$found_comments`
* `WP_Network_Query::$found_networks`
* `WP_Site_Query::$found_sites`
* `WP_User_Query::$total_users`

Props birgire, PressLabs.
Fixes #42469.
Built from https://develop.svn.wordpress.org/trunk@48328


git-svn-id: http://core.svn.wordpress.org/trunk@48097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-05 21:34:02 +00:00
Sergey Biryukov e0d440f77f Posts, Post Types: Avoid a PHP warning when `get_the_content()` is called outside of the loop.
This ensures that `$pages` and other globals are only used after they have been set up in `setup_postdata()`.

Follow-up to [44941].

Props tessawatkinsllc, dontdream, spacedmonkey, squarecandy, davidbaumwald, SergeyBiryukov.
Fixes #47824. See #42814.
Built from https://develop.svn.wordpress.org/trunk@48114


git-svn-id: http://core.svn.wordpress.org/trunk@47883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-21 10:36:07 +00:00
Sergey Biryukov e13c363b17 Docs: Capitalize "ID", when referring to a post ID, term ID, etc. in a more consistent way.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48104


git-svn-id: http://core.svn.wordpress.org/trunk@47873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 12:02:12 +00:00
John Blackbourn 1a77bb81d8 Docs: Remove unnecessary variables names from `@return` tags.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48100


git-svn-id: http://core.svn.wordpress.org/trunk@47869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-19 22:55:12 +00:00
Sergey Biryukov de59ad23a4 Docs: Consistently include an empty line between `@since` tag and `@see`, `@link`, or `@global`, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48067


git-svn-id: http://core.svn.wordpress.org/trunk@47834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 21:07:14 +00:00
whyisjake ea8331f00d REST API: Allow queries other than the main query to be `is_home`.
Ensure that REST API calls can match the main query of the page. 

See #34373.

Fixes #50213.

Props: dlh, TimothyBlynJacobs, boonebgorges, joemcgill, whyisjake. 


Built from https://develop.svn.wordpress.org/trunk@48053


git-svn-id: http://core.svn.wordpress.org/trunk@47820 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 06:04:12 +00:00
Sergey Biryukov 7932193708 Coding Standards: Use strict comparison where static strings are involved.
This reduces the number of `WordPress.PHP.StrictComparisons.LooseComparison` issues in half, from 1897 to 890.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47808


git-svn-id: http://core.svn.wordpress.org/trunk@47584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-16 18:42:12 +00:00
whyisjake 3ee9488292 Query: Ensure that only a single post can be returned on date/time based queries.
Props: sstoqnov, peterwilsoncc.

Built from https://develop.svn.wordpress.org/trunk@47635


git-svn-id: http://core.svn.wordpress.org/trunk@47410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-29 15:28:04 +00:00
Sergey Biryukov 856e1a27b8 Coding Standards: Use strict type check for `in_array()` and `array_search()`.
This addresses all the remaining `WordPress.PHP.StrictInArray.MissingTrueStrict` issues in core.

Includes minor code layout fixes for better readability.

Follow-up to [47550].

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47557


git-svn-id: http://core.svn.wordpress.org/trunk@47332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-09 15:43:10 +00:00
Sergey Biryukov 38676936ba Coding Standards: Use strict type check for `in_array()` and `array_search()` where strings are involved.
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47550


git-svn-id: http://core.svn.wordpress.org/trunk@47325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-05 03:02:11 +00:00
John Blackbourn 33d4f0573c Query: Introduce an action which gets fired when a 404 is triggered.
Fixes #48061
Built from https://develop.svn.wordpress.org/trunk@47509


git-svn-id: http://core.svn.wordpress.org/trunk@47284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-26 17:43:07 +00:00
Sergey Biryukov e041a3a8f3 Docs: Use more specific type in parameter descriptions for `is_page()`, `is_single()`, `is_singular()`, and their `WP_Query` counterpart methods.
Props marekdedic, shaharia.azam, shaampk1.
Fixes #48354. See #48303.
Built from https://develop.svn.wordpress.org/trunk@47402


git-svn-id: http://core.svn.wordpress.org/trunk@47189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-01 17:29:06 +00:00
Sergey Biryukov abce2d8d6c Docs: Synchronize parameter descriptions for conditional tags with their `WP_Query` counterpart methods.
See #48354, #48303.
Built from https://develop.svn.wordpress.org/trunk@47401


git-svn-id: http://core.svn.wordpress.org/trunk@47188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-01 17:21:06 +00:00
John Blackbourn 056dad9c2c Docs: Use more specific types in parameter descriptions in place of `mixed`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47397


git-svn-id: http://core.svn.wordpress.org/trunk@47184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-01 10:38:07 +00:00
Sergey Biryukov 641c632b0c Coding Standards: Use Yoda conditions where appropriate.
See #49222.
Built from https://develop.svn.wordpress.org/trunk@47219


git-svn-id: http://core.svn.wordpress.org/trunk@47019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-09 16:55:09 +00:00
Sergey Biryukov a16f3f8f13 Posts, Post Types: Fail gracefully when checking whether a single post with an unregistered post status should be displayed in `WP_Query::get_posts()`.
If the post status is not registered, assume it's not public, but still allow access to users with edit permissions (same as for a protected post status, e.g. `draft`), so that they could recover orphaned content.

Add unit tests.

Follow-up to [47178].

Props roytanck, SergeyBiryukov.
Fixes #48653.
Built from https://develop.svn.wordpress.org/trunk@47181


git-svn-id: http://core.svn.wordpress.org/trunk@46981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-05 01:33:05 +00:00
Sergey Biryukov da6f24fba9 Posts, Post Types: Revert [47179] pending test failures investigation.
See #48653.
Built from https://develop.svn.wordpress.org/trunk@47180


git-svn-id: http://core.svn.wordpress.org/trunk@46980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-04 23:02:09 +00:00
Sergey Biryukov 73a088f5b6 Posts, Post Types: Fail gracefully when checking whether the post should be displayed in `WP_Query::get_posts()` against unregistered post status.
If the post status is not registered, assume it's not public.

Follow-up to [47178].

Props roytanck.
See #48653.
Built from https://develop.svn.wordpress.org/trunk@47179


git-svn-id: http://core.svn.wordpress.org/trunk@46979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-04 22:22:06 +00:00
Sergey Biryukov 001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov cef48881f0 Docs: Correct alphabetic order of parameters in `WP_Query::parse_query()` DocBlock.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47052


git-svn-id: http://core.svn.wordpress.org/trunk@46852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-08 12:10:04 +00:00
Sergey Biryukov d858656023 Bootstrap/Load: Make handling the `/favicon.ico` requests more flexible.
Previously, `wp_favicon_request()` was introduced in [13205] to avoid a performance hit of serving a full 404 page on every favicon request.

While working as intended, that implementation did not provide a way for theme or plugin authors to manage the behavior of favicon requests.

This changeset implements the following logic (only applied if WordPress is installed in the root directory):

* If there is a Site Icon set in Customizer, redirect `/favicon.ico` requests to that icon.
* Otherwise, use the WordPress logo as a default icon.
* If a physical `/favicon.ico` file exists, do nothing, let the server handle the request.

Handling `/favicon.ico` is now more consistent with handling `/robots.txt` requests.

New functions and hooks:

* Introduce `is_favicon()` conditional tag to complement `is_robots()`.
* Introduce `do_favicon` action to complement `do_robots` and use it in template loader.
* Introduce `do_favicon()` function, hooked to the above action by default, to complement `do_robots()`.
* Introduce `do_faviconico` action to complement `do_robotstxt`, for plugins to override the default behavior.
* Mark `wp_favicon_request()` as deprecated in favor of `do_favicon()`.

Props jonoaldersonwp, birgire, joostdevalk, mukesh27, SergeyBiryukov.
Fixes #47398.
Built from https://develop.svn.wordpress.org/trunk@47018


git-svn-id: http://core.svn.wordpress.org/trunk@46818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-28 21:20:04 +00:00
John Blackbourn 9ac1d82f23 Docs: Further improve documentation of known return types, plus other docs fixes.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46661


git-svn-id: http://core.svn.wordpress.org/trunk@46461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-05 21:27:02 +00:00
whyisjake 946ec8492f Query: Remove the static query property.
Prevent unauthenticated views of publicly queryables content types.

Props aaroncampbell, whyisjake, nickdaugherty, xknown.

Built from https://develop.svn.wordpress.org/trunk@46474


git-svn-id: http://core.svn.wordpress.org/trunk@46272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 15:20:03 +00:00