WordPress has historically often used code like `preg_split( '/[\s,]+/', $var )` to parse a string of comma-separated values into an array. However, this approach was causing an empty string to not be parsed into an empty array as expected, but rather into an array with the empty string as its sole element.
This was among other areas causing problems in the REST API where passing an empty request parameter could cause that request to fail because, instead of it being ignored, that parameter would be compared against the valid values for it, which typically do not include an empty string.
Props david.binda, sstoqnov.
Fixes#43977.
Built from https://develop.svn.wordpress.org/trunk@44546
git-svn-id: http://core.svn.wordpress.org/trunk@44377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Returning a non-`null` value on this fillter will cause `wp_unique_post_slug()` to return early with that value, skipping potentially expensive database queries on some sites.
Props coffee2code, javorszky, iCaleb.
Fixes#21112.
Built from https://develop.svn.wordpress.org/trunk@44454
git-svn-id: http://core.svn.wordpress.org/trunk@44285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`WP_REST_Block_Renderer_Controller` allows rendering of server-side rendered blocks, whilst `WP_REST_Blocks_Controller` allows retrieving of reusable blocks.
Merges [43805] and [43806] from the 5.0 branch to trunk.
Props desrosj, danielbachhuber, pento, Presskopp, swissspidy.
See #45065, #45098.
Built from https://develop.svn.wordpress.org/trunk@44150
git-svn-id: http://core.svn.wordpress.org/trunk@43980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Because the existing `post_updated_messages` filter can be modified dynamically based on post state, it's unreliable to use with REST API clients. Instead, these new labels give clients stateless equivalents.
Merges [43744] from the 5.0 branch to trunk.
Props earnjam.
Fixes#45101.
Built from https://develop.svn.wordpress.org/trunk@44110
git-svn-id: http://core.svn.wordpress.org/trunk@43940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Object type-specific actions that should happen before or after modification of metadata have so far been part of the respective wrapper functions. By using action and filter hooks, this changeset ensures they are always executed, even when calling the lower-level Meta API functions directly, which the REST API does as a prime example.
Merges [43729] to trunk.
Props flixos90, spacedmonkey.
Fixes#44467.
Built from https://develop.svn.wordpress.org/trunk@43982
git-svn-id: http://core.svn.wordpress.org/trunk@43814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.
This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script.
- Auto-fixable coding standards issues will now cause Travis failures.
Fixes#44600.
Built from https://develop.svn.wordpress.org/trunk@43571
git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduce an `object_subtype` argument to the args array for `register_meta()` which can be used to limit meta registration to a single subtype (e.g. a custom post type or taxonomy, vs all posts or taxonomies).
Introduce `register_post_meta()` and `register_term_meta()` wrapper methods for `register_meta` to provide a convenient interface for the common case of registering meta for a specific taxonomy or post type. These methods work the way plugin developers have often expected `register_meta` to function, and should be used in place of direct `register_meta` where possible.
Props flixos90, tharsheblows, spacedmonkey.
Fixes#38323.
Built from https://develop.svn.wordpress.org/trunk@43378
git-svn-id: http://core.svn.wordpress.org/trunk@43206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_check_for_changed_dates()`, `_find_post_by_old_slug(), `_find_post_by_old_date()`, and the `old_slug_redirect_post_id` filter were intended to land in 4.9.2, but didn't quite make it. Instead, they'll be landing in 4.9.3.
See #15397.
Built from https://develop.svn.wordpress.org/trunk@42588
git-svn-id: http://core.svn.wordpress.org/trunk@42417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When a post slug is changed, we store a copy of the old slug, so that we can redirect visitors visiting the old URL to the new URL.
In the same way, this stores a copy of the old date, when the post date changes, so we can redirect visitors to the new URL.
Props nickmomrik.
Fixes#15397 for trunk.
Built from https://develop.svn.wordpress.org/trunk@42401
git-svn-id: http://core.svn.wordpress.org/trunk@42230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42228
git-svn-id: http://core.svn.wordpress.org/trunk@42057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.
This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.
See #41925.
Built from https://develop.svn.wordpress.org/trunk@42056
git-svn-id: http://core.svn.wordpress.org/trunk@41885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [38625], the functionality to search for attachments by filename was added
via the `posts_clauses` filter and the `_filter_query_attachment_filenames()`
function. This moves `_filter_query_attachment_filenames()` from
`wp-admin/includes/post.php` to `wp-includes/post.php` so that it can be
applied in the same manner in the REST API media endpoint.
Props jblz, tyxla.
Fixes#39092.
Built from https://develop.svn.wordpress.org/trunk@39598
git-svn-id: http://core.svn.wordpress.org/trunk@39538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The ultimate `post_name` is stored in postmeta until the post is published. The `get_page_by_path()` function does not exclude `auto-draft` posts. Revert changes to `wp_unique_post_slug()` from [39411] which excluded `auto-draft` posts.
Props westonruter, dlh for testing, helen for testing.
See #38114, #38928.
Fixes#39078.
Built from https://develop.svn.wordpress.org/trunk@39506
git-svn-id: http://core.svn.wordpress.org/trunk@39446 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Updates `wp_unique_post_slug()` to ignore `auto-draft` posts. Prevents publishing multiple posts that have the same slugs from starter content.
* Fixes fatal error when attempting to save an header_image setting from a non-admin context.
* Fixes substituting attachment symbols in options and theme mods.
* Fixes applying starter content for header images and background images.
See #38114.
Fixes#38928.
Built from https://develop.svn.wordpress.org/trunk@39411
git-svn-id: http://core.svn.wordpress.org/trunk@39351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Featured image support means that attachments can now be imported. Media can be sideloaded from within theme or plugin directories. Like other posts, attachments are auto-drafts until customizer changes are published, and are not duplicated when they already exist in the customized state. Attachment IDs can be used for any number of purposes, much like post IDs. Twenty Seventeen now includes 3 images used as featured images to best showcase the multi-section homepage setup.
As featured image IDs are stored in post meta, it also made sense to add support for page templates. Twenty Seventeen does not include any such templates, but the functionality can be quite important for displaying themes to their best effect.
props westonruter, helen, flixos90.
fixes#38615.
Built from https://develop.svn.wordpress.org/trunk@39346
git-svn-id: http://core.svn.wordpress.org/trunk@39286 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress has supported custom page templates for over 12 years, allowing developers to create various layouts for specific pages.
While this feature is very helpful, it has always been limited to the 'page' post type and not was not available to other post types.
By opening up the page template functionality to all post types, we continue to improve the template hierarchy's flexibility.
In addition to the `Template Name` file header, the post types supported by a template can be specified using `Template Post Type: post, foo, bar`.
When at least one template exists for a post type, the 'Post Attributes' meta box will be displayed in the back end, without the need to add post type support for `'page-attributes'`. 'Post Attributes' can be customized per post type using the `'attributes'` label when registering a post type.
Props johnbillion, Mte90, dipesh.kakadiya, swissspidy.
Fixes#18375.
Built from https://develop.svn.wordpress.org/trunk@38951
git-svn-id: http://core.svn.wordpress.org/trunk@38894 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes bug where an invalid Last-Modified value would be returned in feed requests for sites that had 0 items to return. Comment or post feeds will now return the current timestamp as the Last-Modified header value. Example: a request for the comments feed for a site without any comments.
Replaced use of the local static variable `$cache_lastcommentmodified` to store the modified date in `get_lastcommentmodified()` with the Object Cache API. The `get_lastcommentmodified()` function returns early if there is a cached value and returns `false` if there where no comments found. Introduced `_clear_modified_cache_on_transition_comment_status()` to flush the `lastcommentmodified` cache key when a comment enters or leaves approval status. In `get_lastpostmodified()` return early if there is a cached value and return `false` if there are no posts found.
Props swissspidy, rachelbaker, dllh, leobaiano.
Fixes#38027.
Built from https://develop.svn.wordpress.org/trunk@38925
git-svn-id: http://core.svn.wordpress.org/trunk@38868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
One thing fairly common to the cache groups is a block of code to look to see when the cache was last changed, and if there isn't one, to set it for the current microtime(). It appears in 8 different places in core. This adds a new helper `wp_cache_get_last_changed` to DRY things up a bit.
Since `wp-includes/cache.php` isn't guaranteed to be loaded, this new function is in `wp-includes/functions.php`
Props spacedmonkey, desrosj.
Fixes#37464.
Built from https://develop.svn.wordpress.org/trunk@38849
git-svn-id: http://core.svn.wordpress.org/trunk@38792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.
Love your REST API, WordPress! The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"
Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes#38373.
Built from https://develop.svn.wordpress.org/trunk@38832
git-svn-id: http://core.svn.wordpress.org/trunk@38775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Custom CSS is associated with a given theme and is displayed in an inline `style` element at the `wp_head` hook after the `wp_print_styles` is called so that it overrides any enqueued stylesheets.
* A `wp_get_custom_css()` function is used for accessing the CSS associated with the current theme (or another theme) and a `wp_get_custom_css` filter for manipulating it.
* CSS is managed in customizer via a new "Additional CSS" section with a single `textarea` control.
* `WP_Customize_Section::$description_hidden` is introduced for hiding extended descriptions in customizer sections behind a help toggle as done with panels.
* CSS is stored in a `custom_css` post type with the theme (stylesheet) slug as the `post_name`.
* `WP_Customize_Custom_CSS_Setting` is introduced to handle validation of CSS, previewing, and persisting the CSS to the `custom_css` post type.
* The `custom_css` setting is tied to a new `unfiltered_css` capability which maps to `unfiltered_html` by default.
* Escaping the message in the notification template is removed to allow markup (`code` tags) to be rendered.
See https://make.wordpress.org/core/2016/10/11/feature-proposal-better-theme-customizations-via-custom-css-with-live-previews/
Props johnregan3, celloexpressions, folletto, westonruter.
Fixes#35395.
Built from https://develop.svn.wordpress.org/trunk@38829
git-svn-id: http://core.svn.wordpress.org/trunk@38772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Allow to add/remove a featured image to `attachment:audio` and `attachment:video` post types, see [27657].
* Change conditionals to check for theme OR post type support.
* Add tests for #12922.
Broken in [37658].
Props flixos90, joemcgill, DrewAPicture, wonderboymusic.
See #12922.
Fixes#37658.
Built from https://develop.svn.wordpress.org/trunk@38263
git-svn-id: http://core.svn.wordpress.org/trunk@38204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, changing the post thumbnail of a published post in the edit screen
would immediately apply the change, rather than waiting for the post to be
saved before applying the update. This could lead to someone unintentionally
editing the post thumbnail on a published post, and made it impossible to
preview changes to post thumbnails on published posts before saving the change.
This introduces a new Ajax handler, `wp_ajax_get_post_thumbnail_html()` to
retrieve the HTML for the post thumbnail meta box without updating the post
meta value for `_thumbnail_id`. It also allows post thumbnail changes to be
previewed by passing the `_thumbnail_id` as a query variable to the preview
screen and adding a new filter, `_wp_preview_post_thumbnail_filter()`, which
gets applied to `get_post_metadata` during the post preview process.
Props flixos90.
Fixes#12922.
Built from https://develop.svn.wordpress.org/trunk@38118
git-svn-id: http://core.svn.wordpress.org/trunk@38059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds three new functions for getting/displaying attachment captions:
* `wp_get_attachment_caption` - Retrieves a caption for a specific attachment.
* `get_the_post_thumbnail_caption()` - Returns the post thumbnail caption.
* `the_post_thumbnail_caption()` - Displays the post thumbnail caption.
These are helpful for displaying a caption associated with an image directly
in a template, rather than using the caption shortcode.
This also introduces two new filters:
* `wp_get_attachment_caption` - Filters the value of `wp_get_attachment_caption()`.
* `the_post_thumbnail_caption` - Filters the display of the post thumbnail caption.
`the_post_thumbnail_caption()` is automatically filtered by `wptexturize()`,
`convert_smilies()`, and `convert_chars()` in `wp-includes/default-filters.php`.
Props flixos90, joemcgill.
Fixes#12235.
Built from https://develop.svn.wordpress.org/trunk@37915
git-svn-id: http://core.svn.wordpress.org/trunk@37856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changes the global `$wp_post_types` to an array of `WP_Post_Type` objects. `WP_Post_Type` includes methods to handle post type supports, rewrite rules, meta boxes, hooks, and taxonomies.
Each post type argument becomes a property of `WP_Post_Type`.
Props swissspidy, flixos90.
Fixes#36217.
Built from https://develop.svn.wordpress.org/trunk@37890
git-svn-id: http://core.svn.wordpress.org/trunk@37831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.
Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.
See #32246.
Built from https://develop.svn.wordpress.org/trunk@37342
git-svn-id: http://core.svn.wordpress.org/trunk@37308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Percent signs are reserved characters in URIs. As such, it was impossible for
plugins to route requests to trashed posts, as happens in bbPress. The new
`__trashed` suffix should be sufficiently unique.
Also adds a test that demonstrates that the `__trashed` suffix can be
appended to slugs that contain the suffix somewhere other than the end of
the string.
Props netweb, ericlewis.
Fixes#11863.
Built from https://develop.svn.wordpress.org/trunk@37165
git-svn-id: http://core.svn.wordpress.org/trunk@37132 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When determining a unique post slug, trashed posts are taken into account. Previously, new posts would add suffixes to their slugs (e.g. `about-2`) when a post in the trash had the desired slug (e.g. `about`).
To avoid this behavior, when a post is trashed its slug (i.e. `post_name`) is now suffixed with `-%trashed%`. The post's pre-trash slug is stored as post meta, and if the post is restored from trash, its desired slug is reapplied.
For existing trashed posts which don't have the `-%trashed%` suffix, the suffix is added when a post with its desired slug is created.
Props ocean90, boonebgorges, ryan, SergeyBiryukov, coffee2code, helen, williamsba1.
See #11863.
Built from https://develop.svn.wordpress.org/trunk@36607
git-svn-id: http://core.svn.wordpress.org/trunk@36574 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Comment and term meta lazyloading for `WP_Query` loops, introduced in 4.4,
depended on filter callback methods belonging to `WP_Query` objects. This meant
storing `WP_Query` objects in the `$wp_filter` global (via `add_filter()`),
requiring that PHP retain the objects in memory, even when the local variables
would typically be expunged during normal garbage collection. In cases where a
large number of `WP_Query` objects were instantiated on a single pageload,
and/or where the contents of the `WP_Query` objects were quite large, serious
performance issues could result.
We skirt this problem by moving metadata lazyloading out of `WP_Query`. The
new `WP_Metadata_Lazyloader` class acts as a lazyload queue. Query instances
register items whose metadata should be lazyloaded - such as post terms, or
comments - and a `WP_Metadata_Lazyloader` method will intercept comment and
term meta requests to perform the cache priming. Since `WP_Metadata_Lazyloader`
instances are far smaller than `WP_Query` (containing only object IDs), and
clean up after themselves far better than the previous `WP_Query` methods (bp
only running their callbacks a single time for a given set of queued objects),
the resource use is decreased dramatically.
See [36525] for an earlier step in this direction.
Props lpawlik, stevegrunwell, boonebgorges.
Fixes#35816.
Built from https://develop.svn.wordpress.org/trunk@36566
git-svn-id: http://core.svn.wordpress.org/trunk@36533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously when updating a post using wp_insert_post(), post_name was
regenerated based on post_title every time if post_name was not passed in
explicitly. This irons out the expectation that properties not passed into the
function should not be modified.
Props jason_the_adams.
Fixes#34865.
Built from https://develop.svn.wordpress.org/trunk@35800
git-svn-id: http://core.svn.wordpress.org/trunk@35764 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Introduce `is_post_type_viewable( $post_type_object )`
* Separate the HTML bits from the translatable bits in the `post` messages array in `edit-form-advanced.php`
* Don't show certain UI pieces when a post is not viewable on the front end
When a custom post type item is not viewable on the front end, we don't want to show links to View it (on the front end) all over the admin. We also want to hide the Preview link, et al. We also want our admin messages to not contain said links.
Custom post types with `public_queryable` set to `false` are not viewable on the front end.
`'page'` is viewable on the front end, but `'page'` is a `_builtin` type, and `public_queryable` is set to `false` when it is registered - see `WP::parse_request()` for when `public_queryable` gets used.
This is confusing, but also somewhat straightforward: to determine if a post type is viewable on the front end, we can check one way for `_builtin => true` and another way for `_builtin => false`:
`$post_type->publicly_queryable || ( $post_type->_builtin && $post_type->public )`
If a post type is `publicly_queryable`, it's viewable. If that value is `false`, it is viewable if it's a `_builtin` type that is also `public`.
I am in search of edge cases, so this shall land.
Props wonderboymusic, DrewAPicture.
See #17609.
Built from https://develop.svn.wordpress.org/trunk@33666
git-svn-id: http://core.svn.wordpress.org/trunk@33633 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If the post cache is not cleared at this point, the cache can become stale
for operations performed before the cache is cleared later in the function.
Specifically, the generation of a `guid` for new posts can use stale data,
resulting in non-unique values. [33262] introduced a call to `get_post()`
that introduced just such an invalidation problem.
Fixes#5305.
Built from https://develop.svn.wordpress.org/trunk@33630
git-svn-id: http://core.svn.wordpress.org/trunk@33597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On certain permalink structures, a numeric post slug will result in a post
permalink that conflicts with a date archive URL. For example, with permastruct
`/%year%/%monthnum%/%postname%/`, a post published in May 2015 with slug
`'15'` will result in a URL (`/2015/05/15/`) that conflicts with the archive
for May 15, 2015.
To avoid this problem, `wp_unique_post_slug()` rejects a requested slug when it
would generate a conflict of this type. Thus, in our example, `'15'` would
become `'15-2'`.
Props valendesigns, boonebgorges, Denis-de-Bernardy, loushou.
See #5305.
Built from https://develop.svn.wordpress.org/trunk@32647
git-svn-id: http://core.svn.wordpress.org/trunk@32617 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Clarify `@return` values where necessary.
In `wp_delete_post_revision()`, `wp_delete_post()` doesn't return `WP_Error`, so that check can be removed.
`wp_revisions_to_keep()` always returns an `int`, so `wp_revisions_enabled()` can use strict comparison.
See #32444.
Built from https://develop.svn.wordpress.org/trunk@32621
git-svn-id: http://core.svn.wordpress.org/trunk@32591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new algorithm uses a hash table rather than function recursion, reducing
complexity to O(N). On large numbers of pages, the performance improvement is
several orders of magnitude.
Props santagada, hailin, mihai.
Fixes#10852.
Built from https://develop.svn.wordpress.org/trunk@32355
git-svn-id: http://core.svn.wordpress.org/trunk@32326 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Detecting SSL status on the Dashboard introduces problems when writing content
that is saved to the database and then displayed on the front end, where SSL
may be optional (or impossible, due to self-signed certificates). The new
approach parallels the logic in `get_home_url()` for forcing HTTPS.
See [31614] #15928 for background.
Fixes#32112 for trunk.
Built from https://develop.svn.wordpress.org/trunk@32342
git-svn-id: http://core.svn.wordpress.org/trunk@32313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replace exisiting smilies with equivalent emoji, or with shiny new smiley images where no emoji existed.
Props batmoo, joen and mkaz for the original plugin upon which this is based.
Props pento, iseulde, kraftbj and peterwilsoncc for making the internet's dreams come true.
See #31242
Built from https://develop.svn.wordpress.org/trunk@31733
git-svn-id: http://core.svn.wordpress.org/trunk@31714 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change makes the 'post_type' clause in `wp_list_authors()` redundant, so
we remove it. Third-party plugins using `get_posts_by_author_sql()` may have
similarly redundant clauses, but this won't change the results returned by the
SQL queries.
Also adds unit tests for `get_posts_by_author_sql()`.
Props pbearne.
Fixes#30354.
Built from https://develop.svn.wordpress.org/trunk@31653
git-svn-id: http://core.svn.wordpress.org/trunk@31634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp_get_attachment_url()`, via `wp_upload_dir()`, uses 'siteurl' to generate
attachment URLs. When a site is SSL-optional on the front end - ie, 'siteurl'
is non-HTTPS, but SSL is available - a number of situations can arise where
non-HTTPS attachment URLs cause browser mixed-content warnings:
a) SSL is forced in the admin and `wp_get_attachment_url()` is used to generate the `<img>` tag for an inserted image. In these cases, the post content will contain non-HTTPS. Viewing/editing this post in the Dashboard will result in non-HTTPS images being served in an SSL environment.
b) `wp_get_attachment_url()` is used in a theme to generate an `<img>` `src` attribute on a public page. When viewing that page over SSL, the images will have HTTP URLs.
This changeset switches attachment URLs to HTTPS when it's determined that the
host supports SSL. This happens when 'siteurl' is non-SSL, but the current page
request *is* over SSL, and the host of the current request matches the host of
the URL being generated.
Props joemcgill, boonebgorges.
Fixes#15928.
Built from https://develop.svn.wordpress.org/trunk@31614
git-svn-id: http://core.svn.wordpress.org/trunk@31595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In some cases, the values of `$old_status` and `$new_status` may be the same thing before and after a post status is "transitioned". An example of this would be the scenario where a published post is being updated: the status before and after the update both equal 'publish'.
Further, the documentation clarifies that if the intent is to only execute code when initially transitioningto a post status from something else, the 'transition_post_status' hook should be used instead of one of the dynamic hooks to avoid confusion.
Props Idealien for the initial patch.
Fixes#31099.
Built from https://develop.svn.wordpress.org/trunk@31461
git-svn-id: http://core.svn.wordpress.org/trunk@31442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In PHP 5.3.0, `is_a()` is no longer deprecated, and will therefore no longer throw `E_STRICT` warnings.
To avoid warnings in PHP < 5.3.0, convert all `is_a()` calls to `$var instanceof WP_Class` calls.
`instanceof` does not throw any error if the variable being tested is not an object, it simply returns `false`.
Props markoheijnen, wonderboymusic.
Fixes#25672.
Built from https://develop.svn.wordpress.org/trunk@31188
git-svn-id: http://core.svn.wordpress.org/trunk@31169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Affects DocBlocks for the following core elements:
* Backtick-escape HTML tags in several argument descriptions for `wp_link_pages()`
* Remove an HTML tag from the summary for `prepend_attachment()`
* Backtick-escape inline code in the description for `get_extended()`
* Backtick-escape inline code in the description for `get_post_type_labels()`
* Various markdown formatting in the description for `add_rewrite_endpoint()`
* Markdown-indent a code snippet in the file header for wp-includes/shortcodes.php
* Markdown-indent code snippets in the description for `add_shortcode()
Props rarst.
See #30473.
Built from https://develop.svn.wordpress.org/trunk@30545
git-svn-id: http://core.svn.wordpress.org/trunk@30534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Variables in DocBlocks should be backtick-escaped
* Parameter and return types should be as specific as possible
* `@param` types and variables should align with each other, but not intentionally with the `@return` description
See #30230.
Built from https://develop.svn.wordpress.org/trunk@30284
git-svn-id: http://core.svn.wordpress.org/trunk@30284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Per our inline documentation standards, no further use of the `@uses` tag is recommended as used and used-by relationships can be derived through other means. This removes most uses of the tag in core documentation, with remaining tags to be converted to `@global` or `@see` as they apply.
Fixes#30191.
Built from https://develop.svn.wordpress.org/trunk@30105
git-svn-id: http://core.svn.wordpress.org/trunk@30105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Improves the `@see` reference for `register_post_type()` to mention that it contains information about accepted arguments
* Adds a description of the accepted values for the `$operator` parameter
* Fixes a typo
Fixes#29721.
Built from https://develop.svn.wordpress.org/trunk@29752
git-svn-id: http://core.svn.wordpress.org/trunk@29524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Check `! empty( $postarr['file'] )` before calling `update_attached_file()`
* Add a unit test: `test_update_attachment_fields()`
* Run the same logic for empty `guid` for attachments that always ran in `wp_insert_post()`, as per #18310. This fixes a unit test that would have broken when this ticket was marked closed.
* Updated the unit test in `Tests_Media::test_wp_prepare_attachment_for_js()` to account for `url` no longer being empty
Props kovshenin, wonderboymusic.
See #21963.
Built from https://develop.svn.wordpress.org/trunk@28788
git-svn-id: http://core.svn.wordpress.org/trunk@28601 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `edit_post_{$field}` pairs with `edit_{$field}`
* `pre_post_{$field}` pairs with `pre_{$field}`
* `post_{$field}` pairs with `{$field}`
As the above pairs' docs are unnecessarily duplicative, the second sets of docs have been removed. Also, the "duplicates" are purposely not marked as such in this case as the hook names differ. Also remove `@deprecated` tags mistakenly left in in [28041].
See #25376.
Built from https://develop.svn.wordpress.org/trunk@28042
git-svn-id: http://core.svn.wordpress.org/trunk@27872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Both of these icons can be colored to match the color scheme, including hover states.
Both are accepted for register_post_type()'s menu_icon argument, and also add_menu_page()'s $icon_url argument.
To use a Dashicon, pass the name of the helper class, e.g. 'dashicons-piechart'.
To use an SVG, pass a valid data URI string starting with 'data:image/svg+xml;base64,'.
props helen.
fixes#25147.
Built from https://develop.svn.wordpress.org/trunk@26664
git-svn-id: http://core.svn.wordpress.org/trunk@26554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Hierarchical rewrite rules operate via the 'pagename' query variable which is
passed to get_page_by_path(). However, the current rewrite rules use the 'name'
query variable for hierarchical types without a custom query_var.
Fixes#16323.
Built from https://develop.svn.wordpress.org/trunk@25182
git-svn-id: http://core.svn.wordpress.org/trunk@25154 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* register_taxonomy: Use the same doc format for the associative array arg as used for register_post_type()
* register_taxonomy: Improve docs for _builtin, capabilities, hierarchical and rewrite args
* register_taxonomy: Use the same order in $defaults as in docblock
* register_taxonomy: Replace is_null with null ===, to be consistent
* register_post_type: Use the same order in $defaults as in docblock
* register_post_type: Improve docs for @uses and default fallbacks
And while we're on it: Whitespaces.
fixes#25150.
Built from https://develop.svn.wordpress.org/trunk@25130
git-svn-id: http://core.svn.wordpress.org/trunk@25110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The content parsing functions are good abstractions, but are no longer needed by core and are too closely tied to legacy globals, rather than paving a new path.
For get_the_content() and the_content(), this only worsens the function prototype. It muddies theme-specific display (more links, etc) with filtered content. `apply_filters( 'the_content', $post->post_content )` is sufficient practice for now.
see #24330, [24301]. see #23625, [23804].
git-svn-id: http://core.svn.wordpress.org/trunk@24598 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Add a post ID argument to the_content(), get_the_content(), the_remaining_content(), and get_the_remaining_content().
* Pass the post ID to the the_content filter.
* Remove the format_pages global.
* Declare format_content and split_content as vars in WP_Post.
* phpdoc for the the_content filter that documents the new ID argument and denotes it as not-so-portable.
Props gcorne, DrewAPicture, duck_, aaroncampbell
see #24330
git-svn-id: http://core.svn.wordpress.org/trunk@24301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Make required arguments optional in confirm_blog_signup().
Mark arguments as required in _future_post_hook(), the walker method display_element(), get_author_link() (deprecated), and the WP_Widget constructor.
props rlerdorf.
see #24210.
git-svn-id: http://core.svn.wordpress.org/trunk@24126 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Fixes an issue where image posts without a title could not be deleted
fixes#23887. see #24046. props WraithKenny, SergeyBiryukov.
git-svn-id: http://core.svn.wordpress.org/trunk@24015 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Fixes old revision data on the fly when you open a post for editing.
* Uses post_name of revisions to store a post version number (-v1), so we know what has been fixed.
* Latest version should also have a revision stored, whereas before it did not.
props adamsilverstein, mdawaffe. fixes#16215.
git-svn-id: http://core.svn.wordpress.org/trunk@23823 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Adds a very basic tabbed interface for selecting a post format (requires JS).
* Extra fields, which are post meta, are shown/hidden based on the selected format.
* Introduce a helper function for retrieving formats-specific metadata: `get_post_format_meta()`.
* Image selection uses the media modal, although without filtering or from URL support at the moment.
props rachelbaker, wonderboymusic, aaroncampbell, helen. see #19570.
git-svn-id: http://core.svn.wordpress.org/trunk@23449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.
Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.
Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.
Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.
Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.
Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.
Plugins should use wp_unslash() on data being passed to core API.
Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.
Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.
Remove many no longer necessary calls to $wpdb->escape() and esc_sql().
In wp_get_referer() and wp_get_original_referer(), return unslashed data.
Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.
Switch several queries over to prepare().
Expect something to break.
Props alexkingorg
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In get_post_type_capabilities(), make sure create_posts reflects customizations to the edit_posts capability when create_posts is not specifically set.
git-svn-id: http://core.svn.wordpress.org/trunk@22291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Declare the core properties of WP_Pist as proper public properties and provide them with defaults.
Props wonderboymusic
fixes#22223
git-svn-id: http://core.svn.wordpress.org/trunk@22264 1a063a9b-81f0-0310-95a4-ce76da25c4cd
We need to remove post_ancestors non-persistent caching for this. get_post_ancestors() can simply rely on the caching of get_post() instead. Previously, it was a direct query, hence the extra layers of caching and clearing.
Child cache clearing stays in wp_delete_post() as children get a new parent.
fixes#11399.
git-svn-id: http://core.svn.wordpress.org/trunk@21952 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Attachments now go through post.php, edit_post(), the like, and have show_ui set to true.
* Taxonomies attached to the media library now appear in the admin menu (if show_ui).
* Editing, cropping, uploading, etc. is still very rough, but mostly functional.
API-wise:
* New function: get_taxonomies_for_attachments(). Like get_taxonomies(), for taxonomies specifically registered against attachments.
* Brings taxonomy support from the posts list table to the media list table. Expect them to converge soon.
* wp_insert_attachment() now handles taxonomies like wp_insert_post(). Also expect them to converge soon.
* New edit_form_after_title hook.
props helenyhou, ocean90. see #21391.
git-svn-id: http://core.svn.wordpress.org/trunk@21948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Introduce a wp_checkdate() function with a single filter to centralise the code that validates dates.
* Improve the error message
* Correctly handle the return value of wp_insert_post which is not always a WP_Error on failure
Fixes#17180
git-svn-id: http://core.svn.wordpress.org/trunk@21922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously you could quite easily send a new post into the back of beyond by specifying an invalid date like the 30th Feb and this was very confusing.
Sometimes it would seem to work and sometimes the post would end up very far in the past - depending on the mysql version and other factors.
Fixes#17180 props jkudish.
git-svn-id: http://core.svn.wordpress.org/trunk@21921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
An empty array may also disable all default features in the future.
Do not rely on this behavior: always specify title and editor if you want them.
props sc0ttkclark.
fixes#21586.
git-svn-id: http://core.svn.wordpress.org/trunk@21831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Will be replaced with http://wordpress.org/extend/plugins/atom-publishing-protocol/.
* Introduces an action, xmlrpc_rsd_apis, to add APIs to xmlrpc.php?rsd.
* Introduces support for 'error' being 403 and 50x in class-wp.php.
* Removes 'Remote Publishing' from Writing Settings (see [21804]). Keeps the remote_publishing settings section.
DB version is bumped to generate the new wp-app rewrite rule and remove the old enable_app option.
props wonderboymusic.
fixes#21509.
git-svn-id: http://core.svn.wordpress.org/trunk@21818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Make the $post argument to get_post() optional, defaulting to the current post in The Loop.
Props nacin
see #21309
git-svn-id: http://core.svn.wordpress.org/trunk@21735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Return WP_Post from get_default_post_to_edit()
Replace all calls to get_page() with get_post()
see #21309
git-svn-id: http://core.svn.wordpress.org/trunk@21597 1a063a9b-81f0-0310-95a4-ce76da25c4cd