While intended as a playful error message, `Cheatin’ uh?` can be interpreted as insulting or accusatory in an already stressful situation. This replaces Cheatin’ with more meaningful error messages, depending on the error that occurs.
Props ElectricFeet, EricMeyer, karmatosed, dd32, BandonRandon, melchoyce for language; dmsnell for original patch; peterwilsoncc.
Fixes#38332.
Built from https://develop.svn.wordpress.org/trunk@42648
git-svn-id: http://core.svn.wordpress.org/trunk@42477 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the Screen Options toggle and the related panel content
were hidden on small screens, preventing access to important settings,
including the ability to toggle the meta boxes visibility.
Props chetan200891.
Fixes#40985.
Built from https://develop.svn.wordpress.org/trunk@42644
git-svn-id: http://core.svn.wordpress.org/trunk@42473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
JSHint inherits a license from JSLint that includes the clause "The Software shall be used for Good, not Evil." WordPress's license specifically allows grants the freedom to run the program, for any purpose. Please note, this is not an encouragement of evil. Rather than doing something evil, how about learning to love those around you. Instead of tweeting lies and saying people are "Not Good!", help your neighbor. In the words of Lin Manual Miranda, "Love is love is love is love is love is love is love is love, cannot be killed or swept aside."
This replaces JSHint with esprima, a part of the larger jQuery project, and a custom wrapper for some basic error checking within codemirror.
The existing JSHint configuration is kept in place in case someone wants to use that, but they can only do so for Good.
Fixes#42850
Props netweb for a spelling fix on a comment.
Built from https://develop.svn.wordpress.org/trunk@42547
git-svn-id: http://core.svn.wordpress.org/trunk@42376 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As decided in the JavaScript core chat. With a few reasons:
* It is visually cleaner when reading the source.
* This bring the JavaScript documentation closer to the PHP documentation.
The only disadvantage is that the JSDoc parser doesn't split out the summary and the description in the new format. We've decided to solve this when building the JavaScript documentation parser.
Props herregroen.
Fixes#42901.
Built from https://develop.svn.wordpress.org/trunk@42411
git-svn-id: http://core.svn.wordpress.org/trunk@42240 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the "Attachment Details" screen:
* The crop button is always 'enabled'.
* Clicking the crop button with no selection selects the entire image.
* Clicking the crop button with the entire image selected doesn't do anything.
* Clicking the crop button with a selection crops as expected.
Props sonjanyc, afercia, mikeschroder.
Fixes#30155.
Built from https://develop.svn.wordpress.org/trunk@42404
git-svn-id: http://core.svn.wordpress.org/trunk@42233 1a063a9b-81f0-0310-95a4-ce76da25c4cd
JSDoc takes it structural data from `@namespace`, `@lends` and `@memberOf`. This change fixes these tags for all JavaScript files in the wp-admin folder.
* Add jsdoc configuration to parse wp-admin/js files. Use `jsdoc -c jsdoc.conf.json` to generate JSDoc.
* Define all used namespaces using `@namespace`.
* Define each usage of the extend function as a prototype assignment using `@lends`.
* Add `@alias` if JSDoc cannot detect the correct name automatically.
This has previously been corrected for all `wp-includes` JavaScript files: [41351].
Props herregroen.
Fixes#42485.
Built from https://develop.svn.wordpress.org/trunk@42403
git-svn-id: http://core.svn.wordpress.org/trunk@42232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `custom-header.js` file is only used on the `wp-admin/themes.php?page=custom-header` page. As that page is no longer linked from the UI the functions in the file are marked deprecated.
Props nicollle, jipmoors, diedeexterkate.
Fixes#42678.
Built from https://develop.svn.wordpress.org/trunk@42385
git-svn-id: http://core.svn.wordpress.org/trunk@42214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
We have a handful of super long regexen that are written over multiple lines, as a collection of strings concatenated together. Each string is indented appropriately for the regex, but PHPCS doesn't recognised this, so defaults to removing the extra whitespace.
Disabling the `Squiz.Strings.ConcatenationSpacing.PaddingFound` rule for these blocks stops the extra whitespace from being removed.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42249
git-svn-id: http://core.svn.wordpress.org/trunk@42078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While caching here seemed like a good idea in theory, in practice the cache would be often stale causing development issues.
We exclude common folders (such as `node_modules`) from the scanning to avoid directories which are not useful to the end-user, so as long as those exclusion lists are held up this shouldn't cause too much of a degredation in the future.
We may consider adding caching here again in the future if it's determined that it is really needed.
Props precies, ibenic, mariovalney, schlessera, and all the others who commented on the ticket(s).
This partually reverts [41806].
See #6531.
Fixes#42573.
Built from https://develop.svn.wordpress.org/trunk@42242
git-svn-id: http://core.svn.wordpress.org/trunk@42071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42228
git-svn-id: http://core.svn.wordpress.org/trunk@42057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the setup process reads `wp-config-sample.php`, it assumes that there are no spaces inside the brackes of the `define()`s. Unfortunately, this doesn't match our coding standards, so will no longer work correctly once we start enforcing them.
This also improves coding standards of the generated `wp-config.php` file.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42218
git-svn-id: http://core.svn.wordpress.org/trunk@42047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This pattern occurs a handful of times across the codebase:
`<div class="foo<?php if ( $bar ) { echo ' baz'; } ?>">`
Unfortunately, it doesn't really play nicely with `phpcbf`, so all instances need to be removed in preperation for auto code formatting.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42217
git-svn-id: http://core.svn.wordpress.org/trunk@42046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `meta_box_cb` argument was introduced in [25572] to allow plugin
authors to provide a custom callback for rendering their taxonomy's meta
box on the post edit screen. However, the routine used to handle the saving
of these custom taxonomy meta boxes was not customizable, but was instead
based simply on whether the taxonomy was hierarchicaly. See [13535].
The new `meta_box_sanitize_cb` argument defaults to the "tag" routine for
non-hierarchical taxonomies and the "category" routine for hierarchical ones,
thereby maintaining the current default behavior. Developers can override this
when the data passed from their `meta_box_cb` differs.
Props boonebgorges, ZaneMatthew, stephenharris.
Fixes#36514.
Built from https://develop.svn.wordpress.org/trunk@42211
git-svn-id: http://core.svn.wordpress.org/trunk@42040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- When switching to the Text view, wait until after the Visual editor element has been hidden, before focussing the `<textarea>`.
- When switching to the Visual view, only scroll if the cursor is not visible on the current screen.
Fixes#42530.
Built from https://develop.svn.wordpress.org/trunk@42175
git-svn-id: http://core.svn.wordpress.org/trunk@42005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Simplify regular expression for checking URL validity to just do basic checks to confirm the value looks like a URL. Leave the complete validation to the server-side logic in `WP_Customize_Nav_Menu_Item_Setting::sanitize()` to avoid having to maintain two separate codebases for validating URLs.
Props westonruter, SergeyBiryukov for testing.
Amends [41697].
See #32816.
Fixes#42506 for trunk.
Built from https://develop.svn.wordpress.org/trunk@42153
git-svn-id: http://core.svn.wordpress.org/trunk@41984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When just doing `wp_publish_post()` for the changeset from `customize.php`, any option-based settings will fail to get saved because `WP_Customize_Manager` would have already been loaded with `settings_previewed`, resulting in `update_option()` calls being short-circuited. So an admin-ajax request to `customize_save` is used to work around this.
Props westonruter, jeremyfelt, dlh for testing, LittleBigThing for testing.
Amends [41626].
See #28721, #39221.
Fixes#42457 for trunk.
Built from https://develop.svn.wordpress.org/trunk@42138
git-svn-id: http://core.svn.wordpress.org/trunk@41969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Consider both `selectedChangesetStatus` and `changesetStatus` states when deciding to disable.
* Factor out common logic into `canSwitchTheme` function on `ThemesPanel`.
* Keep Live Preview and Install buttons disabled in Themes controls and detail overlays when appropriate.
Props westonruter, dlh.
Amends [41788].
See #42126, #37661, #39896.
Fixes#42406.
Built from https://develop.svn.wordpress.org/trunk@42113
git-svn-id: http://core.svn.wordpress.org/trunk@41942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevent edits to 2-level deep theme files from returning a `disallowed_theme_file` error when attempting to save an edit. Aligns logic for gathering `$allowed_files` in `theme-editor.php` for listing files with the validation logic in `wp_edit_theme_plugin_file()`.
Amends [41806].
See #6531.
Fixes#42425.
Built from https://develop.svn.wordpress.org/trunk@42112
git-svn-id: http://core.svn.wordpress.org/trunk@41941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Let min hour be 0 and max be 23 in 24-hour time; let min hour be 1 and max be 12 in 12-hour time.
* Show error notification when an invalid date value is provided, not just when not a future date.
* Fix translation of custom validity message.
* Start checking for validity after all inputs have been initially populated.
* Remove support for being able to enter 24:00.
* Cease forcing date input elements from being casted to integers, to allow for invalid inputs to be detected.
Props westonruter, Presskopp, peterwilsoncc, atachibana for testing.
See #39896, #28721.
Fixes#42373.
Built from https://develop.svn.wordpress.org/trunk@42042
git-svn-id: http://core.svn.wordpress.org/trunk@41876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Passing `options.params` when constructing `Partial` is now deprecated in favor of just passing `options`.
* Improve usage of jsdoc in JS `Partial` class.
* Also add `defaults` property to `wp.customize.selectiveRefresh.Partial` class for parity with `Control`.
See #42083.
Built from https://develop.svn.wordpress.org/trunk@42037
git-svn-id: http://core.svn.wordpress.org/trunk@41871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Deprecate PHP classes `WP_Customize_New_Menu_Section` and `WP_Customize_New_Menu_Control`.
* Deprecate JS class `wp.customize.Menus.NewMenuControl`.
* Also introduce `wp.customize.Menus.createNavMenu()` for logic to create nav menus separately from the logic for handling UI interactions.
Amends [41768].
See #40104, #42364.
Fixes#42357.
Built from https://develop.svn.wordpress.org/trunk@42034
git-svn-id: http://core.svn.wordpress.org/trunk@41868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Expand containing panel when expanding themes section.
* Consolidate UI changes related to a section's expanded state change.
* Prevent collapsing current section when expanding.
* Auto-expand first themes section when expanding panel if one is not expanded already.
See #37661, #42354.
Fixes#42360.
Built from https://develop.svn.wordpress.org/trunk@42033
git-svn-id: http://core.svn.wordpress.org/trunk@41867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Eliminate Media control template from having dependency on `params.settings.default` for element ID, to fix compat with `params.settings` array or single `params.setting`. See #36167.
* Move description out of label and add `aria-describedby` to Media control's Select button. See #30738, #33085.
* Obtain notification container whenever content is (re-)rendered (such as for Media control). See #38794.
* Re-render notifications after control content is re-rendered, if control is in expanded section. See #38794.
Amends [41390].
See #36167, #38794, #33085, #30738.
Built from https://develop.svn.wordpress.org/trunk@42031
git-svn-id: http://core.svn.wordpress.org/trunk@41865 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `publish_settings` section is a fundamental dependency for Customizer, so it must be guaranteed to be registered.
Also unconditionally register core types for panels, sections, and controls in case plugin unhooks all `customize_register` actions.
See #39896.
Fixes#42337.
Built from https://develop.svn.wordpress.org/trunk@42025
git-svn-id: http://core.svn.wordpress.org/trunk@41859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes issue specifically with attempting to access an orphaned control's `elements` immediately after it has been added. Normally this would not happen because a control would not be registered without a section, and also a control should only be interacted with once its `embedded` deferred has been resolved.
Also harden logic for gathering list of deferred setting IDs.
See #37964.
Fixes#42330.
Built from https://develop.svn.wordpress.org/trunk@42024
git-svn-id: http://core.svn.wordpress.org/trunk@41858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This now treats files containing `./` as valid, and also treats files containing a trailing `../` as valid due to widespread use of this pattern in theme and plugin zip files.
Adds tests.
Props Ipstenu, borgesbruno, DavidAnderson, philipjohn, birgire
Fixes#42016, #36170
Built from https://develop.svn.wordpress.org/trunk@42011
git-svn-id: http://core.svn.wordpress.org/trunk@41845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Allow updating oEmbed cache during `parse-embed` requests for non-post editors (such as widgets).
* Update any existing `oembed_cache` post when `usecache` and TTL has passed.
* Do not overwrite a previously valid cache with `{{unknown}}`.
Props dlh.
See #34115.
Fixes#42310.
Built from https://develop.svn.wordpress.org/trunk@42009
git-svn-id: http://core.svn.wordpress.org/trunk@41843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds checks throughout to allow for `wp_new_comment()` returning a `WP_Error` instance.
Updates the docs for the `pre_comment_approved` filter to include that it can be passed an error.
Props enrico.sorcinelli, ryotsun.
Fixes#39730.
Built from https://develop.svn.wordpress.org/trunk@41980
git-svn-id: http://core.svn.wordpress.org/trunk@41814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Reverting this for 4.9. It will be added back in a future version of WordPress. This doesn't mean that you shouldn't be trying Gutenberg, just that it isn't ready for a call out to a larger audience. But if you are the type to read commit messages, https://github.com/WordPress/gutenberg could use your pull requests and comments on issues.
Reverts [41931] [41900] [41896] [41895]
See #41316
Built from https://develop.svn.wordpress.org/trunk@41978
git-svn-id: http://core.svn.wordpress.org/trunk@41812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The customizer and the theme installer use `visibility: hidden` on the body when
they open full-overlays screens. The FTP credentials modal needs a visibility
property set back to `visible` to be visible over those overlays.
Props purnendu.
Fixes#42205.
Built from https://develop.svn.wordpress.org/trunk@41972
git-svn-id: http://core.svn.wordpress.org/trunk@41806 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When media is uploaded to a post, the upload directory is set according to the date of the post, so that the media URLs in the post match when the post was published.
A page is a slightly different beast, pages often live for years, and are regularly updated to stay relevant. This change causes media uploaded to pages to use the upload date to determine the upload directory.
Fixes#10752.
Built from https://develop.svn.wordpress.org/trunk@41964
git-svn-id: http://core.svn.wordpress.org/trunk@41798 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update the `CodeEditorControl`'s `codemirror` deferred to be set before calling the parent class's `initialize` method. Since the `ready` method may be called directly by `initialize` it may be too late to add a new `Deferred` to the control's `deferred` property after calling the base control class's `initialize`.
Amends [41958].
See #41897.
Built from https://develop.svn.wordpress.org/trunk@41960
git-svn-id: http://core.svn.wordpress.org/trunk@41794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
CodeMirror gets initialized once the control's containing section is expanded. The deferred will be rejected if user preference for syntax highlighting is disabled.
Also move jsdoc from `wp.customize.Control` to intended `wp.customize.Control#initialize()`.
See #41897, #12423.
Built from https://develop.svn.wordpress.org/trunk@41958
git-svn-id: http://core.svn.wordpress.org/trunk@41792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allow `CodeEditorControl` to be instantiated with a `editor_settings` param which is merged with `wp.codeEditor.defaultSettings`.
Also:
* Turn redundant "CSS Code" control label into screen reader text for Additional CSS.
* Remove `code-editor` as script dependency for `custom-html-widgets` since enqueueing is determined by `wp_enqueue_code_editor()`.
* Remove useless exporting of `code_type` param to JS in `WP_Customize_Code_Editor_Control`.
* Add `disabled` class to Custom HTML widget's Save button when linting errors are present.
* Remove redundant `span` inside CodeEditorControl's `label`.
See #41897, #12423, #41872.
Built from https://develop.svn.wordpress.org/trunk@41957
git-svn-id: http://core.svn.wordpress.org/trunk@41791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Introduce a `widget_{$id_base}_instance_schema` filter for plugins to add new properties to a media widget's instance schema.
* Pass all of a gallery widget's instance props to the gallery media frame, not just the ones that core supports.
See #32417, #41914.
Fixes#42285.
Built from https://develop.svn.wordpress.org/trunk@41951
git-svn-id: http://core.svn.wordpress.org/trunk@41785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is a follow up on r41732, implementing the following improvements:
* Attachment parent info is now stored in attachment meta rather than a
separate post meta key.
* Attachments created from contextual crops (e.g. header, logos, etc.) are
filtered out of the media library using a new `_filterContext` method in
`wp.media.controller.Library`.
Props joemcgill, westonruter.
See #21819.
Built from https://develop.svn.wordpress.org/trunk@41937
git-svn-id: http://core.svn.wordpress.org/trunk@41771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Only use default control content template when a more specific template doesn't exist.
* Remove extraneous whitespace from being output in `WP_Customize_Control::render()` method.
* Move Custom Header template printing to `customize_controls_print_footer_scripts` action.
See #30738.
Built from https://develop.svn.wordpress.org/trunk@41935
git-svn-id: http://core.svn.wordpress.org/trunk@41769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update deprecated `isHostedVideo` method to always return `true` since all oEmbeds are now supported.
* Disable `scanImage` for non-image media widgets.
* Ensure embed URL field element is matched from current media frame instance due to bug where media frames are not destroyed upon closing.
* Update error message for invalid video URLs to ask user to check the URL for validity.
Props gk.loveweb, octalmage, westonruter.
See #42039, #40935.
Fixes#41052.
Built from https://develop.svn.wordpress.org/trunk@41933
git-svn-id: http://core.svn.wordpress.org/trunk@41767 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update stubs to have draft status when changeset is saved as draft, instead of preventing auto-draft garbage collection by giving them a far-future `post_date`.
* Show notice in publish metabox when editing a customization draft indicating that it will be published automatically with its changeset; a link to Customizer is included.
* Include a new "Customization Draft" display post state in the post list table.
* Disconnect stubs from their changesets when they are updated with a status other than "Draft".
* Trash customization drafts when their related changeset is trashed or deleted.
* Add a `_customize_changeset_uuid` postmeta to stubs to link them with their associated changeset.
* Include `customize_changeset_uuid` as context when requesting to insert a new auto-draft.
Props westonruter, melchoyce.
See #39896, #39752, #34923.
Fixes#42220.
Built from https://develop.svn.wordpress.org/trunk@41887
git-svn-id: http://core.svn.wordpress.org/trunk@41721 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The warning displayed upon first visit on the File Editors introduced in [41774]
needs to be the only perceivable content in the page for users of assistive
technologies. It looks like a modal but it's not exactly an ARIA dialog, not an
ARIA alert either, and needs some special treatment.
- constrains tabbing within the modal
- uses `wp.a11y.speak()` to make screen readers announce the modal message
- hides all the other page content from assistive technologies using `aria-hidden="true"`
This way, even if users miss the speak message, the warning is actually the only
perceivable content in the page.
Fixes#42110.
Built from https://develop.svn.wordpress.org/trunk@41876
git-svn-id: http://core.svn.wordpress.org/trunk@41710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update date control padding.
* Collapse publish settings section when opening panes for available widgets or nav menus.
* Remove save and cog buttons in mobile preview only mode.
* Move definition of `wp.customize.previewedDevice` to `wp.customize.state('previewedDevice')` for centralization, maintaining old alias.
* Remove unused CSS because the section is inside form now.
Props sayedwp, westonruter.
See #39896.
Fixes#42027, #42199.
Built from https://develop.svn.wordpress.org/trunk@41860
git-svn-id: http://core.svn.wordpress.org/trunk@41694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Customization locking is checked when changesets are saved and when heartbeat ticks.
* Lock is lifted immediately upon a user closing the Customizer.
* Heartbeat is introduced into Customizer.
* Changes made to user after it was locked by another user are stored as an autosave revision for restoration.
* Lock notification displays link to preview the other user's changes on the frontend.
* A user loading a locked Customizer changeset will be presented with an option to take over.
* Autosave revisions attached to a published changeset are converted into auto-drafts so that they will be presented to users for restoration.
* Focus constraining is improved in overlay notifications.
* Escape key is stopped from propagating in overlay notifications, and it dismisses dismissible overlay notifications.
* Introduces `changesetLocked` state which is used to disable the Save button and suppress the AYS dialog when leaving the Customizer.
* Fixes bug where users could be presented with each other's autosave revisions.
Props sayedwp, westonruter, melchoyce.
See #31436, #31897, #39896.
Fixes#42024.
Built from https://develop.svn.wordpress.org/trunk@41839
git-svn-id: http://core.svn.wordpress.org/trunk@41673 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On narrower devices, input fields are too short to fit the number of default digits they contain. This widens the fields and also breaks each height and width attribute onto a new line for better usability, using some terrible CSS trickery. My apologies.
Props: Toru, Presskopp, desrosj, xkon, ryelle, melchoyce.
Fixes#34539.
Built from https://develop.svn.wordpress.org/trunk@41836
git-svn-id: http://core.svn.wordpress.org/trunk@41670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes an issue where hovering over the warning icon didn't work if there were multiple warnings on the same line of code. Also updates the cursor from "pointer" to "help" when hovering over warnings and errors.
Props joyously, obenland.
Fixes#42129.
Built from https://develop.svn.wordpress.org/trunk@41830
git-svn-id: http://core.svn.wordpress.org/trunk@41664 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Introduce `WP_Customize_Themes_Section::$filter_type`, which has built-in functionality for `local` and `remote` filtering. When this set to `local`, all themes are assumed to be loaded from Ajax when the section is first loaded, and subsequent searching/filtering is applied to the loaded collection of themes within the section. This is how the core "Installed" section behaves - third-party sources with limited numbers of themes may consider leveraging this implementation. When this is set to `remote`, searching and filtering always triggers a new remote query via Ajax. The core "WordPress.org" section uses this approach, as it has over 5000 themes to search.
* Refactor `filterSearch()` to accept a raw term string as input. This enables a feature filter to be used on a section where `filter_type` is `local`.
* Refactor `filter()` on a theme control to check for an array of terms. Also sort the results by the number of matches. Rather than searching for an exact match, this will now search for each word in a search distinctly, allowing things like tags to rank in search results more accurately.
* Split `loadControls()` into two functions for themes section JS: `loadThemes()` to initiate and manage an Ajax request and `loadControls()` to create theme controls based on the results of the Ajax call. If third-party sections need to change the way controls are loaded, such as by using a custom control subclass of `WP_Customize_Theme_Control`, this allows them to use the core logic for managing the Ajax call and only override the actual control-creation process.
* Introduce `customize_load_themes` filter to facilitate loading themes from third-party sources (or modifying the results of the core sections).
* Bring significant improvements to the installed themes search filter.
Props celloexpressions.
Amends [41648].
See #37661.
Fixes#42049.
Built from https://develop.svn.wordpress.org/trunk@41807
git-svn-id: http://core.svn.wordpress.org/trunk@41641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The theme and plugin editors now list all files in the selected theme or plugin, recursing through subdirectories as necessary.
Props WraithKenny, schlessera, chsxf, MikeHansenMe, Daedalon, valendesigns, westonruter, pento.
Fixes#6531.
Built from https://develop.svn.wordpress.org/trunk@41806
git-svn-id: http://core.svn.wordpress.org/trunk@41640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Increase PHP execution time limit prior to issuing loopback requests where are themselves given timeouts to ensure PHP file can be reverted.
* Output scrape messages on success and failure so that absence of either can also be flagged as an error condition.
* Forward browser's HTTP Basic Auth credentials in loopback requests to admin and home URL.
* Display more helpful message when loopback request fails.
Amends [41721].
See #21622.
Fixes#42102.
Built from https://develop.svn.wordpress.org/trunk@41805
git-svn-id: http://core.svn.wordpress.org/trunk@41639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Open the door for future browser history feature in #28536, which is currently not feasible when customize-loader is used.
* Remove customizer-loader from being used on admin screens for Dashboard, Themes, non-shiny theme install/update.
* Keep the customize-loader functionality available for plugins, for the time being. It may become deprecated.
* Ensure `return` param in customizer links in Themes screen update to reflect `search` updated by `pushState`.
* Persist `return` when reloading Customizer due to theme switch, autosave restoration, or changeset trashing.
* Use `location.replace()` instead of changing `location.href` when trashing.
* Hide theme browser while Themes screen is loading when there is a `search` to prevent flash of unfiltered themes.
* Use throttling instead of debouncing when searching themes to ensure that screen is updated immediately on page load.
* Fix encoding and decoding of `search` param between URL and search field.
* Add support for dismissing autosaves when closing customize-loader, when it is used by plugins.
* Skip sending changeset UUID to customize-loader for population in browser location if changeset branching is not enabled.
See #28536.
Fixes#40254.
Built from https://develop.svn.wordpress.org/trunk@41797
git-svn-id: http://core.svn.wordpress.org/trunk@41631 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Prevent autoloading an existing draft/future changeset when theme not active.
* Add missing notifications container to Themes panel.
* Remove deactivation of themes panel when selected status is not publish.
* Show notification in Themes panel when themes cannot be previewed and disable preview buttons.
* Reject installTheme call when theme preview not available.
* Return promise from installTheme and eliminate use of global events in favor of promises.
Props westonruter, melchoyce, zoonini.
See #37661, #39896.
Fixes#42126.
Built from https://develop.svn.wordpress.org/trunk@41788
git-svn-id: http://core.svn.wordpress.org/trunk@41622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Fix keeping text selection and scroll position when there are embeds from URL.
- Add editor setting to disable keeping selection and scroll position.
- Remove dependency on Underscore.js.
- Fix error in the Text widget editor.
Props biskobe.
Fixes#42059, see #40854.
Built from https://develop.svn.wordpress.org/trunk@41783
git-svn-id: http://core.svn.wordpress.org/trunk@41617 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is an effort to provide a speed bump before heading into something potentially destructive and some education for users on better alternatives, even as we make the file editors safer to use. Each user, including existing users, will be shown a one-time dismissible modal warning on their first visit to each of the theme and plugin file editors.
Copy tweaks to come.
props michelleweber, Ipstenu, melchoyce, adamsilverstein, westonruter, toddnestor, aryamaaru, ZaneMatthew, cliffseal, helen.
fixes#31779.
Built from https://develop.svn.wordpress.org/trunk@41774
git-svn-id: http://core.svn.wordpress.org/trunk@41608 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Often, folks run into two issues when they create new menus: they click "Add a Menu" thinking it will add a new page to their menu, or they forget to assign their new menu to a location, and then wonder why it doesn't show up on their site.
This commit rearranges the order of items in the menu panel, and updates the flow for creating a menu by breaking it up into steps. Additionally, more help text has been added to guide people through the process of creating a menu.
Also adds default `type` lookups for Panel and Section instances. See #30741.
Props bpayton, obenland, westonruter, celloexpessions, afercia, melchoyce, zoonini, michelleweber.
Fixes#40104.
Built from https://develop.svn.wordpress.org/trunk@41768
git-svn-id: http://core.svn.wordpress.org/trunk@41602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Remove plugins icons from the plugin list table, as there were performance issues loading the icons when the site had lots of plugins.
- Depending on which icons the plugin has uploaded, prefer them in this order: `svg`, `128x128`, `256x256`.
- Improve the style of the fallback icon for plugins that don't have an icon defined.
Props Travel_girl, danieltj, afercia, karmatosed,hugobaeta, empireoflight, brentjett, melchoyce, pento.
Fixes#30186.
Built from https://develop.svn.wordpress.org/trunk@41755
git-svn-id: http://core.svn.wordpress.org/trunk@41589 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Allow passing settings in keyed object (e.g. `settings: { default: 'id' } ), or as an array (e.g. `settings: [ 'id' ]`) with first being default; again, `Setting`/`Value` objects may be supplied instead of IDs.
* Allow a single setting to be supplied with just a single `setting` param, either a string or a `Setting`/`Value` object.
* Update `changeset_status` and `scheduled_changeset_date` to be added dynamically with JS and simply passing of `api.state()` instances as `setting`.
* Introduce a `data-customize-setting-key-link` attribute which, unlike `data-customize-setting-link`, allows passing the setting key (e.g. `default`) as opposed to the setting ID.
* Allow `WP_Customize_Control::get_link()` to return `data-customize-setting-key-link` when setting is not registered.
* Eliminate `default_value` from `WP_Customize_Date_Time_Control` since now comes from supplied `Value`.
* Export status choices as `wp.customize.settings.changeset.statusChoices`.
* Export date and time formats as `wp.customize.settings.dateFormat` and `wp.customize.settings.timeFormat` respectively.
Props westonruter, sayedwp.
See #39896, #30738, #30741, #42083.
Fixes#37964, #36167.
Built from https://develop.svn.wordpress.org/trunk@41750
git-svn-id: http://core.svn.wordpress.org/trunk@41584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When able to be parsed, store the created date for a video file from meta,
since this is useful separately from the dates on the file itself.
Introduces `wp_get_media_creation_timestamp()` to read the timestamp from
getID3 and a `wp_read_video_metadata` filter analogous to
`wp_read_image_metadata`.
Fixes#35218.
Props stevegrunwell, joemcgill, desrosj, blobfolio, mikeschroder.
Built from https://develop.svn.wordpress.org/trunk@41746
git-svn-id: http://core.svn.wordpress.org/trunk@41580 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This sets a referrer policy of `same-origin` which adds hardening by preventing a referrer being sent from the admin area or login screens to other origins. This helps prevent unwanted exposure of potentially sensitive information that may be contained within URLs.
This change introduces a new filter, `admin_referrer_policy`, for filtering the referrer policy header value. The header can be disabled if necessary by removing the `wp_admin_headers` action from the `admin_init` and `login_init` hooks.
Props joostdevalk
Fixes#42036
Built from https://develop.svn.wordpress.org/trunk@41741
git-svn-id: http://core.svn.wordpress.org/trunk@41575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds `Custom_Image_Header::get_previous_crop()`, which finds any
previously cropped headers created from the same base image and replaces
that attachment rather than creating a new attachment.
After updating a crop, the replaced images is also removed from the list
of previous header images in the Customizer.
See #21819.
Built from https://develop.svn.wordpress.org/trunk@41732
git-svn-id: http://core.svn.wordpress.org/trunk@41566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Eliminate need to pass both ID and instance in calls to `Values#add()` for panels, sections, controls, settings, partials, and notifications.
* Eliminate need to supply `content` param when constructing a `Control`.
* Unwrap the `options.params` object passed in constructors to just pass a flat `options`. (Back-compat is maintained.)
* Add support for `templateId` param for `Control` to override which template is used for the content.
* Remove unused `previewer` being supplied in `Control` instances.
* Rename `classes` to `containerClasses` on `Notification`.
* Automatically supply `instanceNumber` to improve stable sorting.
* Use `api.Notifications` for notifications in settings instead of `api.Value`.
See #30741.
Fixes#42083.
Built from https://develop.svn.wordpress.org/trunk@41726
git-svn-id: http://core.svn.wordpress.org/trunk@41560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Edits to active plugins which cause PHP fatal errors will no longer auto-deactivate the plugin. Supersedes #39766.
* Introduce sandboxed PHP file edits for active themes, preventing accidental whitescreening of a user's site when introducing a fatal error.
* After writing a change to a PHP file for an active theme or plugin, perform loopback requests on the file editor admin screens and the homepage to check for fatal errors. If a fatal error is encountered, roll back the edited file and display the error to the user to fix and try again.
* Introduce a secure way to scrape PHP fatal errors from a site via `wp_start_scraping_edited_file_errors()` and `wp_finalize_scraping_edited_file_errors()`.
* Moves file modifications from `theme-editor.php` and `plugin-editor.php` to common `wp_edit_theme_plugin_file()` function.
* Refactor themes and plugin editors to submit file changes via Ajax instead of doing full page refreshes when JS is available.
* Use `get` method for theme/plugin dropdowns.
* Improve styling of plugin editors, including width of plugin/theme dropdowns.
* Improve notices API for theme/plugin editor JS component.
* Strip common base directory from plugin file list. See #24048.
* Factor out functions to list editable file types in `wp_get_theme_file_editable_extensions()` and `wp_get_plugin_file_editable_extensions()`.
* Scroll to line in editor that has linting error when attempting to save. See #41886.
* Add checkbox to dismiss lint errors to proceed with saving. See #41887.
* Only style the Update File button as disabled instead of actually disabling it for accessibility reasons.
* Ensure that value from CodeMirror is used instead of `textarea` when CodeMirror is present.
* Add "Are you sure?" check when leaving editor when there are unsaved changes.
Supersedes [41560].
See #39766, #24048, #41886.
Props westonruter, Clorith, melchoyce, johnbillion, jjj, jdgrimes, azaozz.
Fixes#21622, #41887.
Built from https://develop.svn.wordpress.org/trunk@41721
git-svn-id: http://core.svn.wordpress.org/trunk@41555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- fixes invalid HTML and duplicate IDs
- as per the Accessibility coding standards, all new code must use explicitly associated form labels
- properly escapes a few HTML attributes
Props celloexpressions, afercia.
Fixes#42054.
Built from https://develop.svn.wordpress.org/trunk@41709
git-svn-id: http://core.svn.wordpress.org/trunk@41543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
To mirror theme list table behaviour, the plugin icon now appears next to plugins in the plugin list tables. For plugins that don't have an icon, or non-W.org plugins, a fallback dashicon is shown.
Props melchoyce, afercia, paulwilde, pento, obenland.
Fixes#30186.
Built from https://develop.svn.wordpress.org/trunk@41695
git-svn-id: http://core.svn.wordpress.org/trunk@41529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `aria-current` attribute is a simple, effective way to help assistive
technologies users orientate themselves within a list of items. Continues the
introduction in core of the `aria-current` attribute after [41359] and [41371].
Props joedolson, flixos90, afercia.
Fixes#32399.
Built from https://develop.svn.wordpress.org/trunk@41683
git-svn-id: http://core.svn.wordpress.org/trunk@41517 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Let date `legend` be screen reader text when time is not included.
* Skip rendering containers for label (title) and description when not supplied in registered control.
* Fix margins and padding.
Amends [41670].
Props westonruter, afercia, sayedwp.
Fixes#42022.
Built from https://develop.svn.wordpress.org/trunk@41672
git-svn-id: http://core.svn.wordpress.org/trunk@41506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Allow time fields to be omitted by constructing with `timeIncluded` as `false`.
* Ensure `reportValidity` is only called on a control when it is in an expanded section.
* Rename "ampm" to "meridian".
* Improve accessibility and fix HTML validation and style issues for both the date/time control and the preview link control.
* Fix styling of dropdowns and clean CSS.
* Improve accessibility of nav menus component.
Props westonruter, afercia, sayedwp, melchoyce.
Amends [41626].
See #39896.
Fixes#42022.
Built from https://develop.svn.wordpress.org/trunk@41670
git-svn-id: http://core.svn.wordpress.org/trunk@41504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Introduce a new `wp.customize.previewer.trash()` JS API to trash the current changeset, along with logic to `WP_Customize_Manager` to handle deleting changeset drafts.
* Add `trashing` to `wp.customize.state` which is then used to update the UI.
* UI for trashing is pending design feedback. One possibility is to add a new trash button to Publish Settings section that invokes `wp.customize.previewer.trash()`.
* Improve logic for managing the visibility and disabled states for publish buttons.
* Prevent attempting `requestChangesetUpdate` while processing and bump processing while doing `save`.
* Update `changeset_date` state only if sent in save response.
* Merge `ThemesSection#loadThemePreview()` into `ThemesPanel#loadThemePreview()`.
* Remove unused `autosaved` state.
* Start autosaving and prompting at beforeunload after a change first happens. This is key for theme previews since even if a user did not make any changes, there were still dirty settings which would get stored in an auto-draft unexpectedly.
* Allow `Notification` to accept additional `classes` to be added to `container`.
* Introduce `OverlayNotification` and use for theme installing, previewing, and trashing. Such overlay notifications take over the entire window.
Props westonruter, celloexpressions.
See #37661, #39896, #21666, #35210.
Built from https://develop.svn.wordpress.org/trunk@41667
git-svn-id: http://core.svn.wordpress.org/trunk@41501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`get_current_blog_id()` is more appropriate for determining the ID of the current site in most cases. This eliminates the need for the global `$wpdb` in several functions and is better than the implicit global used in admin pages.
Props bnap00, spacedmonkey.
Fixes#41684.
Built from https://develop.svn.wordpress.org/trunk@41661
git-svn-id: http://core.svn.wordpress.org/trunk@41495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- sets the modal content to `role="document"` to make screen readers switch back to browse mode
- standardizes the Themes screen and Customizer modals interaction
- Themes screen modal: sets initial focus on the modal overlay instead of the primary button, avoiding to "skip" content for keyboard and screen reader users
Fixes#42055.
Built from https://develop.svn.wordpress.org/trunk@41658
git-svn-id: http://core.svn.wordpress.org/trunk@41492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Deactivate the Themes panel immediately after changing selected status to non-publish.
* Animate publish settings button into view with publish button when collapsing Themes panel.
* Deactivate publish settings section and hide publish settings button entirely when customizer state is clean.
* Harden access of Themes panel in case it was removed by plugin.
* Fix throttling of `renderScreenshots` calls in `ThemesSection`.
Amends [41648], [41626].
See #37661, #39896, #34843.
Built from https://develop.svn.wordpress.org/trunk@41649
git-svn-id: http://core.svn.wordpress.org/trunk@41483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Unify the theme-browsing and theme-customization experiences by introducing a comprehensive theme browser and installer directly accessible in the customizer. Replaces the customizer theme switcher with a full-screen panel for discovering/browsing and installing themes available on WordPress.org. Themes can now be installed and previewed directly in the customizer without entering the wp-admin context. Also includes an extensible framework for browsing and installing themes from other sources.
Also includes CSS auto-prefixing added via `grunt precommit:css`.
For details, see: https://make.wordpress.org/core/2016/10/03/feature-proposal-a-new-experience-for-discovering-installing-and-previewing-themes-in-the-customizer/
Previously [38813] but reverted in [39140].
Fixes#37661, #34843, #38666.
Props celloexpressions, folletto, westonruter, karmatosed, melchoyce, afercia.
Built from https://develop.svn.wordpress.org/trunk@41648
git-svn-id: http://core.svn.wordpress.org/trunk@41482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When switching between post editor modes, the current cursor position and selection is now preserved. This allows authors to switch modes without losing the context of where they were in the document.
Props biskobe.
Fixes#41962.
Built from https://develop.svn.wordpress.org/trunk@41630
git-svn-id: http://core.svn.wordpress.org/trunk@41465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Incorporates code from the Customize Snapshots and Customize Posts feature plugins.
* Adds a new Publish Settings section for managing the changeset status, scheduled date, and frontend preview link.
* Updates Publish button to reflect the status selected in the Publish Settings (including Save Draft and Schedule).
* Deactivates the Themes section when a non-publish status selected, and deactivates the Publish Settings section when previewing a theme switch.
* Introduces an `outer` section type (`wp.customize.OuterSection` in JS) for the Publish Settings section to use and for available widgets and available nav menu panels to use in the future. These sections can be expanded while other sections are expanded.
* Introduces `WP_Customize_Date_Time_Control` in PHP and `wp.customize.DateTimeControl` in JS for managing a date/time value.
* Keeps track of scheduled time and proactively publish from the client when the time arrives, as opposed to waiting for WP Cron.
* Auto-publishes a scheduled changeset when attempting to access one that missed its schedule.
* Starts a new changeset if attempting to save a changeset that was previously publish.
* Adds `force` arg to `requestChangesetUpdate()` to force an update request even when there are no pending changes.
* Adds utils methods for `getCurrentTimestamp` and `getRemainingTime`.
* Adds new state values for `selectedChangesetStatus`, `changesetDate`, `selectedChangesetDate`.
* Fixes logic for when to short-circuit check to close Customizer when there are unsaved changes.
* Adds getter methods for `autosaved` and `branching` parameters, with the latter applying the `customize_changeset_branching` filter.
* Call to `establish_loaded_changeset` on the fly when `changeset_uuid()` is called if no changeset UUID was specififed.
* De-duplicates logic for dismissing auto-draft changesets.
* Includes unit tests.
Builds on [41597].
Props sayedwp, westonruter, melchoyce, JoshuaWold, folletto, stubgo, karmatosed, dlh, paaljoachim, afercia, johnregan3, utkarshpatel, valendesigns.
See #30937.
Fixes#39896, #28721, #39275.
Built from https://develop.svn.wordpress.org/trunk@41626
git-svn-id: http://core.svn.wordpress.org/trunk@41461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Given the new WordPress browsers support policy, the `screen-reader-text` css
class used in the admin can be updated to use modern CSS and correct syntax. See
https://github.com/wpaccessibility/a11ythemepatterns/blob/master/read-more-links/style.css
Worth noting the `clip` property is deprecated and kept for IE11 and Edge.
- uses `clip-path` for modern browsers
- keeps `clip` for old browsers and update its value to a correct syntax
- resets `clip-path` to `none` where the class is used to dynamically reveal elements
- removes an old rule that made `screen-reader-text` completely invisible in the help tabs `#screen-meta`
- standardizes the rule across CSS files
Fixes#40970.
Built from https://develop.svn.wordpress.org/trunk@41622
git-svn-id: http://core.svn.wordpress.org/trunk@41457 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- uses button elements for the toggles
- uses `aria-expanded` on the toggles to communicate to assistive technologies the panels expanded/collapsed state
- adds the "circular focus" style to the toggles to give users a clear indication of the currently focused element
- standardizes CSS class names to `.toggle-indicator` and `.handlediv` as these names are already used across the admin for similar controls
Props monikarao, xavortm, mihai2u, Kopepasah.
Fixes#37013.
Built from https://develop.svn.wordpress.org/trunk@41621
git-svn-id: http://core.svn.wordpress.org/trunk@41456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Calling the `count_users()` function is expensive, regardless of the counting strategy that's used, and it gets
slower the more users there are on a site. In order to speed up the Users screen in the admin area, calling
`count_users()` can be avoided entirely while still displaying the total count for users.
This introduces some new functions:
* `wp_is_large_user_count()`
* `wp_get_active_user_count()`
* `wp_update_active_user_count()`
A corresponding `wp_is_large_user_count` filter is also introduced.
Props tharsheblows, johnbillion
Fixes#38741
Built from https://develop.svn.wordpress.org/trunk@41613
git-svn-id: http://core.svn.wordpress.org/trunk@41448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Autosaved changes made on top of `auto-draft` changesets get written on top of the `auto-draft` itself, similar to how autosaves for posts will overwrite post drafts.
* Autosaved changes made to saved changesets (e.g. `draft`, `future`) will be placed into an autosave revision for that changeset and that user.
* Opening the Customizer will now prompt the user to restore their most recent auto-draft changeset; if notification is dismissed or ignored then the auto-draft will be marked as dismissed and will not be prompted to user in a notification again.
* Customizer will no longer automatically supply the `changeset_uuid` param in the `customize.php` URL when branching changesets are not active.
* If user closes Customizer explicitly via clicking on X link, then autosave auto-draft/autosave will be dismissed so as to not be prompted again.
* If there is a changeset already saved as a `draft` or `future` (UI is forthcoming) then this changeset will now be autoloaded for the user to keep making additional changes. This is the linear model for changesets.
* To restore the previous behavior of the Customizer where each session started a new changeset, regardless of whether or not there was an existing changeset saved, there is now a `customize_changeset_branching` hook which can be filtered to return `true`.
* `wp.customize.requestChangesetUpdate()` now supports a second with options including `autosave`, `title`, and `date`.
* The window `blur` event for `customize.php` has been replaced with a `visibilitychange` event to reduce autosave requests when clicking into preview window.
* Adds `autosaved` and `branching` args to `WP_Customize_Manager`.
* The `changeset_uuid` param for `WP_Customize_Manager` is extended to recognize a `false` value which causes the Customizer to defer identifying the UUID until `after_setup_theme` in the new `WP_Customize_Manager::establish_loaded_changeset()` method.
* A new `customize_autosaved` query parameter can now be supplied which is passed into the `autosaved` arg in `WP_Customize_Manager`; this option is an opt-in to source data from the autosave revision, allowing a user to restore autosaved changes.
Props westonruter, dlh, sayedwp, JoshuaWold, melchoyce.
See #39896.
Built from https://develop.svn.wordpress.org/trunk@41597
git-svn-id: http://core.svn.wordpress.org/trunk@41430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Galleries are managed in the widget in the same way they are managed in the post editor, both using the media manager.
* Gallery widget is merged from the Core Media Widgets v0.2.0 feature plugin and it extends `WP_Widget_Media` in the same way as is done for image, audio, and video widgets.
* Model syncing logic is updated to support booleans and arrays (of integers).
* Placeholder areas in media widgets are now clickable shortcuts for selecting media.
* Image widget placeholder is updated to match gallery widget where clicking preview is shortcut for editing media.
Props westonruter, joemcgill, timmydcrawford, m1tk00, obenland, melchoyce.
See #32417.
Fixes#41914.
Built from https://develop.svn.wordpress.org/trunk@41590
git-svn-id: http://core.svn.wordpress.org/trunk@41423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- properly labels all the code editor areas (Theme/Plugin, Custom HTML widget, Additional CSS), whether CodeMirror is enabled or disabled
- adds `role="textbox"` and `aria-multiline="true"` to the CodeMirror editing area to allow assistive technologies properly identify it as a textarea
- standardizes the "keyboard trap" help text across the admin and keeps it as a list for better readability
- use the Help text elements as target for `aria-describedby`, to make screen readers read out the help text when focusing the editors
- fixes the `aria-expanded` attribute usage in the Customizer "Additional CSS" help toggle
- moves focus to the CodeMirror editing area when clicking on the associated label
- in the Plugin editor screen: changes a `<big>` element to `<h2>` for better semantics and consistency with the Theme editor screen
- also, removes a few textdomain leftovers, see `better-code-editing` and `default`
Props westonruter, melchoyce, afercia.
Fixes#41872.
Built from https://develop.svn.wordpress.org/trunk@41586
git-svn-id: http://core.svn.wordpress.org/trunk@41419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Invalidate PHP opcache after file is updated to ensure `include` will ''include'' the written changes.
* Define `WP_ADMIN` when activating plugin in sandbox so plugin code targeting admin will be loaded.
* Do actions that get triggered when loading the admin to ensure plugin code runs that could cause errors on plugin editor screen (and lock out access).
* Fix ability to re-activate a plugin after editing a PHP file other than the main plugin file, and ensure PHP fatal error will be displayed in such cases.
* Consolidate duplicated code into `plugin_sandbox_scrape()` and re-use in `activate_plugin()`.
* Show an error notice instead of a success notice when a file is updated but a plugin was deactivated due to a fatal error.
* Update style of warning when editing an active plugin to be styled as an actual warning notice.
See #12423, #21622.
Fixes#39766.
Built from https://develop.svn.wordpress.org/trunk@41560
git-svn-id: http://core.svn.wordpress.org/trunk@41393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Adds `WP_Customize_Code_Editor_Control` and `wp.customize.CodeEditorControl()`.
* Control respects user preference for syntax highlighting, showing a textarea when user opts out.
* Code editor control takes the ad hoc code for Additional CSS and makes it reusable and extensible, for Additional CSS in core and plugins to use (such as Jetpack).
* Replace `settings` arg in `wp_enqueue_code_editor()` with separate args for `codemirror`, `csslint`, `jshint`, and `htmlhint`.
* Prefix `codemirror` script and style handles with `wp-` to prevent collisions, as also the object is exported as `wp.CodeMirror` in JS.
* Reduce indent size in Customizer code editor instances and Custom HTML widget to use tab size of 2 instead of 4 to save on space.
See #12423, #38707, #35395.
Fixes#41897.
Built from https://develop.svn.wordpress.org/trunk@41558
git-svn-id: http://core.svn.wordpress.org/trunk@41391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Adds a `notifications` property to instances of `wp.customize.Panel` and `wp.customize.Section`.
* Adds a `setupNotifications()` method to `Panel`, `Section`, and `Control`.
* Adds a `getNotificationsContainerElement()` method to the `Panel` and `Section` classes, like `Control` has.
* Replace hard-coded notification in header media section with a notification.
* Limit rendering notifications to panels and sections that are expanded, and to controls that have an expanded section.
See #34893, #35210, #38778.
Fixes#38794.
Built from https://develop.svn.wordpress.org/trunk@41390
git-svn-id: http://core.svn.wordpress.org/trunk@41223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Show global error notiafication when saving is blocked due to client-side setting invalidity.
* Refactor `wp.customize.Notifications#render()` to ensure a notification re-renders if its `message` or data changes but its `code` does not.
Props MatheusGimenez, sixhours, westonruter, karmatosed, aocean90, zoonini, michelleweber, melchoyce.
See #35210.
Fixes#21492.
Built from https://develop.svn.wordpress.org/trunk@41389
git-svn-id: http://core.svn.wordpress.org/trunk@41222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Code editor is integrated into the Theme/Plugin Editor, Additional CSS in Customizer, and Custom HTML widget. Code editor is not yet integrated into the post editor, and it may not be until accessibility concerns are addressed.
* The CodeMirror component in the Custom HTML widget is integrated in a similar way to TinyMCE being integrated into the Text widget, adopting the same approach for integrating dynamic JavaScript-initialized fields.
* Linting is performed for JS, CSS, HTML, and JSON via JSHint, CSSLint, HTMLHint, and JSONLint respectively. Linting is not yet supported for PHP.
* When user lacks `unfiltered_html` the capability, the Custom HTML widget will report any Kses-invalid elements and attributes as errors via a custom Kses rule for HTMLHint.
* When linting errors are detected, the user will be prevented from saving the code until the errors are fixed, reducing instances of broken websites.
* The placeholder value is removed from Custom CSS in favor of a fleshed-out section description which now auto-expands when the CSS field is empty. See #39892.
* The CodeMirror library is included as `wp.CodeMirror` to prevent conflicts with any existing `CodeMirror` global.
* An `wp.codeEditor.initialize()` API in JS is provided to convert a `textarea` into CodeMirror, with a `wp_enqueue_code_editor()` function in PHP to manage enqueueing the assets and settings needed to edit a given type of code.
* A user preference is added to manage whether or not "syntax highlighting" is enabled. The feature is opt-out, being enabled by default.
* Allowed file extensions in the theme and plugin editors have been updated to include formats which CodeMirror has modes for: `conf`, `css`, `diff`, `patch`, `html`, `htm`, `http`, `js`, `json`, `jsx`, `less`, `md`, `php`, `phtml`, `php3`, `php4`, `php5`, `php7`, `phps`, `scss`, `sass`, `sh`, `bash`, `sql`, `svg`, `xml`, `yml`, `yaml`, `txt`.
Props westonruter, georgestephanis, obenland, melchoyce, pixolin, mizejewski, michelleweber, afercia, grahamarmfield, samikeijonen, rianrietveld, iseulde.
See #38707.
Fixes#12423, #39892.
Built from https://develop.svn.wordpress.org/trunk@41376
git-svn-id: http://core.svn.wordpress.org/trunk@41209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Displays an error notification in the global area when a save attempt is rejected due to invalid settings. An error notification is also displayed when saving fails due to a network error or server error.
* Introduces `wp.customize.Notifications` subclass of `wp.customize.Values` to contain instances of `wp.customize.Notification` and manage their rendering into a container.
* Exposes the global notification area as `wp.customize.notifications` collection instance.
* Updates the `notifications` object on `Control` to use `Notifications` rather than `Values` and to re-use the rendering logic from the former. The old `Control#renderNotifications` method is deprecated.
* Allows notifications to be dismissed by instantiating them with a `dismissible` property.
* Allows `wp.customize.Notification` to be extended with custom templates and `render` functions.
* Triggers a `removed` event on `wp.customize.Values` instances _after_ a value has been removed from the collection.
Props delawski, westonruter, karmatosed, celloexpressions, Fab1en, melchoyce, Kelderic, afercia, adamsilverstein.
See #34893, #39896.
Fixes#35210, #31582, #37727, #37269.
Built from https://develop.svn.wordpress.org/trunk@41374
git-svn-id: http://core.svn.wordpress.org/trunk@41207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `aria-current` attribute is a simple, effective way to communicate to assistive
technologies which the current item within a set of items is. While the admin menu
structure isn't 100% ideal (the top-level item is repeated also as a sub-item)
adding `aria-current="page"` to the sub-items gives an important feedback to
assistive technologies users.
This change introduces `aria-current` for the first time in core. Worth noting
there are other places where it can be used to improve accessibility. These should
be addressed in separate tickets and patches.
Fixes#41589.
Built from https://develop.svn.wordpress.org/trunk@41359
git-svn-id: http://core.svn.wordpress.org/trunk@41192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Plugin details modal custom implementation in the Plugins page conflicts with
other Thickbox instances added by plugins. Thickbox shows its age and has been
modified over time to suit core needs. However, WordPress should do its best to
not create conflicts with the native Thickbox styles and functionalities. Plugin
authors should be able to use `add_thickbox()` in any admin page as documented,
without having to worry about potential errors.
- fixes a JavaScript error when closing a native Thickbox modal in the Plugins page
- avoids to override the native Thickbox modal styles
- uses a CSS class to target the Plugin details modal and remove a pile of overqualified CSS selectors
Fixes#41417.
Built from https://develop.svn.wordpress.org/trunk@41356
git-svn-id: http://core.svn.wordpress.org/trunk@41189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Mark a widget as dirty when a field input triggers a `change` or `input` event; clear dirty state when widget is successfully saved.
* Disable Save button and re-label "Saved" when widget not dirty.
* Show AYS dialog when leaving widgets admin screen with unsaved changes.
* When widgets are dirty, expand all unsaved widgets at AYS check and focus on first one.
* Change "Close" link to "Done"; hide link when widget is dirty and reveal when saved.
* The "Done" link persistently appears in the Customizer even after making a change (when the widget is dirty) because changes are autosaved into the changeset.
* Prevent saving widget when form fails `checkValidity`.
* Fix frequency of triggering of `change` event on the rich Text widget's `textarea` limited now to when there are actual changes.
* Add a class of `widget-dirty` to widget containers when the widget has unsaved changes.
Props westonruter, timmydcrawford, melchoyce.
Fixes#41610, #23120.
Built from https://develop.svn.wordpress.org/trunk@41352
git-svn-id: http://core.svn.wordpress.org/trunk@41185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When multisite is setup already, e.g. in a multi network environment, this change gives a performance benefit over the direct SQL query that was previously used. The SQL query remains in place for when setting up multisite initially as the network API is not available at that point.
Props spacedmonkey.
Fixes#41805.
Built from https://develop.svn.wordpress.org/trunk@41348
git-svn-id: http://core.svn.wordpress.org/trunk@41181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Refactors the UI controls around the Iris color picker to output valid and semantic markup
- Simplifies the way elements visibility gets toggled
- Properly associates the visually hidden label with the color input field
- Makes the toggle button a real button
- Adds `aria-expanded` to the toggle button
- Keeps focus on the toggle button instead of moving it to the color input field
- Adds `aria-label` attributes to give better context to some controls
- Removes a redundant title attribute
- Keeps the toggle button text to "Select Color" instead of changing it to "Current Color" when a color is selected
- Slightly improves the responsive view
- CSS clean-up
Fixes#39662.
Built from https://develop.svn.wordpress.org/trunk@41329
git-svn-id: http://core.svn.wordpress.org/trunk@41160 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Update to 2.1.9.
- Include the non-minified plupload.js and moxie.js.
- Remove support for Flash and Silverlight, the available runtime options are `html5` and `html4`.
- Delete plupload.flash.swf and plupload.silverlight.xap.
Fixes#41755.
Built from https://develop.svn.wordpress.org/trunk@41328
git-svn-id: http://core.svn.wordpress.org/trunk@41159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes an issue where failures when inserting the attachment post via
`wp_insert_attachment()` would result in a return value of `0` instead of a
`WP_Error` object, as documented. This is addressed by passing `true` as the
fourth param (added in WP 4.7.0) when calling `wp_insert_attachment()`.
Props mrasharirfan, flixos90.
Fixes#41726.
Built from https://develop.svn.wordpress.org/trunk@41323
git-svn-id: http://core.svn.wordpress.org/trunk@41154 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These log entries are only useful when troubleshooting unexpected results from the API, which is not common. The vast majority of users are better served by not having their logs cluttered with noise.
For the rare situations where troubleshooting is necessary, it can be achieved by a plugin (see #41217 for an example).
Props Howdy_McGee, dd32.
Fixes#41217.
Built from https://develop.svn.wordpress.org/trunk@41316
git-svn-id: http://core.svn.wordpress.org/trunk@41147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This introduces the following meta capabilities:
* `activate_plugin`
* `deactivate_plugin`
* `deactivate_plugins`
The singular `activate_plugin` and `deactivate_plugin` capabilities are used along with the corresponding plugin name when
determining whether or not a user can activate or deactivate an individual plugin.
The plural `deactivate_plugins` capability is used in place of the existing `activate_plugins` capability when determining
whether a user can deactivate plugins.
Each of these new meta capabilities map to the existing `activate_plugins` primitive capability, which means there is no
change in existing behaviour, but plugins can now filter the capabilities required to activate and deactivate individual
plugins.
Fixes#38652
Built from https://develop.svn.wordpress.org/trunk@41290
git-svn-id: http://core.svn.wordpress.org/trunk@41130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
"Install" is not a noun, and while it might be acceptable to use the verb as a noun, it is not correct. Using the correct
noun, "installation", increases clarity, especially for non-native English speakers.
This change fixes the usage in user-facing text and in developer documentation.
Fixes#41620
Built from https://develop.svn.wordpress.org/trunk@41289
git-svn-id: http://core.svn.wordpress.org/trunk@41129 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Patches occasionally come in on generated files. We should be kind to new contributors and give them a hint that these files are auto generated.
Props drewapicture, samuelsidler, netweb, valendesigns, kpdesign, nacin, jorbin
Fixes#30666
Built from https://develop.svn.wordpress.org/trunk@41271
git-svn-id: http://core.svn.wordpress.org/trunk@41111 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new meta capabilities are called `install_languages` and `update_languages`. Prior to this change, there were no proper capability checks applied. Instead only the filesystem and related constants were checked, and for actual permissions a rather vague fallback was used where a user needed to have at least one of the other updating capabilities. In addition to being generally more verbose, the new capabilities make it possible for example to allow a user to update languages, but nothing else. By default they fall back to the original way of how they were handled.
Props johnbillion, flixos90.
Fixes#39677.
Built from https://develop.svn.wordpress.org/trunk@41268
git-svn-id: http://core.svn.wordpress.org/trunk@41108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Passing a non-null value to the filter will prevent the uploaded file from being moved to the uploads directory for any of the functions leveraging `_wp_handle_upload()`, such as `wp_handle_upload()` or `wp_handle_sideload()`.
Error reporting related to the file being moved will also be skipped.
Props ryan, Mte90.
Fixes#24603.
Built from https://develop.svn.wordpress.org/trunk@41258
git-svn-id: http://core.svn.wordpress.org/trunk@41098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their site.
Props MatheusGimenez, johnbillion
Fixes#39118
Built from https://develop.svn.wordpress.org/trunk@41254
git-svn-id: http://core.svn.wordpress.org/trunk@41094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes a visual glitch visible on Ubuntu. WordPress uses system fonts and they have
different metrics across operating systems. Uses screen-reader-text as a more
solid way to visually hide text.
Props punit5658, afercia.
Fixes#41497.
Built from https://develop.svn.wordpress.org/trunk@41227
git-svn-id: http://core.svn.wordpress.org/trunk@41067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Under certain circumstances, it can be necessary that a user should not be added to a site, beyond the restrictions that WordPress core applies. With the new `can_add_user_to_blog` filter, plugin developers can run custom checks and return an error in case of a failure, that will prevent the user from being added.
The user-facing parts and the REST API route that interact with `add_user_to_blog()` have been adjusted accordingly to provide appropriate error feedback when a user could not be added to a site. Furthermore, two existing error feedback messages in the site admin's "New User" screen have been adjusted to properly show inside an error notice instead of a success notice.
Props jmdodd.
Fixes#41101.
Built from https://develop.svn.wordpress.org/trunk@41225
git-svn-id: http://core.svn.wordpress.org/trunk@41065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are now 3 places where we call out to the REST API from within wp-admin. This commit introduces a small library to allow overriding these calls, centralize nonce-passing logic, and eliminate the need to pass a full REST URL down to client code (this last feature is not yet used and will be explored in a separate ticket).
Fixes#40919.
Built from https://develop.svn.wordpress.org/trunk@41206
git-svn-id: http://core.svn.wordpress.org/trunk@41046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Often times, it can be confusing to set a custom permalink structure. One has to double-check the documentation, make
sure to correctly insert the structure tag, and hope not to break their site.
With this addition, the available structure tags are being displayed as a list of easily clickable buttons that can be
used to insert tags to the custom structure input field and to remove them again.
Props kpdesign, swissspidy, joedolson, afercia.
Fixes#29872.
Built from https://develop.svn.wordpress.org/trunk@41182
git-svn-id: http://core.svn.wordpress.org/trunk@41022 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This reduces the chances of a site compromise going unnoticed, in the same way that the same notifications for user account email address changes reduces the chances of a user account compromise going unnoticed.
Props MatheusGimenez, johnbillion
Fixes#39117
Built from https://develop.svn.wordpress.org/trunk@41164
git-svn-id: http://core.svn.wordpress.org/trunk@41004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their account.
Props rodrigosprimo, tharsheblows, johnbillion
Fixes#16470
Built from https://develop.svn.wordpress.org/trunk@41163
git-svn-id: http://core.svn.wordpress.org/trunk@41003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to about 2013, many class methods lacked even access modifiers which made the `@access` notations that much more useful. Now that we've gotten to a point where the codebase is more mature from a maintenance perspective and we can finally remove these notations. Notable exceptions to this change include standalone functions notated as private as well as some classes still considered to represent "private" APIs.
See #41452.
Built from https://develop.svn.wordpress.org/trunk@41161
git-svn-id: http://core.svn.wordpress.org/trunk@41001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This ensures all the column titles, not just the Comments column one, are
"clean" when later reused for the Screen Options checkboxes. Also introduces
some consistency with what is already done in WP_List_Table.
Fixes#41261.
Built from https://develop.svn.wordpress.org/trunk@41148
git-svn-id: http://core.svn.wordpress.org/trunk@40988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this change, the similar help tab and sidebar for these screens were all duplicated for each respective screen. This changeset introduces two internal admin functions `get_site_screen_help_tab_args()` and `get_site_screen_help_sidebar_content()` that make these available in a centralized location.
Props atanasangelovdev.
Fixes#41167.
Built from https://develop.svn.wordpress.org/trunk@41065
git-svn-id: http://core.svn.wordpress.org/trunk@40917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress no longer supports many old old browsers: https://make.wordpress.org/core/2017/04/23/target-browser-coverage/
This also removes alot of no longer necessary CSS. It served us well, but we are never getting back together with IE8,9,10.
So, in the (paraphrased) words of Taylor Swift:
I remember when we dropped support the first time
Saying, "This is it, I've had enough, " 'cause like
We hadn't seen many users in a month
When you said you needed flexbox. (What?)
Then you postMessage again and say
"IE8, I miss you and I swear I'm gonna change, trust me."
Remember how that lasted for a day?
I say, "I hate the box model, " we break up, you call me, "I love css-grids."
Ooh, we called it off again last night
But ooh, this time I'm telling you, I'm telling you
We are never ever ever supporting IE 8,9,10,
We are never ever ever supporting IE 8,9,10,
You go talk to EDGE, talk to my FIREFOX, talk to CHROME
But we are never ever ever ever getting back together
Like, ever...
Fixes#37651.
Props stunnedbeast, netweb, jorbin.
Built from https://develop.svn.wordpress.org/trunk@41062
git-svn-id: http://core.svn.wordpress.org/trunk@40912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Text widget in legacy mode omits TinyMCE and retains old behavior for matching pre-existing Text widgets. Usage pointers added to default visual mode appear when attempting to paste HTML code into the Visual tab and when clicking on the Text tab, informing users of the new Custom HTML widget.
Props westonruter, melchoyce, gitlost for testing, obenland for testing, dougal for testing, afercia for testing.
See #35243.
Fixes#40951.
Built from https://develop.svn.wordpress.org/trunk@41050
git-svn-id: http://core.svn.wordpress.org/trunk@40900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
At the heart of the matter, the `$menu_slug` parameter in `add_menu_page()` and `add_submenu_page()` is not sanitized with `sanitize_key()`. When the screen object is later built for the admin page, the screen ID is derived from that `$menu_slug` value, though passed through `sanitize_key()`, which can produce unexpected results in comparison check.
Changing the sanitization code to provide actual parity is out of the question at this juncture, so updating the docs to describe how to avoid this edge case is the next best option.
Props GregRoss.
Fixes#35305.
Built from https://develop.svn.wordpress.org/trunk@40967
git-svn-id: http://core.svn.wordpress.org/trunk@40817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change brings consistency with the regular site administration panel settings pages: Radio and checkbox labels do not use full stops there, so those in the network administration panel should not either.
Props Ankit K Gupta.
Fixes#39319.
Built from https://develop.svn.wordpress.org/trunk@40953
git-svn-id: http://core.svn.wordpress.org/trunk@40803 1a063a9b-81f0-0310-95a4-ce76da25c4cd