WordPress creates attachment pages by default for every attachment uploaded. On the vast majority of sites, these attachment pages don't contain any meaningful information. They do however exist, get indexed by search engines, and sometimes even rank in search results, leading to bad results for users and site owners.
This commit introduces a `wp_attachment_pages_enabled` database option to control the attachment pages behavior:
* On existing sites, the option is set to `1` on upgrade, so that attachment pages continue to work as is.
* For new sites, the option is set to to `0` by default, which means attachment pages are redirected to the attachment URL.
* Sites that want to enable or disable the attachment pages can set the option to `1` or `0`, respectively.
Follow-up to [2958], [3303], [7149], [34690].
Props aristath, poena, afercia, joostdevalk, jonoaldersonwp, azaozz, johnbillion, joedolson, basiliskan, audrasjb, davelo, rilwis, manfcarlo, tyxla, garrett-eclipse, seedsca, eatingrules, matveb, antpb, zodiac1978, oglekler, zunaid321, costdev, SergeyBiryukov.
Fixes#57913.
Built from https://develop.svn.wordpress.org/trunk@56657
git-svn-id: http://core.svn.wordpress.org/trunk@56169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improve markup on Login and Registration errors. Use list markup for multiple issues, paragraph when only one to reduce semantic burden in the most common case. Normalize classes and markup for wrapper using `wp_admin_notice()` and `wp_get_admin_notice()` functions. Move definition of those functions from `wp-admin\includes\misc.php` to `wp-includes\functions.php`. Move tests to functions group.
Props extendwings, sabernhardt, afercia, lukecavanagh, rianrietveld, oglekler, sergeybiryukov, costdev, joedolson.
Fixes#30685.
Built from https://develop.svn.wordpress.org/trunk@56654
git-svn-id: http://core.svn.wordpress.org/trunk@56166 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Implement a focus monitor so that if user focus moves away from the image rotation menu, it closes and doesn't block the image editing canvas. Follow up to [56239], [55919].
Props nithi22, deepakvijayan, dharm1025, faisal03.
Fixes#58756.
Built from https://develop.svn.wordpress.org/trunk@56652
git-svn-id: http://core.svn.wordpress.org/trunk@56164 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Following [56635], a fatal error occurred in `load-styles.php` leading to admin styles not working, because of a `has_filter()` call being added to `get_stylesheet_director()` and `get_template_directory()`.
This changeset adds `has_filter()` to `wp-admin/includes/noop.php` to prevent such errors. The lack of loading the function does not cause any unintended side effects itself.
Props iandunn, adamsilverstein.
Fixes#59417.
See #18298.
Built from https://develop.svn.wordpress.org/trunk@56641
git-svn-id: http://core.svn.wordpress.org/trunk@56153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Make the theme details modals in the Customizer and at Appearance > Themes consistent. Change the order of controls so both modals are in the same sequence, center all controls in both desktop and mobile views, and change delete link color to meet color contrast requirements.
Props trishasalas, afercia, melchoyce, karmatosed, cathibosco1, michaelarestad, joedolson, petitphp, mikinc860.
Fixes#59372. See #59371, #40822.
Built from https://develop.svn.wordpress.org/trunk@56639
git-svn-id: http://core.svn.wordpress.org/trunk@56151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While generally the functions `get_template_directory()` and `get_stylesheet_directory()` were long recommended to use to get the parent or child theme directory, the `TEMPLATEPATH` and `STYLESHEETPATH` constants were still used in a few places in core, most importantly in template related logic.
The remaining usage was problematic as it prevented testability of certain key components of WordPress core.
This changeset replaces all remaining usage with the corresponding functions and effectively marks these constants as deprecated. It also adds test coverage accordingly and even unlocks some existing, previously commented out test coverage to work as expected.
Performance of the new approach has been benchmarked and shows no notable differences. Yet, given that the current theme directories are not expected to change within a regular WordPress page load, the `get_template_directory()` and `get_stylesheet_directory()` functions were amended with in-memory caching of the result, unless one of the defining values is being filtered.
Props thekt12, spacedmonkey, mukesh27, aaroncampbell, scribu, lloydbudd, cais, chipbennett, toscho, omarabid, CrazyJaco, DrewAPicture, obenland, wonderboymusic, nacin, helen, dd32, chriscct7, SergeyBiryukov, swissspidy, joemcgill, flixos90.
Fixes#18298.
Built from https://develop.svn.wordpress.org/trunk@56635
git-svn-id: http://core.svn.wordpress.org/trunk@56147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It is best to always escape the complete value of an attribute, not a partial value, as otherwise the escaping could be (partially) undone when the values are joined together.
While the hardcoded hyphen in this case don't necessarily create that risk, it may change to a value which could be problematic, so making it a habit to escape the value in one go is best practice.
Escaping the complete value also means that a single `esc_attr()` call can be used instead of two.
Follow-up to [14444], [16652], [55616], [56632].
See #58831.
Built from https://develop.svn.wordpress.org/trunk@56633
git-svn-id: http://core.svn.wordpress.org/trunk@56145 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset restricts edit term link generation if the user lacks the `edit_term` cap in order to prevent PHP 8.1+ deprecations shown when a user lacks this
capability and `get_edit_term_link()` returns null.
Props thelovekesh, jrf.
Fixes#59336.
Built from https://develop.svn.wordpress.org/trunk@56631
git-svn-id: http://core.svn.wordpress.org/trunk@56143 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Some custom post types or taxonomies may not need the Quick Edit functionality, in which case adding hidden fields and rendering the form with the data to edit would be redundant.
This commit introduces two filters for more granular control:
* `quick_edit_enabled_for_post_type`
* `quick_edit_enabled_for_taxonomy`
Follow-up to [8857], [9083], [9098].
Props garyc40, sabernhardt, mukesh27, costdev, oglekler, wyrfel, peterwilsoncc, faguni22, robinwpdeveloper, webcommsat, johnbillion, azaozz, hellofromTonya, GunGeekATX, Jick, mikeschinkel, jane, nacin, helen, wonderboymusic, DrewAPicture, SergeyBiryukov.
Fixes#16502, #19343, #57596.
Built from https://develop.svn.wordpress.org/trunk@56611
git-svn-id: http://core.svn.wordpress.org/trunk@56123 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Allow admin notices to be created with additional attributes. Test attributes include `hidden`, `data-*`, and `role="*"` values, which are all in use in various admin notices across core.
This commit adds `aria-live` and `hidden` to the KSES global attributes array to support core usages.
Follow up to [56408], [56409], [56410], [56518], [56570], [56571], [56572], [56573], [56576], [56589], [56590], [56597], [56599], [56600], [56601], [56602].
Props costdev, joedolson.
See #57791.
Built from https://develop.svn.wordpress.org/trunk@56603
git-svn-id: http://core.svn.wordpress.org/trunk@56115 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In a handful of admin notices, a `tabindex` attribute is set so that JS can move focus to the notice `div`. Rather than adding `tabindex` to globally accepted attributes for `wp_kses_post()`, move the assignment of `tabindex` into the JS handlers that display those notices. The attribute is only relevant if JS is running, so there is no reason to add it in the original HTML notice.
Follow up to [56408], [56409], [56410], [56518], [56570], [56571], [56572], [56573], [56576], [56589], [56590], [56597], [56599], [56600], [56601].
Props costdev, joedolson.
See #57791.
Built from https://develop.svn.wordpress.org/trunk@56602
git-svn-id: http://core.svn.wordpress.org/trunk@56114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add additional usage of `wp_admin_notice()` in `wp-admin/network/` where previously overlooked.
Follow up to [56408], [56409], [56410], [56518], [56570], [56571], [56572], [56573], [56576], [56589], [56590], [56597], [56599], [56600].
Props costdev, joedolson.
See #57791.
Built from https://develop.svn.wordpress.org/trunk@56601
git-svn-id: http://core.svn.wordpress.org/trunk@56113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add additional usage of `wp_admin_notice()` in `wp-admin/` on `.error` and miscellaneous usages previously overlooked.
Follow up to [56408], [56409], [56410], [56518], [56570], [56571], [56572], [56573], [56576], [56589], [56590], [56597], [56599].
Props costdev, joedolson.
See #57791.
Built from https://develop.svn.wordpress.org/trunk@56600
git-svn-id: http://core.svn.wordpress.org/trunk@56112 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds further usages of `wp_admin_notice()` in `/wp-admin/includes/` on `.notice-error`, `.notice-warning`, `.error`, and `.updated`.
Ongoing task to implement new function across core.
Follow-up to [56408], [56409], [56410], [56518], [56570], [56571], [56572], [56573], [56576], [56589], [56590], [56597].
Props joedolson, mukesh27, costdev.
See #57791.
Built from https://develop.svn.wordpress.org/trunk@56599
git-svn-id: http://core.svn.wordpress.org/trunk@56111 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When various methods parameters in child classes were renamed to `$item` to match the parent class for PHP 8 named parameter support, most of the methods restored the more descriptive, specific name at the beginning for better readability, with several exceptions for methods consisting only of a few lines.
To avoid confusion about why some methods do that and some don't, this commit aims to bring more consistency to the code, specifically in list tables' `::column_default()` methods.
Follow-up to [51728], [51737], [51786].
See #58831.
Built from https://develop.svn.wordpress.org/trunk@56586
git-svn-id: http://core.svn.wordpress.org/trunk@56098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `WP_Upgrader::delete_temp_backup()`, a malformed `sprintf()` call did not pass the value, triggering a Warning in PHP 7 and a Fatal Error in PHP 8.
This fixes the malformed `sprintf()` call by correctly passing the value.
Follow-up to [55720].
Props akihiroharai, afragen.
Fixes#59320.
Built from https://develop.svn.wordpress.org/trunk@56550
git-svn-id: http://core.svn.wordpress.org/trunk@56062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Replaces `trigger_error()` with `wp_trigger_error()` in each of the `WP_List_Table` magic methods.
[56349] added the dynamic properties deprecation messages to the `__get()`, `__set()`, `__isset()`, `__unset()` magic methods. Since that commit, `wp_trigger_error()` was introduced (see [56530]) as a wrapper for `trigger_error()`.
Follow-up to [56349], [56356], [56530].
See #58896, #57686.
Built from https://develop.svn.wordpress.org/trunk@56542
git-svn-id: http://core.svn.wordpress.org/trunk@56054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, bulk upgrades did not verify that a plugin package was compatible with the site's WordPress version or the server's PHP version. This could lead to incompatible updates being installed, causing various compatibility issues and errors.
This change implements the following checks:
- If available, the API response's `requires` and `requires_php` values are checked for compatibility. This saves time, diskspace, memory and file operations by failing the upgrade before the package is downloaded and unpacked.
- If the API check passes, the downloaded and unpacked package is verified using `Plugin_Upgrader::check_package()` to ensure a plugin file is present, and the plugin's "RequiresWP" and "RequiresPHP" headers are compatible, if present. This ensures that a mismatch between the API response and the plugin file's headers does not cause an incompatible plugin to be installed.
Props salcode, afragen, mukesh27, iammehedi1, zunaid321, johnbillion, SergeyBiryukov, costdev.
Fixes#59198.
Built from https://develop.svn.wordpress.org/trunk@56525
git-svn-id: http://core.svn.wordpress.org/trunk@56037 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introducing Font Face, a server-side `@font-face` styles generator and printer.
tl;dr:
* Introduces Font Face.
* Deprecates `_wp_theme_json_webfonts_handler()`.
**Introduce Font Face**
From an array of fonts (i.e. each font-family and its font variations to be processed), it:
1. Validates each `font-face` declaration, i.e. the CSS property and value pairing. If validation fails, processing stops with no font-face styles printed.
3. Generates the `@font-face` CSS for each font-family.
4. Prints the CSS within a `<style id="wp-fonts-local">` element.
The entry point into Font Face is through a new global function called `wp_print_font_faces()`, which is automatically called:
* when the `'wp_head'` hook runs (for the front-end).
* when the `'admin_print_styles'` hook runs (for the back-end).
* when `_wp_get_iframed_editor_assets()` runs to inject the `@font-face` styles into the iframed editor.
Once called, it gets the fonts from Theme_JSON merged data layer, which includes theme defined fonts and user activated fonts (once the Font Library #59166 is introduced into Core).
For classic sites, themes and plugins can directly call `wp_print_font_faces()` and pass their fonts array to it for processing.
**Deprecates `_wp_theme_json_webfonts_handler()`.**
As Font Face is a direct replacement, the stopgap code in `_wp_theme_json_webfonts_handler()` (introduced in 6.0.0 via [53282]) is deprecated and unused in Core.
**Props note:**
There's a long multiple year history baked into Font Face, which dates back to the early versions of a web font API (see #46370 and [https://github.com/WordPress/gutenberg/issues/41479 roadmap]. The props list includes those who contributed from those early versions up to this commit.
**References:**
* #46370 original (Web)Fonts API proposal for registering and enqueuing web fonts.
* [https://github.com/WordPress/gutenberg/issues/41479 Gutenberg tracking issue] which includes the evolution from Webfonts API to Fonts API to Font Face.
* [53282] / #55567 Added the stopgap code `_wp_theme_json_webfonts_handler()` in 6.0.
* [https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face @font-face on mdn web docs]
* #59166 Font Library: Font manager for WordPress
Follow-up to [53282].
Props aristath, jonoaldersonwp, hellofromTonya, andraganescu, annezazu, antonvlasenko, arena, askdesign, azaozz, bph, bradley2083, colorful-tones, costdev, davidbaumwald, desrosj, dingo_d, djcowan, domainsupport, dryanpress, elmastudio, flixos90, francina, garrett-eclipse, gigitux, grantmkin, grapplerulrich, gziolo, ironprogrammer, jb510, jeffpaul, jeremyyip, jffng, joostdevalk, jorgefilipecosta, juanmaguitar, mamaduka, matveb, mburridge, mitogh, ndiego, ntsekouras, oandregal, ocean90, oglekler, paaljoachim, pagelab, peterwilsoncc, poena, priethor, scruffian, SergeyBiryukov, shiloey, simison, skorasaurus, soean, westonruter, wildworks, zaguiini.
Fixes#59165.
Built from https://develop.svn.wordpress.org/trunk@56500
git-svn-id: http://core.svn.wordpress.org/trunk@56012 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- `__construct()` gets the new `_deprecated_class()` function
- `WP_User_Search` PHP4 style constructor is changed from `_deprecated_function()` to `_deprecated_constructor()`
Adds a test to confirm `WP_User_Search` class is testable as deprecated.
Props jrf, DrewAPicture.
Fixes#41125.
Built from https://develop.svn.wordpress.org/trunk@56469
git-svn-id: http://core.svn.wordpress.org/trunk@55981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Sergey Biryukov
joedolson
Felix Arntz
audrasjb
isabel_brison
costdev
Bernhard Reiter
hellofromTonya
John Blackbourn
Drew Jaynes