Commit Graph

194 Commits

Author SHA1 Message Date
desrosj 883e20e3dd Feeds: Avoid fatal error with empty `blog_charset` value.
After the SimplePie library was updated to version `1.8.0` in [59141], an edge case has been discovered where a fatal error can encountered if the `blog_charset` option is missing or empty.

In `fetch_feed()`, this option is retrieved using `get_option()` instead of `get_bloginfo( ‘charset’ )`. The latter will detect this scenario and apply a default value of `UTF-8` and is already used interchangeably throughout Core. This switches to `get_bloginfo( ‘charset’ )` instead to prevent this edge case.

Props david.binda, davidbaumwald, SergeyBiryukov, sabernhardt, azaozz, peterwilsoncc.
Fixes #62354.
Built from https://develop.svn.wordpress.org/trunk@59382


git-svn-id: http://core.svn.wordpress.org/trunk@58768 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-11-11 17:50:17 +00:00
Peter Wilson d30cc780fd Feeds: Validate enclosures prior to generating tags.
Prevent possible PHP warnings caused by malformed enclosure meta data. This change ensures the enclosure meta data has at least three lines of text before generating the tag in `rss_enclosure()`.

Props arypneta, johnjamesjacoby, nihar007, rahmohn, rghedin, zahardoc.
Fixes #58798.


Built from https://develop.svn.wordpress.org/trunk@59241


git-svn-id: http://core.svn.wordpress.org/trunk@58633 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-10-15 22:24:18 +00:00
Sergey Biryukov ed37f855ce External Libraries: Update the SimplePie library to version 1.8.0.
The most notable change in this update is that all code is now namespaced and uses PSR-4 classes, though there is a compatibility layer available for extenders using the older class names, so plugin or theme authors directly using SimplePie can decide for themselves when they want to change to using the namespaced names for SimplePie classes.

Note: This commit includes additional fixes for PHP 8.4 compatibility ([https://github.com/simplepie/simplepie/pull/875 PR 875], [https://github.com/simplepie/simplepie/pull/888 PR 888]) from the `one-dot-eight` branch of SimplePie, which is expected to be [https://github.com/simplepie/simplepie/pull/886 released as SimplePie 1.8.1] soon.

References:
* [https://github.com/simplepie/simplepie/releases/tag/1.8.0 SimplePie 1.8.0 release notes]
* [https://github.com/simplepie/simplepie/releases/tag/1.7.0 SimplePie 1.7.0 release notes]
* [https://github.com/simplepie/simplepie/releases/tag/1.6.0 SimplePie 1.6.0 release notes]
* [https://github.com/simplepie/simplepie/compare/1.5.8...1.8.0 Full list of changes in SimplePie 1.8.0]

Follow-up to [47733], [49176], [52393], [52413].

Props jrf, peterwilsoncc, chaion07, cu121, markparnell, audrasjb, costdev, Presskopp, desrosj, faisal03, mukesh27, SergeyBiryukov.
See #55604.
Built from https://develop.svn.wordpress.org/trunk@59141


git-svn-id: http://core.svn.wordpress.org/trunk@58537 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-30 22:50:19 +00:00
hellofromTonya b5ec907fb0 Code Modernization: Use wp_trigger_error() instead of trigger_error().
Replaces `trigger_error()` with `wp_trigger_error()`.

The usage of `wp_trigger_error()` avoids generating `E_USER` family errors unless `WP_DEBUG` is on. In doing so, users should not see these messages in normal production.

Notes:
* Removes `E_USER_NOTICE` when passed as an argumnent, as it's the default error level.
* An empty string is passed for the function name when its name is already in the error message or does not add value to the error message.
* Externally maintained libraries are not included.

Follow-up to [55204], [25956], [29630], [38883], [52062], [52049], [54272], [38883], [55245], [51599], [14452], [38883], [24976].

Props prasadkarmalkar, rajinsharwar, thelovekesh, hellofromTonya, swissspidy. 
Fixes #59652.
Built from https://develop.svn.wordpress.org/trunk@58409


git-svn-id: http://core.svn.wordpress.org/trunk@57858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-06-13 20:50:14 +00:00
Sergey Biryukov eba0df8c7b Docs: Correct the placement of `@global` tags in various files.
Follow-up to [6589], [8598], [10798], [25490], [25594], [31192], [31194], [35718], [37437], [44169], [44948], [45247], [56763], [56773], [57370], [57503].

Props shailu25.
Fixes #61295.
Built from https://develop.svn.wordpress.org/trunk@58200


git-svn-id: http://core.svn.wordpress.org/trunk@57663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-05-26 20:51:13 +00:00
John Blackbourn 9feb8a6925 Bootstrap/Load: Add support for custom ports in multisite site addresses.
This allows a Multisite network to use an address that includes a port name, such as `example.com:1234`, and adds support for this to the local development environment too. You can now run a Multisite installation on the local development environment, for example at `localhost:8889`.

This also fixes some bugs with running a single site installation on a port, and updates the testing infrastructure so that the whole test suite runs both with and without a port number.

Props djzone, scribu, nacin, ipstenu, F J Kaiser, jeremyfelt, johnjamesjacoby, spacedmonkey, PerS, Clorith, Blackbam, enrico.sorcinelli, Jules Colle, obliviousharmony, desrosj, johnbillion

Fixes #21077, #52088
Built from https://develop.svn.wordpress.org/trunk@58097


git-svn-id: http://core.svn.wordpress.org/trunk@57562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-05-04 19:25:10 +00:00
Sergey Biryukov 2637a3d194 Feeds: Add an optional `$post` parameter to `get_the_title_rss()`.
This allows the function to be used outside of the loop and brings parity with `get_the_title()`.

Follow-up to [1976], [3314], [21735].

Props khokansardar, oglekler.
Fixes #61139.
Built from https://develop.svn.wordpress.org/trunk@58096


git-svn-id: http://core.svn.wordpress.org/trunk@57561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-05-04 19:11:11 +00:00
audrasjb 8c76c6d58c Docs: Replace multiple single line comments with multi-line comments.
This changeset updates various comments as per WordPress PHP Inline Documentation Standards.
See https://developer.wordpress.org/coding-standards/inline-documentation-standards/php/#5-inline-comments.

Follow-up to [56174], [56175], [56176], [56177], [56178], [56179].

Props costdev, audrasjb.
See #58459.



Built from https://develop.svn.wordpress.org/trunk@56180


git-svn-id: http://core.svn.wordpress.org/trunk@55692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-09 21:48:22 +00:00
Sergey Biryukov 1ce5dc7444 Code Modernization: Replace usage of `strpos()` with `str_contains()`.
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).

WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].

Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes #58206.
Built from https://develop.svn.wordpress.org/trunk@55988


git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-22 14:36:26 +00:00
John Blackbourn a714bc03ee Docs: Various corrections and improvements to inline docs and docblocks.
See #57840

Built from https://develop.svn.wordpress.org/trunk@55753


git-svn-id: http://core.svn.wordpress.org/trunk@55265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-12 21:35:21 +00:00
audrasjb fa3ed002e1 Docs: Use third-person singular verbs for function descriptions in the Feed API, as per docblock standards.
See #55646.

Built from https://develop.svn.wordpress.org/trunk@53539


git-svn-id: http://core.svn.wordpress.org/trunk@53128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-06-20 21:46:16 +00:00
Sergey Biryukov 63ea8284a3 Docs: Miscellaneous DocBlock corrections.
See #52628.
Built from https://develop.svn.wordpress.org/trunk@50916


git-svn-id: http://core.svn.wordpress.org/trunk@50525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-15 17:38:05 +00:00
Sergey Biryukov 4446e597a7 Feeds: Register transient feed cache handler using the recommended method for SimplePie 1.3 or later.
This fixes a "Non-static method cannot be called statically" fatal error when calling `fetch_feed()` on PHP 8.

Follow-up to [21644], [21652], [22366], [22599].

Props dd32, afragen, Senning, markoheijnen, ComputerGuru, useStrict, Ipstenu, nacin, l3rady, HoaSi, NathanAtmoz, fabifott, jfoulquier, thefarlilacfield, subscriptiongroup, rogerlos, Mte90, mopsyd, dossy, stulab, MadtownLems, roikles, justlevine, joostdevalk, OptimizingMatters, hellofromTonya, bph, ayeshrajans, SergeyBiryukov.
Fixes #29204.
Built from https://develop.svn.wordpress.org/trunk@49565


git-svn-id: http://core.svn.wordpress.org/trunk@49303 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-12 14:36:10 +00:00
Sergey Biryukov 463644fc6d Coding Standards: Use strict type check for `in_array()` in `wp-includes/feed.php`.
Additionally:
* Correct inline comments per the documentation standards.
* Correct the `@ticket` reference in `tests/feed/atom.php`.

Follow-up to [48429].

See #33591.
Built from https://develop.svn.wordpress.org/trunk@48435


git-svn-id: http://core.svn.wordpress.org/trunk@48204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-11 12:14:06 +00:00
whyisjake f06e883d01 Feeds: Ensure that enclosures produce valid XML.
Metadata that is stored on newlines has the possibility of missing values, so rather then coercing values, we can check for them and then implicity set the values.

Fixes #33591.
Props jonnybot, stevenkword, vtieu, birgire, SergeyBiryukov, davidbaumwald, rebasaurus, whyisjake.


Built from https://develop.svn.wordpress.org/trunk@48429


git-svn-id: http://core.svn.wordpress.org/trunk@48198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-10 22:23:04 +00:00
Sergey Biryukov f14f0c1ddf XML-RPC: Explicitly unset the reference to the parser resource after calling `xml_parser_free()` to avoid memory leaks in PHP 7.0.0 or higher.
Props procifer, ayeshrajans.
Fixes #49700.
Built from https://develop.svn.wordpress.org/trunk@48322


git-svn-id: http://core.svn.wordpress.org/trunk@48091 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-05 15:22:01 +00:00
Sergey Biryukov 00a40b1ef2 Docs: Capitalize "ID", when referring to a user ID, term ID, etc. in a more consistent way.
Follow-up to [48104]

See #49572.
Built from https://develop.svn.wordpress.org/trunk@48200


git-svn-id: http://core.svn.wordpress.org/trunk@47969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-28 14:09:04 +00:00
Sergey Biryukov 3336009e34 Docs: Replace "html" and "xhtml" instances in DocBlocks and comments with "HTML" and "XHTML".
This ensures consistent capitalization where appropriate.

Props navidos, desrosj.
Fixes #50473.
Built from https://develop.svn.wordpress.org/trunk@48199


git-svn-id: http://core.svn.wordpress.org/trunk@47968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-28 14:02:06 +00:00
Sergey Biryukov de59ad23a4 Docs: Consistently include an empty line between `@since` tag and `@see`, `@link`, or `@global`, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48067


git-svn-id: http://core.svn.wordpress.org/trunk@47834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 21:07:14 +00:00
Sergey Biryukov 7932193708 Coding Standards: Use strict comparison where static strings are involved.
This reduces the number of `WordPress.PHP.StrictComparisons.LooseComparison` issues in half, from 1897 to 890.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47808


git-svn-id: http://core.svn.wordpress.org/trunk@47584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-16 18:42:12 +00:00
Sergey Biryukov ced8fb20a1 Code Modernization: Remove error suppression from `parse_url()` calls.
Previously, the `@` operator was used to prevent possible warnings emitted by `parse_url()` in PHP < 5.3.3 when URL parsing failed.

Now that the minimum version of PHP required by WordPress is 5.6.20, this is no longer needed.

Props netpassprodsr, Howdy_McGee.
Fixes #49980. See #24780.
Built from https://develop.svn.wordpress.org/trunk@47617


git-svn-id: http://core.svn.wordpress.org/trunk@47392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-24 07:28:10 +00:00
John Blackbourn 056dad9c2c Docs: Use more specific types in parameter descriptions in place of `mixed`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47397


git-svn-id: http://core.svn.wordpress.org/trunk@47184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-01 10:38:07 +00:00
Sergey Biryukov 641c632b0c Coding Standards: Use Yoda conditions where appropriate.
See #49222.
Built from https://develop.svn.wordpress.org/trunk@47219


git-svn-id: http://core.svn.wordpress.org/trunk@47019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-09 16:55:09 +00:00
Sergey Biryukov 47ed56f38f Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant.
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.

This commit also includes:

* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
 * `wp-admin/admin-header.php`
 * `wp-admin/admin-footer.php`
 * `wp-includes/version.php`

Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes #48082.
Built from https://develop.svn.wordpress.org/trunk@47198


git-svn-id: http://core.svn.wordpress.org/trunk@46998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-06 06:33:11 +00:00
Sergey Biryukov 001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov dd4d98a368 Docs: In various `@return` tags, list the expected type first, instead of `false`.
Follow-up to [46696].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47060


git-svn-id: http://core.svn.wordpress.org/trunk@46860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-11 18:32:05 +00:00
Sergey Biryukov da041582df Date/Time: Ensure that `get_feed_build_date()` correctly handles a modified post object with invalid date.
* Clarify in the documentation that the function returns `false` on failure.
* Consistently pass the return value through the `get_feed_build_date` filter.

Props Rarst, dd32, azaozz, tellyworth.
Fixes #48957.
Built from https://develop.svn.wordpress.org/trunk@46974


git-svn-id: http://core.svn.wordpress.org/trunk@46774 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-17 20:43:03 +00:00
John Blackbourn f93ee2ca76 Docs: Increase the specificity of various docblock parameter types and return types.
See #48303
Built from https://develop.svn.wordpress.org/trunk@46823


git-svn-id: http://core.svn.wordpress.org/trunk@46623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-06 22:43:04 +00:00
Sergey Biryukov 882be65f94 Date/Time: Correct the time format in `get_feed_build_date()` to use 24-hour format.
Follow-up to [46756].

See #48675.
Built from https://develop.svn.wordpress.org/trunk@46757


git-svn-id: http://core.svn.wordpress.org/trunk@46557 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-21 16:27:03 +00:00
Sergey Biryukov d13ce45ff6 Date/Time: Remove `mysql2date()` usage in `get_feed_build_date()` to ensure the output includes correct timezone offset.
With the changes in [45908], `mysql2date()` works correctly for all local time inputs, but should not be used for UTC time inputs.

Add a unit test.

Props Rarst, lisota.
Fixes #48675.
Built from https://develop.svn.wordpress.org/trunk@46756


git-svn-id: http://core.svn.wordpress.org/trunk@46556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-21 13:18:00 +00:00
Sergey Biryukov 4ec53dc54c Docs: Remove incorrect `@return` tags.
Props diddledan.
Fixes #48613, #48614.
Built from https://develop.svn.wordpress.org/trunk@46732


git-svn-id: http://core.svn.wordpress.org/trunk@46532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-14 09:57:03 +00:00
Sergey Biryukov 3d623995a8 Docs: In various `@return` tags, list the expected type first, instead of `WP_Error`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@46696


git-svn-id: http://core.svn.wordpress.org/trunk@46496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-11 02:43:03 +00:00
Sergey Biryukov e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation.
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
Gary Pendergast 12aa773802 Feeds: Introduce the `get_self_link()` function.
Corresponds to the `self_link()` template function.

This matches other feed template functions, using one function to get the value, and a different function to echo it.

Props jojotjebaby, mobeen-abdullah, donmhico, audrasjb, dshanske.
Fixes #44838.


Built from https://develop.svn.wordpress.org/trunk@45772


git-svn-id: http://core.svn.wordpress.org/trunk@45583 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-09 01:31:56 +00:00
Sergey Biryukov d5fc1647c0 Feeds: Escape `&` characters in `atom_site_icon()` for XML, for consistency with `rss2_site_icon()`.
Props abhijitrakas, shawfactor.
Fixes #47482.
Built from https://develop.svn.wordpress.org/trunk@45753


git-svn-id: http://core.svn.wordpress.org/trunk@45564 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-05 13:15:56 +00:00
Sergey Biryukov 7f7480cb2a Docs: Add missing description for `$wp_query` and `$wp_the_query` globals.
Props mukesh27.
See #45604, #47110.
Built from https://develop.svn.wordpress.org/trunk@45739


git-svn-id: http://core.svn.wordpress.org/trunk@45550 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-04 01:59:56 +00:00
Gary Pendergast abcbee954f Coding Standards: Fix instances of `WordPress.PHP.NoSilencedErrors.Discouraged`.
Noteable changes:
- The `magic_quotes_runtime` and `magic_quotes_sybase` settings were removed in PHP 5.4, so no longer need to be set.
- Some functions that use external libraries can generate errors that can't be tested for, so are globally allowed to silence errors.
- Quite a few functions would cause errors if `safe_mode` was set. This setting was removed in PHP 5.4.
- Only a handful of `header()` calls needed corresponding `headers_sent()` checks for unit tests to pass, but more may need to be added as the nightlies builds are tested.

See #46732.

Built from https://develop.svn.wordpress.org/trunk@45611


git-svn-id: http://core.svn.wordpress.org/trunk@45422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-09 05:45:58 +00:00
desrosj ee92fc277c Feeds: Ensure a feed’s `<lastBuildDate>` has the correct date.
The maximum modified time for a is currently being determined after an arbitrary date format is applied. Because the string sort in `max()` is being used to return the highest (most recent) modified value, the incorrect date is sometimes returned. This was introduced in [45247].

Props onlanka, Rarsr, mukesh27.
Fixes #47304.
Built from https://develop.svn.wordpress.org/trunk@45367


git-svn-id: http://core.svn.wordpress.org/trunk@45178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-20 14:43:02 +00:00
Adam Silverstein b287642342 Feeds: improve structure and naming of feed build date helper function.
Simplify overall code structure by passing the required format to the helper function.
Clarify functionality by renaming `get_last_build_date` to `get_feed_build_date`.

Props pento, spacedmonkey.
Fixes #4575.


Built from https://develop.svn.wordpress.org/trunk@45247


git-svn-id: http://core.svn.wordpress.org/trunk@45056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-18 17:08:52 +00:00
Adam Silverstein 4268033aaf Feeds: ensure build/update date matches current query.
Displaying the correct build date in feeds is as important today as it was twelve years ago when this ticket was opened.

Fix an issue where all feeds in WordPress showed the same date for their last build date (the datapoint is `lastBuildDate`, `updated` or `dc:date` depending on the feed type). 

Introduce a new `get_last_build_date` filter to adjust the date used for `lastBuildDate`. Developers who previously filtered `get_lastcommentmodified` to alter feed dates should use this filter instead.

* `get_last_build_date` extracts the latest post (or comment) in the current WP_Query object.
* In all feed templates, use `get_last_build_date` vs `get_lastpostmodified( 'GMT' );`.

Props stevenkword, spacedmonkey, ryanshoover, mauteri, nacin, jorbin, MikeNGarrett, Denis-de-Bernardy, peaceablewhale.
Fixes #4575.


Built from https://develop.svn.wordpress.org/trunk@44948


git-svn-id: http://core.svn.wordpress.org/trunk@44779 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-20 20:39:00 +00:00
Sergey Biryukov 7dfcb33d4d Docs: Remove erroneous zero-width space before URL in `fetch_feed()` DocBlock.
Props coffee2code.
Fixes #42951. See #meta3212.
Built from https://develop.svn.wordpress.org/trunk@42414


git-svn-id: http://core.svn.wordpress.org/trunk@42245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-21 02:40:54 +00:00
Gary Pendergast aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
John Blackbourn f1de7e42df Hardening: Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds.
Built from https://develop.svn.wordpress.org/trunk@42260


git-svn-id: http://core.svn.wordpress.org/trunk@42089 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-29 15:56:48 +00:00
John Blackbourn 9fdbe6538e Docs: Remove `&` prefixes from parameter documentation to avoid doc parsing errors.
Props sudar for the original patch.

See #35974

Built from https://develop.svn.wordpress.org/trunk@41686


git-svn-id: http://core.svn.wordpress.org/trunk@41520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 22:03:33 +00:00
Ryan McCue 952b6873e7 Feeds: Don't override the Content-Type header inside fetc_feed()
SimplePie can set the Content-Type header automatically with the correct charset for convenience, but we already force the charset to match the site's, making it redundant at best. At worst, SimplePie incorrectly overrides the content-type for non-HTML content (such as API requests).

Props dlh, stevenkword.
Fixes #39066.

Built from https://develop.svn.wordpress.org/trunk@39681


git-svn-id: http://core.svn.wordpress.org/trunk@39621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-05 03:06:42 +00:00
Gary Pendergast b21d1cb6e6 General: Check to see that the PHP-XML module is enabled before using XML functions.
There are a handful of places where we don't check that the XML functions exist before we use them. Ubuntu's PHP 7 packages don't include PHP-XML by default, increasing the chance of this causing issues.

Props kraftbj, markoheijnen.
Fixes #37122.


Built from https://develop.svn.wordpress.org/trunk@38883


git-svn-id: http://core.svn.wordpress.org/trunk@38826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-24 04:45:31 +00:00
Scott Taylor a3ffebce30 Bootstrap: do not go gentle into that good night r38411, r38412, and parts of r38389.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38470


git-svn-id: http://core.svn.wordpress.org/trunk@38411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 16:31:29 +00:00
Scott Taylor 390ceba6c7 Bootstrap: after r38409 and r38410, revert r38402 which reverted r38399.
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38411


git-svn-id: http://core.svn.wordpress.org/trunk@38352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 22:32:37 +00:00
Dion Hulse 0e31a46161 Bootstrap: Revert [38399] as it's broken `/build/` and subsequently core.svn.wordpress.org.
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.

See #36335

Built from https://develop.svn.wordpress.org/trunk@38402


git-svn-id: http://core.svn.wordpress.org/trunk@38343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 14:37:32 +00:00
Scott Taylor 6a529648cf Bootstrap: Autoload classes using a Composer-generated PHP 5.2-compatible Autoloader.
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.

The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php

We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php

When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.

The future is now.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38399


git-svn-id: http://core.svn.wordpress.org/trunk@38340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 09:15:29 +00:00