This adds a new function `wp_get_image_mime()` which is used by
`wp_check_filetype_and_ext()` to validate image files using
`exif_imagetype()` if available instead of `getimagesize()`.
`getimagesize()` is less performant than `exif_imagetype()` and is
dependent on GD. If `exif_imagetype()` is not available, it falls back to
`getimagesize()` as before.
If `wp_check_filetype_and_ext()` can't validate the filetype, we now return
`false` for ext/MIME values.
Merges [39831] to the 4.7 branch.
Built from https://develop.svn.wordpress.org/branches/4.7@39832
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39770 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When installing and using database-saved salts, wp_create_nonce() causes database errors as wp_salt() attempts to insert into the not-yet-created options table. Since authentication isn't available during installation, we can safely skip creating a nonce.
Props nullvariable, pento, dd32, rmccue.
Merges [39684] to the 4.7 branch.
Fixes#39047.
Built from https://develop.svn.wordpress.org/branches/4.7@39697
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39637 1a063a9b-81f0-0310-95a4-ce76da25c4cd
SimplePie can set the Content-Type header automatically with the correct charset for convenience, but we already force the charset to match the site's, making it redundant at best. At worst, SimplePie incorrectly overrides the content-type for non-HTML content (such as API requests).
Props dlh, stevenkword, rmccue.
Merges [39681] to the 4.7 branch.
Fixes#39066.
Built from https://develop.svn.wordpress.org/branches/4.7@39683
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[38740] incorrectly introduced logic that changed a comment's page when
'comment_order' was set to 'desc'. This is in violation of the design
of the comment pagination system: a comment's page is designed not to
change when 'comment_order' or 'default_comment_page' are changed.
See #31101.
Merges [39663] to the 4.7 branch.
Props rachelbaker.
Fixes#39280.
Built from https://develop.svn.wordpress.org/branches/4.7@39664
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also fix logic for `focus-control-for-setting` handler to focus on the first control (lowest `priority` value) associated with a given setting instead of the last control encountered when iterating over all controls, as this ensures the first control in a `nav_menu` section is focused rather than the last one.
Props westonruter, sirbrillig.
See #27403.
Merges [39622] to the 4.7 branch.
Fixes#39101.
Built from https://develop.svn.wordpress.org/branches/4.7@39653
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This addresses a major bug. Incorrectly setting the `$content_width` causes media embeds to end up with the wrong aspect ratio, among other issues. This fix uses `template_redirect`, to ensure conditional theme tags can be used. It also defines a default value at `after_theme_setup` so that plugins have something to work with at `init`.
Props sstoqnov, laurelfulford, obenland.
Merges [39635] to the 4.7 branch.
Fixes#39272.
Built from https://develop.svn.wordpress.org/branches/4.7@39650
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The logic in WP_REST_Request->sanitize_params() added in [39091] did not account for `null` or `false` being the sanitization_callback preventing overriding `rest_parse_request_arg()`. This fixes that oversight, allowing the built in sanitization function to be bypassed. See #38593.
Merges [39563] to the 4.7 branch.
Props kkoppenhaver, rachelbaker, jnylen0.
Fixes#39042.
Built from https://develop.svn.wordpress.org/branches/4.7@39642
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduced in [38674], the wp_update_comment_data filter took place after the $data was sliced and prepared for the database update statement. The location of the filter assumed the result of anyone applying it would not change the data type or make structural modifications or additions to the $data array. 😅
This moves the wp_update_comment_data filter to take place before the $data is sliced and prepared for the database update statement.
Merges [39640] to the 4.7 branch.
Props dshanske for initial patch.
Fixes#39380.
Built from https://develop.svn.wordpress.org/branches/4.7@39641
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `rest_{$taxonomy}_collection_params` filter in 4.7 is incorrectly using single quotes instead of double quotes, which means it is not working correctly as a dynamic filter. This fixes the quotes around the filter name, and also updates the docblocks for the other 3 similar filters for better conformance to the documentation standards.
Merge of [39621] to the 4.7 branch.
Props shazahm1hotmailcom, JPry, jnylen0.
Fixes#39300.
Built from https://develop.svn.wordpress.org/branches/4.7@39631
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If `add_theme_support( 'post-formats' )` is called with no additional arguments, then `get_theme_support( 'post-formats' )` returns `true` rather than an array of supported formats. Avoid generating PHP warnings in this situation.
Merge of [39620] to the 4.7 branch.
Props dreamon11, ChopinBach.
Fixes#39293.
Built from https://develop.svn.wordpress.org/branches/4.7@39630
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [38625], the functionality to search for attachments by filename was added via the `posts_clauses` filter and the `_filter_query_attachment_filenames()` function. This moves `_filter_query_attachment_filenames()` from `wp-admin/includes/post.php` to `wp-includes/post.php` so that it can be applied in the same manner in the REST API media endpoint.
Merge of [39598] to the 4.7 branch.
Props jblz, tyxla.
Fixes#39092.
Built from https://develop.svn.wordpress.org/branches/4.7@39629
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When plugins don't disable the `backupGlobals` PHPUnit option in their own tests, `$wpdb` is backed up and restored between classes of tests. The serialisation process used for this broke the database connection. This previously wasn't a problem, as it was reconnecting before each test.
[38398] introduced some changes that required the connection to be available in `setUpBeforeClass()`, earlier than in was previously reconnecting. This didn't cause warnings in Core, but it did cause warnings for plugins that don't disable the `backupGlobals` option.
The database connection now reconnects in `setUpBeforeClass()`. This change also fixes a few Core tests that weren't calling `parent::setUpBeforeClass()` or `parent::tearDown()` correctly.
Merges [39626] to the 4.7 branch.
Fixes#39327.
Built from https://develop.svn.wordpress.org/branches/4.7@39627
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It's fairly common for clients to send `Content-Type: application/json` with an
empty body. While technically not valid JSON, we've historically supported
this behaviour, so it shouldn't cause an error.
Props JPry, jnylen0.
Merges [39594] to the 4.7 branch.
Fixes#39150.
Built from https://develop.svn.wordpress.org/branches/4.7@39609
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Correct setup for the `model` attribute of `wp.api.collections` objects. Set the collection model as a function that returns a new model of the underlying type, instead of setting it as the model prototype. Fixes an issue where models for fetched collections weren't set up properly and didn't have the expected mixin methods such as `getCategories` available.
Props jesseenterprises.
Merges [39603] to the 4.7 branch.
Fixes#39070.
Built from https://develop.svn.wordpress.org/branches/4.7@39604
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Extend the check in 'rest_allow_anonymous_comments' to accept any falsy value (previously this was an explicit check for `false`).
One possible failure case is that a plugin developer forgets to include a return value for some code path in their callback for this filter, leading to a value of null which is currently treated like `true`.
Props joehoyle, jnylen0.
Merges [39487] to the 4.7 branch.
Fixes#39010.
Built from https://develop.svn.wordpress.org/branches/4.7@39566
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds `srcset` and `sizes` to the about page images, including
art direction, via `<picture>` for the lead Twenty Seventeen image.
This also replaces URLs for all images and feature videos to their
CDN locations on s.w.org.
Props helen, pento, joemcgill.
Fixes#38616 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39515
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39455 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The ultimate `post_name` is stored in postmeta until the post is published. The `get_page_by_path()` function does not exclude `auto-draft` posts. Revert changes to `wp_unique_post_slug()` from [39411] which excluded `auto-draft` posts.
Props westonruter, dlh for testing, helen for testing.
Merges [39506] onto 4.7 branch.
Fixes#39078 for 4.7.
Built from https://develop.svn.wordpress.org/branches/4.7@39507
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the theme's CSS feature query for `object-fit` overrode styles it shouldn't have on interior pages.
This moves the feature query farther down in the stylesheet so it takes precedence in the cascade in supported browsers, and applies the appropriate selector for the interior pages. In browsers that don't support feature queries or `object-fit`, the fallback styles are still applied. The problem was that the rules had the same specificity, so this way, the cascade takes over properly. The transforms and position changes for fallbacks are still needed in browsers that don't support `object-fit` and feature queries.
Merge of [39495] to the 4.7 branch.
Props peterwilsoncc, davidakennedy.
See #39073.
Built from https://develop.svn.wordpress.org/branches/4.7@39497
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The theme uses a hack to help the video header and header image fill the available space. This centers around `max-width: 1000%;`. It causes visual issues (zooming of the header video or image) for all users though.
This fixes that with CSS Features Queries. The hack remains for browsers that don't support Feature Queries and `object-fit`. Browsers that do support both get a better experience with a more reliable styling of the video and image header container.
Props laurelfulford, peterwilsoncc.
Fixes#39035 for the 4.7 branch.
Built from https://develop.svn.wordpress.org/branches/4.7@39485
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `siteurl` setting is registered and made available to the REST API. On a multisite installation, this setting is not configurable from the General Settings screen, but due to the above it is configurable from the REST API.
Merge of [39468] to the 4.7 branch.
Props peterwilsoncc.
Fixes#39005.
Built from https://develop.svn.wordpress.org/branches/4.7@39469
git-svn-id: http://core.svn.wordpress.org/branches/4.7@39409 1a063a9b-81f0-0310-95a4-ce76da25c4cd