Commit Graph

6290 Commits

Author SHA1 Message Date
davidbaumwald 69e59764eb Grouped backports to the 4.6 branch.
- Comments: Prevent users who can not see a post from seeing comments on it.
- Shortcodes: Restrict media shortcode ajax to certain type.
- REST API: Ensure no-cache headers are sent when methods are overridden.
- Prevent unintended behavior when certain objects are unserialized.

Merges [56834], [56835], [56836], and [56838] to the 4.6 branch.
Props xknown, jorbin, joehoyle, timothyblynjacobs, peterwilsoncc, ehtis, tykoted, antpb, rmccue.
Built from https://develop.svn.wordpress.org/branches/4.6@56859


git-svn-id: http://core.svn.wordpress.org/branches/4.6@56370 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-10-12 18:10:52 +00:00
Sergey Biryukov 846b0a57b8 Grouped backports to the 4.6 branch.
- Media: Prevent CSRF setting attachment thumbnails.
- Embeds: Add protocol validation for WordPress Embed code.

Merges [55763] and [55764] to the 4.6 branch.
Props dd32, isabel_brison, martinkrcho, matveb, ocean90, paulkevan, peterwilsoncc, timothyblynjacobs, xknown, youknowriad.
Built from https://develop.svn.wordpress.org/branches/4.6@55783


git-svn-id: http://core.svn.wordpress.org/branches/4.6@55295 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-16 15:45:21 +00:00
desrosj c3117156fd Grouped backports to the 4.6 branch.
- Query: Improve sanitization within `WP_Tax_Query`.
- Query: Improve sanitization within `WP_Meta_Query`.
- Upgrade/Install: Avoid using `unserialize()` unnecessarily.
- Formatting: Correctly encode ASCII characters in post slugs.

Merges [52454-52457] to the 4.6 branch.
Props vortfu, dd32, ehtis, zieladam, whyisjake, xknown, peterwilsoncc, desrosj, iandunn.
Built from https://develop.svn.wordpress.org/branches/4.6@52477


git-svn-id: http://core.svn.wordpress.org/branches/4.6@52069 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-01-06 18:18:21 +00:00
whyisjake abc5355d75 General: WordPress updates
* XML-RPC: Improve error messages for unprivileged users.
* External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
* Embeds: Disable embeds on deactivated Multisite sites.
* Coding standards: Modify escaping functions to avoid potential false positives.
* XML-RPC: Return error message if attachment ID is incorrect.
* Upgrade/install: Improve logic check when determining installation status.
* Meta: Sanitize meta key before checking protection status.
* Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.

Brings the changes from [49380,49382-49388] to the 4.6 branch.

Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.

Built from https://develop.svn.wordpress.org/branches/4.6@49400


git-svn-id: http://core.svn.wordpress.org/branches/4.6@49159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-29 19:00:24 +00:00
Sergey Biryukov d289821488 Administration: Pass the result of `set-screen-option` filter to the new `set_screen_option_{$option}` filter to ensure backward compatibility.
Rename the `$keep` parameter of both filters to `$screen_option` for clarity, update the documentation to better reflect its purpose.

Follow-up to [47951].

Props Chouby, sswells, SergeyBiryukov.
Merges [48241] to the 4.6 branch.
Fixes #50392.
Built from https://develop.svn.wordpress.org/branches/4.6@48252


git-svn-id: http://core.svn.wordpress.org/branches/4.6@48021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-01 09:51:34 +00:00
whyisjake fea2ba3cd6 General: Backport several commits for release.
- Embeds: Ensure that the title attribute is set correctly on embeds.
- Editor: Prevent HTML decoding on by setting the proper editor context.
- Formatting: Ensure that wp_validate_redirect() sanitizes a wider variety of characters.
- Themes: Ensure a broken theme name is returned properly.
- Administration: Add a new filter to extend set-screen-option.
Merges [47947-47951] to the 4.6 branch.
Props xknown, sstoqnov, vortfu, SergeyBiryukov, whyisjake.

Built from https://develop.svn.wordpress.org/branches/4.6@47974


git-svn-id: http://core.svn.wordpress.org/branches/4.6@47744 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-10 18:55:16 +00:00
Sergey Biryukov 2a4ac1ce68 Escape the output in `wp_ajax_upload_attachment()`.
Merges [45936] to the 4.6 branch.
Props whyisjake, sstoqnov.
Built from https://develop.svn.wordpress.org/branches/4.6@45948


git-svn-id: http://core.svn.wordpress.org/branches/4.6@45759 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:36:24 +00:00
Sergey Biryukov 1ff333ca3b Comments: Improve comment content filtering.
Merges [44842] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@44848


git-svn-id: http://core.svn.wordpress.org/branches/4.6@44680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-12 22:37:22 +00:00
Gary Pendergast 5a48d3af8b Editor: Remove unwanted fields before saving posts.
The `meta_input`, `file`, and `guid` fields are not intended to be updated through user input.

Merges [44047] to the 4.6 branch.


Built from https://develop.svn.wordpress.org/branches/4.6@44058


git-svn-id: http://core.svn.wordpress.org/branches/4.6@43888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 01:43:21 +00:00
Peter Wilson 41a7a8e581 Multisite: Validate activation links.
Merges [44048] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@44057


git-svn-id: http://core.svn.wordpress.org/branches/4.6@43887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 01:42:20 +00:00
Dion Hulse ce6ffb6d25 External Libraries: Remove unnecessary / obsoleted MediaElement.js files.
Merges [42478] to the 4.6 branch.
Fixes #42720 for 4.6.

Built from https://develop.svn.wordpress.org/branches/4.6@42480


git-svn-id: http://core.svn.wordpress.org/branches/4.6@42309 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-01-16 08:06:35 +00:00
Dion Hulse cf61ff994d Upgrade: When deleting old files, if deletion fails attempt to empty the file instead.
Props joemcgill, dd32.
Merges [42434] to the 4.6 branch.
Fixes #42963 for 4.6.

Built from https://develop.svn.wordpress.org/branches/4.6@42468


git-svn-id: http://core.svn.wordpress.org/branches/4.6@42297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-01-16 06:55:34 +00:00
John Blackbourn 4733856aee Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues.
Merges [41457] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@41460


git-svn-id: http://core.svn.wordpress.org/branches/4.6@41293 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 14:39:34 +00:00
John Blackbourn f12b16a291 General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area.
Merges [41413] to the 4.6 branch

See #13377

Built from https://develop.svn.wordpress.org/branches/4.6@41414


git-svn-id: http://core.svn.wordpress.org/branches/4.6@41247 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 10:22:34 +00:00
Aaron Campbell e07088f06e Add nonce for updating file system credentials.
Merges [40723] to 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40725


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40583 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-16 14:53:33 +00:00
Pascal Birchler 98c13fefb2 Fix broken audio/video functions when sanitizing ID3 data
This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

See #40075, #40085.

Merges [40400] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40461


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40337 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-17 13:07:36 +00:00
John Blackbourn 70a97d6789 Press This: Verify intent before fetching in-page resources using Press This.
Props vortfu

Merges [40195] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40197


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 13:58:33 +00:00
Jeremy Felt fe1162e5f1 Validate video and audio metadata.
Merge of [40148] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@40150


git-svn-id: http://core.svn.wordpress.org/branches/4.6@40089 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 08:04:35 +00:00
Dominik Schilling 88e92019c3 Press This: Do not show Categories & Tags UI for users who cannot assign terms to posts anyways.
Merge of [39968] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@39971


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-26 14:10:33 +00:00
John Blackbourn df08ef2450 Posts, Post Types: When using Excerpt mode on the Posts list table, ensure the excerpt output matches what was manually entered into the Excerpt field.
Merges [39956] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@39970


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-26 14:09:35 +00:00
Aaron Campbell ebbfc7179c Add nonce for widget accessibility mode.
Props vortfu.

See #23328.

Merges [39760] to 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@39762


git-svn-id: http://core.svn.wordpress.org/branches/4.6@39700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 01:43:35 +00:00
Aaron Campbell 38430b0533 Media: Improved media titles when created from filename.
Preserves spaces and generally creates more accurate, cleaner titles from filenames of uploaded media.

Merge of [38614] to the 4.6 branch.

Props joemcgill.
Fixes #37989.


Built from https://develop.svn.wordpress.org/branches/4.6@38615


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-17 06:27:31 +00:00
Jeremy Felt e860e24b6e Media: Sanitize upload filename.
Merge of [38538] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@38539


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-07 13:57:29 +00:00
Pascal Birchler b9f38d1aa8 Upgrade/Install: Sanitize file name in `File_Upload_Upgrader`.
Merge of [38524] to the 4.6 branch.
Built from https://develop.svn.wordpress.org/branches/4.6@38525


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-06 17:29:31 +00:00
Jeremy Felt b39313803a Upgrade/Install: After [37687], fix the number of params passed to the upgrade hooks.
`wp_version_check()`, `wp_update_plugins()` and `wp_update_themes()` are all originally hooked to the `upgrader_process_complete` action with zero arguments passed to them. Zero arguments should be passed when re-adding them after translation updates, otherwise the sky will fall.

Merge of [38415] to the 4.6 branch.

Props ionutst, gitlost, swissspidy.
Fixes #37731.

Built from https://develop.svn.wordpress.org/branches/4.6@38475


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 18:12:30 +00:00
Dominik Schilling 7fec14f382 Upgrader: Rename `class-wp-automatic-upgrader.php` to `class-wp-automatic-updater.php`.
The class is named `WP_Automatic_Updater` not `WP_Automatic_Upgrader` like all the other upgrader classes. 

Introduced in [37409].

Merge of [38242] to the 4.6 branch.

Props DrewAPicture for review.
Fixes #37628.
Built from https://develop.svn.wordpress.org/branches/4.6@38243


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-10 19:57:30 +00:00
Andrew Ozz ae8722f109 Update/Install error messages: do not escape from the template, escape the error message string before inserting it.
Props swissspidy, ocean90.
Fixes #37623 for 4.6.
Built from https://develop.svn.wordpress.org/branches/4.6@38241


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-10 19:06:31 +00:00
Dominik Schilling dd5cb26de2 Media: In `_wp_handle_upload()` use `call_user_func_array()` to call the upload error handler.
The default error handler `wp_handle_upload_error()` expects a reference for the first parameter but `call_user_func()` doesn't pass parameters by reference. The current code didn't produce any issues until now. PHP 7.0.9 (and PHP 7.1) is now stricter and prevents calling the error handler with a warning:
> PHP Warning:  Parameter 1 to wp_handle_upload_error() expected to be a reference, value given.

To restore the error handler `_wp_handle_upload()` now uses `call_user_func_array()`.

Merge of [38235] to the 4.6 branch.

Props jbrinley.
Props jorbin for review.
See #37570.
Built from https://develop.svn.wordpress.org/branches/4.6@38236


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-09 21:56:30 +00:00
Dominik Schilling 8631cb86cf Dashboard: Don't escape widget titles in screen reader text.
Introduced in [37972]. The title for the Quick Draft widget contains HTML to provide a JS/no-JS version.

Merge of [38225] to the 4.6 branch.

Props SergeyBiryukov for review.
See #37595.
See #37594.
Built from https://develop.svn.wordpress.org/branches/4.6@38226


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38167 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-09 09:09:32 +00:00
Aaron Jorbin c63e673361 Updates: Improve experience for Bulk Actions when FTP is dismissed.
Merges [38221] to the 4.6 branch.

Before this change, when a bulk update was canceled due dismissing the FTP credentials modal, part of the actions didn't get canceled. This meant the "There is a new version of…” notices become blank and the updates you had checked became unchecked. Now, the notices remain and you are essentially returned to the screen you had before. Strings are also updated to improve ARIA usage.

Fixes #37563.
Props ocean90, swissspidy, obenland, afercia.


Built from https://develop.svn.wordpress.org/branches/4.6@38222


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-09 01:15:29 +00:00
Dominik Schilling b5de2df420 Update/Install: Replace "error" and "-1" failure messages with a more meaningful one.
* "-1" is an invalid nonce error, show 'An error has occurred. Please reload the page and try again.'.
* "error" means that the connection to the server was lost, show 'Connection lost or the server is busy. Please try again later.'.
* Escape the message in `wp-updates-admin-notice` because the response may include HTML.
* Remove HTML tags in `wp.updates.isValidResponse()` to make PHP's error messages more readable.

Merge of [38205] to the 4.6 branch.

Props azaozz for review.
See #37583.
Built from https://develop.svn.wordpress.org/branches/4.6@38206


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-05 19:30:31 +00:00
John Blackbourn 4ca40b65ec Docs: Correct and clarify various `@since` docs.
Fixes #37562

Merges [38201] to the 4.6 branch.

Built from https://develop.svn.wordpress.org/branches/4.6@38202


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38143 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-04 22:56:41 +00:00
Dominik Schilling 9501efd09f Upgrade/Install: Make some install/update failures more verbose.
An upgrader class is used in conjunction with an upgrader skin class. A skin class handles the logging for an upgrade and informs a user about the progress and failures.
The current Ajax install/update handlers are using the `Automatic_Upgrader_Skin` class because during an Ajax request no output is intended. The difference between Ajax updates and automatic updates is that you will see the full log (usually by email) while Ajax updates focus only on success or failure. For that `Automatic_Upgrader_Skin` has one disadvantage: It doesn't provide a way to retrieve failure messages which were passed through `WP_Upgrader_Skin::error()` by the upgrader.
To solve this issue a new skin `WP_Ajax_Upgrader_Skin` has been introduced. The skin extends `Automatic_Upgrader_Skin` and overrides the `error()` and `feedback()` methods to intercept all errors, which can be a `WP_Error` object or a string.

This updates all four Ajax handler for installing/updating themes/plugins to use the new skin. They now also check the skin for any intercepted errors and pass them on to the user.

Merge of [38199] to the 4.6 branch.

Props flixos90, obenland, ocean90.
Props DrewAPicture, pento for review.
See #37531.
Built from https://develop.svn.wordpress.org/branches/4.6@38200


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-04 22:23:39 +00:00
Aaron Jorbin 7eccc12e97 Updates: Improve bulk update failure notice
Merge of [38185] to the 4.6 branch

When doing a bulk update, if there are failures the user needs to know about that. This makes it clearer that you can click on the notification to see more details, especially for screen reader users.

Fixes #37510.
Props juhise, Ankit K Gupta, afercia, jorbin, ocean90. 


Built from https://develop.svn.wordpress.org/branches/4.6@38187


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-03 22:33:30 +00:00
Dominik Schilling 1abd5f0be7 Plugins: Use `install_plugins_upload` action to print the upload form.
Since [37221] the upload form is added to every plugin install screen via `install_plugins_upload()`. Previously the form was added through the `install_plugins_upload` (alias of `install_plugins_$tab`) action which allowed plugin authors to replace the form. This restores the previous behaviour.

* Add the form only to non-upload plugin install screens.
* Replace `install_plugins_upload()` with the `install_plugins_upload` and `install_plugins_pre_upload` actions.
* Remove `$upload_tab_class` and add a CSS class for the current tab to `.wrap`
* Adjust CSS selectors and toggle the whole container to support upload without an `upload-plugin` class.

Props DavidAnderson, ocean90.
Fixes #37495.
Built from https://develop.svn.wordpress.org/trunk@38172


git-svn-id: http://core.svn.wordpress.org/trunk@38113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-31 18:11:29 +00:00
Dominik Schilling 3105764efd Plugins: Move capability checks further up in `wp_ajax_update_plugin()` and `wp_ajax_delete_plugin()`.
Add tests for both Ajax handlers.

Props Yorick Koster, swissspidy.
Fixes #37490.
Built from https://develop.svn.wordpress.org/trunk@38168


git-svn-id: http://core.svn.wordpress.org/trunk@38109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-27 17:44:41 +00:00
Dominik Schilling e4abc1ecbf Filesystem API: Output buffering for `request_filesystem_credentials()` should wrap the function directly.
Previously `ob_end_clean()` was only called when the previous condition was successful which led to unexpected results when another output buffering was involved, like PHPUnit's.

Fixes #37488.
Built from https://develop.svn.wordpress.org/trunk@38167


git-svn-id: http://core.svn.wordpress.org/trunk@38108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-27 17:11:56 +00:00
Andrew Ozz 5bccb0020d TinyMCE, inline link:
- Remove proxying through WordPress to test if an URL exists.
- Fix and enhance the regex that tests if the URL is well formed.

Fixes #36638.
Built from https://develop.svn.wordpress.org/trunk@38159


git-svn-id: http://core.svn.wordpress.org/trunk@38100 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-26 23:24:28 +00:00
Dominik Schilling d7253ca244 Filesystem API: Prevent an endless self-calling loop in `wp_tempnam()`.
Under certain conditions upgrades on Windows may fail because `wp_tempnam()` gets called in a loop.
This can happen when `wp_tempnam()` is called with `\.maintenance` for the `$filename` parameter. The function strips the extension, in this case `.maintenance`, which results in an empty filename. Because it's empty, `wp_tempnam()` calls itself with `dirname( '\.maintenance' )`. On *nix systems this would be `"/"` which allows `wp_tempnam()` to fall back on `time()`. But on Windows it's `"\"`.

This change adds the backslash to the list of characters which allow `wp_tempnam()` to fall back on `time()`.

See [32322], [31936].
Fixes #33999.
Built from https://develop.svn.wordpress.org/trunk@38151


git-svn-id: http://core.svn.wordpress.org/trunk@38092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-25 15:28:29 +00:00
Sergey Biryukov fdc07533f5 Plugins: Add a missing space between classes on `<td>` element for custom columns of the Plugins list table.
Props crstauf.
Fixes #37460.
Built from https://develop.svn.wordpress.org/trunk@38149


git-svn-id: http://core.svn.wordpress.org/trunk@38090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-25 13:28:28 +00:00
Sergey Biryukov a7a8585640 Posts, Post Types: Remove a redundant `function_exists( 'mb_strlen' )` check in `get_sample_permalink_html()`.
`mb_strlen()` is always available since [32114].

See #30633.
Built from https://develop.svn.wordpress.org/trunk@38147


git-svn-id: http://core.svn.wordpress.org/trunk@38088 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-23 13:08:44 +00:00
Dominik Schilling 51671afc0a List Table: Improve `WP_Plugins_List_Table::search_box()` which was added in [38033].
* Update DocBlock to use third-person singular verb and to include a period at the end.
* Use `submit_button()` for the submit button.
* Escape the ID attribute.
* Apply the same to `WP_List_Table::search_box()`.

See #37230.
Built from https://develop.svn.wordpress.org/trunk@38146


git-svn-id: http://core.svn.wordpress.org/trunk@38087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-23 11:00:36 +00:00
Sergey Biryukov 995dc513a4 Docs: Update the description of the `$box` argument of `wp_nav_menu_item_taxonomy_meta_box()` for consistency with [38129].
Missed in [38130].

See #37211.
Built from https://develop.svn.wordpress.org/trunk@38142


git-svn-id: http://core.svn.wordpress.org/trunk@38083 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-22 16:50:28 +00:00
Dominik Schilling 50ca05f8cd Plugins: Make search field placeholder translatable.
See #37230.
Built from https://develop.svn.wordpress.org/trunk@38141


git-svn-id: http://core.svn.wordpress.org/trunk@38082 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-22 14:51:28 +00:00
Dominik Schilling 06c71ee6ec Docs: Fix minor formatting issue for a comment added in [38113].
See #32171.
Built from https://develop.svn.wordpress.org/trunk@38139


git-svn-id: http://core.svn.wordpress.org/trunk@38080 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-22 13:46:28 +00:00
Dominik Schilling 3a3828c396 Filesystem API: Change the default value for the `$context` parameter of `get_filesystem_method()` and `request_filesystem_credentials()` to an empty string.
`$context` is a full path to the directory that is tested for being writable. A path shouldn't be a boolean value.
This also updates `WP_Upgrader_Skin::request_filesystem_credentials()` and `Automatic_Upgrader_Skin::request_filesystem_credentials()` and adds missing docs.

Props DrewAPicture, ocean90.
Fixes #37412.

Built from https://develop.svn.wordpress.org/trunk@38138


git-svn-id: http://core.svn.wordpress.org/trunk@38079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-22 12:10:27 +00:00
Dominik Schilling eb0ee24750 Post Thumbnails: Remove an unused nonce in `_wp_post_thumbnail_html()`.
See #12922.


Built from https://develop.svn.wordpress.org/trunk@38137


git-svn-id: http://core.svn.wordpress.org/trunk@38078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-22 11:44:28 +00:00
Dominik Schilling c4dfc0adba Media: Remove global import for `$content_width` in `_wp_post_thumbnail_html()`.
`$content_width` is unused since [35023].

See #28512.
Built from https://develop.svn.wordpress.org/trunk@38136


git-svn-id: http://core.svn.wordpress.org/trunk@38077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-22 11:40:28 +00:00
Dominik Schilling a20e16d3c6 Docs: Change type of `WP_Upgrader_Skin::$result` to 'string|bool|WP_Error'.
`$result` can be `true` too, see `Language_Pack_Upgrader::bulk_upgrade()`.

See #32246.
Built from https://develop.svn.wordpress.org/trunk@38134


git-svn-id: http://core.svn.wordpress.org/trunk@38075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-22 10:43:29 +00:00
Sergey Biryukov 0a9bfead1c Docs: In meta box functions, clarify that "Meta box ID" refers to the `id` attribute of the meta box and not a numeric ID.
Fixes #37211.
Built from https://develop.svn.wordpress.org/trunk@38131


git-svn-id: http://core.svn.wordpress.org/trunk@38072 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-21 19:24:28 +00:00