Commit Graph

193 Commits

Author SHA1 Message Date
Andrew Ozz 242e6eea46 Privacy: fix markup for the table of contents on privacy policy guide screen.
Props ocean90, azaozz.
Fixes #44056.
Built from https://develop.svn.wordpress.org/trunk@43265


git-svn-id: http://core.svn.wordpress.org/trunk@43094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-14 16:46:23 +00:00
Andrew Ozz b5564c8646 Privacy: fix the "Privacy Policy Guide updated" message and add a link to the guide.
Props birgire, azaozz.
Fixes #44057.
Built from https://develop.svn.wordpress.org/trunk@43263


git-svn-id: http://core.svn.wordpress.org/trunk@43092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-14 16:21:21 +00:00
Dominik Schilling 2d4311e32e Privacy: Remove `is-dismissible` class from notice when privacy info has changed.
The notice isn't dismissible as it only gets removed once you visit the privacy guide, see #44057 and #44063.

Fixes #44065.

Built from https://develop.svn.wordpress.org/trunk@43261


git-svn-id: http://core.svn.wordpress.org/trunk@43090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-14 15:55:21 +00:00
Andrew Ozz a75b113bed Privacy: fix two typos in `WP_Privacy_Policy_Content::get_default_content()`.
Props dlh.
Fixes #44050.
Built from https://develop.svn.wordpress.org/trunk@43249


git-svn-id: http://core.svn.wordpress.org/trunk@43078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-13 11:15:21 +00:00
Andrew Ozz b82fed1806 Privacy: require `manage_privacy_options` capability for showing `WP_Privacy_Policy_Content::notice()`.
Props ocean90.
Fixes #44055.
Built from https://develop.svn.wordpress.org/trunk@43248


git-svn-id: http://core.svn.wordpress.org/trunk@43077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-13 11:04:21 +00:00
Andrew Ozz 5c5a527d96 Privacy: exclude the wrapper from the default policy content.
Fixes #44048.
Built from https://develop.svn.wordpress.org/trunk@43242


git-svn-id: http://core.svn.wordpress.org/trunk@43071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-11 15:07:21 +00:00
iandunn 8af721fff8 Privacy: Replace intrusive policy update notice with menu bubbles.
Previously, when a plugin updated its suggested privacy policy text, an admin notice was shown on all screens in the Administration Panels. That was done in order to make sure that administrators were aware of it, so that they could update their policy if needed. That was a very heavy-handed and intrusive approach, though, which leads to a poor user experience, and notice fatigue. 

An alternative approach is to use bubble notifications in the menu, similar to when plugins have updates that need to be installed. That still makes it obvious that something needs the administrator's attention, but is not as distracting as a notice.

The notice will still appear on the Privacy page, though, since it is relevant to that screen, and provides an explanation of why the bubble is appearing.

Props azaozz, xkon, iandunn.
Fixes #43954. See #43953.

Built from https://develop.svn.wordpress.org/trunk@43223


git-svn-id: http://core.svn.wordpress.org/trunk@43052 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 19:52:21 +00:00
Sergey Biryukov 47e6c2f9ec Privacy: Make the help hint for Privacy Policy page more translatable and accessible.
Props tobifjellner.
See #43980.
Built from https://develop.svn.wordpress.org/trunk@43206


git-svn-id: http://core.svn.wordpress.org/trunk@43035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 23:12:21 +00:00
Andrew Ozz 35d5911ae8 Privacy: fixes for the privacy policy guide and suggested content:
- Separate the guide text form the suggested policy text.
- Add table of content for easier navigation.
- Move the content to tools.php (prevents the settings menu of being open).
- Add a link to the guide from the Privacy settings screen.

Props melchoyce, azaozz.
See #43980.
Built from https://develop.svn.wordpress.org/trunk@43203


git-svn-id: http://core.svn.wordpress.org/trunk@43032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 20:51:23 +00:00
Andrew Ozz 3099f4d9ed Privacy: outputting the privacy policy guide and suggested content to a new page instead of a postbox.
Props melchoyce, azaozz.
See #43980.
Built from https://develop.svn.wordpress.org/trunk@43184


git-svn-id: http://core.svn.wordpress.org/trunk@43013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-08 23:45:21 +00:00
Sergey Biryukov f055261a05 Privacy: Remove stray closing tag in `WP_Privacy_Policy_Content::get_default_content()`, fix typo in `@return` tag.
Props dlh, tobifjellner.
Fixes #43951.
Built from https://develop.svn.wordpress.org/trunk@43170


git-svn-id: http://core.svn.wordpress.org/trunk@42999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-04 01:56:22 +00:00
Andrew Ozz 58b2e6e143 Privacy: use `sprintf()` in translations.
Props birgire.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43150


git-svn-id: http://core.svn.wordpress.org/trunk@42979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 18:25:21 +00:00
Andrew Ozz 7d4429b2c8 Privacy: fix typos and inconsistencies in the default suggested text.
Props macbookandrew.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43148


git-svn-id: http://core.svn.wordpress.org/trunk@42977 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 17:42:22 +00:00
Andrew Ozz c5d13c5934 Privacy: change how the default text for privacy policy is added:
- Insert both the text and tutorial in new policy pages and highlight is brightly in the editor.
- Show only the suggested text in the policy postbox.

Props melchoyce, azaozz.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43146


git-svn-id: http://core.svn.wordpress.org/trunk@42975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 17:13:21 +00:00
Andrew Ozz 0d2eb27a5d Privacy: do not fold a single section in the privacy policy poxtbox.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43126


git-svn-id: http://core.svn.wordpress.org/trunk@42955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 22:10:21 +00:00
Andrew Ozz 237df3367b Privacy: only fold the sections in the privacy policy poxtbox when more than one.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43052


git-svn-id: http://core.svn.wordpress.org/trunk@42881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 09:48:21 +00:00
Andrew Ozz d1ab641d16 Privacy: edits and improvements for the default text for a privacy policy.
Props idea15, allendav.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43048


git-svn-id: http://core.svn.wordpress.org/trunk@42877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 21:06:21 +00:00
Andrew Ozz c21c4e25b3 Privacy: add default text for a privacy policy. First run.
Props xkon, idea15, allendav, azaozz.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43044


git-svn-id: http://core.svn.wordpress.org/trunk@42873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 14:47:21 +00:00
Andrew Ozz 41a82d6078 Privacy: add better docs for `wp_add_privacy_policy_content()` and `WP_Privacy_Policy_Content::add()`.
See #43620.
Built from https://develop.svn.wordpress.org/trunk@43003


git-svn-id: http://core.svn.wordpress.org/trunk@42832 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-25 18:10:21 +00:00
Andrew Ozz 11e315ca23 Make the string `WordPress` translatable.
Props mnelson4.
See #43620.
Built from https://develop.svn.wordpress.org/trunk@42999


git-svn-id: http://core.svn.wordpress.org/trunk@42828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-24 21:23:21 +00:00
Andrew Ozz 891deab7c5 Privacy: make the sections in the suggested privacy policy text postbox foldable. Add Read More/Read Less buttons. Fix copying of the suggested text by pressing the button.
Props melchoyce, xkon, azaozz.
See #43620.
Built from https://develop.svn.wordpress.org/trunk@42992


git-svn-id: http://core.svn.wordpress.org/trunk@42821 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-19 12:39:21 +00:00
Andrew Ozz 8d9e4937f8 Fix typo in 'wp_get_default_privacy_policy_content' filter.
Props claudiu.
See #43620.
Built from https://develop.svn.wordpress.org/trunk@42985


git-svn-id: http://core.svn.wordpress.org/trunk@42814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-17 21:09:20 +00:00
Andrew Ozz 3108d2ffb2 Privacy: add a postbox that is shown when editing the privacy policy page, and where plugins and core will output suggested content and additional privacy info. First run.
Props melchoyce, azaozz.
See #43620.
Built from https://develop.svn.wordpress.org/trunk@42980


git-svn-id: http://core.svn.wordpress.org/trunk@42809 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-16 08:53:20 +00:00
John Blackbourn b13e73d05c Docs: Document more parameters and properties using typed array notation.
See #41756

Built from https://develop.svn.wordpress.org/trunk@42875


git-svn-id: http://core.svn.wordpress.org/trunk@42705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-25 18:10:32 +00:00
John Blackbourn d7025e7787 Security: Loosen the admin referrer policy header value to allow the referring host to be sent from the admin area in all cases.
This allows referrer-restricted content from third parties (such as images and fonts) to continue working in the admin area.

Props aranwer104, qcmiao

Fixes #43285

Built from https://develop.svn.wordpress.org/trunk@42830


git-svn-id: http://core.svn.wordpress.org/trunk@42660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-12 10:57:35 +00:00
Dominik Schilling 666e203f31 Administration: Remove unnecessary capitalization when referencing to plugin/theme editors.
Fixes #43072.
Built from https://develop.svn.wordpress.org/trunk@42757


git-svn-id: http://core.svn.wordpress.org/trunk@42587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-26 19:35:30 +00:00
Gary Pendergast aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Sergey Biryukov 1a5adcf722 Rewrite Rules: Correct the logic in `extract_from_markers()` after [41928].
Props stodorovic.
Fixes #42579. See #39920.
Built from https://develop.svn.wordpress.org/trunk@42199


git-svn-id: http://core.svn.wordpress.org/trunk@42029 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-16 13:25:50 +00:00
Konstantin Obenland 65c1468ff5 File Editors: Account for network admin use
Fixes a bug where files couldn't be accessed in multisite installs.

Props flixos90, westonruter.
Fixes #42420.


Built from https://develop.svn.wordpress.org/trunk@42115


git-svn-id: http://core.svn.wordpress.org/trunk@41944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-03 18:51:49 +00:00
Sergey Biryukov 0f06f90341 Rewrite Rules: Remove redundant `if` condition in `extract_from_markers()`.
Props Dency, yahil, appchecker.
Fixes #39920.
Built from https://develop.svn.wordpress.org/trunk@41928


git-svn-id: http://core.svn.wordpress.org/trunk@41762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-18 21:28:46 +00:00
Weston Ruter 0659de4e21 File Editors: Display list of theme/plugin files in scrollable directory tree.
Props WraithKenny, afercia, melchoyce, westonruter.
Amends [41721].
Fixes #24048.

Built from https://develop.svn.wordpress.org/trunk@41851


git-svn-id: http://core.svn.wordpress.org/trunk@41685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-13 02:39:47 +00:00
John Blackbourn fbd44ee554 Security: Add a referrer policy header to the admin and login screens.
This sets a referrer policy of `same-origin` which adds hardening by preventing a referrer being sent from the admin area or login screens to other origins. This helps prevent unwanted exposure of potentially sensitive information that may be contained within URLs.

This change introduces a new filter, `admin_referrer_policy`, for filtering the referrer policy header value. The header can be disabled if necessary by removing the `wp_admin_headers` action from the `admin_init` and `login_init` hooks.

Props joostdevalk
Fixes #42036

Built from https://develop.svn.wordpress.org/trunk@41741


git-svn-id: http://core.svn.wordpress.org/trunk@41575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 18:25:46 +00:00
John Blackbourn b52e37f9bf Options, Meta APIs: Require a confirmation link in an email to be clicked when an admin attempts to change the site admin email address.
This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their site.

Props MatheusGimenez, johnbillion

Fixes #39118

Built from https://develop.svn.wordpress.org/trunk@41254


git-svn-id: http://core.svn.wordpress.org/trunk@41094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-14 20:13:43 +00:00
Dion Hulse e8211f783a Docs: Correct a number of typos/spelling mistakes in inline comments.
Props ottok.
Fixes #38464.

Built from https://develop.svn.wordpress.org/trunk@38893


git-svn-id: http://core.svn.wordpress.org/trunk@38836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-25 00:38:35 +00:00
Drew Jaynes 7eb6471461 Docs: Fix minor formatting and syntax for wp-admin/* elements introduced in 4.6.
See #37318.

Built from https://develop.svn.wordpress.org/trunk@38024


git-svn-id: http://core.svn.wordpress.org/trunk@37965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-09 14:00:31 +00:00
Peter Wilson 47d26cd9fb DOCS: Replace HTTP links with HTTPS.
Replaces unsecure links in documentation and translator comments with their secure versions.

Props johnpgreen, netweb

Fixes #36993

Built from https://develop.svn.wordpress.org/trunk@37674


git-svn-id: http://core.svn.wordpress.org/trunk@37640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-10 04:50:33 +00:00
Andrew Ozz 82ee5ca020 Editor: ensure the page is refreshed when the users navigate to it with the Back or Forward buttons. In these cases the browsers usually load the page from (memory) cache and it contains the old editor content.
Fixes #35852.
Built from https://develop.svn.wordpress.org/trunk@37619


git-svn-id: http://core.svn.wordpress.org/trunk@37587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-02 01:30:27 +00:00
Drew Jaynes 1947f4d17c Docs: Apply inline `@see` tags to hooks referenced in DocBlocks for wp-admin/* files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.

See #36921.

Built from https://develop.svn.wordpress.org/trunk@37537


git-svn-id: http://core.svn.wordpress.org/trunk@37505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 17:28:27 +00:00
Drew Jaynes c3055cc190 Docs: Standardize hook docs in wp-admin/* to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37488


git-svn-id: http://core.svn.wordpress.org/trunk@37456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:01:30 +00:00
Pascal Birchler a47fa4f197 Rewrite Rules: After [36953], correctly replace existing rules on IIS when updating them.
Props WiZZarD_.
Fixes #36506 for trunk.
Built from https://develop.svn.wordpress.org/trunk@37273


git-svn-id: http://core.svn.wordpress.org/trunk@37239 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-21 09:33:27 +00:00
Andrea Fercia 30866ceb5d Accessibility: Improve color contrast updating any `#999` gray used for text or icons to a darker gray.
Fixes #35660.
Built from https://develop.svn.wordpress.org/trunk@36587


git-svn-id: http://core.svn.wordpress.org/trunk@36554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-19 18:44:27 +00:00
John Blackbourn a5d44337b2 Docs: `@param` fixes for a variety of docblocks.
See #32246

Built from https://develop.svn.wordpress.org/trunk@36232


git-svn-id: http://core.svn.wordpress.org/trunk@36199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-09 01:45:26 +00:00
John Blackbourn 7718e07129 Docs: Correct the parameter docs for various Heartbeat filters and functions.
See #32246

Built from https://develop.svn.wordpress.org/trunk@36231


git-svn-id: http://core.svn.wordpress.org/trunk@36198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-09 01:37:26 +00:00
Drew Jaynes e6578e7b4f Docs: Use 3-digit, x.x.x-style semantic versioning in the DocBlocks for `post_form_autocomplete_off()` and `WP_Filesystem_SSH2::sftp_path()`.
Props aaronrutley.
Fixes #34518.

Built from https://develop.svn.wordpress.org/trunk@35468


git-svn-id: http://core.svn.wordpress.org/trunk@35432 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-31 13:16:24 +00:00
Helen Hou-Sandí 6ca92efe23 List tables: Move the view mode switcher into screen options for posts.
Having a view mode switcher nestled within table navigation makes no sense, especially now that it's a sticky user option. While less convenient for frequent switching, there is no evidence as of yet that there is a large userbase of frequent view mode switchers.

Introduces a filter for `view_mode_post_types`, which by default is all hierarchical post types with edit UI on.

props Oxymoron.
fixes #22222.

Built from https://develop.svn.wordpress.org/trunk@35357


git-svn-id: http://core.svn.wordpress.org/trunk@35323 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-22 19:25:25 +00:00
Scott Taylor 8eb3de46c9 Formatting: move `url_shorten()` from `wp-admin/includes/misc.php` to `wp-includes/formatting.php` for more global access.
Adds unit tests.

Props mulvane, chriscct7.
Fixes #20166.

Built from https://develop.svn.wordpress.org/trunk@35314


git-svn-id: http://core.svn.wordpress.org/trunk@35280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 03:48:24 +00:00
Dion Hulse 85258bb914 In `insert_with_markers()` restore the 4.3 behaviour of creating the file if it doesn't exist.
This change also makes it bail early (without writing) if the markers content is the same as the existing, and uses `ftell()` rather than `$bytes` for the location to truncate the file to - based on the file pointer being at the end of the written stream.

Props willmot tigertech kevinatelement
See #31767

Built from https://develop.svn.wordpress.org/trunk@35267


git-svn-id: http://core.svn.wordpress.org/trunk@35233 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-19 00:53:24 +00:00
Boone Gorges 0e7c1d3b14 Use `wp_installing()` instead of `WP_INSTALLING` constant.
The `WP_INSTALLING` constant is a flag that WordPress sets in a number of
places, telling the system that options should be fetched directly from the
database instead of from the cache, that WP should not ping wordpress.org for
updates, that the normal "not installed" checks should be bypassed, and so on.

A constant is generally necessary for this purpose, because the flag is
typically set before the WP bootstrap, meaning that WP functions are not yet
available.  However, it is possible - notably, during `wpmu_create_blog()` -
for the "installing" flag to be set after WP has already loaded. In these
cases, `WP_INSTALLING` would be set for the remainder of the process, since
there's no way to change a constant once it's defined. This, in turn, polluted
later function calls that ought to have been outside the scope of site
creation, particularly the non-caching of option data. The problem was
particularly evident in the case of the automated tests, where `WP_INSTALLING`
was set the first time a site was created, and remained set for the rest of the
suite.

The new `wp_installing()` function allows developers to fetch the current
installation status (when called without any arguments) or to set the
installation status (when called with a boolean `true` or `false`). Use of
the `WP_INSTALLING` constant is still supported; `wp_installing()` will default
to `true` if the constant is defined during the bootstrap.

Props boonebgorges, jeremyfelt.
See #31130.
Built from https://develop.svn.wordpress.org/trunk@34828


git-svn-id: http://core.svn.wordpress.org/trunk@34793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-05 15:06:28 +00:00
Drew Jaynes 4c2203b370 Docs: Add missing summaries for functions in wp-admin/includes/misc.php.
Also restructures the summary for `update_home_siteurl()`.

See #32246.

Built from https://develop.svn.wordpress.org/trunk@34824


git-svn-id: http://core.svn.wordpress.org/trunk@34789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-05 02:52:24 +00:00
Dion Hulse dc9203d753 Rewrite `insert_with_markers()` to use `flock()` when available, significant cleanup of the function too.
The call to `flock()` is an exclusive advisory lock, which in my testing only PHP respects (apache continues to read it).
Not all filesystems support locking (remote NFS mounts for example) so this offers minimal benefit to those platforms, but offers much better protection against file corruption on systems which do support it.
The call is blocking, so a second process will wait for the first to complete before writing if supported.

See #31767

Built from https://develop.svn.wordpress.org/trunk@34740


git-svn-id: http://core.svn.wordpress.org/trunk@34704 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-01 07:46:27 +00:00