Events for updating exist, but they lack context. This adds args so that plugins can detec t what plugin/theme is being installed. Additionally, events for bulk actions, deleting and that and install is starting didn't exist, so this adds them.
Fixes#37512.
Props DavidAnderson, and ocean90, swissspidy for review.
Built from https://develop.svn.wordpress.org/trunk@38175
git-svn-id: http://core.svn.wordpress.org/trunk@38116 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since [37221] the upload form is added to every plugin install screen via `install_plugins_upload()`. Previously the form was added through the `install_plugins_upload` (alias of `install_plugins_$tab`) action which allowed plugin authors to replace the form. This restores the previous behaviour.
* Add the form only to non-upload plugin install screens.
* Replace `install_plugins_upload()` with the `install_plugins_upload` and `install_plugins_pre_upload` actions.
* Remove `$upload_tab_class` and add a CSS class for the current tab to `.wrap`
* Adjust CSS selectors and toggle the whole container to support upload without an `upload-plugin` class.
Props DavidAnderson, ocean90.
Fixes#37495.
Built from https://develop.svn.wordpress.org/trunk@38172
git-svn-id: http://core.svn.wordpress.org/trunk@38113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Selective refresh will not be available for widgets when they lack these params, so previewing will fallback to full page refreshes. Sidebars registered as such should be rare so this accounts for an edge case.
Fixes#37478.
Built from https://develop.svn.wordpress.org/trunk@38166
git-svn-id: http://core.svn.wordpress.org/trunk@38107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Requests defaults to _GET/query for HEAD/GET/DELETE and _POST/body for POST/PUT/OPTIONS/PATCH. For backward compatibility `WP_HTTP` needs to force `data_format` to 'body' for all non-GET/HEAD requests.
Props dd32.
Fixes#37456.
Built from https://develop.svn.wordpress.org/trunk@38165
git-svn-id: http://core.svn.wordpress.org/trunk@38106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Requests has its own cookie object in form of `Requests_Cookie`. Therefore we have to convert `WP_Http_Cookie` objects to `Requests_Cookie`.
This introduces `WP_Http_Cookie::get_attributes()` to retrieve cookie attributes of a `WP_Http_Cookie` object and `WP_Http::normalize_cookies()` to convert the cookie objects.
Fixes#37437.
Built from https://develop.svn.wordpress.org/trunk@38164
git-svn-id: http://core.svn.wordpress.org/trunk@38105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Add the `wpview-wrap` class and pass third param to the getNodes() callback for back-compat.
- Attach the mutation observer that resizes a view iframe inside the iframe to minimize memory use/leaks.
- Remove the `wp-mce-view-unbind` event. It has never been particularly reliable and now it doesn't fire when the user deletes a view by typing or pasting over it.
- Restore changing of a view iframe body classes when the editor body classes change.
Props iseulde, azaozz.
Fixes#36434.
Built from https://develop.svn.wordpress.org/trunk@38158
git-svn-id: http://core.svn.wordpress.org/trunk@38099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Under certain conditions upgrades on Windows may fail because `wp_tempnam()` gets called in a loop.
This can happen when `wp_tempnam()` is called with `\.maintenance` for the `$filename` parameter. The function strips the extension, in this case `.maintenance`, which results in an empty filename. Because it's empty, `wp_tempnam()` calls itself with `dirname( '\.maintenance' )`. On *nix systems this would be `"/"` which allows `wp_tempnam()` to fall back on `time()`. But on Windows it's `"\"`.
This change adds the backslash to the list of characters which allow `wp_tempnam()` to fall back on `time()`.
See [32322], [31936].
Fixes#33999.
Built from https://develop.svn.wordpress.org/trunk@38151
git-svn-id: http://core.svn.wordpress.org/trunk@38092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update DocBlock to use third-person singular verb and to include a period at the end.
* Use `submit_button()` for the submit button.
* Escape the ID attribute.
* Apply the same to `WP_List_Table::search_box()`.
See #37230.
Built from https://develop.svn.wordpress.org/trunk@38146
git-svn-id: http://core.svn.wordpress.org/trunk@38087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`$context` is a full path to the directory that is tested for being writable. A path shouldn't be a boolean value.
This also updates `WP_Upgrader_Skin::request_filesystem_credentials()` and `Automatic_Upgrader_Skin::request_filesystem_credentials()` and adds missing docs.
Props DrewAPicture, ocean90.
Fixes#37412.
Built from https://develop.svn.wordpress.org/trunk@38138
git-svn-id: http://core.svn.wordpress.org/trunk@38079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Rename the `$post_type` parameter to `$box` for clarity and consistency with other meta box functions.
* Make the docs more consistent with `post_format_meta_box()` and other meta box functions.
* Correct type and description for the third argument of `nav_menu_items_{$post_type_name}_recent` filter.
See #37211.
Built from https://develop.svn.wordpress.org/trunk@38129
git-svn-id: http://core.svn.wordpress.org/trunk@38070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `preconnect` will be potentially pretty heavy on the CDN. With the Unicode 9.0 emoji update, almost all browsers will trigger the `preconnect`.
* `preconnect` only opens one connection, but `s.w.org` is HTTP/1.1, so the browser will use the preconnected connection for the first emoji, then it has to open new connections for subsequent emoji.
Also use the same URL as we use for the `emoji_svg_url` filter. This will print the hint for the correct CDN in case someone uses a custom CDN.
Props peterwilsoncc.
Fixes#37387.
Built from https://develop.svn.wordpress.org/trunk@38122
git-svn-id: http://core.svn.wordpress.org/trunk@38063 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, changing the post thumbnail of a published post in the edit screen
would immediately apply the change, rather than waiting for the post to be
saved before applying the update. This could lead to someone unintentionally
editing the post thumbnail on a published post, and made it impossible to
preview changes to post thumbnails on published posts before saving the change.
This introduces a new Ajax handler, `wp_ajax_get_post_thumbnail_html()` to
retrieve the HTML for the post thumbnail meta box without updating the post
meta value for `_thumbnail_id`. It also allows post thumbnail changes to be
previewed by passing the `_thumbnail_id` as a query variable to the preview
screen and adding a new filter, `_wp_preview_post_thumbnail_filter()`, which
gets applied to `get_post_metadata` during the post preview process.
Props flixos90.
Fixes#12922.
Built from https://develop.svn.wordpress.org/trunk@38118
git-svn-id: http://core.svn.wordpress.org/trunk@38059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is a follow up to [38065] to ensure that `wp.html.string()` always
converts empty `alt` attributes to `alt=""` rather than returning HTML using
empty attribute notation, like `alt`. This allows screen readers to ignore
images with empty `alt` attributes, rather than reading out the URL string.
Additionally this completely removes the logic in `wp.html.string()` for
converting blank attributes to empty attribute notation since empty attribute
notation is generally meant to denote a boolean value, e.g.,
`checked` == `checked="checked"`, which doesn't apply in this context because
boolean attributes must be omitted in order to represent a `false` value.
See: https://www.w3.org/TR/html5/infrastructure.html#boolean-attributes
Props adamsilverstein, afineman, joemcgill.
Fixes#36735.
Built from https://develop.svn.wordpress.org/trunk@38116
git-svn-id: http://core.svn.wordpress.org/trunk@38057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While messages passed to `wp.speak.a11y()` should preferably be meaningful,
short, and carefully crafted case by case, this will ensure any HTML tags will
be stripped out from the message string.
Props adamsilverstein.
Fixes#37382.
Built from https://develop.svn.wordpress.org/trunk@38115
git-svn-id: http://core.svn.wordpress.org/trunk@38056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `IMAGE_EDIT_OVERWRITE` is set to true, edited image files are
supposed to be deleted when an image is restored to the original.
However, when an image was edited more than once, and then restored,
files created during previous edits were left behind.
Fixes this behavior by updating `wp_save_image()` to clean up
leftover images after each edit when `IMAGE_EDIT_OVERWRITE` is true.
Props bradt, chriscct7, joemcgill.
Fixes#32171.
Built from https://develop.svn.wordpress.org/trunk@38113
git-svn-id: http://core.svn.wordpress.org/trunk@38054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Externally hosted script and style dependencies trigger `dns-prefetch` hinting only when enqueued. This removed a bug in which hinting was added on registration.
Renames the function `wp_resource_hints_scripts_styles` to `wp_dependencies_unique_hosts` as the function provides the hosts, not the hinting.
Props swissspidy.
Fixes#37385.
Built from https://develop.svn.wordpress.org/trunk@38100
git-svn-id: http://core.svn.wordpress.org/trunk@38041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to the introduction of `WP_Term_Query`, the 'orderby' clause
passed to the 'terms_clauses' filter was prefixed by `ORDER BY`. After
`WP_Term_Query`, this was not the case; `ORDER BY` was added after the
filter. As such, plugins filtering 'terms_clauses' and returning an
'orderby' clause beginning with `ORDER BY` resulted in invalid syntax
when `WP_Term_Query` prepended a second `ORDER BY` keyword to
the clause.
This changeset rearranges the way the 'orderby' clause is built so that
it will be passed to 'terms_clauses' in the previous format.
Fixes#37378.
Built from https://develop.svn.wordpress.org/trunk@38099
git-svn-id: http://core.svn.wordpress.org/trunk@38040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Registration is now based solely on object type, which allows the code around this to be simplified significantly.
In the process of making this adjustment:
* `register_meta()`, `unregister_meta_key()`, `get_registered_metadata()`, and `registered_meta_key_exists()` no longer return `WP_Error` objects.
* The recently introduced `wp_object_type_exists()` function and the restriction on object type has been removed.
Note: No guarantee of uniqueness is made across object subtypes. Registered meta keys should be uniquely prefixed to avoid conflict.
Fixes#35658.
Built from https://develop.svn.wordpress.org/trunk@38095
git-svn-id: http://core.svn.wordpress.org/trunk@38036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Both list tables provide different actions based on where they are loaded, regular admin or network admin. Since there is only one Ajax handler for both screens we have to set the current screen before using the list tables.
Props swissspidy, ocean90.
Fixes#37373.
Built from https://develop.svn.wordpress.org/trunk@38091
git-svn-id: http://core.svn.wordpress.org/trunk@38032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This includes a new test in the emoji loader, to see if the browser supports rendering Unicode 9.0 emoji, as well as an update to `twemoji.js`, to load Unicode 9.0 twemoji images.
The default CDN location for loading Twemoji images has changed, moving to a versioned subdirectory. This allows updates without needing to purge the CDN.
Fixes#37361.
Built from https://develop.svn.wordpress.org/trunk@38087
git-svn-id: http://core.svn.wordpress.org/trunk@38028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `$size` is passed to `image_get_intermediate_size()` as an array of width
and height values and an exact image size matching those values isn't available,
the function loops through the available attachment sizes and returns the
smallest image larger than the requested dimensions with the same aspect ratio.
The aspect ratio check is skipped for the 'thumbnail' size to provide a fallback
for small sizes when no other image option is available. This resulted in a poor
selection when the size requested was smaller than the 'thumbnail' dimensions
but a larger size matching the requested ratio existed.
This refactors the internals of `image_get_intermediate_size()` to ensure the
'thumbnail' size is only returned as a fallback to small sizes once all other
options have been considered, and makes the control flow easier to follow.
This also introduces a new helper function, `wp_image_matches_ratio()` for
testing whether the aspect ratios of two sets of dimensions match. This function
is also now used in `wp_calculate_image_srcset()` during the selection process.
Props flixos, joemcgill.
Fixes#34384, #34980.
Built from https://develop.svn.wordpress.org/trunk@38086
git-svn-id: http://core.svn.wordpress.org/trunk@38027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improves the `containFocus()` function to always get the correct first and last
focusable elements, even when the theme browser shows the active theme details.
Also, when on the first and last theme, adds a `disabled` attribute on the
previous and next navigation buttons to make them not focusable.
Fixes#37383.
Built from https://develop.svn.wordpress.org/trunk@38084
git-svn-id: http://core.svn.wordpress.org/trunk@38025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Remove title attributes.
* Show "Install Now" and "Details" links if the importer isn't installed yet.
* Show a "Run Importer" link if the importer is installed. It also handles activation if the plugin isn't activated.
* Add `aria-label` attributes to each link.
* Unify the importer descriptions to make them independent from the plugin state. The API was changed in [meta3690].
* Adjust JavaScript callbacks for ajaxified importer installs.
Props afercia, swissspidy, ocean90.
See #24766.
Fixes#35191.
Built from https://develop.svn.wordpress.org/trunk@38075
git-svn-id: http://core.svn.wordpress.org/trunk@38016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[36874] changed the `get_term()` call so that no `$taxonomy` parameter
was passed, as 4.4 made the parameter optional. This change made it
impossible to access a shared term that has not yet been splitr, since
passing an ambiguous `$term_id` to `get_term()` results in an error.
Restoring the `$taxonomy` parameter fixes the regression.
Props alleynoah, dlh.
Fixes#37205.
Built from https://develop.svn.wordpress.org/trunk@38069
git-svn-id: http://core.svn.wordpress.org/trunk@38010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, when inserting an image from a URL, leaving the `alt`
field blank in the media modal would result in an image being
inserted into the editor without an `alt` attribute, rather than
an empty `alt`. This happened because the `props.type` would not
get set in `wp.media.string.props()` — because `attachment` is
undefined in this case — causing the image fallbacks to get
skipped.
This fixes the issue by explicitly setting `props.type` to 'image'
in `wp.media.string.image()` before filling out the rest of the
properties.
Props ambrosey, dabnpits.
Fixes#36735.
Built from https://develop.svn.wordpress.org/trunk@38065
git-svn-id: http://core.svn.wordpress.org/trunk@38006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, `wp_mail()` implemented Reply-To as a generic header, using
PHPMailer's `addCustomHeader()`. As such, the email address portion of
the header was being incorrectly encoded when the name portion
contained UTF-8 characters. Switching to PHPMailer's more specific
`addReplyTo()` method fixes the issue.
For greater readability, the handling of all address-related headers
(To, CC, BCC, Reply-To) has been standardized.
Props szepe.viktor, iandunn, bpetty, stephenharris.
Fixes#21659.
Built from https://develop.svn.wordpress.org/trunk@38058
git-svn-id: http://core.svn.wordpress.org/trunk@37999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_HTTP_Proxy()` is used directly in `WP_Http_Curl()` and `WP_Http_Streams()`. Since `WP_Http::request()` doesn't use them anymore we have to move the proxy handling into `WP_Http::request()` so the proxy data can be passed to `Requests::request()`.
Props rmccue.
See #33055.
Fixes#37107.
Built from https://develop.svn.wordpress.org/trunk@38054
git-svn-id: http://core.svn.wordpress.org/trunk@37995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In some cases, images in the media library may contain spaces in
their filenames. This results in an invalid `srcset` attribute,
causing broken images on the front end. This change fixes the issue
by replacing spaces in URLs with URL encoded '%20' characters before
returning the `srcset` string.
Props underdude, joemcgill.
Fixes#36549.
Built from https://develop.svn.wordpress.org/trunk@38052
git-svn-id: http://core.svn.wordpress.org/trunk@37993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use `wp_kses()` to clean comment_content for preg_match against the blacklist_keys. Also includes some initial unit tests for `wp_blacklist_check()`.
Previously, if a blacklisted key was used in comment_content split by an html tag the regex in `wp_blacklist_check()` would not find a match. Example: Where "springfield" was a blacklisted word, if the content of a comment included `spring<i>field</i>" `wp_blacklist_check()` would not return true.
Props cfinke.
Fixes#37208.
Built from https://develop.svn.wordpress.org/trunk@38047
git-svn-id: http://core.svn.wordpress.org/trunk@37988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When using `register_meta()` with the function signature from 4.5 and earlier, the `auth_{$type}_meta_{$key}` and `sanitize_{$type}_meta_{$key}` filters are used. Any calls to `register_meta()` expecting this behavior should continue to work. The new filters, which take advantage of object subtypes, should not be added unless the proper `$args` array is passed.
See #35658.
Built from https://develop.svn.wordpress.org/trunk@38041
git-svn-id: http://core.svn.wordpress.org/trunk@37982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If auth and/or sanitize callbacks are specified in the arguments for
`register_meta()`, filters are added to handle these callbacks. These
should be removed when calling `unregister_meta_key()` to avoid
unintentional filtering.
See #35658.
Built from https://develop.svn.wordpress.org/trunk@38040
git-svn-id: http://core.svn.wordpress.org/trunk@37981 1a063a9b-81f0-0310-95a4-ce76da25c4cd