Noteable changes:
- The `magic_quotes_runtime` and `magic_quotes_sybase` settings were removed in PHP 5.4, so no longer need to be set.
- Some functions that use external libraries can generate errors that can't be tested for, so are globally allowed to silence errors.
- Quite a few functions would cause errors if `safe_mode` was set. This setting was removed in PHP 5.4.
- Only a handful of `header()` calls needed corresponding `headers_sent()` checks for unit tests to pass, but more may need to be added as the nightlies builds are tested.
See #46732.
Built from https://develop.svn.wordpress.org/trunk@45611
git-svn-id: http://core.svn.wordpress.org/trunk@45422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows for blocking plugin activation if it requires a higher version of PHP or WordPress, and does not have a `readme.txt` file.
If the headers are defined in both `readme.txt` and the main plugin file, precedence is given to the plugin file.
Props afragen, Otto42, Ipstenu.
Fixes#46938.
Built from https://develop.svn.wordpress.org/trunk@45546
git-svn-id: http://core.svn.wordpress.org/trunk@45357 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Introduces `wp_get_missing_image_subsizes()` and `wp_update_image_subsizes()` to generate image sub-sizes that are missing or were not created after the upload.
- Adds a way to display errors that happened while creating sub-sizes.
- Introduces `wp_create_image_subsizes()` intended for use after an image was uploaded. It saves/updates the image metadata immediately after each sub-size is created. This fixes the (long standing) problem when some of the sub-size image files were created but there was a timeout or an error and the metadata was not saved. Until now such uploads were considered "failed" which usually resulted in the user trying to upload the same image again, creating even more "orphan" image files.
Note that the patch also includes some unrelated WPCS fixes.
Props mikeschroder, azaozz.
See #40439.
Built from https://develop.svn.wordpress.org/trunk@45538
git-svn-id: http://core.svn.wordpress.org/trunk@45349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- keeps focus management only where necessary to avoid focus losses
- removes focus management where a specific user workflow was assumed
- makes the "Attachment Details" navigation buttons really disabled when there are no next or previous attachments
- adds inline comments to clarify all the usages of focus()
Fixes#43169.
Built from https://develop.svn.wordpress.org/trunk@45524
git-svn-id: http://core.svn.wordpress.org/trunk@45335 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces the faux primitive capability `view_site_health_checks` available to single site admins and multisite super-admin to view the site health page within the admin.
The capability is mapped to the `install_plugins` capability without being dependent on the file system being writable. This fixes a bug where the feature couldn't be used by sites unable to write to the file system or managed through version control.
The capability is granted on the `user_has_cap` filter.
Props birgire, Clorith, palmiak, peterwilsoncc, spacedmonkey.
Fixes#46957.
Built from https://develop.svn.wordpress.org/trunk@45507
git-svn-id: http://core.svn.wordpress.org/trunk@45318 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This introduces three new strings that can be used to control the maximum length of automatically generated excerpts for posts, comments, and draft post previews in the dashboard. Optionally combined with the existing word count type control this allows languages which include many multibyte characters to specify more appropriate maximum excerpt lengths.
Props miyauchi, birgire, johnbillion
Fixes#44541
Built from https://develop.svn.wordpress.org/trunk@45505
git-svn-id: http://core.svn.wordpress.org/trunk@45316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- changes the media views form controls to have explicitly associated labels with for/id attributes
- adds a few missing labels / aria-labels
- improves a few existing labels / aria-labels
- improves semantics in a few places, by adding visually hidden headings, fieldset + legend elements, aria-describedby attributes
- improves the image custom size input fields and their labelling
- adds `role="status"` to the "saved" indicator so that status messages are announced to assistive technologies
- swaps the columns source order in the image details template, to make visual and DOM order match
- swaps the "Replace" and "Back" buttons source order in the Replace Image view, to make visual and DOM order match
- gallery settings: move checkbox label to the right: checkboxes are supposed to have labels on the right
- merge similar strings, unified to "Drop files to upload" (removed "Drop files here", and "Drop files anywhere to upload")
- makes the "upload-ui" consistent across the media views
- hides the IE 11 "X" `::-ms-clear` button in the Insert from URL field, as it conflicts with the uploading spinner
- adds comments to all the media templates to clarify their usage
- slightly increases vertical spacing between form fields in the media sidebar
- removes some CSS selectors introduced as backwards compatibility for WordPress pre-4.4
- removes some CSS still targeting Internet Explorer 7 and 8
Fixes#47141.
Fixes#47122.
Built from https://develop.svn.wordpress.org/trunk@45499
git-svn-id: http://core.svn.wordpress.org/trunk@45310 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use of `date()` in core depends on PHP timezone set to UTC and not changed by third party code (which cannot be guaranteed).
`gmdate()` is functionally equivalent, but is not affected by PHP timezone setting: it's always UTC, which is the exact behavior the core needs.
Props nielsdeblaauw, Rarst.
Fixes#46438. See #44491.
Built from https://develop.svn.wordpress.org/trunk@45424
git-svn-id: http://core.svn.wordpress.org/trunk@45235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- effectively hides the "Post locked" information from assistive technologies
- when a post is locked, reveals the "Post locked" information without CSS animation
- the height CSS animation didn't work anyways after [24906]
See #24553.
Fixes#44946.
Built from https://develop.svn.wordpress.org/trunk@45417
git-svn-id: http://core.svn.wordpress.org/trunk@45228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- adds `role="presentation"` to the edit comment table
- removes a few pointless `<fieldset>` elements
- adds a few missing `<label>` elements
- adds the CSS class `class="td-full"` to table rows spanning to multiple cells
- adds explicit `scope="row"` attribute to the table headers in `options-permalink.php`: this table is better communicated as data table
- uses consistent label association in the "Privacy Settings" page
- in the installation page "Set up your database connection": associates descriptions to their inout fields using `aria-describedby`
- improves the link to gravatar.com in the `user-edit.php` page
See #46899.
Fixes#47390.
Built from https://develop.svn.wordpress.org/trunk@45416
git-svn-id: http://core.svn.wordpress.org/trunk@45227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds `role="presentation"` to the `<table>` elements used for layout purposes.
Ideally, HTML tables should be used for tabular data. When tables are used for layout purposes, it's important to remove any native semantics so that assistive technologies can correctly announce the table content in a linearized fashion.
Props greatislander, afercia.
Fixes#46899.
Built from https://develop.svn.wordpress.org/trunk@45403
git-svn-id: http://core.svn.wordpress.org/trunk@45214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change means that users who can't read the site's current language can more easily identify controls that allow them to change either the site language or their own admin area language.
Props janak007, atlasmahesh, afercia, birgire, JoshuaWold
Fixes#43144
Built from https://develop.svn.wordpress.org/trunk@45402
git-svn-id: http://core.svn.wordpress.org/trunk@45213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wp-admin/includes/update-core.php` runs in the context of the previous WordPress version. Any calls to newly introduced functions there need to be checked via `function_exists()`.
Reviewed by desrosj, earnjam, SergeyBiryukov.
Props dd32, imath.
Fixes#47323.
Built from https://develop.svn.wordpress.org/trunk@45365
git-svn-id: http://core.svn.wordpress.org/trunk@45176 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The sodium_compat library can be very slow for certain operations on 32-bit architectures, which can lead to web server timeouts while attempting to verify an update. This adds a runtime speed check to skip signature verification on systems that would otherwise time out. Includes simple unit tests.
Props dd32, paragoninitiativeenterprises.
See #47186.
Built from https://develop.svn.wordpress.org/trunk@45345
git-svn-id: http://core.svn.wordpress.org/trunk@45156 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changes the CSS for Site Health headers to use flexbox, which helps ensure the text is vertically aligned center and consistently spaced in both the Status and Info tabs. It also fixes an issue where the loading spinner GIF was cut off on smaller screens (originally reported in #47203.
Props Presskopp, odminstudios, kjellr, afercia, desrosj, hedgefield, ianbelanger, xavortm.
Fixes#47063.
Built from https://develop.svn.wordpress.org/trunk@45322
git-svn-id: http://core.svn.wordpress.org/trunk@45133 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change removes redundant CSS properties for different health check statuses in favor of utilizing the `.dashicons` class already in Core to define them more consistently. This also fixes the vertical alignment issues.
Props chetan200891, Clorith, desrosj.
Fixes#46940.
Built from https://develop.svn.wordpress.org/trunk@45309
git-svn-id: http://core.svn.wordpress.org/trunk@45120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- The About page now uses a CSS grid to layout its design, making the page’s structure more obvious and hopefully easier for contributors in the future.
- Removes some code that is no longer used (such as videos, mejs elements, etc.).
- Update images.
- Unnecessary HTML is removed from a string on the page. This was a regression.
- Only users with the correct capability should be instructed to check their site status.
- Fixes the placement of commas.
Reviewed by melchoyce, afercia, jeremyfelt, and desrosj.
Props ryelle, melchoyce, cathibosco1, man4toman, SergeyBiryukov, afercia, ramiy, kjellr, tellyworth, earnjam, andreamiddleton, marybaum.
See #46901.
Built from https://develop.svn.wordpress.org/trunk@45278
git-svn-id: http://core.svn.wordpress.org/trunk@45087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When viewing Site Health for a multisite install, there are a few recommendations that are not appropriate and could have negative implications for other sites on the install if the administrator follows the advice provided.
For example, Site Health recommends that inactive plugins and themes for a site should be removed. On a single site install, this is a great recommendation. However, on a multisite install, inactive plugins and themes for one site should not be removed because they could be active for other sites on the network.
This change also disables the `test_wp_version_check_attached()` test for multisite. This test checks for the presence of the `wp_version_check()` function on the `wp_version_check` hook, which is not present for every site on multisite.
Reviewed by jeremyfelt and desrosj.
Props iandunn, Clorith, azaozz, jeremyfelt.
Fixes#47084.
Built from https://develop.svn.wordpress.org/trunk@45275
git-svn-id: http://core.svn.wordpress.org/trunk@45084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It's important for links to have enough information in them in order to be clearly actionable. Destination and purpose should be clear. For example, `debug` isn't nearly as useful as `learn how to debug issues`.
This was signed off on by chanthaboune and jorbin.
Props afercia.
See: #46901.
Built from https://develop.svn.wordpress.org/trunk@45274
git-svn-id: http://core.svn.wordpress.org/trunk@45083 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes several bugs in the signature verification code:
Disables signature checks on certain incompatible PHP versions that cause math errors when opcache is enabled;
Prevents a spurious URL and subsequent error when downloading a zip file with query arguments;
Prevents errors triggered by third-party upgrade scripts as per #46615;
Disables signature tests for Plugins, Themes, and Translations, leaving only core updates.
At the 5.2 release the API servers will only provide signatures for core update packages, which is why messages are suppressed for plugins and other package types. Signatures for those other items will become available later.
Props dd32.
See #39309, #46615
Built from https://develop.svn.wordpress.org/trunk@45262
git-svn-id: http://core.svn.wordpress.org/trunk@45071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Per the documentation standards, the `@global` tag is meant to list PHP globals used within functions or methods.
The code in question uses the variable in global namespace, but does not explicitly declare it.
Props jayupadhyay01, dswebsme.
Fixes#46602.
Built from https://develop.svn.wordpress.org/trunk@45233
git-svn-id: http://core.svn.wordpress.org/trunk@45042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Currently, there are a number of scenarios where `is_block_editor()` (and `WP_Screen::is_block_editor`) would incorrectly indicate block editor support at different points of the loading process. Most notably, checking `is_block_editor` when hooking into the `current_screen` action will always result in `false`, even when the block editor is being loaded. This is because `is_block_editor` is not set to `true` until `edit-form-blocks.php` is included.
This change adds logic to `WP_Screen` to ensure the accuracy of `is_block_editor` on block editor pages earlier in the load process.
While edit screens will now be accurate 100% of the time from `current_screen` on, there are still a few edge cases where `is_block_editor` could contain an incorrect value when creating a new post.
Because a `WP_Post` object is a required parameter for the `replace_editor` filter and `use_block_editor_for_post()` function, `WP_Screen` will fall back to the value returned by `use_block_editor_for_post_type()` for the post being created. To eliminate these edge cases, the `use_block_editor_for_post_type` filter can be used to return the appropriate boolean value to indicate support.
Props Chouby, desrosj, aduth, johnbillion.
Fixes#46195.
Built from https://develop.svn.wordpress.org/trunk@45224
git-svn-id: http://core.svn.wordpress.org/trunk@45033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Change `recurse_dirsize()` to accept an array of excluded paths.
- Change so we don't calculate the sizes of dirs in wp-content twice.
- Add the size in bytes to the "debug" into.
- Add a custom DOM event after the dir sizes request is done. Can be used by plugins to "daisy chain" more requests.
- Move "WordPress directory location" and "WordPress directory size" to the top in the "Directories and Sizes" section.
- Move "Theme directory location" to the "Active Theme" section.
- Fix labels capitalization.
Props xkon, afercia, Clorith, azaozz.
Fixes#46707.
Built from https://develop.svn.wordpress.org/trunk@45220
git-svn-id: http://core.svn.wordpress.org/trunk@45029 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change adds missing actions for several tests. This ensures that the user is provided with a next step, whenever possible.
Also, change the URL displayed in the WordPress.org communication test description to `api.wordpress.org` for accuracy.
Props: garrett-eclipse, Clorith, vaishalipanchal.
Fixes#46734.
Built from https://develop.svn.wordpress.org/trunk@45170
git-svn-id: http://core.svn.wordpress.org/trunk@44979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Label badges for each Site Health test currently display in either red, orange, or green, regardless of if the test passed or failed. This is confusing, as seeing red labels in the “Passed Test” section could alarm users (when really everything is OK and no action is required), and seeing green labels in the “Failed Tests” section would not appropriately encourage the user to take appropriate action.
This change makes several improvements to the label badges:
- Always right align the badges for consistent display.
- Remove background fill for badges. Instead, use a border.
- Use a consistent styling for all tests (passed and failed).
- The text color no longer uses true black (#000000).
- The `.badge.pink` CSS definition has been switched to `.badge.purple`, and the definitions for blue, gray, and green have also been updated to more closely follow the official WordPress color palette.
Props: pbiron, garrett-eclipse, hedgefield, Clorith, xkon, melchoyce, mdwolinski, alexdenning.
Fixes#46623.
Built from https://develop.svn.wordpress.org/trunk@45169
git-svn-id: http://core.svn.wordpress.org/trunk@44978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, only the site’s locale was displayed in the Site Health debug information. Moving forward, both the site’s default locale and the user’s locale will be specified.
This change also removes the `@param` tag for `WP_Debug_Data::debug_data()`. This parameter was previously removed in [45156].
Props: mukesh27, ianbelanger, Clorith, desrosj.
Fixes#46803.
Built from https://develop.svn.wordpress.org/trunk@45166
git-svn-id: http://core.svn.wordpress.org/trunk@44975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [44937] and [44939], changes were made to prevent a user from updating any plugin that requires a higher version of PHP than the site is running. This compliments those changes to also prevent plugins from being auto updated when the same requirements are not met.
Props: TimothyBlynJacobs, davidbaumwald.
Fixes#46613.
Built from https://develop.svn.wordpress.org/trunk@45165
git-svn-id: http://core.svn.wordpress.org/trunk@44974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Brings parity with the changes for the Media Views introduced in [44900].
- moves the alt text field to the top as first field
- adds an explanatory text with a link pointing to the W3C "alt decision tree" tutorial
- adds `aria-describedby` to target the explanatory text
- adjusts the CSS and indentation
Props chetan200891.
Fixes#46875.
Built from https://develop.svn.wordpress.org/trunk@45158
git-svn-id: http://core.svn.wordpress.org/trunk@44967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset introduces several changes around usability when recovery mode is active:
* Display a notice in the admin clarifying that the user is in recovery mode.
* Use a highlight color for the admin bar link to exit recovery mode.
* Exit recovery mode automatically when logging out.
* Include a recovery mode indicator in the title tag.
Props aandrewdixon, azaozz, dhanukanuwan, flixos90, henrywright, karmatosed, mapk, melchoyce, spacedmonkey, TimothyBlynJacobs, tinkerbelly.
See #46608.
Built from https://develop.svn.wordpress.org/trunk@45117
git-svn-id: http://core.svn.wordpress.org/trunk@44926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With this change, fatal errors recorded before a plugin was deactivated or a theme was switched away from do not persist. This ensures that re-enabling it re-checks for fatal errors correctly.
Props aandrewdixon, dhanukanuwan, henrywright.
Fixes#46812.
Built from https://develop.svn.wordpress.org/trunk@45115
git-svn-id: http://core.svn.wordpress.org/trunk@44924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this change, resuming or activating a plugin or theme that is still broken would result in a redirect loop if in recovery mode. If outside recovery mode, it would cause the error template to be displayed.
Furthermore this applies to breaking a plugin or theme when editing from the backend.
Props aandrewdixon, azaozz, dhanukanuwan, henrywright, ocean90, ohiosierra, PandelisZ, xkon.
Fixes#46045, #46751.
Built from https://develop.svn.wordpress.org/trunk@45114
git-svn-id: http://core.svn.wordpress.org/trunk@44923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change switches to using `get_user_locale()` when adding the language to the Site Health debug information to ensure the user’s locale preference is reflected.
Also, `function_exists()` checks for `switch_to_locale()` and `restore_previous_locale()` were required in the plugin to support older versions of WordPress, but they are not required in core/
Props: Clorith, desrosj.
Fixes#46694.
Built from https://develop.svn.wordpress.org/trunk@45110
git-svn-id: http://core.svn.wordpress.org/trunk@44919 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Prevent fatal errors from timeouts on the Tools => Site Health => Info tab.
- Use the `get_dirsize()` and `recurse_dirsize()` functions to calculate directory sizes. The results are cached.
- Introduce "timeout protection" in `recurse_dirsize()`.
Props pento, Clorith, xkon, afercia, jeremyfelt, azaozz.
Fixes#46645.
Built from https://develop.svn.wordpress.org/trunk@45104
git-svn-id: http://core.svn.wordpress.org/trunk@44913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Split plural strings with multiple sentences to avoid duplicating translations.
* Decouple strings where the singular and plural form are not just the same string with different numbers, but essentially two different strings.
* Use an established pattern for numbered placeholders in translator comments.
* Replace constants in translatable strings with placeholders, mark them as code.
* Make sure sentences are translated as a whole, not as separate string parts.
* Remove unnecessary context and escaping.
Props ocean90, SergeyBiryukov.
See #46683.
Built from https://develop.svn.wordpress.org/trunk@45099
git-svn-id: http://core.svn.wordpress.org/trunk@44908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- displays an error notice when JavaScript is off, consistently with other admin screens that depend on JavaScript
- keeps the main `h1` visible
Minor clean-ups:
- makes code indentation consistent in `site-health.php` and `site-health-info.php`
- removes a couple of `<div class="wp-clearfix"></div>` as that's not the intended usage of `wp-clearfix` (those divs didn't do anything anyways)
Fixes#46717.
Built from https://develop.svn.wordpress.org/trunk@45076
git-svn-id: http://core.svn.wordpress.org/trunk@44885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds `role="presentation"` to the `<table>` elements used in the Site Health reports.
Ideally, HTML tables should be used for tabular data. When tables are used for layout purposes, it's important to remove any native semantics so that assistive technologies can correctly announce the table content in a linearized fashion.
Props chetan200891.
Fixes#46725.
Built from https://develop.svn.wordpress.org/trunk@45075
git-svn-id: http://core.svn.wordpress.org/trunk@44884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The document `<title>` gives a name to a web document. In the context of the WordPress admin, a unique, meaningful, title is important for various reasons:
- it allows browser's history to store meaningful entries
- when multiple browser's tabs are open, it allows users to better identify the tab content
- it's the first thing screen readers announce when navigating to a web page, thus helping users to identify the nature of the page content
Props chetan200891, mukesh27.
Fixes#46699.
Built from https://develop.svn.wordpress.org/trunk@45070
git-svn-id: http://core.svn.wordpress.org/trunk@44879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Arrows navigation on accordions is an optional keyboard interaction feature mentioned in the WAI-ARIA Authoring Practices. While it can add some value in some specific cases, it's not so discoverable and it's unlikely users, including assistive technologies users, would really "expect" this kind of interaction.
See #46573.
Fixes#46682.
Built from https://develop.svn.wordpress.org/trunk@45069
git-svn-id: http://core.svn.wordpress.org/trunk@44878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The previous method for copying the debug report to the clipboard involved having a hidden `<textarea>`, but this shows up in screen readers and can't be reliably hidden.
To work around this, the button now uses the `clipboard.js` library, which automatically handles browser differences in the Clipboard API, and can load the text to copy from a `data-` attribute on the button.
Props pento, hedgefield, afercia.
Fixes#46647.
Built from https://develop.svn.wordpress.org/trunk@45044
git-svn-id: http://core.svn.wordpress.org/trunk@44853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Site Health score indicator isn't exactly a "progress bar" and shouldn't use ARIA roles and properties related to progress bars. Also, some browser / screen reader combinations don't announce the score properly.
- removes any ARIA
- adds a screen-reader-text "Current health score:"
- adds `role="img" aria-hidden="true" focusable="false"` to the SVG
- reduces CSS specificity simplifying unnecessary overqualified selectors
- fixes the syntax for ::after and ::before (double colon)
Fixes#46621.
Built from https://develop.svn.wordpress.org/trunk@45041
git-svn-id: http://core.svn.wordpress.org/trunk@44850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Site Health tool serves two purposes:
- Provide site owners with information to improve the performance, reliability, and security of their site.
- Collect comprehensive debug information about the site.
By encouraging site owners to maintain their site and adhere to modern best practices, we ultimately improve the software hygeine of both the WordPress ecosystem, and the open internet as a whole.
Props Clorith, hedgefield, melchoyce, xkon, karmatosed, jordesign, earnjam, ianbelanger, wpscholar, desrosj, pedromendonca, peterbooker, jcastaneda, garyj, soean, pento, timothyblynjacobs, zodiac1978, dgroddick, garrett-eclipse, netweb, tobifjellner, pixolin, afercia, joedolson, birgire.
See #46573.
Built from https://develop.svn.wordpress.org/trunk@44986
git-svn-id: http://core.svn.wordpress.org/trunk@44817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduce `validate_plugin_requirements()` for validating a plugin's WordPress and PHP version requirements.
Introduce `wp_is_wp_compatible()` and `wp_is_php_compatible()` for checking compatibility with the current WordPress or PHP version.
Props afragen, joyously, DrewAPicture, TimothyBlynJacobs, desrosj, flixos90, SergeyBiryukov.
See #43992.
Built from https://develop.svn.wordpress.org/trunk@44978
git-svn-id: http://core.svn.wordpress.org/trunk@44809 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the network admin user table on multisite installs (`WP_MS_Users_List_Table`), this filter allows the classes for the `<span>` tag surrounding each site link to be modified.
Props kraftbj, flixos90, johnjamesjacoby.
Fixes#41146.
Built from https://develop.svn.wordpress.org/trunk@44977
git-svn-id: http://core.svn.wordpress.org/trunk@44808 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes#46130, #44458.
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds code for soft verification of signatures for theme and plugin installs and updates, when provided by the update server. This experimental version does not reject unverified packages or failed signatures; it simply reports anonymous errors so we can evaluate its feasibility and detect incompatibilities.
This code relies on the new sodium_compat library for PHP versions prior to 7.2.
Props dd32, paragoninitiativeenterprises.
See #39309, #45806.
Built from https://develop.svn.wordpress.org/trunk@44954
git-svn-id: http://core.svn.wordpress.org/trunk@44785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As of `@wordpress/api-fetch@3.0.0` (introduced in 44812), the `apiFetch` nonce middleware must have its nonce value assigned explicitly, and will no longer listen for heartbeat ticks automatically. This changeset adds an inline script for the default registration of the `api-fetch` script handle to assign the nonce value in response to the heartbeat action. In doing so, it removes the now-unused, misnamed `rest-nonce` property from the heartbeat response, whose original introduction served as temporary compatibility with earlier versions of `@wordpress/api-fetch`.
See https://github.com/WordPress/gutenberg/pull/13451
See #45113
Props adamsilverstein, nerrad .
Fixes#46107 .
Built from https://develop.svn.wordpress.org/trunk@44949
git-svn-id: http://core.svn.wordpress.org/trunk@44780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduced in [29630], this admin notice informs administrators (or network administrators on multisite installs) that the `WPLANG` constant is no longer needed when the locale returned by `get_locale()` does not match. After 5 years, the notice is being removed to avoid causing confusion for non-technical users.
The `_deprecated_argument()` call will persist to inform developers of the issue within log files.
Props flixos90, iworks, ocean90.
Fixes#39675.
Built from https://develop.svn.wordpress.org/trunk@44946
git-svn-id: http://core.svn.wordpress.org/trunk@44777 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change ensures that the values of time and date fields for comments and posts (both Classic Editor and quick edit) are consistently aligned in the center of the input fields. The block editor already enforces this alignment separately.
Props birgire, jainnidhi, melchoyce.
Fixes#43675.
Built from https://develop.svn.wordpress.org/trunk@44945
git-svn-id: http://core.svn.wordpress.org/trunk@44776 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This brings the changes in [44937] to the WordPress Updates page in the admin. Now, when a site does not meet the minimum PHP version requirements for a plugin update, the user will not be able to update. Instead, they will be presented with educational information to guide them through the process of updating PHP.
Props afragen, miyauchi, TimothyBlynJacobs, desrosj.
Fixes#44350.
Built from https://develop.svn.wordpress.org/trunk@44939
git-svn-id: http://core.svn.wordpress.org/trunk@44770 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes a case where saving in the block editor fails if there are two `_wpnonce` arguments in the request, one overriding the other so that `use_block_editor_for_post()` wasn't able to check the nonce properly.
Props Chouby.
See #45253.
Built from https://develop.svn.wordpress.org/trunk@44938
git-svn-id: http://core.svn.wordpress.org/trunk@44769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When a plugin states it requires a specific minimum PHP version (as defined in the `requires_php` field included in the plugin update API response), a user should not be allowed to update that plugin when the server does not satisfy the minimum PHP version.
When this scenario is encountered, the update buttons and links are disabled and links to educational resources about PHP are displayed to the user with a notice.
Props afragen, schlessera, desrosj.
Fixes#43987.
Built from https://develop.svn.wordpress.org/trunk@44937
git-svn-id: http://core.svn.wordpress.org/trunk@44768 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- standardizes the Comment count string to `%s Comment in moderation', '%s Comments in moderation` so it can be bulk-updated
- adds the string as visually hidden text in the admin menu
- introduces an `updateInModerationText` JS simple function, responsible to correctly update all the related text using the data from the AJAX response
- adds a visually hidden text "1 Privacy Policy update" to the Privacy menu items count
- adds/improves translators comments
Changes that apply to all the count bubbles (Updates, plugins, etc.)
- makes the bubbles and their text slightly bigger
- improves the active menu item bubble contrast by changing the background color to red (option 2 in the screenshot attached in a previous comment)
Props adamsoucie, afercia.
Fixes#33030.
Built from https://develop.svn.wordpress.org/trunk@44924
git-svn-id: http://core.svn.wordpress.org/trunk@44755 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `populate_site_meta` filter can be used to modify the site meta added during the creation of a new site. This filter mirrors the approach used for networks in `populate_network_meta`.
Props spacedmonkey, davidbaumwald.
Fixes#46437.
Built from https://develop.svn.wordpress.org/trunk@44912
git-svn-id: http://core.svn.wordpress.org/trunk@44743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Some "visual tabs" in the WordPress admin used links wrapped in a `h2` heading. While these tabs look like ARIA tabs, they're just navigation menus and should be marked-up as such to be correctly exposed to assistive technologies.
- changes the wrapping `<h2>` to a `<nav>` element: worth reminding `<nav>` elements also define ARIA landmarks
- adds an `aria-label` to the `<nav>` elements so they can be distinguished from other `<nav>` elements in the page
- adjusts the headings level in the Credits page
Props audrasjb, afercia.
Fixes#43398.
Built from https://develop.svn.wordpress.org/trunk@44905
git-svn-id: http://core.svn.wordpress.org/trunk@44736 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Old browsers didn't support the HTML placeholder attribute. For a number of years, `<label>` elements have been used in a few places in WordPress to emulate placeholders. It's time to improve semantics and interaction, use real placeholders when possible, and clean up some JavaScript.
- Quick Draft widget: it now uses visible `<label>` elements and a real `placeholder` attribute
- removes the related JavaScript
- Post title:
- keeps the "prompt" label for backwards compatibility
- improves the JavaScript to make the "prompt" label stay visible on focus and disappear when typing, like real placeholder do
- changes the post "prompt" text from "Enter title here" to "Add title" for consistency with the Block Editor
- cleans-up some CSS
Props Cheffheid, afercia.
Fixes#42390.
Built from https://develop.svn.wordpress.org/trunk@44896
git-svn-id: http://core.svn.wordpress.org/trunk@44727 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- makes the "Cancel" button always visible: this allows to generate a new password also on small screens
- moves focus back to the Generate Password button when closing the form
- changes the password reset show/hide button from a clickable `<span>` element to a real `<button>` element
- improves the CSS
Props janak007, afercia.
Fixes#42853.
Built from https://develop.svn.wordpress.org/trunk@44895
git-svn-id: http://core.svn.wordpress.org/trunk@44726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- debounces the widgets search to avoid multiple `speak()` audible messages while typing: search results and messages are now triggered when users stop typing
- clarifies the Remove button title attribute
- removes a couple unnecessary `preventDefault()`
Props davetgreen, afercia.
Fixes#28888.
Built from https://develop.svn.wordpress.org/trunk@44825
git-svn-id: http://core.svn.wordpress.org/trunk@44657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, only `a` and `br` tags were allowed in the `value` table cell for each field included in the HTML file generated when a user is exporting their personal data. Instead of relying on a hardcoded list of allowed tags, the `wp_kses()` call in `wp_privacy_generate_personal_data_export_group_html()` will now fallback to the default list of allowed tags (which includes `i`, `strong`, `em`, and other basic HTML formatting tags).
Also, a new context of `personal_data_export` will now be passed to the `wp_kses()` call. As a result, the list of HTML tags and attributes allowed in the export file can now be filtered using the `wp_kses_allowed_html` filter and checking for the `personal_data_export` context.
Fixes#44044.
Props tz-media, desrosj, pento, birgire, garrett-eclipse.
Built from https://develop.svn.wordpress.org/trunk@44824
git-svn-id: http://core.svn.wordpress.org/trunk@44656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [34891], `WP_Screen` was updated with methods to store, retrieve, and render screen reader text used by screens with `WP_List_Table` instances. When the export/erase personal data list tables were introduced in [42967], these headings were missing.
Fixes#46041.
Props afercia, xkon, garrett-eclipse, desrosj.
Built from https://develop.svn.wordpress.org/trunk@44821
git-svn-id: http://core.svn.wordpress.org/trunk@44653 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `change` event was previously required to ensure that the Customizer picked detected changes to the widget’s content and synced them to the preview. In the current state, though, the `trigger( ‘change’ )` is no longer required and is causing issues with the widget’s “Done” and “Save” buttons.
Fixes#45335.
Props audrasjb, afercia, westonruter.
Built from https://develop.svn.wordpress.org/trunk@44816
git-svn-id: http://core.svn.wordpress.org/trunk@44648 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A direct URL to where a user can update PHP for their website can now be specified in one of two ways:
- Defining the `WP_DIRECT_UPDATE_PHP_URL` environment variable.
- Returning a URL to the `wp_direct_php_update_url` filter.
When a URL is specified, an additional “Update PHP” button will be displayed at the bottom of the Core dashboard widget informing administrators that their site is running an outdated version of PHP (see [42832]).
Fixes#46074.
Props afragen, desrosj, lukecarbis.
Built from https://develop.svn.wordpress.org/trunk@44814
git-svn-id: http://core.svn.wordpress.org/trunk@44646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`<button>` elements are natively interactive, supported by any assistive technology, and must be used instead of non-semantic, non-accessible `<div>` elements.
Also, this change aligns the Media Widgets and the Customizer site icon and site logo controls with the design pattern used in the new Block Editor for similar controls.
Props ramonopoly, welcher, afercia.
Fixes#43151.
Built from https://develop.svn.wordpress.org/trunk@44796
git-svn-id: http://core.svn.wordpress.org/trunk@44628 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The filter is only run if the wordpress.org API considers the PHP version acceptable. This ensures that other plugins or hosting providers can only make this check stricter, but not loosen it.
Props j-falk, mikeschroder.
Fixes#46065.
Built from https://develop.svn.wordpress.org/trunk@44788
git-svn-id: http://core.svn.wordpress.org/trunk@44620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In 4.9.6, several new privacy related features were introduced. Admin pointers were included to make administrators aware of these features. They have served their purpose and can now go silently into the night.
Props garrett-eclipse, desrosj, xkon.
Fixes#45999.
Built from https://develop.svn.wordpress.org/trunk@44787
git-svn-id: http://core.svn.wordpress.org/trunk@44619 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Similar to `editor-color-palette`, a theme or plugin should be able to set the theme support for `editor-font-sizes` to an empty array, indicating that no additional font sizes should be available in the block’s ‘Text Settings’. The current conditional was using `empty()`, which was incorrectly causing the default font sizes to be used instead.
Props jorgefilipecosta, chrisvanpatten, SergeyBiryukov.
Fixes#46290.
Built from https://develop.svn.wordpress.org/trunk@44782
git-svn-id: http://core.svn.wordpress.org/trunk@44614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With the exception of the "Edit" link, the "row actions" controls in the Comments table behave differently depending if JavaScript support is on or off.
When JavaScript support is off, they behave like links. When JavaScript support is on, they behave like buttons and they need to be buttons or have an ARIA `role="button"` added via JavaScript.
Lastly, the buttons in the Reply/Quick Edit form and the "Add Comment" in the edit post page meta box need to be buttons.
Fixes#43412.
Built from https://develop.svn.wordpress.org/trunk@44759
git-svn-id: http://core.svn.wordpress.org/trunk@44591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The custom date/time format previews in General Settings were updated only when blurring the related input fields. With this change, they're now updated when users finish typing a custom format, properly debouncing the `input` event callback.
Props dilipbheda, Girishpanchal.
Fixes#43364.
Built from https://develop.svn.wordpress.org/trunk@44758
git-svn-id: http://core.svn.wordpress.org/trunk@44590 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Proximity of related information is an inclusive design principle that benefits everyone and it's particularly important for users with reduced visual field, low vision, or other vision or cognitive impairments. User interface controls that are logically grouped should be placed close to each other.
Also, this change makes the buttons visual order and the DOM order match.
Fixes#45972.
Built from https://develop.svn.wordpress.org/trunk@44757
git-svn-id: http://core.svn.wordpress.org/trunk@44589 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit also moves the images to s.w.org, removes the old "Gutenberg has been deactivated" warning, as well as removing some old JS from About pages of years gone past.
Props melchoyce, ryelle, paaljoachim, karmatosed, pento.
Fixes#46161.
Built from https://develop.svn.wordpress.org/trunk@44749
git-svn-id: http://core.svn.wordpress.org/trunk@44581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The Gutenberg plugin will not be deactivated on sites upgrading to WordPress 5.1. This deprecates the `upgrade_500_was_gutenberg_active` option and the `upgrade_500()` function as they are no longer required.
Props peterwilsoncc.
Fixes#46029.
Built from https://develop.svn.wordpress.org/trunk@44732
git-svn-id: http://core.svn.wordpress.org/trunk@44563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Modifies the jQuery selector for determining hidden columns to ensure they are detected when the expanded columns details are closed.
Adds high-specificity selectors specifically for setting screen options in the comments and plugins lists.
Props afercia.
Fixes#46005.
Built from https://develop.svn.wordpress.org/trunk@44722
git-svn-id: http://core.svn.wordpress.org/trunk@44553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Due to the high number of follow-up tickets and associated security concerns, it was decided to reschedule the fatal error recovery feature for WordPress 5.2, in order to address these issues properly. The feature will continue to be developed, with iterations being merged into trunk early in the 5.2 release cycle.
Fixes#46141. See #44458, #45932, #45940, #46038, #46047, #46068.
Built from https://develop.svn.wordpress.org/trunk@44717
git-svn-id: http://core.svn.wordpress.org/trunk@44548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the Edit Comment page:
- moves the "Author" `h2` heading out of the form fieldset
- removes an unnecessary `<span>` element
- adds a visually hidden legend element to the fieldset
- uses an existing string "Comment Author"
Fixes#43586.
Built from https://develop.svn.wordpress.org/trunk@44712
git-svn-id: http://core.svn.wordpress.org/trunk@44543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces `Language_Pack_Upgrader::clear_destination()` to clear existing translations before installing new translations. Ensures that unused translations in JSON format are cleaned up.
Props dd32, swissspidy, ocean90.
Fixes#45468.
Built from https://develop.svn.wordpress.org/trunk@44676
git-svn-id: http://core.svn.wordpress.org/trunk@44507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `WP_Shutdown_Handler` name plus related function names were premature when originally committed, as there can be multiple shutdown handlers in PHP, and WordPress makes use of that feature. This changeset modifies the name to a more appropriate `WP_Fatal_Error_Handler`, and related to that changes the following names:
* The drop-in to override the handler is now called `fatal-error-handler.php`.
* The internal function `wp_register_premature_shutdown_handler` is now called `wp_register_fatal_error_handler()`.
In addition to these naming changes, a new constant `WP_DISABLE_FATAL_ERROR_HANDLER` is introduced that can be set in `wp-config.php` to entirely disable the fatal error handler. That constant's value is and should be accessed indirectly via a new `wp_is_fatal_error_handler_enabled()` function and is filterable via a new `wp_fatal_error_handler_enabled` hook. Note that disabling the fatal error handler will skip the new functionality entirely, including the potentially used `fatal-error-handler.php` drop-in.
The new set of constant, filter and function provide for an easier-to-use mechanism to disable the fatal error handler altogether, rather than requiring developers to implement a drop-in for purely that purpose.
Props afragen, flixos90, joyously, knutsp, markjaquith, ocean90, schlessera, spacedmonkey.
Fixes#46047. See #44458.
Built from https://develop.svn.wordpress.org/trunk@44674
git-svn-id: http://core.svn.wordpress.org/trunk@44505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When merging, [44244] and [44260] were committed to trunk the opposite way that they were committed to the 5.0 branch. They were originally committed in [43885] and [43861], respectively.
Due to this switch, a change in how the Custom Fields meta box was registered wasn't merged from the 5.0 branch, causing it to not be registered correctly in trunk.
Props dd32, pento.
Fixes#46028.
Built from https://develop.svn.wordpress.org/trunk@44648
git-svn-id: http://core.svn.wordpress.org/trunk@44479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When Internet Explorer encounters a non interactive element with a `tabindex`
attribute, it adds the element to the accessibility tree with a `role=group` and
an accessible name computed from the element. This prevents JAWS from announcing
any fieldset legend within the element.
- removes `tabindex="0"` from the content and the toolbar containers: these tabindex attributes are no longer needed
- removes `aria-label="Main content"` from the content container: not needed
- keeps the media modal focus fallback introduced in [38142] by making the `#wpbody-content` element focusable only when needed
Props stevefaulkner, aardrian.
Fixes#43154.
Built from https://develop.svn.wordpress.org/trunk@44639
git-svn-id: http://core.svn.wordpress.org/trunk@44470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- properties should be followed by a colon and a space
- media queries shouldn't use spaces within parenthesis
- indentation should use tabs instead of spaces or mixed spaces / tabs
- the content property should use double quotes
- no double spaces
Props nadim0988, afercia.
Fixes#45185.
Built from https://develop.svn.wordpress.org/trunk@44637
git-svn-id: http://core.svn.wordpress.org/trunk@44468 1a063a9b-81f0-0310-95a4-ce76da25c4cd
On the Privacy Policy Guide, there is currently a ‘Copy’ button below each section of suggested text. It is unclear what copy means without more context. It could be assumed, for instance, that the suggested text is copied to a new page.
This changes the button text to read `Copy this section to clipboard` to more clearly inform the user what is copied and how.
Props JoshuaWold, garrett-eclipse, birgire, vishaldodiya.
Fixes#44677.
Built from https://develop.svn.wordpress.org/trunk@44629
git-svn-id: http://core.svn.wordpress.org/trunk@44460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows users to sort the export and erase personal data request tables by “Requester” (`post_title`, or user email) and “Requested” (`post_date`, or when the request was created), which can be helpful when sites have many requests present.
Props birgire, ianbelanger, pbiron, desrosj.
Fixes#43405.
Built from https://develop.svn.wordpress.org/trunk@44628
git-svn-id: http://core.svn.wordpress.org/trunk@44459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset uses the API functions introduced in [44476] to link to the resource about updating PHP when highlighting a plugin's required PHP version is not met. It furthermore expands them, introducing a new `wp_update_php_annotation()` function that prints the markup to indicate that the default URL has been altered by the web host, allowing it to be reused universally.
Furthermore, this changeset adds missing `update_php` capability checks before displaying the information about updating PHP.
Props afragen.
Fixes#45986. See #43986, #45686.
Built from https://develop.svn.wordpress.org/trunk@44627
git-svn-id: http://core.svn.wordpress.org/trunk@44458 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Throughout the core privacy functions, `WP_User_Request` instances were stored in variables named both `$request`, and `$request_data`. This changes all occurrences of `$request_data` to `$request` for better consistency.
Props nateallen, bruceallen, garrett-eclipse.
Fixes#44708.
Built from https://develop.svn.wordpress.org/trunk@44606
git-svn-id: http://core.svn.wordpress.org/trunk@44437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces in core new focus styles dedicated to Windows High Contrast mode. The
new styles use a transparent CSS outline as already explored in the Block Editor.
This first part covers some of the main user interface controls like buttons, links,
and media views elements. Other parts will be addressed in the next future.
Fixes#41286.
Built from https://develop.svn.wordpress.org/trunk@44544
git-svn-id: http://core.svn.wordpress.org/trunk@44375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Sometimes, Safari and VoiceOver read out the text hidden with `screen-reader-text`
in a wrong order. While there's no known, full, solution, it is possible to make
them respect the correct order reliably at least within buttons.
Fixes#42006.
Built from https://develop.svn.wordpress.org/trunk@44543
git-svn-id: http://core.svn.wordpress.org/trunk@44374 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `keyup` event was used to provide support for IE8, where which doesn't support the `input` event. As we dropped IE8 support some time ago, this was simply adding unnecessary complexity and double-event triggers.
Props dlh, afercia.
Fixes#32882.
Built from https://develop.svn.wordpress.org/trunk@44539
git-svn-id: http://core.svn.wordpress.org/trunk@44370 1a063a9b-81f0-0310-95a4-ce76da25c4cd