At the heart of the matter, the `$menu_slug` parameter in `add_menu_page()` and `add_submenu_page()` is not sanitized with `sanitize_key()`. When the screen object is later built for the admin page, the screen ID is derived from that `$menu_slug` value, though passed through `sanitize_key()`, which can produce unexpected results in comparison check.
Changing the sanitization code to provide actual parity is out of the question at this juncture, so updating the docs to describe how to avoid this edge case is the next best option.
Props GregRoss.
Fixes#35305.
Built from https://develop.svn.wordpress.org/trunk@40967
git-svn-id: http://core.svn.wordpress.org/trunk@40817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the `focus` event on the permalink custom structure field made impossible
to navigate through all the form fields using only the keyboard without actually
selecting the custom structure setting. Instead, using click and input preserves
the original functionality when using any kind of pointing or input device.
Also changes `attr()` to `prop()`` as recommended for a `checked` property.
Fixes#40982.
Built from https://develop.svn.wordpress.org/trunk@40897
git-svn-id: http://core.svn.wordpress.org/trunk@40747 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- changes "Drafts" to "Your Recent Drafts" to clarify displayed drafts are the ones from the current user
- clarifies and simplifies the "View all" link
Props soniakash, sudar, bhargavbhandari90, zachwtx, johnroper100, rcutmore.
Fixes#37595.
Built from https://develop.svn.wordpress.org/trunk@40877
git-svn-id: http://core.svn.wordpress.org/trunk@40727 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes some minor HTML issues in the admin and, most notably, changes the rel
attribute used in the List Tables from `rel="permalink"` to `rel="bookmark"`.
Props mihai2u, pento, arena, topher1kenobe, michalzuber, stubgo.
Fixes#37004.
Built from https://develop.svn.wordpress.org/trunk@40823
git-svn-id: http://core.svn.wordpress.org/trunk@40680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Close the form after obtaining a valid location.
- Fix focusing the toggle button after closing the form.
- Fix aria attribute values.
- Fix positions in IE11.
- Some JS and CSS cleanup.
Props afercia, coreymckrill.
Fixes#40735.
Built from https://develop.svn.wordpress.org/trunk@40789
git-svn-id: http://core.svn.wordpress.org/trunk@40647 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes a bug where cached events & location data was not accessible because the
cache key could not be regenerated without latitude and longitude information.
Discovered and fixed during #wcber contributor day.
Props soean, kubik-rubik, obenland.
See #40702.
Built from https://develop.svn.wordpress.org/trunk@40651
git-svn-id: http://core.svn.wordpress.org/trunk@40514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These controls toggle the visibility of the update progress: they perform an action
therefore they should be buttons. Also:
- uses `aria-expanded` to communicate the toggle button state
- removes some inline JavaScript
- when clicking the toggle buttons, the progress details get moved with JavaScript after the button: this helps users of assistive technologies in finding them and makes the UI a bit more intuitive
Props Cheffheid, afercia.
See #26504.
Fixes#40453.
Built from https://develop.svn.wordpress.org/trunk@40646
git-svn-id: http://core.svn.wordpress.org/trunk@40507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces option to `$return` parameter to return the attachment id created after a successful image sideload.
Props slbmeh, kawauso, alexkingorg, SergeyBiryukov, georgestephanis, DrewAPicture, nacin, trepmal, mattheu, kraftbj, whyisjake, dotancohen, MrGregWaugh, danielbachhuber.
Fixes#19629.
Built from https://develop.svn.wordpress.org/trunk@40597
git-svn-id: http://core.svn.wordpress.org/trunk@40467 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the `focus` event on the date and time custom format fields made impossible
to navigate through all the form fields using only the keyboard without actually
selecting the custom format setting. Instead, using `click` and `input` preserves
the original functionality when using any kind of pointing or input device.
Fixes#40515.
Built from https://develop.svn.wordpress.org/trunk@40568
git-svn-id: http://core.svn.wordpress.org/trunk@40436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Links used as UI controls that behave like buttons, should be buttons.
- changes the widgets "toggle", "Delete", and "Close" links to buttons
- uses `aria-expanded` to announce the state of the toggle buttons
- increases a bit the clickable area of the toggle
- ensures the "circular focus" doesn't get cut-off in some browsers by centering the toggle arrows
- uses a `<span>` element with an `aria-hidden` attribute to hide CSS generated font icons from assistive technologies
- standardizes on `.toggle-indicator:before` rather than `:after`
- changes two `#f00` reds in `#dc3232`, see #35622Fixes#31476.
Built from https://develop.svn.wordpress.org/trunk@40480
git-svn-id: http://core.svn.wordpress.org/trunk@40356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When using `is_super_admin()` in a non-multisite environment, the function is supposed to check for administrator capabilities. The process of querying all users and filtering them with that function can be optimized by only querying users with the administrator role instead.
Fixes#40406. See #37616.
Built from https://develop.svn.wordpress.org/trunk@40406
git-svn-id: http://core.svn.wordpress.org/trunk@40313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to this change, a mix of `is_super_admin()` calls and `manage_network` capability checks was used to determine whether the current user could upgrade the network. With this changeset a dedicated capability is introduced that allows more granular handling.
Props dhanendran for the original patch.
Fixes#39205. See #37616.
Built from https://develop.svn.wordpress.org/trunk@40404
git-svn-id: http://core.svn.wordpress.org/trunk@40311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since support for PDF previews were added in [38949], it's possible
that the generated image file could overwrite an existing image file
with the same name. This uses `wp_unique_filename()` to avoid this
issue and adds a '-pdf' identifier on the end of filenames.
Props gitlost, derosj, mikeschroder, joemcgill.
Fixes#39875. See #31050.
Built from https://develop.svn.wordpress.org/trunk@40130
git-svn-id: http://core.svn.wordpress.org/trunk@40067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Updates `.button-link` adding color and underline to make link-like buttons look
like links by default. Introduces `.button-link-delete` as a modifier, stackable
CSS class for red button-links.
Props Cheffheid, afercia.
See #34242.
Fixes#35126.
Built from https://develop.svn.wordpress.org/trunk@40052
git-svn-id: http://core.svn.wordpress.org/trunk@39989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The checks were introduced in [22256] to prevent user settings to be set for super admins that were not a member of the current site. However the latter should apply to any kind of user, so the `is_super_admin()` check is redundant. Furthermore, removing these checks is necessary for the ongoing effort to get rid of `is_super_admin()` checks in general.
Props chandrapatel for initial patch.
Fixes#39199. See #37616.
Built from https://develop.svn.wordpress.org/trunk@39932
git-svn-id: http://core.svn.wordpress.org/trunk@39869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If index lengths change in table definitions, we don't recreate the index - instead, we throw a database error, as `dbDelta()` tries to create a new index with the same name.
It's better to leave the index as is, MySQL doesn't have an efficient process for resizing indices, and dropping/creating is a slow process which we don't want to trigger automatically.
Fixes#34870.
Built from https://develop.svn.wordpress.org/trunk@39921
git-svn-id: http://core.svn.wordpress.org/trunk@39858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `term_exists()` check is not needed because of existing dupe
checks in `wp_insert_term()`. Furthermore, `term_exists()` conflates
term names and sanitized slugs, so incorrectly marks terms like
'C' and 'C+' as duplicates of one another.
Props garyc40, SergeyBiryukov, kovshenin, MikeHansenMe.
Fixes#16567.
Built from https://develop.svn.wordpress.org/trunk@39637
git-svn-id: http://core.svn.wordpress.org/trunk@39577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [38625], the functionality to search for attachments by filename was added
via the `posts_clauses` filter and the `_filter_query_attachment_filenames()`
function. This moves `_filter_query_attachment_filenames()` from
`wp-admin/includes/post.php` to `wp-includes/post.php` so that it can be
applied in the same manner in the REST API media endpoint.
Props jblz, tyxla.
Fixes#39092.
Built from https://develop.svn.wordpress.org/trunk@39598
git-svn-id: http://core.svn.wordpress.org/trunk@39538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The super admin on multisite as well as the administrator on non-multisite both have this capability already. For custom post types using different capabilities this change ensures that only users with that capability have permissions.
Fixes#39059. See #37616.
Built from https://develop.svn.wordpress.org/trunk@39539
git-svn-id: http://core.svn.wordpress.org/trunk@39479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With [38951] the support for custom page templates has been extended to all post
types. By making the visible meta box titles real labels, accessibility improves
for all users and form fields have meaningful labels.
Fixes#38790.
Built from https://develop.svn.wordpress.org/trunk@39247
git-svn-id: http://core.svn.wordpress.org/trunk@39187 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds a new filter, `fallback_intermediate_image_sizes`, which
can be used to modify the array of image sizes created for previewing
PDFs in the media library and checks for the existence of sizes before
processing any image representations of a PDF.
Fixes#38594.
Built from https://develop.svn.wordpress.org/trunk@39246
git-svn-id: http://core.svn.wordpress.org/trunk@39186 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Due to the `clear_update_cache` parameter not being respected, update caches were being cleared incorrectly which prevented multiple plugins to be updated at the same time in background updates - failing with a `fs_unavailable` error message.
Fixes#38024
Built from https://develop.svn.wordpress.org/trunk@39211
git-svn-id: http://core.svn.wordpress.org/trunk@39151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously there was no way to remove the user locale setting again, even though that might be desirable.
This adds a new 'Site Default' option to the user-specific language setting by introducing a new `show_site_locale_default` argument to `wp_dropdown_languages()`.
Props ocean90.
See #29783.
Fixes#38632.
Built from https://develop.svn.wordpress.org/trunk@39169
git-svn-id: http://core.svn.wordpress.org/trunk@39109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This is a great goal for core, and is close, but it is not in shape to be shipped for 4.7 and there is not enough time left in the development cycle to alter and polish sufficiently. There are bugs, but more than that, there are more fundamental questions around the use of existing UI, general UX, and how findable themes are (not) on the .org side.
see #37661.
Built from https://develop.svn.wordpress.org/trunk@39140
git-svn-id: http://core.svn.wordpress.org/trunk@39080 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This partially reverts [35738], which has shown to provide a bad user experience for users seeking to experiment with TwentySeventeen.
This will result in TwentySixteen being installed in addition to TwentySeventeen.
See #38551.
Built from https://develop.svn.wordpress.org/trunk@39064
git-svn-id: http://core.svn.wordpress.org/trunk@39006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously a user could remove a protected meta field by using their browser developer tools to alter the form field properties in the Custom Fields meta box, given that they know the ID of the protected meta field. This change prevents this by preventing any change to a protected meta field, including changing its key.
Props ajoah, johnbillion, peterwilsoncc
Fixes#38293
Built from https://develop.svn.wordpress.org/trunk@39062
git-svn-id: http://core.svn.wordpress.org/trunk@39004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A theme can opt-in for tailored starter content to apply to the customizer when previewing the theme on a fresh install, when `fresh_site` is at its initial `1` value. Starter content is staged in the customizer and does not go live unless the changes are published. Initial starter content is added to Twenty Seventeen.
* The `fresh_site` flag is cleared when a published post or page is saved, when widgets are modified, or when the customizer state is saved.
* Starter content is registered via `starter-content` theme support, where the argument is an array containing `widgets`, `posts`, `nav_menus`, `options`, and `theme_mods`. Posts/pages in starter content are created with the `auto-draft` status, re-using the page/post stubs feature added to nav menus and the static front page controls.
* A `get_theme_starter_content` filter allows for plugins to extend a theme's starter content.
* Starter content in themes can/should re-use existing starter content items in core by using named placeholders.
* Import theme starter content into customized state when fresh site.
* Prevent original_title differences from causing refreshes if title is present.
* Ensure nav menu item url is set according to object when previewing.
* Make sure initial saved state is false if there are dirty settings without an existing changeset.
* Ensure dirty settings are cleaned upon changeset publishing.
Props helen, westonruter, ocean90.
Fixes#38114, #38533.
Built from https://develop.svn.wordpress.org/trunk@38991
git-svn-id: http://core.svn.wordpress.org/trunk@38934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- adds hidden text to the pagination links
- slightly increases the links clickable area
- fixes a JS error when clicking on the current page number
- avoids to generate nested `<div>` elements at each click
Props xavortm, cwpnolen, afercia.
Fixes#35577.
Built from https://develop.svn.wordpress.org/trunk@38981
git-svn-id: http://core.svn.wordpress.org/trunk@38924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
With the introduction of user-specific languages in [38705] it's necessary to be able to switch translations on the fly. For example emails should be sent in the language of the recipient and not the one of the current user.
This introduces a new `WP_Locale_Switcher` class which is used for switching locales and translations. It holds the stack of locales whenever `switch_to_locale( $locale )` is called. With `restore_previous_locale()` you can restore the previous locale. `restore_current_locale()` empties the stack and sets the locale back to the initial value.
`switch_to_locale()` is added to most of core's email functions, either with the value of `get_locale()` (site language) or `get_user_locale()` (user language with fallback to site language).
Props yoavf, tfrommen, swissspidy, pbearne, ocean90.
See #29783.
Fixes#26511.
Built from https://develop.svn.wordpress.org/trunk@38961
git-svn-id: http://core.svn.wordpress.org/trunk@38904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress has supported custom page templates for over 12 years, allowing developers to create various layouts for specific pages.
While this feature is very helpful, it has always been limited to the 'page' post type and not was not available to other post types.
By opening up the page template functionality to all post types, we continue to improve the template hierarchy's flexibility.
In addition to the `Template Name` file header, the post types supported by a template can be specified using `Template Post Type: post, foo, bar`.
When at least one template exists for a post type, the 'Post Attributes' meta box will be displayed in the back end, without the need to add post type support for `'page-attributes'`. 'Post Attributes' can be customized per post type using the `'attributes'` label when registering a post type.
Props johnbillion, Mte90, dipesh.kakadiya, swissspidy.
Fixes#18375.
Built from https://develop.svn.wordpress.org/trunk@38951
git-svn-id: http://core.svn.wordpress.org/trunk@38894 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When support for PDFs is available, on upload,
render 'Thumbnail', 'Medium', 'Large', and 'Full' sizes of
the first page, and save them in attachment meta.
Use these renders within Add Media, Media Gallery and List views,
Attachment Details, Post/Attachment Edit screens, and Attachment pages.
Support available by default via Imagick -> ImageMagick -> Ghostscript,
but can be provided by any `WP_Image_Editor` that supports PDFs.
Props adamsilverstein, azaozz, celloexpressions, desrosj, dglingren, ericlewis, ipstenu, joemcgill, joyously, markoheijnen, melchoyce, mikeschroder, tomauger.
Fixes#31050.
Built from https://develop.svn.wordpress.org/trunk@38949
git-svn-id: http://core.svn.wordpress.org/trunk@38892 1a063a9b-81f0-0310-95a4-ce76da25c4cd