This also introduces `wp_is_password_reset_allowed_for_user()` which returns `false` when password reset is not allowed for a specific user. This can be
filtered by developers using the existing `allow_password_reset` hook.
Props ocean90, cshark, robinwpdeveloper, tahmina1du, kraftbj.
Fixes#58194.
Built from https://develop.svn.wordpress.org/trunk@56150
git-svn-id: http://core.svn.wordpress.org/trunk@55662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids an `Undefined variable $checkout` PHP warning if all of the directories checked for access are disallowed due to the PHP `open_basedir` restrictions.
Follow-up to [55425].
Props jqz, costdev, audrasjb.
Fixes#58563.
Built from https://develop.svn.wordpress.org/trunk@56124
git-svn-id: http://core.svn.wordpress.org/trunk@55636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset ensures scheduled posts are actually published when changing their status to "Published" using bulk edit. Also adds related unit tests.
Props siobhan, Clorith, webcommsat, cadic, oglekler, audrasjb, pavanpatil1.
Fixes#31635.
Built from https://develop.svn.wordpress.org/trunk@56123
git-svn-id: http://core.svn.wordpress.org/trunk@55635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes HTML tags from the label, which were not displayed as expected due to escaping. Including the directory name in the label is also redundant, as it is already mentioned in the check result description directly below.
Includes:
* Adjusting a few other labels for consistency.
* Moving `wp-content` out of the translatable string in a similar message in `WP_Upgrader::generic_strings()`.
Follow-up to [55720].
Props dlh, mukesh27, audrasjb, SergeyBiryukov.
See #58678.
Built from https://develop.svn.wordpress.org/trunk@56117
git-svn-id: http://core.svn.wordpress.org/trunk@55629 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This resolves an `Undefined array key "password"` PHP warning in `WP_Filesystem_SSH2::connect()` when using public/private key authentication, in which case providing a password is optional.
Follow-up to [8865].
Props J-Dill, costdev, ehsanakhgari, dd32.
Fixes#33196.
Built from https://develop.svn.wordpress.org/trunk@56111
git-svn-id: http://core.svn.wordpress.org/trunk@55623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset introduces the `bulk_edit_posts` action hook, triggered after processing the post data for bulk edit and before the function returns its results. For example, it allows developers to save additional data without having to perform any `.ajax()` calls.
Follow-up to [8973].
Props helgatheviking, helen, Mte90, afercia, mrasharirfan, desrosj, itowhid06, pento, mensmaximus, audrasjb, costdev, webcommsat, marybaum, oglekler, mukesh27, SergeyBiryukov.
Fixes#28112.
Built from https://develop.svn.wordpress.org/trunk@56091
git-svn-id: http://core.svn.wordpress.org/trunk@55603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Includes unit tests to verify the logic for displaying row actions in the Media Library in certain scenarios, e.g. with and without the “Trash” or “Unattached” filter.
Follow-up to [55949].
Props costdev, kebbet, mukesh27, oglekler.
Fixes#57893.
Built from https://develop.svn.wordpress.org/trunk@56072
git-svn-id: http://core.svn.wordpress.org/trunk@55584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds a new optional `$include_hidden` parameter to allow the inclusion of hidden (`.` prefixed) files.
Defaults to false for backward compatibility.
Props yani.iliev, sabernhardt, costdev, rutviksavsani, zunaid321, azaozz.
Fixes#53659.
Built from https://develop.svn.wordpress.org/trunk@56069
git-svn-id: http://core.svn.wordpress.org/trunk@55581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds the `plugins_list` hook, which can be use to filter the list of plugin displayed on WP Admin Plugins screen.
Props nateallen, fischfood, mukesh27, peterwilsoncc, SergeyBiryukov, audrasjb, costdev, ecorica, zunaid321.
Fixes#57278.
Built from https://develop.svn.wordpress.org/trunk@56068
git-svn-id: http://core.svn.wordpress.org/trunk@55580 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds "Current time, "Current UTC time" and "Current Server time" under the "Server" section of Site Health debug infos. This provides the
current time, the server time, and allow for comparison if there's some time-related issues.
Props sebastienserre, Clorith, audrasjb, kebbet, robinwpdeveloper, hrrarya, mukesh27, hareesh-pillai, costdev.
Fixes#56378.
Built from https://develop.svn.wordpress.org/trunk@56056
git-svn-id: http://core.svn.wordpress.org/trunk@55568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Register all core blocks in a new function called `register_core_block_style_handles`. This mirrors the function `wp_default_styles` where all core styles are registered in one place. This improves block registration performance, as it avoids expensive file lookups, like realpath in `register_block_style_handle`. The new function `register_core_block_style_handles` uses `glob` to get all css files in the blocks directory. This glob is cached in a transient to save lookups on subsequent requests. The function `register_block_style_handle` now checks to see if the style handle is already registered before trying to register it again.
Props mukesh27, westonruter, flixos90, joemcgill, spacedmonkey.
Fixes#58528.
Built from https://develop.svn.wordpress.org/trunk@56044
git-svn-id: http://core.svn.wordpress.org/trunk@55556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [55988], [56021].
See #58206.
Built from https://develop.svn.wordpress.org/trunk@56031
git-svn-id: http://core.svn.wordpress.org/trunk@55543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a up/down arrow for visual affordance about the purpose of the button link; change button text from "Show details" to "More details".
Props krupajnanda, subrataemfluence, audrasjb, afercia, nrqsnchz, joedolson.
Fixes#44714.
Built from https://develop.svn.wordpress.org/trunk@56027
git-svn-id: http://core.svn.wordpress.org/trunk@55539 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Move the visual positioning of the posts search form into it's DOM position. Fixes an accessibility bug where the keyboard focus sequence did not match the visual order. Change the media search form in list view to match the format of other post views. Give search forms a consistent layout on mobile.
Props oglekler, sabernhardt, joedolson.
Fixes#57949.
Built from https://develop.svn.wordpress.org/trunk@56023
git-svn-id: http://core.svn.wordpress.org/trunk@55535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensure that quick edit does not define a publish date if the post status is one of 'draft', 'pending', or 'auto-draft'.
Props uxtremist, SergeyBiryukov, Denis-de-Bernardy, jane, rfischmann, mista-flo, rutviksavsani, oglekler, joedolson.
Fixes#19907.
Built from https://develop.svn.wordpress.org/trunk@56022
git-svn-id: http://core.svn.wordpress.org/trunk@55534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add labels; change Enter new/Cancel link to a button; move focus to input when creating new field; move Add Custom Field out of fields table.
Props jane, batmoo, karmatosed, franrosa, sabernhardt, annashopina, oglekler, joedolson.
Fixes#15631.
Built from https://develop.svn.wordpress.org/trunk@56018
git-svn-id: http://core.svn.wordpress.org/trunk@55530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replace use of `list` to parse array keys into variables. `list` throws errors if the keys don't exist, and many extenders will not define the new array keys. The code path already falls back effectively for empty values.
Also add translator comments to screen reader hidden text, fix a docblock, and fix an HTML error.
Follow up to [r55971].
Props kebbet, chouby, joedolson.
Fixes#32170.
Built from https://develop.svn.wordpress.org/trunk@56004
git-svn-id: http://core.svn.wordpress.org/trunk@55516 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_starts_with()` and `str_ends_with()` were introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins or ends with the given substring (needle).
WordPress core includes a polyfill for these functions on PHP < 8.0 as of WordPress 5.9.
This commit uses `str_starts_with()` and `str_ends_with()` in core files where appropriate:
* `$needle === substr( $string, 0, $length )`, where `$length` is the length of `$needle`, is replaced with `str_starts_with( $haystack, $needle )`.
* `$needle === substr( $string, $offset )`, where `$offset` is negative and the absolute value of `$offset` is the length of `$needle`, is replaced with `str_ends_with( $haystack, $needle )`.
This aims to make the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [52039], [52040], [52326], [55703], [55710], [55987], [55988].
Props Soean, spacedmonkey, Clorith, ocean90, azaozz, sabernhardt, SergeyBiryukov.
Fixes#58220.
Built from https://develop.svn.wordpress.org/trunk@55990
git-svn-id: http://core.svn.wordpress.org/trunk@55502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).
WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.
Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].
Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes#58206.
Built from https://develop.svn.wordpress.org/trunk@55988
git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset improve Dashboard screen options by stacking them vertically on small screens.
Props dhrumilk, prashantbhivsane, marybaum, dhruvishah2203, ababir, mukesh27, chiragrathod103, oglekler, tb1909, jahidcse, audrasjb.
Fixes#57977.
Built from https://develop.svn.wordpress.org/trunk@55984
git-svn-id: http://core.svn.wordpress.org/trunk@55496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Implement `aria-sort` and change icon states to indicate current sort for list tables. Allow screen reader users to get context about the current sort and allow sighted users to know how the table is currently sorted.
Props afercia, rianrietveld, joedolson, alexstine, johnjamesjacoby.
Fixes#32170.
Built from https://develop.svn.wordpress.org/trunk@55971
git-svn-id: http://core.svn.wordpress.org/trunk@55483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Change the `label` for `.check-column` inside list tables to a block filling the entire cell. Improves accessibility by increasing the target area for the control.
Props mitchoyoshitaka, lessbloat, sabernhardt, ogleker, tacoverdo, joostdevalk, karmatosed.
Fixes#21516.
Built from https://develop.svn.wordpress.org/trunk@55954
git-svn-id: http://core.svn.wordpress.org/trunk@55466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Due to partially duplicated logic for displaying row actions in the Media Library with and without the “Unattached” filter, the “Copy URL” and “Download file” row actions were unintentionally missing with the filter applied.
This commit aims to simplify the logic and bring more consistency to the code.
Includes displaying the “Download file” row action even when the “Trash” filter is applied, giving the user one more chance to download the media file before they delete it.
Follow-up to [8901], [13100], [16227], [16229], [52842], [55198], [55221].
Props kebbet, costdev, pbiron, oglekler, SergeyBiryukov.
Fixes#57890, #57893.
Built from https://develop.svn.wordpress.org/trunk@55949
git-svn-id: http://core.svn.wordpress.org/trunk@55461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds a check to the start of `copy_dir()` that the destination directory exists and attempts to create it if it does not.
An error is returned if the directory can not be created, either due to a permissions error or the parent directory not existing.
Props caraffande, costdev, zunaid321.
Fixes#41855.
Built from https://develop.svn.wordpress.org/trunk@55938
git-svn-id: http://core.svn.wordpress.org/trunk@55450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Significant restructure of the admin image editor interface, but no new functionality. Reorganize editing buttons into a common region at the top of the editor. Move image rotation tools into a pop-out menu. Add 180 degree rotation option. Add scale button to control group. Move sidebar tools next to the editing canvas to improve visual proximity between action and result. Enlarge editing canvas and crop handles. Separate activating crop functions from applying crop. Add numeric inputs for crop & scale values.
A long term goal is to move undo/redo and cancel/save into the modal title bar, but that is not feasible without significant updates to the modal framework.
Props afercia, karmatosed, nrqsnchz, antpb, chaion07, costdev, peterwilsoncc, antpb, sabernhardt, prashantbhivsane, joedolson.
Fixes#50523.
Built from https://develop.svn.wordpress.org/trunk@55919
git-svn-id: http://core.svn.wordpress.org/trunk@55431 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds a `pre` class to "Downloading update from…" user facing strings located in `Core_Upgrader`, `Language_Pack_Upgrader`, `Plugin_Upgrader` and
`Theme_Upgrader` classes.
Follow-up to [11295].
Props sumitsingh, costdev.
Fixes#58477.
Built from https://develop.svn.wordpress.org/trunk@55899
git-svn-id: http://core.svn.wordpress.org/trunk@55411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds context to various strings:
- `'Background'` string when referring to Custom Background appearance screens
- `'Header'` string when referring to Custom Header appearance screens
- `'General'`, `'Header'` and `'Footer'` strings when referring to template part areas
Props gonzomir, SergeyBiryukov, mukesh27, costdev, ankitmaru.
Fixes#58424.
Built from https://develop.svn.wordpress.org/trunk@55881
git-svn-id: http://core.svn.wordpress.org/trunk@55393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously when the `mimes` element was not specified in the overrides array passed to `_wp_handle_upload()` it resulted in boolean false being passed to this parameter, which is incorrect. The fallback value should be `null`.
Props platonkristinin, pkbhatt
Fixes#58349
Built from https://develop.svn.wordpress.org/trunk@55872
git-svn-id: http://core.svn.wordpress.org/trunk@55384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This moves the query for user ID of the new network's administrator closer to where the value is actually used.
Includes removing unnecessary `get_userdata()` call, as user ID is the only data needed here.
Follow-up to [12756], [35575], [43628].
Props nihar007, sakibmd, mukesh27, costdev, SergeyBiryukov.
Fixes#58423.
Built from https://develop.svn.wordpress.org/trunk@55869
git-svn-id: http://core.svn.wordpress.org/trunk@55381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Change button is supposed to perform the “Change role to...” action only, but could unintentionally be used for other bulk actions if the role was not selected.
This commit removes an extra check and ensures the correct error message is displayed in that case:
Sorry, you are not allowed to give users that role.
Follow-up to [6990], [8691], [9028], [15576], [15642], [34636], [49944].
Props haritpanchal, costdev, ankit-k-gupta, SergeyBiryukov.
Fixes#57952.
Built from https://develop.svn.wordpress.org/trunk@55864
git-svn-id: http://core.svn.wordpress.org/trunk@55376 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, when scaling an image larger than the source size in the image edit states the image would silently fail the scaling action. This patch provides an error when someone attempts to scale an image larger than the source size while also disabling the button to initiate the action.
Props brookedot, joedolson, markoheijnen, mikeschroder, desrosj, Mista-Flo, costdev.
Fixes#26381.
Built from https://develop.svn.wordpress.org/trunk@55859
git-svn-id: http://core.svn.wordpress.org/trunk@55371 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As of [55855] wp_queue_comments_for_comment_meta_lazyload was deprecated. But deprecate to wp-admin/deprecated.php and not wp-includes/deprecated.php.This is incorrect, as this is a public function and not an admin function.
Props SergeyBiryukov, spacedmonkey.
See #58301.
Built from https://develop.svn.wordpress.org/trunk@55856
git-svn-id: http://core.svn.wordpress.org/trunk@55368 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As of [55749] wp_queue_comments_for_comment_meta_lazyload is no longer used in core. This commit, deprecates this function. Update docs and tests accordingly.
Props sh4lin, spacedmonkey, costdev, peterwilsoncc.
Fixes#58301.
Built from https://develop.svn.wordpress.org/trunk@55855
git-svn-id: http://core.svn.wordpress.org/trunk@55367 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensure that the option `can_compress_scripts` is autoloaded on single sites, as this option is used in all requests. This change saves one database query per page request.
Props RavanH, spacedmonkey, costdev, azaozz, flixos90.
Fixes#55270.
Built from https://develop.svn.wordpress.org/trunk@55854
git-svn-id: http://core.svn.wordpress.org/trunk@55366 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`$new_title` and `$new_slug` can be null if `get_sample_permalink_html()`
was called with default parameters, and they are documented as
`string|null` in the function DocBlock.
Follow-up to [34347].
Props Enchiridion, audrasjb, SergeyBiryukov.
Fixes#58322.
See #33927. --Cette ligne, et les
suivantes
ci-dessous, seront ignorées--
M trunk/src/wp-admin/includes/post.php
Built from https://develop.svn.wordpress.org/trunk@55758
git-svn-id: http://core.svn.wordpress.org/trunk@55270 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The terms "roll back" and "rolled back" are used in user facing strings since [55720]. These termes are not that clear for novice users and may be difficult to translate in some locales. This changeset replaces "roll back" with "restore" and "rolled back" with "restored" or "not applied" depending of the context of the screen.
Follow-up to [55720].
Props kebbet, costdev, NekoJonez, audrasjb, SergeyBiryukov, davidbaumwald.
Fixes#58282.
Built from https://develop.svn.wordpress.org/trunk@55750
git-svn-id: http://core.svn.wordpress.org/trunk@55262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [34270] introduced lazy loading of comment meta. However, this was only in the context of `WP_Query`. Other parts of the codebase, like `WP_Comment_Query` did not lazily load comment meta. In this change, calls to `update_meta_cache` are now replaced with `wp_lazyload_comment_meta`, that instead of priming comment meta caches, just adds them to the queue to be primed it ever called. This results in far less database queries, as there a number of places where comment meta is being primed unnecessarily and never used. Adding everything to the comment meta queue, also means that if comment meta is used, that is all loaded in a single database / cache call.
Follow on from [55671], [55747].
Props spacedmonkey, peterwilsoncc, flixos90, mukesh27.
Fixes#57801.
Built from https://develop.svn.wordpress.org/trunk@55749
git-svn-id: http://core.svn.wordpress.org/trunk@55261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to make the update process more reliable and ensures that if a plugin or theme update fails, the previous version can be safely restored.
* When updating a plugin or theme, the old version is moved to a temporary backup directory:
* `wp-content/upgrade-temp-backup/plugins/[plugin-slug]` for plugins
* `wp-content/upgrade-temp-backup/themes/[theme-slug]` for themes.
* If the update fails, then the backup kept in the temporary backup directory is restored to its original location.
* If the update succeeds, the temporary backup is deleted.
To further help troubleshoot plugin and theme updates, two new checks were added to the Site Health screen:
* A check to make sure that the `upgrade-temp-backup` directory is writable.
* A check that there is enough disk space available to safely perform updates.
To avoid confusion: The temporary backup directory will NOT be used to “roll back” a plugin to a previous version after a completed update. This directory will simply contain a transient backup of the previous version of a plugin or theme being updated, and as soon as the update process finishes, the directory will be empty.
Follow-up to [55204], [55220].
Props afragen, costdev, pbiron, azaozz, hellofromTonya, aristath, peterwilsoncc, TJNowell, bronsonquick, Clorith, dd32, poena, TimothyBlynJacobs, audrasjb, mikeschroder, a2hosting, KZeni, galbaras, richards1052, Boniu91, mai21, francina, TobiasBg, desrosj, noisysocks, johnbillion, dlh, chaion07, davidbaumwald, jrf, thisisyeasin, ignatggeorgiev, SergeyBiryukov.
Fixes#51857.
Built from https://develop.svn.wordpress.org/trunk@55720
git-svn-id: http://core.svn.wordpress.org/trunk@55232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`str_starts_with()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins with the given substring (needle).
WordPress core includes a polyfill for `str_starts_with()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `0 === strpos( ... )` with `str_starts_with()` in core files, making the code more readable and consistent, as well as improving performance.
While `strpos()` is slightly faster than the polyfill on PHP < 8.0, `str_starts_with()` is noticeably faster on PHP 8.0+, as it is optimized to avoid unnecessarily searching along the whole haystack if it does not find the needle.
Follow-up to [52039], [52040], [52326].
Props spacedmonkey, costdev, sabernhardt, mukesh27, desrosj, jorbin, TobiasBg, ayeshrajans, lgadzhev, SergeyBiryukov.
Fixes#58012.
Built from https://develop.svn.wordpress.org/trunk@55703
git-svn-id: http://core.svn.wordpress.org/trunk@55215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use `continue` to help separate each case for better readability, instead of having a wall of `if`/`elseif`.
Includes simplifying a similar fragment in `make_site_theme_from_default()`.
Follow-up to [1575], [2037], [2040], [2044], [2346], [7999], [14080], [14485].
Props costdev, krunal265, hellofromTonya, brookedot, SergeyBiryukov.
Fixes#56982.
Built from https://develop.svn.wordpress.org/trunk@55688
git-svn-id: http://core.svn.wordpress.org/trunk@55200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds support for the new selectors property for block types. It adds it to the allowed metadata when registering a block type, makes the WP_Block_Type class aware of it, exposes it through the block types REST API, and the get_block_editor_server_block_settings function.
Corresponding work in the Gutenberg plugin: https://github.com/WordPress/gutenberg/pull/46496.
Fixes#57585.
Props aaronrobertshaw, hellofromTonya.
Built from https://develop.svn.wordpress.org/trunk@55673
git-svn-id: http://core.svn.wordpress.org/trunk@55185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This replaces a site ID comparison when displaying action links in `WP_MS_Sites_List_Table::handle_row_actions()` with a dedicated function call, `is_main_site()`, for clarity.
Follow-up to [13918], [25125], [26120], [32644], [38814].
Props ecorica, spacedmonkey, SergeyBiryukov.
Fixes#58150.
Built from https://develop.svn.wordpress.org/trunk@55666
git-svn-id: http://core.svn.wordpress.org/trunk@55178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Per [https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/#writing-include-require-statements WordPress PHP coding standards], it is ''strongly recommended'' to use `require[_once]` for unconditional includes. When using `include[_once]`, PHP will throw a warning when the file is not found but will continue execution, which will almost certainly lead to other errors/warnings/notices being thrown if your application depends on the file loaded, potentially leading to security leaks. For that reason, `require[_once]` is generally the better choice as it will throw a `Fatal Error` if the file cannot be found.
Follow-up to [1674], [1812], [1964], [6779], [8540], [10521], [11005], [11911], [16065], [16149], [25421], [25466], [25823], [37714], [42981], [45448], [47198], [54276], [55633].
Props kausaralm, SergeyBiryukov.
See #57839.
Built from https://develop.svn.wordpress.org/trunk@55641
git-svn-id: http://core.svn.wordpress.org/trunk@55153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It is best to always escape the complete value of an attribute, not a partial value, as otherwise the escaping could be (partially) undone when the values are joined together.
While the hardcoded prefix/suffix values in this case don't necessarily create that risk, those may change to values which could be problematic, so making it a habit to escape the value in one go is best practice.
Includes:
* Moving a few `esc_url()` calls closer to the actual output and escaping the hash parts too.
* Wrapping a few long lines for better readability.
Follow-up to [14248], [23707], [42217], [55615].
Props jrf, SergeyBiryukov.
Fixes#57110.
Built from https://develop.svn.wordpress.org/trunk@55616
git-svn-id: http://core.svn.wordpress.org/trunk@55128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures that post type or taxonomy name is consistently escaped in:
* `wp_nav_menu_item_post_type_meta_box()`
* `wp_nav_menu_item_taxonomy_meta_box()`
Follow-up to [14248], [23707].
Props zenaulislam, SergeyBiryukov.
Fixes#57110.
Built from https://develop.svn.wordpress.org/trunk@55615
git-svn-id: http://core.svn.wordpress.org/trunk@55127 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Remove the green background from the "dot" accent, to prevent low contrast for the dismiss button. Use menu colors for the background on alternate color schemes. Remove the "Edit styles" link as there is no longer a direct link to the global styles section of the site editor.
Follow-up to [55451].
Props sabernhardt, ryokuhi, laurlittle, richtabor.
Fixes#57759.
Built from https://develop.svn.wordpress.org/trunk@55574
git-svn-id: http://core.svn.wordpress.org/trunk@55086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `ftp_nlist()` receives an empty path, it checks the current working directory and may return `true`.
This affects:
* `WP_Filesystem_FTPext::exists()`
* `WP_Filesystem_ftpsockets::exists()`
As the purpose of the API is to provide a consistent interface for various filesystem implementations, this commit updates the affected methods to returns `false` when an empty path is provided, bringing consistency with the other filesystem abstraction classes, specifically `WP_Filesystem_Direct` and `WP_Filesystem_SSH2`.
Follow-up to [6779], [11821], [25274], [31815].
Props mkox, costdev, Zdrobau, dd32, pbiron, azaozz, mukesh27, SergeyBiryukov.
Fixes#33058.
Built from https://develop.svn.wordpress.org/trunk@55556
git-svn-id: http://core.svn.wordpress.org/trunk@55068 1a063a9b-81f0-0310-95a4-ce76da25c4cd