Commit Graph

36090 Commits

Author SHA1 Message Date
Ryan McCue a911bf7e2c REST API: Avoid default sanitization for polymorphic params.
Some parameters (`title`, `content`, etc) are objects in the output, but allow objects or strings to be sent in updates for a more ergonomic interface. This is pretty weird behaviour, so the default sanitisation doesn't handle this. We instead handle this ourselves in the preparation.

Props joehoyle, rachelbaker.
Fixes #38529.

Built from https://develop.svn.wordpress.org/trunk@39089


git-svn-id: http://core.svn.wordpress.org/trunk@39031 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 06:02:29 +00:00
Gary Pendergast 6f13b8291d Roles: Fix a PHP error introduced in [39082].
The now deprecated `WP_Roles::reinit()` method was trying to call `__deprecated_function()`, instead of `_deprecated_function()`.

See 23016.


Built from https://develop.svn.wordpress.org/trunk@39088


git-svn-id: http://core.svn.wordpress.org/trunk@39030 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 05:55:30 +00:00
Ryan McCue d7bdd72510 REST API: Change method of merging parameters.
`array_merge()` incorrectly reindexes numeric parameters, causing things like `{"123": true}` to be "dropped".

Props sswells, joehoyle.
Fixes #38306.

Built from https://develop.svn.wordpress.org/trunk@39087


git-svn-id: http://core.svn.wordpress.org/trunk@39029 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 05:53:31 +00:00
Helen Hou-Sandí dab566d973 Mail: Set a better error code when triggering `wp_mail_failed`.
This error code is now... wait for it... `wp_mail_failed`. Previously, this would have been the originating PHPMailer error code, which could be `0`, which would then fail (pass?) the `empty()` check in the `WP_Error` constructor, thereby rendering the error object fairly useless. The PHPMailer error code is now located within the `WP_Error` data.

props Kau-Boy, stephenharris.
fixes #35598.

Built from https://develop.svn.wordpress.org/trunk@39086


git-svn-id: http://core.svn.wordpress.org/trunk@39028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 04:27:34 +00:00
Ryan McCue ba039f7546 REST API: Remove the Location redirect for the /users/me endpoint.
This is a re-commit of [38980], which was reverted in [38990].

Props youknowriad, jnylen0, pento.
Fixes #38521.

Built from https://develop.svn.wordpress.org/trunk@39085


git-svn-id: http://core.svn.wordpress.org/trunk@39027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 03:44:30 +00:00
Ryan McCue 08ea66490b REST API: Only expose formats supported by the current theme.
While it's valid to save any format to the database, and WordPress is totally fine with that, we should only include the formats specified by the theme in the schema.

Props danielbachhuber.
Fixes #38610.

Built from https://develop.svn.wordpress.org/trunk@39084


git-svn-id: http://core.svn.wordpress.org/trunk@39026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 03:37:32 +00:00
Gary Pendergast 933d5cf733 Docs: Add the parameter name for the `wp_roles_init` action.
[39082] missed adding the name of the parameter to the docs of the `wp_roles_init` action.

Props johnbillion for the catch.
See #23016.


Built from https://develop.svn.wordpress.org/trunk@39083


git-svn-id: http://core.svn.wordpress.org/trunk@39025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 00:57:31 +00:00
Gary Pendergast e79fa03329 Roles/Capabilities: Add a new `wp_roles_init` filter.
Historically, it's been difficult to extend user roles, but reasonable to work around by waiting until after `init` has fired, to add custom roles and capabilities. With the addition of Locale Switching, Core now potentially loads roles before `init` has fired, leaving a window where custom roles and capabilities are not handled.

The new filter allows plugins to add their own custom roles whenever they're initialised (on page load, or when switching sites, for example), so that they can always be obeyed.

`WP_Roles` has also been tidied up a little bit, to remove duplicate code.

Props johnjamesjacoby, pento.
Fixes #23016.


Built from https://develop.svn.wordpress.org/trunk@39082


git-svn-id: http://core.svn.wordpress.org/trunk@39024 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 00:31:32 +00:00
David A. Kennedy 4b3a9de5b5 Twenty Seventeen: Fix `supportsInlineSVG()` being unnecessarily called twice
* Also, fix spacing inconsistency in comment.

Props tywayne.

Fixes #38556.

Built from https://develop.svn.wordpress.org/trunk@39081


git-svn-id: http://core.svn.wordpress.org/trunk@39023 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 21:24:30 +00:00
Tammie Lister 9cf5aa4381 Twenty Seventeen: Sticky icon fix to stop appearing in regular post flow
The sticky icon was appearing in posts it shouldn't have, not just when stuck. This fixes that.

Props laurelfulford, mageshp, davidakennedy
Fixes #38534


Built from https://develop.svn.wordpress.org/trunk@39080


git-svn-id: http://core.svn.wordpress.org/trunk@39022 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 20:56:30 +00:00
Tammie Lister 2b611c2b1d Twenty Seventeen: Fixes ul inside ol being wrongly ordered.
Now the listing displays correctly.

Props tg29359, Soean, laurelfulford, davidakennedy
Fixes #38515


Built from https://develop.svn.wordpress.org/trunk@39079


git-svn-id: http://core.svn.wordpress.org/trunk@39021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 20:53:30 +00:00
David A. Kennedy 9510f68efa Twenty Seventeen: Update page layout setting for all use cases
* Makes sure the page layout setting also applies to pages, and is not completely hidden from them when a sidebar widget is present. Pages do not have a sidebar, so that was incorrect.
* Updates description in Customizer for brevity and accuracy.
* Applies setting to archive pages as well.
* Updates CSS to reflect changes.

Props celloexpressions, laurelfulford.

Fixes #38538.

Built from https://develop.svn.wordpress.org/trunk@39078


git-svn-id: http://core.svn.wordpress.org/trunk@39020 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 20:40:31 +00:00
Ella Iseulde Van Dorpe feb8ccf3d6 TinyMCE: wptextpattern: Fix undo shortcut for inline patterns
Fixes #37092.


Built from https://develop.svn.wordpress.org/trunk@39077


git-svn-id: http://core.svn.wordpress.org/trunk@39019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 20:34:32 +00:00
Helen Hou-Sandí 2d07c3196e Only set `fresh_site` during an actual fresh install.
props westonruter.
fixes #38533.

Built from https://develop.svn.wordpress.org/trunk@39076


git-svn-id: http://core.svn.wordpress.org/trunk@39018 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 20:16:31 +00:00
Ella Iseulde Van Dorpe 84c108db02 TinyMCE: wptextpattern: Handle unconverted inline patterns
Make sure the right text is matched when it already contains characters of the pattern.
Adds two more unit tests.

Fixes #37693.


Built from https://develop.svn.wordpress.org/trunk@39075


git-svn-id: http://core.svn.wordpress.org/trunk@39017 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 20:06:36 +00:00
John Blackbourn 5c7aa3c5b8 Editor: Correct the description of the parameter passed to the `wp_default_editor` filter.
Props goto10
Fixes #38327

Built from https://develop.svn.wordpress.org/trunk@39074


git-svn-id: http://core.svn.wordpress.org/trunk@39016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 19:56:30 +00:00
David A. Kennedy 906eb80953 Twenty Seventeen: Remove unnecessary l10n variables
* Relies on header skip link instead of l10n variables in JavaScript.
* Fixes issue where scroll down arrow appeared next to the navigation on the front page with no header image or video. It now only appears with a big header.

Props enodekciw, laurelfulford.

Fixes #38502.

Built from https://develop.svn.wordpress.org/trunk@39073


git-svn-id: http://core.svn.wordpress.org/trunk@39015 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 19:00:32 +00:00
David A. Kennedy 3711c0664d Twenty Seventeen: Replace remaining Genericons with Font Awesome icons
* Replaces: icon-pinned with icon-thumb-tack
* Replaces: icon-next with icon-arrow-right
* Replaces: icon-previous with icon-arrow-left
* Replaces: icon-expand with icon-angle-down
* Removes: Path, Polldaddy

Props sami.keijonen, melchoyce, laurelfulford.

Fixes #38488.

Built from https://develop.svn.wordpress.org/trunk@39072


git-svn-id: http://core.svn.wordpress.org/trunk@39014 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 17:26:32 +00:00
Jeremy Felt 04f376e0aa Multisite: Use `get_network()` in `WP_UnitTest_Factory_For_Network`.
`wp_get_network()` was deprecated in 4.6.

Props johnjamesjacoby.
Fixes #38602.

Built from https://develop.svn.wordpress.org/trunk@39071


git-svn-id: http://core.svn.wordpress.org/trunk@39013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 16:52:33 +00:00
John Blackbourn 766ff15532 I18N: Revert [39069] as it needs some more work.
See #38485

Built from https://develop.svn.wordpress.org/trunk@39070


git-svn-id: http://core.svn.wordpress.org/trunk@39012 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 16:07:32 +00:00
Pascal Birchler 8bdd37fc58 I18N: Use the user's locale when loading text domains in the admin.
Leverages `get_user_locale()` in `load_*_textdomain()` and `_load_textdomain_just_in_time()` to always load translations in the user's language when in the admin.

Fixes #38485.
Built from https://develop.svn.wordpress.org/trunk@39069


git-svn-id: http://core.svn.wordpress.org/trunk@39011 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 09:24:29 +00:00
Pascal Birchler 8df80ae3ee I18N: Show available timezones in the user's locale on the settings screen.
Adds a `$locale` parameter to `wp_timezone_choice()` to only reload translations when necessary.

Props yale01.
See #38485.
Built from https://develop.svn.wordpress.org/trunk@39068


git-svn-id: http://core.svn.wordpress.org/trunk@39010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 09:16:31 +00:00
Pascal Birchler d7d8768ffd I18N: Remove unused `$wpdb` global from `get_locale()` after [39005].
Originally added in [38976], but reverted soon after.

Props johnjamesjacoby.
Fixes #38601.
Built from https://develop.svn.wordpress.org/trunk@39067


git-svn-id: http://core.svn.wordpress.org/trunk@39009 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 07:38:31 +00:00
Aaron Jorbin 1aae56f53a Update link in register_meta about 4.6 changes
The blog post, while originally canonical, was later updated to include additional changes. The ticket includes all the changes and alot of rational for why things changed.

Props Mista-Flo, DrewAPicture, morganestes.
Fixes #38254.


Built from https://develop.svn.wordpress.org/trunk@39066


git-svn-id: http://core.svn.wordpress.org/trunk@39008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 06:54:34 +00:00
Dion Hulse 69c9d9222e Themes: Update the unit tests to handle [39064] and #31550.
`test_default_theme_in_default_theme_list()` was always being skipped after #31550, this causes it to once again check that the unit tests are up to date and include the latest default theme.
`test_default_themes_have_textdomain()` didn't play happy when a default theme wasn't installed on a site.

See #31550, #29925, #38551.

Built from https://develop.svn.wordpress.org/trunk@39065


git-svn-id: http://core.svn.wordpress.org/trunk@39007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 03:14:32 +00:00
Dion Hulse 70b1d2071b Upgrade: Install new themes upon upgrade again.
This partially reverts [35738], which has shown to provide a bad user experience for users seeking to experiment with TwentySeventeen.

This will result in TwentySixteen being installed in addition to TwentySeventeen.

See #38551.

Built from https://develop.svn.wordpress.org/trunk@39064


git-svn-id: http://core.svn.wordpress.org/trunk@39006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-01 01:24:35 +00:00
John Blackbourn 0ff0dcc7de Plugins: Correct the `since` docs for the various `plugin_action_links` filters.
Props tfrommen, SergeyBiryukov

Built from https://develop.svn.wordpress.org/trunk@39063


git-svn-id: http://core.svn.wordpress.org/trunk@39005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 19:38:47 +00:00
John Blackbourn babd79fb36 Posts, Post Types: Prevent users from being able to delete a protected meta field from a post.
Previously a user could remove a protected meta field by using their browser developer tools to alter the form field properties in the Custom Fields meta box, given that they know the ID of the protected meta field. This change prevents this by preventing any change to a protected meta field, including changing its key.

Props ajoah, johnbillion, peterwilsoncc
Fixes #38293

Built from https://develop.svn.wordpress.org/trunk@39062


git-svn-id: http://core.svn.wordpress.org/trunk@39004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 19:30:32 +00:00
Joe Hoyle 6ee8f33660 REST API: Sanitize arrays being sent as CSVs.
In #38586 the ability to parse arrays as csv was introduced, however it didn't add any support for validating csv arrays. This adds such sanitization, and also a good amount of unit tests for all sanitization baed off schema.

See #38586.

Built from https://develop.svn.wordpress.org/trunk@39061


git-svn-id: http://core.svn.wordpress.org/trunk@39003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 17:08:31 +00:00
Weston Ruter 1c45ae618c Customize: Ensure state query params persist in preview through calls to `history.pushState()` & `history.replaceState()`.
Allow history to be manipulated before DOM ready by sourcing state params from the current URL instead of from the `wp.customize.settings` object, since they will be the same anyway. This fixes a JS error since `wp.customize.settings` is not defined before DOM ready.

Amends [38810].
See #30937.
Fixes #38592.

Built from https://develop.svn.wordpress.org/trunk@39060


git-svn-id: http://core.svn.wordpress.org/trunk@39002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 16:42:30 +00:00
Andrea Fercia 4356a28b52 Administration: remove a leftover check from get_submit_button.
Props sstoqnov.
Fixes #34891.

Built from https://develop.svn.wordpress.org/trunk@39059


git-svn-id: http://core.svn.wordpress.org/trunk@39001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 16:39:32 +00:00
Joe Hoyle f1591eccca REST API: Add support for "integer" type for meta and options
Previously Settings only supported "number" which meant it was possible to push floats to things like posts_per_page. This means now developers can also specify `type => ineger` in meta nad settings resgration.

Props flixos90.
Fixes #38393.

Built from https://develop.svn.wordpress.org/trunk@39058


git-svn-id: http://core.svn.wordpress.org/trunk@39000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 16:07:31 +00:00
Boone Gorges 1dd88e334b Taxonomy: Remove redundant 'get_terms_args' filter call from `WP_Term_Query`.
Introduced in [37572]. The correct 'get_terms_args' filter call is in
`WP_Term_Query::get_terms()`.

Props Tkama.
Fixes #38589.
Built from https://develop.svn.wordpress.org/trunk@39057


git-svn-id: http://core.svn.wordpress.org/trunk@38999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 15:47:33 +00:00
Gary Pendergast 03e34ab461 REST API: Allow a CSV list of user roles to be passed to `/users`.
After [39048], this changes explicitly parses the list of user roles as slugs, and adds tests.

Props jnylen0.
Fixes #38557.


Built from https://develop.svn.wordpress.org/trunk@39056


git-svn-id: http://core.svn.wordpress.org/trunk@38998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 11:11:29 +00:00
Gary Pendergast 9862543913 REST API: Allow a CSV list of term IDs to be passed to `/posts`.
[39048] added CSV support to array types, this change explicitly parses term lists as IDs, and adds tests.

Props timmydcrawford, pento.
Fixes #38553.


Built from https://develop.svn.wordpress.org/trunk@39055


git-svn-id: http://core.svn.wordpress.org/trunk@38997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 11:06:31 +00:00
Drew Jaynes 33b8bb3cf3 Docs: Clarify descriptions for `home_url()` and `get_home_url()` on the true effect of the `$scheme` parameter.
Part props thomaswm.
Props stevenlinx.
Fixes #36468.

Built from https://develop.svn.wordpress.org/trunk@39054


git-svn-id: http://core.svn.wordpress.org/trunk@38996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 07:06:32 +00:00
Drew Jaynes 3a02481d9e Docs: Fix an incorrect pseudo-parameter referenced in the hook doc for the `widget_tag_cloud_args` filter.
Props backermann.
Fixes #37654.

Built from https://develop.svn.wordpress.org/trunk@39053


git-svn-id: http://core.svn.wordpress.org/trunk@38995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 06:40:49 +00:00
Drew Jaynes 568838bebd Docs: Update the DocBlock description for `WP_Query::is_single()` to mention that it works for any post types excluding pages.
Props ryankienstra.
Fixes #38225.

Built from https://develop.svn.wordpress.org/trunk@39052


git-svn-id: http://core.svn.wordpress.org/trunk@38994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 06:34:34 +00:00
Drew Jaynes 5f4497f0af Docs: Fix multiple trivial typos throughout a variety of core files.
Props ottok.
Fixes #38489.

Built from https://develop.svn.wordpress.org/trunk@39051


git-svn-id: http://core.svn.wordpress.org/trunk@38993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 06:28:32 +00:00
Peter Wilson c7691ceb36 Themes: Exit `wp-custom-header.js` early in browsers wihout modern events.
Adds a check for `window.addEventListener` support before attempting to use it. In browsers without support, the file is exited early to avoid throwing a JavaScript error.

Fixes #38585.

Built from https://develop.svn.wordpress.org/trunk@39050


git-svn-id: http://core.svn.wordpress.org/trunk@38992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 06:17:29 +00:00
Drew Jaynes 9635867540 Docs: The `query_vars` filter used in the REST posts controller should be notated as a duplicate rather than a new hook.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39049


git-svn-id: http://core.svn.wordpress.org/trunk@38991 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 05:50:29 +00:00
Gary Pendergast 54b378e411 REST API: Allow parameters defined as `array` to be sent as CSVs.
This allows parameters that are often handled as CSVs to be properly parsed.

Fixes #38586.


Built from https://develop.svn.wordpress.org/trunk@39048


git-svn-id: http://core.svn.wordpress.org/trunk@38990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 05:45:32 +00:00
Ryan McCue 4dab905dba REST API: Support password on non-post post types.
The password field was incorrectly only added to "post" post types, but is supported for all post types in the Dashboard UI.

Props jnylen0.
Fixes #38582.

Built from https://develop.svn.wordpress.org/trunk@39047


git-svn-id: http://core.svn.wordpress.org/trunk@38989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 03:53:32 +00:00
Gary Pendergast 6c1e98d1fb REST API: Add support for arrays in schema validation and sanitization.
By allowing more fine-grained validation and sanitisation of endpoint args, we can ensure the correct data is being passed to endpoints.

This can easily be extended to support new data types, such as CSV fields or objects.

Props joehoyle, rachelbaker, pento.
Fixes #38531.


Built from https://develop.svn.wordpress.org/trunk@39046


git-svn-id: http://core.svn.wordpress.org/trunk@38988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 01:48:41 +00:00
John Blackbourn 8c811f8f90 XML-RPC: Correctly handle empty and duplicate comments.
This prevents `wp_die()` being sent in response to an XML-RPC call that attempts to submit a duplicate comment, and correctly returns an error in response to an attempt to submit an empty comment.

Props markoheijnen, websupporter.
Fixes #14452, #38466.
See #36901

Built from https://develop.svn.wordpress.org/trunk@39045


git-svn-id: http://core.svn.wordpress.org/trunk@38987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 01:27:31 +00:00
Gary Pendergast dbc4b87b7f REST API: Allow Content-Type on CORS requests.
This allows `POST` requests with a wider variety of `Content-Type' headers - `Content-Type: application/json`, for example.

Props jnylen0.
Fixes #37994.


Built from https://develop.svn.wordpress.org/trunk@39044


git-svn-id: http://core.svn.wordpress.org/trunk@38986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 00:34:33 +00:00
Rachel Baker b7e6c43c64 REST API: Correctly test the roles parameter when creating a user in `WP_Test_REST_Users_Controller`.
Props jnylen0.
Fixes #38575.
Built from https://develop.svn.wordpress.org/trunk@39043


git-svn-id: http://core.svn.wordpress.org/trunk@38985 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 00:28:29 +00:00
Gary Pendergast 69539eb2a7 REST API: Add `PATCH` to CORS allowed methods.
Editable resources in the REST API accept the `PATCH` method, but the CORS headers don't mention it.

Props jnylen0.
Fixes #38546.


Built from https://develop.svn.wordpress.org/trunk@39042


git-svn-id: http://core.svn.wordpress.org/trunk@38984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 00:19:30 +00:00
Rachel Baker d15f7b5f44 REST API: Delete temporary files during teardown of `WP_Test_REST_Attachments_Controller`.
Props jnylen0.
Fixes #38574.
Built from https://develop.svn.wordpress.org/trunk@39041


git-svn-id: http://core.svn.wordpress.org/trunk@38983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 23:32:35 +00:00
Dominik Schilling ba9b3cf6a6 I18N: Don't use `get_user_option()` for retrieving user's language.
`get_user_option()` checks for both option types, site and network. Since `locale` is only a network option we can directly access the field via `WP_User`s magic getter.

Props johnjamesjacoby.
Fixes #38578.
Built from https://develop.svn.wordpress.org/trunk@39040


git-svn-id: http://core.svn.wordpress.org/trunk@38982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 22:26:31 +00:00