Commit Graph

32045 Commits

Author SHA1 Message Date
Sergey Biryukov 399c1f3c83 Reset Password: Move the code for creating password reset key into a new function, `get_password_reset_key()`, and use it in `retrieve_password()`.
Previously: [25231].

Props DH-Shredder.
Fixes #34180.
Built from https://develop.svn.wordpress.org/trunk@34923


git-svn-id: http://core.svn.wordpress.org/trunk@34888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 00:11:24 +00:00
Dion Hulse 0e322469a6 Use PHP7's `random_int()` CSPRNG functionality in `wp_rand()` with a fallback to the `random_compat` library for PHP 5.x.
`random_compat` offers a set of compatible functions for older versions of PHP, filling in the gap by using other PHP extensions when available.
We still include our existing `wp_rand()` functionality as a fallback for when no proper CSPRNG exists on the system.

Props sarciszewski
See #28633

Built from https://develop.svn.wordpress.org/trunk@34922


git-svn-id: http://core.svn.wordpress.org/trunk@34887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 00:02:24 +00:00
Sergey Biryukov 047501800d Customizer: Replace context for two strings added in [30306] with a translator comment.
Fixes #34203.
Built from https://develop.svn.wordpress.org/trunk@34921


git-svn-id: http://core.svn.wordpress.org/trunk@34886 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 23:54:24 +00:00
John Blackbourn 6d21ed0d99 Avoid stripping square brackets from URLs, and instead correctly encode them. Square brackets must be encoded in the path, path parameters, query parameters, and fragment, but must not be encoded in anything up to the domain and port.
Adds tests.

Fixes #16859

Built from https://develop.svn.wordpress.org/trunk@34920


git-svn-id: http://core.svn.wordpress.org/trunk@34885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 23:39:23 +00:00
Boone Gorges 846510ea6f Handle `WP_User` objects properly in `update_user_caches()`.
We should not be storing the `WP_User` object in the cache, as it may contain
usermeta and other data that's cache elsewhere.

Props dd32.
See #24635.
Built from https://develop.svn.wordpress.org/trunk@34919


git-svn-id: http://core.svn.wordpress.org/trunk@34884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 22:42:25 +00:00
Boone Gorges b0e0323337 Add tests for `update_user_caches()`.
See #24635.
Built from https://develop.svn.wordpress.org/trunk@34918


git-svn-id: http://core.svn.wordpress.org/trunk@34883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 22:35:26 +00:00
John Blackbourn 9daa848297 Correctly set the scheme of the `home` and `siteurl` options when creating a new site on multisite that uses some combination of HTTPS in the admin area or on the front end.
Fixes #33620
Props tryon, johnbillion

Built from https://develop.svn.wordpress.org/trunk@34916


git-svn-id: http://core.svn.wordpress.org/trunk@34881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 21:46:25 +00:00
John Blackbourn 45230b5fc7 Correctly encode the `url` parameter that gets passed to WordPress' own oEmbed endpoint URL.
Fixes #34193
Props ocean90

Built from https://develop.svn.wordpress.org/trunk@34915


git-svn-id: http://core.svn.wordpress.org/trunk@34880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 21:43:25 +00:00
John Blackbourn c83a66cbf3 Add an optional `$description` parameter to `status_header()` so custom HTTP status descriptions can be provided.
Fixes #21472
Props nbachiyski, iamfriendly

Built from https://develop.svn.wordpress.org/trunk@34914


git-svn-id: http://core.svn.wordpress.org/trunk@34879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 21:26:25 +00:00
Andrea Fercia 17f53091ed Bump H3 headings to H2 on the Network Admin > Sites > Edit Site screens.
The navigation tabs appear in an `<h3>` heading immediately following the main `<h1>` and need to have a proper hierarchy.
Also, fix the tabs focus style and introduce a new `.nav-tab-small` CSS class.

Fixes #34079.
Built from https://develop.svn.wordpress.org/trunk@34913


git-svn-id: http://core.svn.wordpress.org/trunk@34878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 17:35:24 +00:00
Jeremy Felt 9926983b66 Revert [34778], continue using `_site_option()` for the current network.
The `_network_option()` parameter order will be changing to accept `$network_id` first. The `_site_option()` functions will remain in use throughout core as our way of retrieving a network option for the current network.

See #28290.

Built from https://develop.svn.wordpress.org/trunk@34912


git-svn-id: http://core.svn.wordpress.org/trunk@34877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 17:11:25 +00:00
Drew Jaynes feb2267a13 Docs: Improve documentation for `post_submit_meta_box()`, which serves as the display callback for the 'Publish' meta box.
* `$post` is now correctly defined as being of the `WP_Post` type
* Adds a hash notation for the `$args` array
* Other minor fixes.

Props drebbitsweb.
Fixes #34171.

Built from https://develop.svn.wordpress.org/trunk@34911


git-svn-id: http://core.svn.wordpress.org/trunk@34876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 16:34:24 +00:00
John Blackbourn 471752f59a Prevent a PHP notice when POSTing to `wp-login.php?action=register` without a `user_login` or `user_email` field in the POST request.
Fixes #34192

Built from https://develop.svn.wordpress.org/trunk@34910


git-svn-id: http://core.svn.wordpress.org/trunk@34875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 14:43:25 +00:00
John Blackbourn 2d745fabe3 Prevent a PHP notice from appearing on `wp-login.php?action=postpass` when there's no `$_POST['post_password']` parameter. Redirects to the referer if there is one (if there isn't one it'll just exit with a blank screen; no need for a user-friendly error message here).
Fixes #34160
Props iamfriendly

Built from https://develop.svn.wordpress.org/trunk@34909


git-svn-id: http://core.svn.wordpress.org/trunk@34874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 14:30:25 +00:00
Dominik Schilling 3baa1336ec Embeds: Autoprefixer for [34903].
See #32522.
Built from https://develop.svn.wordpress.org/trunk@34908


git-svn-id: http://core.svn.wordpress.org/trunk@34873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 14:07:25 +00:00
John Blackbourn 35f613833e Update the explanatory text which accompanies the list of whitelisted oEmbed providers, following the change to the default value of the `discover` argument in `WP_oEmbed::get_provider()`.
See #32522

Built from https://develop.svn.wordpress.org/trunk@34907


git-svn-id: http://core.svn.wordpress.org/trunk@34872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 13:05:25 +00:00
Gary Pendergast c317248d13 Build: Fix a filename typo in [34903].
Props peterwilsoncc.

See #32522.


Built from https://develop.svn.wordpress.org/trunk@34906


git-svn-id: http://core.svn.wordpress.org/trunk@34871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 12:05:26 +00:00
Gary Pendergast 8c0e2bb4e8 Tests: Exclude the `oembed/headers.php` test file, which was marked as PHP >= 5.3.0 in [34904].
See #32522.


Built from https://develop.svn.wordpress.org/trunk@34905


git-svn-id: http://core.svn.wordpress.org/trunk@34870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 12:01:25 +00:00
Gary Pendergast 6a18efb313 Embeds: After [34903], remove an accidentally included text domain, and exclude a test failing in PHP 5.2.
Built from https://develop.svn.wordpress.org/trunk@34904


git-svn-id: http://core.svn.wordpress.org/trunk@34869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 11:01:25 +00:00
Gary Pendergast 83c3e3e00e Embeds: Add oEmbed provider support.
For the past 6 years, WordPress has operated as an oEmbed consumer, allowing users to easily embed content from other sites. By adding oEmbed provider support, this allows any oEmbed consumer to embed posts from WordPress sites.

In addition to creating an oEmbed provider, WordPress' oEmbed consumer code has been enhanced to work with any site that provides oEmbed data (as long as it matches some strict security rules), and provides a preview from within the post editor.

For security, embeds appear within a sandboxed iframe - the iframe content is a template that can be styled or replaced entirely by the theme on the provider site.

Props swissspidy, pento, melchoyce, netweb, pfefferle, johnbillion, extendwings, davidbinda, danielbachhuber, SergeyBiryukov, afercia

Fixes #32522.


Built from https://develop.svn.wordpress.org/trunk@34903


git-svn-id: http://core.svn.wordpress.org/trunk@34868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 10:36:25 +00:00
Jeremy Felt 31b29fccbd Tests: Remove static capture of space used and space allowed.
Originally introduced in [34601], this was necessary to avoid test pollution. Now that things have been separated and written to play nicely, we can remove this.

See #34037.

Built from https://develop.svn.wordpress.org/trunk@34902


git-svn-id: http://core.svn.wordpress.org/trunk@34867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 07:25:24 +00:00
Jeremy Felt 297148d985 Tests: Improve tests for `upload_is_user_over_quota()`.
* Move all tests to a new 'multisite/uploadIsUserOverQuota.php'
* Use `get_space_allowed` and `pre_get_space_used` filters to help avoid test pollution.

See #34037.

Built from https://develop.svn.wordpress.org/trunk@34901


git-svn-id: http://core.svn.wordpress.org/trunk@34866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 07:21:24 +00:00
Jeremy Felt 7b3fa2221a Tests: Account for non-numeric strings in tests for `get_space_allowed()`.
Provides a specific test for a case where a non-numeric strings are assigned to `blog_upload_space` at both the site and network levels.

See #34037.

Built from https://develop.svn.wordpress.org/trunk@34900


git-svn-id: http://core.svn.wordpress.org/trunk@34865 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 06:17:24 +00:00
Jeremy Felt 7f2f3d614e Tests: Improve tests for `is_upload_space_available()`.
* Move all tests to a new 'multisite/isUploadSpaceAvailable.php'
* Store original `blog_upload_space` values before the class is loaded.
* Restore these values after each test tear down to avoid pollution.

Commit to testing `is_upload_space_available()` itself by always filtering the amount of space used through `pre_get_space_used`. This allows us to sanely test without worrying about the local environment. In the future, we may be able to remove some of these tests as `get_upload_space_available()` tests are built out and reliable.

See #34037.

Built from https://develop.svn.wordpress.org/trunk@34899


git-svn-id: http://core.svn.wordpress.org/trunk@34864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 06:15:25 +00:00
Jeremy Felt daea4ff02f Tests: Improve tests for `get_space_allowed()`.
* Move all tests to a new `multisite/getSpaceAllowed.php`
* Store original `blog_upload_space` values before the class is loaded.
* Restore these values after each test tear down to avoid pollution.
* Add a comprehensive set of expectations and results via data provider.

See #34037.

Built from https://develop.svn.wordpress.org/trunk@34898


git-svn-id: http://core.svn.wordpress.org/trunk@34863 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 04:58:24 +00:00
Scott Taylor a1ead3c7e3 List Tables: in `_WP_List_Table_Compat::get_column_info()`, also return `$primary`, which is expected since [33016].
Props tyxla.
Fixes #34148.

Built from https://develop.svn.wordpress.org/trunk@34897


git-svn-id: http://core.svn.wordpress.org/trunk@34862 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 03:12:24 +00:00
Boone Gorges 226bb29ff0 Move `wp_installing()` to load.php.
Various functions in load.php need to check whether WP is in installation mode.
Let's let them.

Props adamsilverstein.
See #31130.
Built from https://develop.svn.wordpress.org/trunk@34896


git-svn-id: http://core.svn.wordpress.org/trunk@34861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 03:02:23 +00:00
Scott Taylor ae813883f5 Meta Boxes: add an action, `post_submitbox_minor_actions`. `post_submitbox_misc_actions` already exists. Pass `$post` to both for context - avoids having to check for a global post.
Props jonathanbardo, chriscct7, DrewAPicture.
Fixes #26267.

Built from https://develop.svn.wordpress.org/trunk@34895


git-svn-id: http://core.svn.wordpress.org/trunk@34860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 02:45:25 +00:00
Scott Taylor 4d3223b28e Introduce `wp_get_server_protocol()` to DRY protocol parsing logic and make adding more protocols, like `HTTP/2`, easier.
Props johnbillion, wonderboymusic.
Fixes #34131.

Built from https://develop.svn.wordpress.org/trunk@34894


git-svn-id: http://core.svn.wordpress.org/trunk@34859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 02:35:26 +00:00
Scott Taylor 2783773775 Meta Boxes: reboot some of the code in `postbox.js` to support `aria-expanded` attribute toggling and to properly reference static class properties.
Props afercia, wonderboymusic.
Fixes #33754.

Built from https://develop.svn.wordpress.org/trunk@34893


git-svn-id: http://core.svn.wordpress.org/trunk@34858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 01:58:25 +00:00
Scott Taylor a3ec4d45f3 List Tables: after [34276], decrease horizontal padding for sorted column headers (causing weirdness in the Count column of tax list tables) - the vertical padding change suffices in fixing the original issue.
Fixes #27945.

Built from https://develop.svn.wordpress.org/trunk@34892


git-svn-id: http://core.svn.wordpress.org/trunk@34857 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 01:40:24 +00:00
Scott Taylor 0c2b2a0e3d List Tables/WP_Screen: in `WP_Screen`, add methods to store, retrieve, and render screen reader text, primarily used by list table screens.
These additions are based on an audit and recommendations by the Accessibility team. #a11y'all

Props afercia.
Fixes #32147.

Built from https://develop.svn.wordpress.org/trunk@34891


git-svn-id: http://core.svn.wordpress.org/trunk@34856 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 01:28:25 +00:00
Scott Taylor b3a07ab8ea Rewrite/Permalinks/Canonical: in `url_to_postid()`, call `set_url_scheme()` on the URL to combat mixed content issues and find posts cross-scheme.
Adds unit tests.

Props swissspidy.
Fixes #34144.

Built from https://develop.svn.wordpress.org/trunk@34890


git-svn-id: http://core.svn.wordpress.org/trunk@34855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 01:07:24 +00:00
Scott Taylor 7547dc5125 Posts List Table: ensure that "All" gets the "current" CSS class when applicable.
Props afercia.
Fixes #19609.

Built from https://develop.svn.wordpress.org/trunk@34889


git-svn-id: http://core.svn.wordpress.org/trunk@34854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 00:09:24 +00:00
Scott Taylor 27fd5b762b Build Tools: upgrade `grunt-browserify` to `~4.0.0` and remove the `watch` task for `browserify`, which has its own internal watcher. Run `npm install` to update.
Props iseulde.
Fixes #31911.

Built from https://develop.svn.wordpress.org/trunk@34888


git-svn-id: http://core.svn.wordpress.org/trunk@34853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 00:00:43 +00:00
Sergey Biryukov 987ec5e6ad Remove closing PHP tag from `wp-includes/class-phpass.php`.
Previously: [19712], [28678].

Props iamfriendly, amandato.
Fixes #30534.
Built from https://develop.svn.wordpress.org/trunk@34887


git-svn-id: http://core.svn.wordpress.org/trunk@34852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 23:45:25 +00:00
Drew Jaynes 51a5e818da Docs: Only document `get_posts()` argument defaults that differ from, or aren't present in the defaults offered by `WP_Query::parse_query()`.
Props johnbillion.
Fixes #34156.

Built from https://develop.svn.wordpress.org/trunk@34886


git-svn-id: http://core.svn.wordpress.org/trunk@34851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 23:19:24 +00:00
Drew Jaynes fa4fed0f80 Login: Pass the `$errors` object as a parameter to the `lostpassword_post` hook.
Props iamfriendly.
Fixes #32116.

Built from https://develop.svn.wordpress.org/trunk@34885


git-svn-id: http://core.svn.wordpress.org/trunk@34850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 23:00:25 +00:00
Drew Jaynes 6079c4c6d2 Docs: `_pad_term_counts()` takes an array of objects passed by reference, not term IDs.
Props wpsmith.
Fixes #34174.

Built from https://develop.svn.wordpress.org/trunk@34884


git-svn-id: http://core.svn.wordpress.org/trunk@34849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 22:39:23 +00:00
Weston Ruter aa044b054e Customizer: Ensure that `wp.customize.Widgets.savedWidgetIds` is defined up front.
In 4.3 the widget controls were fully initialized up front along with the sidebar controls. The sidebar control depended (unnecessarily) on the widget control to ensure that `wp.customize.Widgets.savedWidgetIds` was defined. So after [34563] there could be a situation where the widgets are added/removed from a sidebar before their controls are initialized (if the sidebar section is never expanded), resulting in an error attempting to get a property off of an undefined value. So this change does the right thing and defines `savedWidgetIds` up front.

Also changes the `savedWidgetIds` variable type from an array to an object, to match how it is used as a dictionary lookup.

See #33901.

Built from https://develop.svn.wordpress.org/trunk@34883


git-svn-id: http://core.svn.wordpress.org/trunk@34848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 21:59:25 +00:00
Jeremy Felt 8286a4f214 Registration: Remove the last remaining `Lucida Grande` from WordPress.
Defer to default styling provided by the theme (and browser) in `wp-activate.php` and remove the `font-family` and `color` from the provided internal stylesheet.

Previously, [17327] and [18406].

Fixes #34145.

Built from https://develop.svn.wordpress.org/trunk@34882


git-svn-id: http://core.svn.wordpress.org/trunk@34847 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 21:56:24 +00:00
Konstantin Obenland 442c393599 Posts: Add post class for password protected posts.
Up until now password protected posts would only get a identifying class when
the password was still required. This adds a class for the case when that
requirement has been met.

For the other visibility types we already have `status-publish`
and `status-private`.

Props mdgl, F4rkie, wonderboymusic for initial patches.
Fixes #21899.


Built from https://develop.svn.wordpress.org/trunk@34881


git-svn-id: http://core.svn.wordpress.org/trunk@34846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 21:54:24 +00:00
Aaron Jorbin a93ec5244d Revert [34875] due to unintentional breaking change
WordPress.org was taken down due to as Otto42 describes:

The previous version of this function added the query piece for the meta key = blog_id.capabilities, regardless of whether or not a role was requested. This limits the users returned to those with some defined role on this particular multisite instance.

See #22212



Built from https://develop.svn.wordpress.org/trunk@34880


git-svn-id: http://core.svn.wordpress.org/trunk@34845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 20:58:24 +00:00
Aaron Jorbin 2ac3027a58 Add message with status info to temperamental assertion.
The ajax delete comment tests are intermittently failing. Many of the assertions make it hard to tell why they are failing. This adds a message to one of those assertions that contains some info on what is being asserted with the goal that it helps developers understand why the failure is failing.

See #33968


Built from https://develop.svn.wordpress.org/trunk@34879


git-svn-id: http://core.svn.wordpress.org/trunk@34844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 19:56:24 +00:00
Sergey Biryukov 2702fd12cf Transients: Clarify the `expiration_of_site_transient_$transient` filter description.
See #21330.
Built from https://develop.svn.wordpress.org/trunk@34878


git-svn-id: http://core.svn.wordpress.org/trunk@34843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 18:11:24 +00:00
Dominik Schilling e237e59172 Transients: Rename filters added in [34865].
* `expiration_pre_set_transient_$transient` => `expiration_of_transient_$transient`
* `expiration_pre_set_site_transient_$transient` => `expiration_of_site_transient_$transient`

Fix hook docs.

Props chriscct7.
Fixes #21330.
Built from https://develop.svn.wordpress.org/trunk@34877


git-svn-id: http://core.svn.wordpress.org/trunk@34842 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 17:59:25 +00:00
Drew Jaynes 1e2caf6712 Docs: Update an inline comment in `wp_get_attachment_image_sizes()`, which came in as part of the Responsive Images merge in [34855].
Props joemcgill.
See #33641.

Built from https://develop.svn.wordpress.org/trunk@34876


git-svn-id: http://core.svn.wordpress.org/trunk@34841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 17:47:24 +00:00
Boone Gorges f233b37d07 Improve role-related arguments in `WP_User_Query`.
* 'role' now accepts an array or comma-separated list of role names. When passing multiple values for 'role', `WP_User_Query` will only match users that have all of the specified roles.
* 'role__in' accepts an array of role names, and allow the filtering of matched users to those with at least one of the specified roles.
* 'role__not_in' accepts an array of role names, and allows the filtering of matched users to those who have none of the specified roles.

Props swissspidy, mordauk, barrykooij, sirbrillig.
Fixes #22212.
Built from https://develop.svn.wordpress.org/trunk@34875


git-svn-id: http://core.svn.wordpress.org/trunk@34840 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 17:40:47 +00:00
Aaron Jorbin 0978abe76c Adjust detection of stream timeouts in maybe skip tests for https tests
This is a follow up to [34848].

See #33968.


Built from https://develop.svn.wordpress.org/trunk@34874


git-svn-id: http://core.svn.wordpress.org/trunk@34839 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 17:40:24 +00:00
Dominik Schilling 0bc1d84fc7 MS Themes List Table: Fix inverted logic for displaying the "No items" message.
Fixes #25464.
Built from https://develop.svn.wordpress.org/trunk@34873


git-svn-id: http://core.svn.wordpress.org/trunk@34838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 17:35:23 +00:00