[44618] added strict type checking to `_sanitize_text_fields()`, which has caused some compat issues with plugins.
We can loosen the type checking to only reject objects and arrays, and cast other types to string.
Props Nick_theGeek, pento.
Fixes#41450.
Built from https://develop.svn.wordpress.org/trunk@44731
git-svn-id: http://core.svn.wordpress.org/trunk@44562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The pre-save filters added to links in [43732] could invalidate JSON data when saving Customizer change-sets.
This removes the filters when saving and publishing change-sets.
Props peterwilsoncc, nikeo for testing.
See #45292.
Built from https://develop.svn.wordpress.org/trunk@44714
git-svn-id: http://core.svn.wordpress.org/trunk@44545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Both `wp_encode_emoji()` and `wp_staticize_emoji()` perform a PHP version check when deciding how to apply their behaviour, but this check only needs to happen once, rather than every time in their internal looks.
Moving the check outside of the loop reduces processing time by 50%.
Props johnbillion.
Fixes#45930.
Built from https://develop.svn.wordpress.org/trunk@44554
git-svn-id: http://core.svn.wordpress.org/trunk@44385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Changes of note:
- Includes the new Annotations API package.
- `wp-polyfill-ecmascript.js` is renamed to `wp-polyfill.js`.
- `strip_dynamic_blocks()` has been removed in favor of `excerpt_remove_blocks()`.
- The PHP block parser is now syncing from the `block-serialization-default-parser` package.
- `do_blocks()` uses the new parser.
- The `do_block` filter has been removed from `do_blocks()`, in favor of a `render_block` filter in `render_block()`.
Also, a little cleanup to `render_block()`. Always normalize `$block['attrs’]` to array in `’render_block’` filter.
Props pento, azaozz.
Merges [43884] and [43888] to trunk.
See #45145, #45190, #45264, #45282.
Built from https://develop.svn.wordpress.org/trunk@44261
git-svn-id: http://core.svn.wordpress.org/trunk@44091 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As `do_blocks()` is run before `wpautop()` in the_content filter, we can remove in a Just In Time fashion, before that filter is run.
After `wpautop()`s original priority has passed, we can re-add it in a Just Too Late fashion, to ensure it's available if `the_content` filter is run multiple times on a page load.
Merges [43879] and [43881] from the 5.0 branch to trunk.
Props pento, nerrad.
Fixes#45290.
Built from https://develop.svn.wordpress.org/trunk@44226
git-svn-id: http://core.svn.wordpress.org/trunk@44056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.
This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script.
- Auto-fixable coding standards issues will now cause Travis failures.
Fixes#44600.
Built from https://develop.svn.wordpress.org/trunk@43571
git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Unfortunately, in my overzealous desire to fix all the un-capitalised Ps, [42343] capitalled some Ps that intentionally should not be capitals.
This commit fixes the incorrectly capitalling of Ps, as well as including unit tests and PHPCS instructions to ensure we never capitulate to capitalisationing them again.
Props superdav42.
Fixes#43040.
Fixes#43041.
Built from https://develop.svn.wordpress.org/trunk@42429
git-svn-id: http://core.svn.wordpress.org/trunk@42259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
We have a handful of super long regexen that are written over multiple lines, as a collection of strings concatenated together. Each string is indented appropriately for the regex, but PHPCS doesn't recognised this, so defaults to removing the extra whitespace.
Disabling the `Squiz.Strings.ConcatenationSpacing.PaddingFound` rule for these blocks stops the extra whitespace from being removed.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42249
git-svn-id: http://core.svn.wordpress.org/trunk@42078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42228
git-svn-id: http://core.svn.wordpress.org/trunk@42057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.
This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.
See #41925.
Built from https://develop.svn.wordpress.org/trunk@42056
git-svn-id: http://core.svn.wordpress.org/trunk@41885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This was previously attempted in [41043], which unfortunately had severe performance issues, the regex it used was fatally slow on long posts.
This version now uses an array of all emoji that Twemoji supports, which maintains the accuracy of [41043], while being the same speed or only a few ms slower than the code prior to [41043].
As with [41043], the `grunt precommit:emoji` task detects when `twemoji.js` has changed, and regenerates the array.
Props jmdodd for feedback, suggestions, and insults where appropriate.
Fixes#35293. 🤞🏻
Built from https://develop.svn.wordpress.org/trunk@41701
git-svn-id: http://core.svn.wordpress.org/trunk@41535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Moves the repeated code in the emoji browser support test to a function to reduced the potential for errors and follow DRY principles.
Renames the "emoji4" test "emoji" as unicode version specific tests were removed in [38869].
Props peterwilsoncc, pento for code review.
Fixes#41156.
Built from https://develop.svn.wordpress.org/trunk@41669
git-svn-id: http://core.svn.wordpress.org/trunk@41503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, these filters were being run once per post, but the changes in [41043] caused them to be run once per emoji found.
We will not stand idly by while this kind of unfair performance penalty is placed on the emoji literate. The filters are now run once only, emoji aficionados everywhere can rest easy, knowing their posts will be just as performant as their emoji-less cousins.
Props ocean90 for noticing this severe oversight.
See #35293.
Built from https://develop.svn.wordpress.org/trunk@41046
git-svn-id: http://core.svn.wordpress.org/trunk@40896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, `wp_encode_emoji()` and `wp_staticize_emoji()` used inaccurate regular expressions to find emoji, and transform then into HTML entities or `<img>`s, respectively. This would result in emoji not being correctly transformed, or occasionally, non-emoji being incorrectly transformed.
This commit adds a new `grunt` task - `grunt precommit:emoji`. It finds the regex in `twemoji.js`, transforms it into a PHP-friendly version, and adds it to `formatting.php`. This task is also automatically run by `grunt precommit`, when it detects that `twemoji.js` has changed.
The new regex requires features introduced in PCRE 8.32, which was introduced in PHP 5.4.14, though it was also backported to later releases of the PHP 5.3 series. For versions of PHP that don't support this, it will fall back to an updated version of the loose-matching regex.
For short posts, the performance difference between the old and new regex is negligible. As the posts get longer, however, the new method is exponentially faster.
Fixes#35293.
Built from https://develop.svn.wordpress.org/trunk@41043
git-svn-id: http://core.svn.wordpress.org/trunk@40893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes the UN flag not being correctly compared to itself, introduced in [40837].
Replaces the bearded person check with a male fairy. Emoji 5 does not have gendered bearded people, so we needed to switch it out to use the ZWJ check for a broken render.
Props peterwilsoncc for the code and commit message.
Fixes#40858.
Built from https://develop.svn.wordpress.org/trunk@40850
git-svn-id: http://core.svn.wordpress.org/trunk@40701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates Twemoji to 2.3.0 to include Emoji 5 support.
The pride flag test is replaced with a test for the English flag, a five character sub-devision locale. The UN flag test is retained as the most recent two character locale.
An Emoji 5 "bearded person" replaces both Emoji 4 tests.
Fixes#40858.
Built from https://develop.svn.wordpress.org/trunk@40837
git-svn-id: http://core.svn.wordpress.org/trunk@40688 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Brings the minimum characters expected for a valid email address to six, which matches the expectations in `wp_handle_comment_submission()` and REST API email arguments.
Props rmccue, lukecavanagh, rachelbaker, desrosj, sudar.
Fixes#38708.
Built from https://develop.svn.wordpress.org/trunk@40667
git-svn-id: http://core.svn.wordpress.org/trunk@40530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates Twemoji and adds a second Emoji 4 test to include a shrugging man. Emoji 4 is being implemented gradually, while some browsers now support the female technologist, the indifferent shrugging man is breaking things with his presence.
Props peterwilsoncc, pento for code review.
Fixes#40615.
Built from https://develop.svn.wordpress.org/trunk@40626
git-svn-id: http://core.svn.wordpress.org/trunk@40487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, the UN flag test relied on the image being produced to be quite small. Unfortunately, the Chrome PNG encoder seems to have changed recently, and it now produces a relatively large image.
For a better test, we can compare the rendering of [U] + [N] against [U] + zero width space + [N].
Fixes#40616.
Built from https://develop.svn.wordpress.org/trunk@40582
git-svn-id: http://core.svn.wordpress.org/trunk@40452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Sets `screwIE8` to false as it is now enabled by default
Files Changed:
build/wp-admin/js/customize-nav-menus.min.js
build/wp-admin/js/customize-widgets.min.js
build/wp-includes/js/customize-loader.min.js
Changelog:
2016-07-19 v2.0.0 Update uglify-js to v2.7.0. screwIE8 is enabled by default.
2016-07-19 v1.0.2 Update grunt to ^1.0.0. Fix beautify when passed as an object. Fix docs about report values.
See #38199.
Built from https://develop.svn.wordpress.org/trunk@39117
git-svn-id: http://core.svn.wordpress.org/trunk@39059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Like its predecessor (`sanitize_text_field()`), `sanitize_textarea_field()` is a helper function to sanitise user input. As the name suggests, this function is for sanitising input from `textarea` fields - it strips tags and invalid UTF-8 characters, like `sanitize_text_field()`, but retains newlines and extra inline whitespace.
Props ottok, nbachiyski, chriscct7, pento.
Fixes#32257.
Built from https://develop.svn.wordpress.org/trunk@38944
git-svn-id: http://core.svn.wordpress.org/trunk@38887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improve performance of Emoji tests and loading of the polyfill.
Reduces the number of tests to determine browser support for emoji to those most likely to fail. Adds the defer flag to the loaded scripts for browsers lacking support.
Props superpoincare for perf testing, peterwilsoncc.
Fixes#37817.
Built from https://develop.svn.wordpress.org/trunk@38869
git-svn-id: http://core.svn.wordpress.org/trunk@38812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`wpautop()` considers double line breaks to be the separator between block level HTML elements. By adding two line breaks before a block element, this allows us to process the text before a block element correctly.
Fixes#4857.
Built from https://develop.svn.wordpress.org/trunk@38592
git-svn-id: http://core.svn.wordpress.org/trunk@38535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[38179] added support for the rainbow flag to core, but platform compatibility is a bit strange, because the flag was defined out of sync with the usual Unicode release cycle. For example Android N supports all Unicode 9.0 emoji, but doesn't support the rainbow flag thus the rainbow flag isn't rendered.
The Twemoji loader already has an exception for flags - it'll load if the browser supports everything but flags, and then only replace flag emoji, leaving everything else as native rendering. To provide a seamless experience for all flags the loader now uses the rainbow flag to test flag support.
Props pento.
See #37543.
Fixes#37566.
Built from https://develop.svn.wordpress.org/trunk@38194
git-svn-id: http://core.svn.wordpress.org/trunk@38135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This includes a new test in the emoji loader, to see if the browser supports rendering Unicode 9.0 emoji, as well as an update to `twemoji.js`, to load Unicode 9.0 twemoji images.
The default CDN location for loading Twemoji images has changed, moving to a versioned subdirectory. This allows updates without needing to purge the CDN.
Fixes#37361.
Built from https://develop.svn.wordpress.org/trunk@38087
git-svn-id: http://core.svn.wordpress.org/trunk@38028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Custom permalink structures require at least one valid structure tag, e.g. `%postname%`. If none is included, it would leave users with broken permalinks.
Let's make sure this won't happen by validating the permalink structure.
Adds unit tests.
Props rockwell15 for initial patch.
Fixes#35936.
Built from https://develop.svn.wordpress.org/trunk@37747
git-svn-id: http://core.svn.wordpress.org/trunk@37712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Covers:
* Currency signs
* Decompositions for Latin-1 Supplement
* Decompositions for Latin Extended-A
* Decompositions for Latin Extended-B
* Vowels with diacritic (Chinese, Hanyu Pinyin)
* Characters replaced for the `de_DE`, `de_DE_formal`, and `da_DK` locales
Props john_schlick for the initial work.
Props DrewAPicture, ocean90.
See #34677.
Built from https://develop.svn.wordpress.org/trunk@37669
git-svn-id: http://core.svn.wordpress.org/trunk@37635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also use 'back-compat' in some inline comments where backward compatibility is the subject and shorthand feels more natural.
Note: 'backwards compatibility/compatibile' can also be considered correct, though it's primary seen in regular use in British English.
Props ocean90.
Fixes#36835.
Built from https://develop.svn.wordpress.org/trunk@37431
git-svn-id: http://core.svn.wordpress.org/trunk@37397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[37028] missed some logic to capture the base emoji skin tone, to compare to the modified emoji skin tone. This caused all browsers to report that they supported skin tone modifiers, regardless of whether they actually did.
Fixes#36604 for trunk.
Built from https://develop.svn.wordpress.org/trunk@37256
git-svn-id: http://core.svn.wordpress.org/trunk@37222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the browser test for diversity emoji was added in [36160], it included a workaround for Chrome not being able to compare `Uint8ClampedArray` objects directly, by converting them to a string. Unfortunately, Safari doesn't support the `Uint8ClampedArray.toString()` method correctly, so the test was incorrectly failing in Safari.
Fixes#36266 for trunk.
Built from https://develop.svn.wordpress.org/trunk@37028
git-svn-id: http://core.svn.wordpress.org/trunk@36995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As new sets of emoji are added to Unicode, and browsers add support for them at random intervals, we'll inevitably need to add new tests to the emoji loader. This change makes it much easier to add new tests as they're needed.
Fixes#35300.
Built from https://develop.svn.wordpress.org/trunk@36816
git-svn-id: http://core.svn.wordpress.org/trunk@36783 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[35709] was overly broad, and stopped transforming `&` characters within tag attributes. So that sites aren't generating invalid HTML, we need to restore this functionality, while continuing to not transform `&` within blocked tags.
Fixes#35008 for trunk.
Built from https://develop.svn.wordpress.org/trunk@36036
git-svn-id: http://core.svn.wordpress.org/trunk@36001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Twelve years later, after no fewer than three themes have intentionally implemented popup comments in their functionality, before being abandoned for at least the last six years, we've reached a time where we can put this era behind us. A time when we can remove comment popup functionality from WordPress.
If this breaks the internet, I'll eat my hat.
Fixes#28617
Built from https://develop.svn.wordpress.org/trunk@35848
git-svn-id: http://core.svn.wordpress.org/trunk@35812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The whole string is escaped with `esc_html()` anyway, so we don't
need to `wp_kses_post()`. This is a better experience for users who
want to use angle brackets in their site title or description.
Does not allow any HTML, adds unit tests.
props BandonRandon, pauldewouters.
fixes#27942.
Built from https://develop.svn.wordpress.org/trunk@35788
git-svn-id: http://core.svn.wordpress.org/trunk@35752 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, `&` would be converted everywhere, which caused problems when it was converted within a `<script>`, for example.
`convert_chars()` is now removed from the `the_content` filter, as it was doing the same job as `wptexturize()`.
KSES correctly handles converting `&` within HTML attributes, so there's no need for `wptexturize()` and `convert_chars()` to do the same job.
Fixes#34698.
Built from https://develop.svn.wordpress.org/trunk@35709
git-svn-id: http://core.svn.wordpress.org/trunk@35673 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates `rawurlencode_deep()`, `urlencode_deep()`, and `stripslashes_deep()` to use `map_deep()`. Introduces `urldecode_deep()` for completeness.
Props wpmuguru, nbachiyski, boonebgorges, MikeHansenMe, chriscct7, realloc, johnbillion
Fixes#22300
Built from https://develop.svn.wordpress.org/trunk@35252
git-svn-id: http://core.svn.wordpress.org/trunk@35218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Move pattern from `wptexturize()` into a separate function.
* Move pattern from `wp_html_split()` into a separate function.
* Beautify code for `wp_html_split()`.
* Remove unnecessary instances of `/s` modifier in patterns that don't use dots.
* Add `tests/phpunit/data/formatting/whole-posts.php` for testing larger strings.
* Add function `benchmark_pcre_backtracking()`.
* Add tests for `wp_html_split()`.
* Add tests for `wptexturize()`.
* Add tests for `get_shortcode_regex()`.
Props miqrogroove.
Fixes#34121.
Built from https://develop.svn.wordpress.org/trunk@34761
git-svn-id: http://core.svn.wordpress.org/trunk@34726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, it was necessary to explain in a double-negative that `$richedit` being false would prevent `$content` from being passed through `esc_textarea()`. The updated `$rich_edit` name and documentation now better reflects the intent of the parameter.
Fixes#21613.
Built from https://develop.svn.wordpress.org/trunk@34727
git-svn-id: http://core.svn.wordpress.org/trunk@34691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Square brackets must be encoded in the path, path parameters, query parameters, and fragment, but must not be encoded in anything up to the domain and port.
Adds a bunch of tests, including square brackets in query parameters, IPv6 URLs, and several other permutations.
See #16859
Built from https://develop.svn.wordpress.org/trunk@34674
git-svn-id: http://core.svn.wordpress.org/trunk@34638 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Tokenize newlines in `WP_Embed::autoembed()` before running `->autoembed_callback()`
* Tokenize newlines with placeholders in `wpautop()`
* Introduce `wp_html_split()` to DRY the RegEx from `wp_replace_in_html_tags()` and `do_shortcodes_in_html_tags()`
Adds unit tests.
Props miqrogroove, kitchin, azaozz.
Fixes#33106.
Built from https://develop.svn.wordpress.org/trunk@33469
git-svn-id: http://core.svn.wordpress.org/trunk@33436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The mailto protocol is a bit different than the other protocols in that new lines are something you might realistically want to include. Includes tests to make sure that http protocol urls that contain mailto: aren't affected. Tests for stripping newlines in general already exist.
Fixes#31632
Props danielbachhuber
Built from https://develop.svn.wordpress.org/trunk@33064
git-svn-id: http://core.svn.wordpress.org/trunk@33035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* A variant of a language has its own locale, for example the locale of the formal variant of German is `de_DE_formal`.
* Update `remove_accents()` and some CSS rules to support `de_DE_formal`.
* Add tests for `get_bloginfo( 'language' )`.
* API changes will be deployed over the next few days.
see #28303.
Built from https://develop.svn.wordpress.org/trunk@33027
git-svn-id: http://core.svn.wordpress.org/trunk@32998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This v1 marries Jetpack's Site Icon module with the Media Modal, reusing code
from the Custom Header admin. For now, the core-provided icons will be limited
to a favicon, an iOS app icon, and a Windows tile icon, leaving `.ico` support
and additional icons to plugins to add.
Props obenland, tyxla, flixos90, jancbeck, markjaquith, scruffian.
See #16434.
Built from https://develop.svn.wordpress.org/trunk@32994
git-svn-id: http://core.svn.wordpress.org/trunk@32965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Replace `wp_htmledit_pre()` and `wp_richedit_pre()` with `format_for_editor()`.
- Replace the `'htmledit_pre'` and `'richedit_pre'` filters with `'format_for_editor'`.
- Do not run the post content through `wpautop()` in PHP when the visual editor is default. Run the textarea content through the JS wpautop on initializing TinyMCE.
- Simplify both editors initialization.
- Improve setting of `wpActiveEditor` in Quicktags.
- Improve editor.js, use `tinymce.$` when possible.
See #32425.
Built from https://develop.svn.wordpress.org/trunk@32899
git-svn-id: http://core.svn.wordpress.org/trunk@32870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Stop trying to remove `<title>` and `<category>` meta tags. They have not been used for many many years.
- Replacement of `<br>` with `<br />` and `<hr>` with `<hr />` is not needed for HTML 5.0. Also, these tags are formatted like that by the visual editor.
- Replace invalid HTML entities that might be pasted in the Text editor on save instead of on display.
Fixes#32335.
Built from https://develop.svn.wordpress.org/trunk@32896
git-svn-id: http://core.svn.wordpress.org/trunk@32867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Make sure that strings ending with a number and quotation mark get the proper smart quotes
* Introduce `wptexturize_primes()`, a logic tree to determine whether or not "7'." represents seven feet, then converts the special char into either a prime char or a closing quote char.
Adds unit tests.
Props miqrogroove.
Fixes#29256.
Built from https://develop.svn.wordpress.org/trunk@32863
git-svn-id: http://core.svn.wordpress.org/trunk@32834 1a063a9b-81f0-0310-95a4-ce76da25c4cd