Commit Graph

219 Commits

Author SHA1 Message Date
whyisjake abc5355d75 General: WordPress updates
* XML-RPC: Improve error messages for unprivileged users.
* External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
* Embeds: Disable embeds on deactivated Multisite sites.
* Coding standards: Modify escaping functions to avoid potential false positives.
* XML-RPC: Return error message if attachment ID is incorrect.
* Upgrade/install: Improve logic check when determining installation status.
* Meta: Sanitize meta key before checking protection status.
* Themes: Ensure that only privileged users can set a background image when a theme is using the deprecated custom background page.

Brings the changes from [49380,49382-49388] to the 4.6 branch.

Props xknown, zieladam, peterwilsoncc, whyisjake, desrosj, dd32.

Built from https://develop.svn.wordpress.org/branches/4.6@49400


git-svn-id: http://core.svn.wordpress.org/branches/4.6@49159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-29 19:00:24 +00:00
Drew Jaynes 7eb6471461 Docs: Fix minor formatting and syntax for wp-admin/* elements introduced in 4.6.
See #37318.

Built from https://develop.svn.wordpress.org/trunk@38024


git-svn-id: http://core.svn.wordpress.org/trunk@37965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-09 14:00:31 +00:00
Sergey Biryukov 139387b7e5 Docs: Use 3-digit, x.x.x-style semantic versioning for `_doing_it_wrong()`, `_deprecated_function()`, `_deprecated_argument()`, and `_deprecated_file()` throughout core.
Props metodiew.
Fixes #36495.
Built from https://develop.svn.wordpress.org/trunk@37985


git-svn-id: http://core.svn.wordpress.org/trunk@37926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-06 12:40:29 +00:00
Jeremy Felt 2211c28a37 Multisite: Remove superfluous code from `network_edit_site_nav()`
* Remove output buffering.
* Remove `esc_attr()` when outputting hard coded class names.
* Update documentation.

Fixes #15800.

Built from https://develop.svn.wordpress.org/trunk@37629


git-svn-id: http://core.svn.wordpress.org/trunk@37597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-02 22:29:27 +00:00
Drew Jaynes c3055cc190 Docs: Standardize hook docs in wp-admin/* to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37488


git-svn-id: http://core.svn.wordpress.org/trunk@37456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:01:30 +00:00
Jeremy Felt 4a12078b31 Multisite: Filter the links displayed on "Edit Site" views
Introduce the `network_edit_site_nav` function, which DRYs up the code used to display a common set of links at the top of "Edit Site" views.

Introduce the `network_edit_site_nav_links` filter, which allows plugins to modify the list of links displayed at the top of Edit Site views as a "tabbed" interface.

Props johnjamesjacoby, c3mdigital, Bueltge.
Fixes #15800.

Built from https://develop.svn.wordpress.org/trunk@37466


git-svn-id: http://core.svn.wordpress.org/trunk@37434 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-19 21:48:30 +00:00
Drew Jaynes fe3b007fdd Docs: Remove inline `@see` tags from function, class, and method references in inline docs.
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.

Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.

See #32246.

Built from https://develop.svn.wordpress.org/trunk@37342


git-svn-id: http://core.svn.wordpress.org/trunk@37308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-02 04:00:28 +00:00
Jeremy Felt 6cc19b5e2e Multisite: Relocate `revoke_super_admin()` and `grant_super_admin()`
Moving these functions to `wp-includes/capabilities.php` allows plugins to access more than just `is_super_admin()` and `get_super_admin()` from the front end without including a file via `wp-admin/`. Add an `is_multisite()` check to prevent use of these on single site environments now that they have left `ms.php`..

Props johnjamesjacoby.
Fixes #21788.

Built from https://develop.svn.wordpress.org/trunk@37200


git-svn-id: http://core.svn.wordpress.org/trunk@37166 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-14 03:35:27 +00:00
Dominik Schilling 86690daf0b Multisite: Switch to a usermeta key for email confirmation.
To prevent inconsistent data across sites in a network the new email address is now stored in usermeta. Adds visual feedback for the case when an update has failed.
All existing options will be removed on a database upgrade.

Props MikeHansenMe, kovshenin, jeremyfelt, ocean90.
Fixes #23358.
Built from https://develop.svn.wordpress.org/trunk@36679


git-svn-id: http://core.svn.wordpress.org/trunk@36646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 15:34:28 +00:00
Drew Jaynes 54ab5fa68c Users: Pass the array of user IDs being deleted to the `delete_user_form` action hook in two places.
Also updates documentation for the first parameter, `$current_user`, to clarify that it holds the `WP_User` object for the _current_ user, not the one being deleted.

Props usermrpapa.
Fixes #35063. 

Built from https://develop.svn.wordpress.org/trunk@36640


git-svn-id: http://core.svn.wordpress.org/trunk@36607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 17:42:27 +00:00
Andrew Ozz 2d94e025a2 Replace `wp_upload_dir()` with the new `wp_get_upload_dir()` in all cases where a file is not being uploaded. Deprecate `_wp_upload_dir_baseurl()`, and replace it with `wp_get_upload_dir()`.
See #34359.
Built from https://develop.svn.wordpress.org/trunk@36569


git-svn-id: http://core.svn.wordpress.org/trunk@36536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-18 00:24:27 +00:00
Dominik Schilling cbe5fc6fb8 Multisite: Don't show the database upgrade admin notice on the upgrade page itself.
Fixes #35782.
Built from https://develop.svn.wordpress.org/trunk@36505


git-svn-id: http://core.svn.wordpress.org/trunk@36472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-09 14:30:28 +00:00
Dominik Schilling d9a5894c2e Users: Display the new user email notice in user admin too.
Also, in `new_user_email_admin_notice()` use the global `$pagenow` and add a translators comment for the placeholder.

Fixes #35767.
Built from https://develop.svn.wordpress.org/trunk@36504


git-svn-id: http://core.svn.wordpress.org/trunk@36471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-07 13:54:25 +00:00
Dominik Schilling 0eb4f6ccfc Users: Use `self_admin_url()` for the email change confirmation link.
Prevents sending users to wp-admin/profile.php if they only have access to wp-admin/user/profile.php.

Fixes #35766.
Built from https://develop.svn.wordpress.org/trunk@36503


git-svn-id: http://core.svn.wordpress.org/trunk@36470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-07 13:26:27 +00:00
Eric Lewis 22467e840f Networks and sites: Replace "blog" usage with "site" in docs.
Multisite functions use the term "blog" to refer to what we now call a "site," e.g. `get_current_blog_id()`. These functions are here to stay because of our commitment to backwards compatibility. What we can do is set the documentation straight.

See #35417.

Built from https://develop.svn.wordpress.org/trunk@36416


git-svn-id: http://core.svn.wordpress.org/trunk@36383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-28 03:35:27 +00:00
Pascal Birchler 54b8c3e53b Docs: Fix some minor DocBlock alignment issues.
See #32246.
Built from https://develop.svn.wordpress.org/trunk@35885


git-svn-id: http://core.svn.wordpress.org/trunk@35849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-12 15:37:28 +00:00
Drew Jaynes 81524f3bfc Filesystem: Following the introduction of the `KB|MB|GB|TB_IN_BYTES` constants in [35286], use them in various places in core.
Props sudar.
Fixes #22405.

Built from https://develop.svn.wordpress.org/trunk@35325


git-svn-id: http://core.svn.wordpress.org/trunk@35291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 14:03:25 +00:00
Helen Hou-Sandí f3107e5842 Make some primary action buttons look primary.
* User deletion/removal
* Site status change (multisite)
* Network upgrade
* Import file upload
* Media browser upload

props Dezzy for the initial patch.
fixes #23738.

Built from https://develop.svn.wordpress.org/trunk@35182


git-svn-id: http://core.svn.wordpress.org/trunk@35148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-15 03:08:24 +00:00
Drew Jaynes 217b661703 Docs: Add missing descriptions for the `$wpdb` global in DocBlocks all the places.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@35170


git-svn-id: http://core.svn.wordpress.org/trunk@35136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-14 23:44:25 +00:00
Jeremy Felt 3b42b801f8 MS: Handle the possibility of 0 when checking a user's upload quota.
Upload space of 0 is now more possible via r35016 and should be respected rather than modified to a default of 10MB.

Fixes #34037.

Built from https://develop.svn.wordpress.org/trunk@35017


git-svn-id: http://core.svn.wordpress.org/trunk@34982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-10 23:17:25 +00:00
Scott Taylor 00ade45fd1 Docs: some `@global object` vernaculars should be converted to the actual object type.
See #33491.

Built from https://develop.svn.wordpress.org/trunk@35013


git-svn-id: http://core.svn.wordpress.org/trunk@34978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-10 15:45:25 +00:00
Sergey Biryukov 6595b1b080 My Sites: Make "Create a New Site" link consistent with other "Add New" links.
Props JeffMatson.
Fixes #34179.
Built from https://develop.svn.wordpress.org/trunk@34979


git-svn-id: http://core.svn.wordpress.org/trunk@34944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-09 03:50:24 +00:00
Jeremy Felt 9926983b66 Revert [34778], continue using `_site_option()` for the current network.
The `_network_option()` parameter order will be changing to accept `$network_id` first. The `_site_option()` functions will remain in use throughout core as our way of retrieving a network option for the current network.

See #28290.

Built from https://develop.svn.wordpress.org/trunk@34912


git-svn-id: http://core.svn.wordpress.org/trunk@34877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 17:11:25 +00:00
Jeremy Felt 54512d64cb MS: Use `*_network_option()` functions throughout core.
Replaces all uses of `*_site_option()` with the corresponding "network" function.

This excludes one usage in `wp-admin/admin-footer.php` that needs more investigation.

Props spacedmonkey.
See #28290.

Built from https://develop.svn.wordpress.org/trunk@34778


git-svn-id: http://core.svn.wordpress.org/trunk@34743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-02 19:08:26 +00:00
Boone Gorges 39fb7992a9 Require numeric IDs in user deletion functions.
`wp_delete_user()` and `wpmu_delete_user()` both require an `$id` parameter.
Previously, the functions did not verify that the value passed was, in fact,
a number. As such, passing an object or any other entity that would be cast
to int `1` would result in user 1 being deleted. We fix this by enforcing
the requirement that `$id` be numeric.

Props dipesh.kakadiya, utkarshpatel, juliobox.
Fixes #33800.
Built from https://develop.svn.wordpress.org/trunk@34034


git-svn-id: http://core.svn.wordpress.org/trunk@34002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 02:25:23 +00:00
Scott Taylor 5918b30cdd Move `network_settings_add_js()` from `wp-admin/network/settings.php` to `wp-admin/includes/ms.php`.
See #33813.

Built from https://develop.svn.wordpress.org/trunk@34026


git-svn-id: http://core.svn.wordpress.org/trunk@33995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 22:24:24 +00:00
Scott Taylor 2d2e3c911e Move `confirm_delete_users()` from `wp-admin/network/users.php` to `wp-admin/includes/ms.php`.
See #33813.

Built from https://develop.svn.wordpress.org/trunk@34025


git-svn-id: http://core.svn.wordpress.org/trunk@33994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 22:23:46 +00:00
Scott Taylor ef87172270 `foreach` is a statement, not a function.
See #33491.

Built from https://develop.svn.wordpress.org/trunk@33734


git-svn-id: http://core.svn.wordpress.org/trunk@33702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-25 20:28:22 +00:00
Dominik Schilling 198cdb1dde Multisite mails: Initialize `$current_user` before accessing `$current_user->user_login`.
props Toro_Unit.
see #31217.
fixes #33254.
Built from https://develop.svn.wordpress.org/trunk@33569


git-svn-id: http://core.svn.wordpress.org/trunk@33536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 11:39:25 +00:00
Jeremy Felt 0bc0b0c917 Do not allow deletion of a super admin user through `wpmu_delete_user()`.
In step with the UI provided by `wp-admin/network/users.php`, super admin privileges must be removed before a user can be deleted through the API.

Props @johnjamesjacoby, @jeremyfelt.
Fixes #32935.

Built from https://develop.svn.wordpress.org/trunk@33143


git-svn-id: http://core.svn.wordpress.org/trunk@33114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-09 16:16:25 +00:00
Jeremy Felt 767ed1e9b1 Use the full site URL in `choose_primary_blog()` when a user is a member of only one site.
Aligns with the output used when a user is a member of multiple sites.

Fixes #32884.

Built from https://develop.svn.wordpress.org/trunk@33081


git-svn-id: http://core.svn.wordpress.org/trunk@33052 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-04 04:21:24 +00:00
Scott Taylor d2a00338f6 Don't loosely compare functions that return `bool` against a literal `bool`.
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32730


git-svn-id: http://core.svn.wordpress.org/trunk@32701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-12 17:19:27 +00:00
Scott Taylor a51dfa3971 In the style of #30947 and `default-filters.php`, add 2 new files to `wp-admin/includes`:
`admin-filters.php`
`ms-admin-filters.php`

There are random actions and filters littered among files like `misc.php`. These files contain functions that won't work outside of admin context and are typically only loaded in files that have already loaded the admin bootstrap.

See #32529.

Built from https://develop.svn.wordpress.org/trunk@32653


git-svn-id: http://core.svn.wordpress.org/trunk@32623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 17:04:26 +00:00
Scott Taylor b56b9b3e5c Add `@global` annotations for `wp-admin/*`.
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32642


git-svn-id: http://core.svn.wordpress.org/trunk@32612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-28 21:41:30 +00:00
Sergey Biryukov 77572cf024 Multisite: Add translator comments to default email messages with non-typical placeholders.
props yoavf.
fixes #32263.
Built from https://develop.svn.wordpress.org/trunk@32381


git-svn-id: http://core.svn.wordpress.org/trunk@32351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 09:12:25 +00:00
Drew Jaynes 87e149a19f Add a missing `@return` tag to the DocBlock for `site_admin_notice()`.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@32339


git-svn-id: http://core.svn.wordpress.org/trunk@32310 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-04 01:06:25 +00:00
Scott Taylor bce851dcf2 Replace `array_shift()` with `reset()` where appropriate for performance.
Props SergeyBiryukov.
Fixes #31259.

Built from https://develop.svn.wordpress.org/trunk@31829


git-svn-id: http://core.svn.wordpress.org/trunk@31811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-19 03:56:27 +00:00
Jeremy Felt 7644e68119 Provide proper label associations and descriptions throughout the network admin
* Add labels previously missing for many inputs throughout the network admin screen.
* Add proper `aria-describedby` attributes to provide better descriptions.
* Wrap grouped inputs with `fieldset` elements.
* Remove now unneeded `title` attributes when appropriate.

Props cfoellmann, afercia, rianrietveld.

Fixes #38406.

Built from https://develop.svn.wordpress.org/trunk@31517


git-svn-id: http://core.svn.wordpress.org/trunk@31498 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-23 02:29:26 +00:00
Sergey Biryukov 0e65ae6176 Remove redundant string with a typo introduced in [25481].
see #31217.
Built from https://develop.svn.wordpress.org/trunk@31404


git-svn-id: http://core.svn.wordpress.org/trunk@31385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-10 07:53:28 +00:00
Sergey Biryukov 12f4004989 Replace generic "Dear user" greeting in email notifications with a more personalized one.
props Ipstenu.
fixes #31217.
Built from https://develop.svn.wordpress.org/trunk@31403


git-svn-id: http://core.svn.wordpress.org/trunk@31384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-10 07:47:27 +00:00
Sergey Biryukov 5ac0568ee3 Switch to a 403 response code in places where it is more appropriate than a 500 due to permissions errors.
props tomdxw.
fixes #30927.
Built from https://develop.svn.wordpress.org/trunk@31300


git-svn-id: http://core.svn.wordpress.org/trunk@31281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-29 21:15:22 +00:00
Sergey Biryukov 7b04e6d4f4 Add variable type for sync_category_tag_slugs() parameters.
props tillkruess.
fixes #30718.
Built from https://develop.svn.wordpress.org/trunk@31113


git-svn-id: http://core.svn.wordpress.org/trunk@31094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-09 11:19:22 +00:00
Scott Taylor 60b0cd7943 The keyword `elseif` should be used instead of `else if` so that all control keywords look like single words.
This was a mess, is now standardized across the codebase, except for a few 3rd-party libs. 

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31090


git-svn-id: http://core.svn.wordpress.org/trunk@31071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 07:05:25 +00:00
Scott Taylor ac4e67b82e Perl-style comments should not be used
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31079


git-svn-id: http://core.svn.wordpress.org/trunk@31060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 05:52:24 +00:00
Scott Taylor af0e5cc851 Inline `<script>`s that are only printed in the admin for pages that are served with the HTML5 doctype absolutely do not need `CDATA` comments.
Props tw2113 for the initial patch.
See #18788.

Built from https://develop.svn.wordpress.org/trunk@31034


git-svn-id: http://core.svn.wordpress.org/trunk@31015 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-03 05:46:25 +00:00
Drew Jaynes bb380687fa Add missing DocBlocks for several functions in wp-admin/includes/ms.php.
Props dustyf.
See #30483.

Built from https://develop.svn.wordpress.org/trunk@30630


git-svn-id: http://core.svn.wordpress.org/trunk@30620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 05:06:23 +00:00
Jeremy Felt 3a7b5748eb Prevent wpmu_delete_blog from removing the wrong uploads directory
`wp_upload_dir()` includes some logic to fall back to the default site's upload directory if a specific directory for the requested site cannot be found. Because of this, if `wpmu_delete_blog()` is fired twice in a row for the same site, the main site's upload directory could be deleted as well.

This adds some checks in `wpmu_delete_blog()` so that we are confident in the site and it's upload directory's existence before dropping the site. Tests are added for when `ms_files_rewriting` is enabled or disabled.

Fixes #30121

Built from https://develop.svn.wordpress.org/trunk@30404


git-svn-id: http://core.svn.wordpress.org/trunk@30399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 06:53:22 +00:00
Jeremy Felt 796ceebb25 Use common core syntax for checking DOING_AJAX
Our current check for a non truthy `DOING_AJAX` is `! DOING_AJAX`.

props TobiasBg
Fixes #29891

Built from https://develop.svn.wordpress.org/trunk@30177


git-svn-id: http://core.svn.wordpress.org/trunk@30177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-02 02:24:23 +00:00
Scott Taylor 60b73c589c Display error message when Media Library upload fails.
Props gcorne.
Fixes #29891.

Built from https://develop.svn.wordpress.org/trunk@30156


git-svn-id: http://core.svn.wordpress.org/trunk@30156 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-01 20:25:23 +00:00
Drew Jaynes f8657d5890 Remove redundant and erroneous `@uses` tag from most core inline documentation.
Per our inline documentation standards, no further use of the `@uses` tag is recommended as used and used-by relationships can be derived through other means. This removes most uses of the tag in core documentation, with remaining tags to be converted to `@global` or `@see` as they apply.

Fixes #30191.

Built from https://develop.svn.wordpress.org/trunk@30105


git-svn-id: http://core.svn.wordpress.org/trunk@30105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-30 01:05:24 +00:00