- Install: When populating options, maybe_serialize instead of always serialize.
- Uploads: Check for and verify ZIP archives.
Merges [57388] and [57389] to the 6.2 branch.
Props costdev, peterwilsoncc, azaozz, tykoted, johnbillion, desrosj, afragen, jorbin, xknown.
Built from https://develop.svn.wordpress.org/branches/6.2@57393
git-svn-id: http://core.svn.wordpress.org/branches/6.2@56899 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- REST API: Limit `search_columns` for users without `list_users`.
- Comments: Prevent users who can not see a post from seeing comments on it.
- Application Passwords: Prevent the use of some pseudo protocols in application passwords.
- Restrict media shortcode ajax to certain type
- REST API: Ensure no-cache headers are sent when methods are overriden.
- Prevent unintended behavior when certain objects are unserialized.
Merges [56833], [56834], [56835], [56836], [56837], and [56838] to the 6.2 branch.
Props xknown, jorbin, Vortfu, joehoyle, timothyblynjacobs, peterwilsoncc, ehtis, tykoted, martinkrcho, paulkevan, dd32, antpb, rmccue.
Built from https://develop.svn.wordpress.org/branches/6.2@56895
git-svn-id: http://core.svn.wordpress.org/branches/6.2@56406 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset removes the `aligncenter` class from `h2` and `is-subheading` items in the WordPress 6.2 About Page, for more consistent alignment. Also, future minor releases will add more left-aligned paragraphs under the "Maintenance Releases" section.
Props shagors, sabernhardt, mukesh27, amin7, costdev, pavanpatil1, audrasjb.
Merges [55716] to the 6.2 branch.
Fixes#57387.
Built from https://develop.svn.wordpress.org/branches/6.2@55731
git-svn-id: http://core.svn.wordpress.org/branches/6.2@55243 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This brings more consistency with other screens and avoids a PHP warning in `get_plugin_page_hookname()`:
{{{
preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
}}}
Follow-up to [13257], [13366], [55263].
Props nendeb55, costdev, SergeyBiryukov.
Merges [55552] to the 6.2 branch.
Fixes#57918.
Built from https://develop.svn.wordpress.org/branches/6.2@55639
git-svn-id: http://core.svn.wordpress.org/branches/6.2@55151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset replaces a `notice-updated` class with `notice-success` to fix an issue where the notices were using a gray border color instead of green when enabling or disabling a theme for a network.
Follow-up to [55418].
Props ocean90, audrasjb, marineevain, SergeyBiryukov, dhrumilk, chiragrathod103.
Merges [55584] to the 6.2 branch.
Fixes#58096.
Built from https://develop.svn.wordpress.org/branches/6.2@55638
git-svn-id: http://core.svn.wordpress.org/branches/6.2@55150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes a few WPCS warnings along the lines of:
* Array double arrow not aligned correctly
* Equals sign not aligned with surrounding statements
* Usage of ELSE IF is discouraged; use ELSEIF instead
Follow-up to [55099], [55192], [55194], [55271].
Props davidbaumwald, jrf, SergeyBiryukov.
Merges [55606] to the 6.2 branch.
Fixes#57994.
Built from https://develop.svn.wordpress.org/branches/6.2@55636
git-svn-id: http://core.svn.wordpress.org/branches/6.2@55148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the About page, wraps the Field Guide's link in `__()` to provide a localized field guide, when available.
Follow-up to [55600].
Props davidbaumwald, sergeybiryukov, desrosj, javiercasares, oglekler, mukesh27, clorith, eboxnet, costdev, ocean90.
Reviewed by sergeybiryukov.
Merges [55601] to the 6.2 branch.
Fixes#57477.
Built from https://develop.svn.wordpress.org/branches/6.2@55603
git-svn-id: http://core.svn.wordpress.org/branches/6.2@55115 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Remove the green background from the "dot" accent, to prevent low contrast for the dismiss button. Use menu colors for the background on alternate color schemes. Remove the "Edit styles" link as there is no longer a direct link to the global styles section of the site editor.
Follow-up to [55451].
Props sabernhardt, ryokuhi, laurlittle, richtabor.
Reviewed by hellofromTonya.
Merges [55574] to the 6.2 branch.
Fixes#57759.
Built from https://develop.svn.wordpress.org/branches/6.2@55576
git-svn-id: http://core.svn.wordpress.org/branches/6.2@55088 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Minor copy updates. Update heading style, text size, spacing in smaller columns. Remove columns placement code to simplify CSS. This was necessary for IE11, but modern browsers can use auto-placement. Move navigation out of the banner to keep size & background placement consistent across About section.
Props marybaum, sereedmedia, annezazu, jpantani, laurlittle, richtabor, markoserb, fcoveram, joen, kebbet.
See #57477.
Built from https://develop.svn.wordpress.org/trunk@55499
git-svn-id: http://core.svn.wordpress.org/trunk@55031 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset removes the `wp_ajax_save_attachment_updated` hook by reverting [55106], [55111], and [55450], to give it more time for further discussions as there are still concerns about whether this hook is necessary.
Follow-up to [55106], [55111], [55450].
Props costdev, SergeyBiryukov, peterwilsoncc, azaozz.
See #23148.
Built from https://develop.svn.wordpress.org/trunk@55474
git-svn-id: http://core.svn.wordpress.org/trunk@55007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to elaborate a bit more on the difference between these two settings, as well as explain the `http://` or `https://` prefix.
Follow-up to [15000], [19472].
Props marybaum, sabernhardt, tobifjellner, justinahinon, webcommsat, hellofromtonya, audrasjb, robinwpdeveloper, costdev, SergeyBiryukov.
Fixes#50886.
Built from https://develop.svn.wordpress.org/trunk@55452
git-svn-id: http://core.svn.wordpress.org/trunk@54985 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset renames the `wp_ajax_save_attachment` action to `wp_ajax_save_attachment_updated` to avoid confusion with the similarly named `wp_ajax_save-attachment` action. This also add a dockblock note to indicate that when checking if an action is being done, `doing_action( 'wp_ajax_save-attachment' )` may be used if that is more convenient.
Follow-up to [55106].
Props azaozz, sc0ttkclark, costdev.
Fixes#23148
Built from https://develop.svn.wordpress.org/trunk@55450
git-svn-id: http://core.svn.wordpress.org/trunk@54983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As part of determining whether to perform automatic updates, WordPress checks if it is running within a version-controlled environment, recursively looking up the filesystem to the top of the drive, looking for a Subversion, Git, Mercurial, or Bazaar directory, erring on the side of detecting a VCS checkout somewhere.
This commit avoids a PHP warning if the `open_basedir` directive is in use and any of the directories checked in the process are not allowed:
{{{
is_dir(): open_basedir restriction in effect. File(/.git) is not within the allowed path(s)
}}}
Follow-up to [25421], [25700], [25764], [25835], [25859].
Props costdev, markjaquith, meyegui, dd32, arnolp, robin-labadie, hellofromTonya, afragen, pbiron, SergeyBiryukov.
Fixes#42619.
Built from https://develop.svn.wordpress.org/trunk@55425
git-svn-id: http://core.svn.wordpress.org/trunk@54958 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The table is no longer created by core as of WordPress 3.0, and support for global terms was removed in WordPress 6.1, so `$wpdb->sitecategories` is unset by default.
This commit resolves a "passing null to non-nullable" deprecation notice on PHP 8.1:
{{{
Deprecated: addcslashes(): Passing null to parameter #1 ($string) of type string is deprecated in wp-includes/class-wpdb.php on line 1804
}}}
The `tables_to_repair` filter is available for plugins to readd the table or include any additional tables to repair.
Follow-up to [14854], [14880], [54240].
Props ipajen, chiragrathod103, SergeyBiryukov.
Fixes#57762.
Built from https://develop.svn.wordpress.org/trunk@55421
git-svn-id: http://core.svn.wordpress.org/trunk@54954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes encoding issues in background update emails by applying `html_entity_decode()` on Plugin/Theme names in `send_plugin_theme_email()`.
Props paulschreiber, audrasjb, benjgrolleau, sanketchodavadiya, robinwpdeveloper, paulamit.
Fixes#56964.
Built from https://develop.svn.wordpress.org/trunk@55411
git-svn-id: http://core.svn.wordpress.org/trunk@54944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This type of transformation isn't always appropriate, especially for non-English language sites. Displaying the original option name makes it more clear what option is being changed.
Props SergeyBiryukov, sabernhardt, afrin29, afshanadiya
Fixes#50572
Built from https://develop.svn.wordpress.org/trunk@55408
git-svn-id: http://core.svn.wordpress.org/trunk@54941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to avoid timeout in Imagick operations.
Previously, Imagick operations could silently error by timeout and produce unexpected results. The new `::set_imagick_time_limit()` method, now used in `::resize()` and `::crop()`, will better handle garbage collection in these cases as well as better align Imagick's timeout with PHP timeout, assuming it is set.
Props drzraf, audrasjb, costdev, antpb, SergeyBiryukov.
Fixes#52569.
Built from https://develop.svn.wordpress.org/trunk@55404
git-svn-id: http://core.svn.wordpress.org/trunk@54937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes the conditions for when to enqueue the opinionated block styles (i.e. `'wp-block-library-theme'` stylesheet):
* the theme adds `'wp-block-styles'` theme support;
* and no editor styles are declared.
This resolves an issue with themes that do not add the `'wp-block-styles'` theme support while not impacting themes that do.
Follow-up to [53419], [52069], [50761], [44157].
Props mikachan, costdev, glendaviesnz, hellofromTonya, jffng, mamaduka, ndiego, poena, sannevndrmeulen, scruffian.
Fixes#57561.
Built from https://develop.svn.wordpress.org/trunk@55368
git-svn-id: http://core.svn.wordpress.org/trunk@54901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `$post_ID` variable is [546f59c678/WordPress/Sniffs/NamingConventions/ValidVariableNameSniff.php (L54) technically allowed in WPCS], as there is a global of the same name that needs to remain for backward compatibility. However, this name is mostly a remnant of legacy code, and switching to `$post_id` where appropriate brings more consistency with the rest of core.
Additionally, this commit resolves a few WPCS warnings in core:
{{{
Variable "$post_IDs" is not in valid snake_case format
}}}
This affects:
* Function parameters in:
* `add_meta()`
* `post_preview()`
* `WP_Embed::delete_oembed_caches()`
* `WP_Embed::cache_oembed()`
* `wp_get_post_cats()`
* `wp_set_post_cats()`
* `wp_unique_post_slug()`
* `wp_set_post_categories()`
* `wp_check_post_hierarchy_for_loops()`
* `wp_add_trashed_suffix_to_post_name_for_trashed_posts()`
* `wp_filter_wp_template_unique_post_slug()`
* `wp_xmlrpc_server::add_enclosure_if_new()`
* `wp_xmlrpc_server::attach_uploads()`
* `wp_xmlrpc_server::mt_getTrackbackPings()`
* Internal variables in:
* `wp_ajax_inline_save()`
* `wp_ajax_set_post_thumbnail()`
* `wp_ajax_get_post_thumbnail_html()`
* `edit_post()`
* `bulk_edit_posts()`
* `wp_write_post()`
* `WP_Embed::shortcode()`
* `wp_insert_post()`
* `wp_xmlrpc_server::_insert_post()`
* `wp_xmlrpc_server::blogger_getPost()`
* `wp_xmlrpc_server::blogger_newPost()`
* `wp_xmlrpc_server::blogger_editPost()`
* `wp_xmlrpc_server::blogger_deletePost()`
* `wp_xmlrpc_server::mw_getPost()`
* `wp_xmlrpc_server::mw_newPost()`
* `wp_xmlrpc_server::mw_editPost()`
* `wp_xmlrpc_server::mt_getPostCategories()`
* `wp_xmlrpc_server::mt_setPostCategories()`
* `wp_xmlrpc_server::mt_publishPost()`
* `wp_xmlrpc_server::pingback_ping()`
* Hook parameters in:
* `oembed_ttl`
* `embed_oembed_html`
* `wp_insert_post_parent`
* `add_trashed_suffix_to_trashed_posts`
* `pre_post_update`
* `edit_attachment`
* `attachment_updated`
* `add_attachment`
* `edit_post_{$post->post_type}`
* `edit_post`
* `post_updated`
* `save_post_{$post->post_type}`
* `save_post`
* `wp_insert_post`
* `pre_wp_unique_post_slug`
* `wp_unique_post_slug`
* `xmlrpc_call_success_blogger_newPost`
* `xmlrpc_call_success_blogger_editPost`
* `xmlrpc_call_success_blogger_deletePost`
* `xmlrpc_call_success_mw_newPost`
* `xmlrpc_call_success_mw_editPost`
Note: The name change only affects variable names and DocBlocks.
The change does not affect the `$post_ID` global still used in a few places.
Follow-up to [51399], [52958], [53723], [53729], [55190], [55308], [55334].
Props mahekkalola, tanjimtc71, SergeyBiryukov.
Fixes#57692.
Built from https://develop.svn.wordpress.org/trunk@55365
git-svn-id: http://core.svn.wordpress.org/trunk@54898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes an issue where the available theme updates count was not updated after a theme is deleted.
Props nazmulhasan103, riccardodicurti, sabernhardt, ironprogrammer, costdev, robinwpdeveloper, rahmantasnia.
Fixes#57183.
Built from https://develop.svn.wordpress.org/trunk@55359
git-svn-id: http://core.svn.wordpress.org/trunk@54892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
User should not have to reach the admin menu toggle in order to close the menu. This can be a problem for one-handed mobile use, users with small hands, and numerous other situational usages.
Close the admin menu when focus moves anywhere other than the menu or the menu toggle and the current document is active.
Props kaneva, sabernhardt, costdev, ryokuhi, hellofromtonya, dhusakovic, thelovekesh, joedolson.
Fixes#53587.
Built from https://develop.svn.wordpress.org/trunk@55326
git-svn-id: http://core.svn.wordpress.org/trunk@54859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
audrasjb
John Blackbourn
Joe McGill
Aaron Jorbin
davidbaumwald
desrosj
Sergey Biryukov
hellofromTonya
ryelle
joedolson
Andrew Ozz