Prior to about 2013, many class methods lacked even access modifiers which made the `@access` notations that much more useful. Now that we've gotten to a point where the codebase is more mature from a maintenance perspective and we can finally remove these notations. Notable exceptions to this change include standalone functions notated as private as well as some classes still considered to represent "private" APIs.
See #41452.
Built from https://develop.svn.wordpress.org/trunk@41161
git-svn-id: http://core.svn.wordpress.org/trunk@41001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces some consistency in the usage of the button CSS classes, fixes the
focus style for accessibility and responsiveness of the buttons.
- Adds the `button` class to all primary buttons make them responsive
- Removes all `secondary-button` classes and replaces it with button when needed. `button-secondary` shouldn't be used and exists just for backward compatibility reasons
- Replaces classes inside `submit_button()` with a shorthand for some buttons, and use an empty string for the default `button` class. Passing `button` is unnecessary
- Adjusts `get_submit_button()` to remove empty items
Props iseulde, dimchik, chris_d2d, mhowell, afercia.
Fixes#27314, #37138, #37448.
Built from https://develop.svn.wordpress.org/trunk@38672
git-svn-id: http://core.svn.wordpress.org/trunk@38615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update DocBlock to use third-person singular verb and to include a period at the end.
* Use `submit_button()` for the submit button.
* Escape the ID attribute.
* Apply the same to `WP_List_Table::search_box()`.
See #37230.
Built from https://develop.svn.wordpress.org/trunk@38146
git-svn-id: http://core.svn.wordpress.org/trunk@38087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Gone are the days of isolation and feelings of "meh", brought on by The Bleak Screen of Sadness. For a shiny knight has arrived to usher our plugins and themes along their arduous journey of installation, updates, and the inevitable fate of ultimate deletion.
Props swissspidy, adamsilverstein, mapk, afragen, ocean90, ryelle, j-falk, michael-arestad, melchoyce, DrewAPicture, AdamSoucie, ethitter, pento, dd32, kraftbj, Ipstenu, jorbin, afercia, stephdau, paulwilde, jipmoors, khag7, svovaf, jipmoors, obenland.
Fixes#22029, #25828, #31002, #31529, #31530, #31773, #33637, #35032.
Built from https://develop.svn.wordpress.org/trunk@37714
git-svn-id: http://core.svn.wordpress.org/trunk@37680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The plugin details modal can be invoked from several screens. There's now a new
`.open-plugin-details-modal` CSS class to be used in combination with the
`.thickbox` CSS class that adds everything needed for accessibility.
- Adds an ARIA role `dialog` and an `aria-label` attribute to the modal
- Adds a `title` attribute to the iframe inside the modal
- Constrains tabbing within the modal
- Restores focus back in a proper place when closing the modal
Also, improves a bit the native Thickbox implementation: it should probably be
replaced with some more modern tool but at least keyboard focus should be moved
inside the modal.
Fixes#33305.
Built from https://develop.svn.wordpress.org/trunk@36964
git-svn-id: http://core.svn.wordpress.org/trunk@36932 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Many new users do not know the difference between managing installed plugins and those found in the plugin directory. This helps with discoverability. The link is not provided in multisite installs because we assume that somebody with that kind of power in a network is experienced enough not to need it. This can always be reconsidered later.
props mordauk for the initial patch.
fixes#29865.
Built from https://develop.svn.wordpress.org/trunk@35808
git-svn-id: http://core.svn.wordpress.org/trunk@35772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These plugins are only shown to users with the `manage_network_plugins` capability, which is Super Admins by default. This new feature lowers the blood pressure of Super Admins who may browse or search the Plugins listing screen of an individual site, having forgotten that a particular plugin is network-active. Showing inactive network-only plugins here also reduces friction when searching the Plugins listing screen on individual sites.
This change introduces a `show_network_active_plugins` filter which controls whether the network-active plugins and inactive network-only plugins are shown. This can be used to enable this functionality for regular site admininstrators, or, indeed, to disable this functionality for Super Admins.
Fixes#20104
Built from https://develop.svn.wordpress.org/trunk@35151
git-svn-id: http://core.svn.wordpress.org/trunk@35117 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `_network_option()` parameter order will be changing to accept `$network_id` first. The `_site_option()` functions will remain in use throughout core as our way of retrieving a network option for the current network.
See #28290.
Built from https://develop.svn.wordpress.org/trunk@34912
git-svn-id: http://core.svn.wordpress.org/trunk@34877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These shouldn't be able to have their primary column reassigned by default. Also removes the `has-row-actions` class as these list tables always have row actions visible and the JS for visual toggling conflicts. The `column-primary` class remains.
props stephdau.
see #25408.
Built from https://develop.svn.wordpress.org/trunk@32686
git-svn-id: http://core.svn.wordpress.org/trunk@32656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This becomes the column that contains the row actions, and allows for a more flexibility, particularly with custom post types and list tables. To (re)define the primary column, use the `list_table_primary_column` filter, which receives the column name and the screen ID as arguments.
props stephdau, DaveAl, jesin.
see #25408.
Built from https://develop.svn.wordpress.org/trunk@32644
git-svn-id: http://core.svn.wordpress.org/trunk@32614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Shiny updates depends upon information from the update_plugins site transient in order to set data- attributes which are used by JavaScript. Since /wp-admin/plugins.php?plugin_status=upgrade uses `$plugin['upgrade']` rather than `$plugins['all']`, we need to fill that information in both places.
Fixes#31738.
Built from https://develop.svn.wordpress.org/trunk@31872
git-svn-id: http://core.svn.wordpress.org/trunk@31851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `WP_List_Table` is the base class that implements `__get()` and `__call()` for BC
* Adds unit tests to confirm that subclasses properly inherit magic methods
* Add modifiers to subclasses: `WP_Links_List_Table`, `WP_Media_List_Table`, `WP_MS_Sites_List_Table`, `WP_MS_Themes_List_Table`, `WP_MS_Users_List_Table`, `WP_Plugin_Install_List_Table`, `WP_Plugins_List_Table`, `WP_Posts_List_Table`, `WP_Terms_List_Table`, `WP_Theme_Install_List_Table`, `WP_Themes_List_Table`
See #27881, #22234.
Built from https://develop.svn.wordpress.org/trunk@28493
git-svn-id: http://core.svn.wordpress.org/trunk@28319 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.
Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.
Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.
Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.
Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.
Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.
Plugins should use wp_unslash() on data being passed to core API.
Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.
Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.
Remove many no longer necessary calls to $wpdb->escape() and esc_sql().
In wp_get_referer() and wp_get_original_referer(), return unslashed data.
Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.
Switch several queries over to prepare().
Expect something to break.
Props alexkingorg
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the new buttons:
* Button classes are now stackable.
* All buttons should use a base class of "button".
* Buttons default to the gray style (formerly "button-secondary"). Buttons can add a style by adding additional classes. To make a primary button, add the "button-primary" class.
* Buttons can be rendered in various sizes. In addition to the default size, you can add "button-large", "button-small", or "button-tiny".
For backwards compatibility reasons, "button-primary" and "button-secondary" both work as standalone classes.
get_submit_button() has been adjusted to handle shorthand button classes (i.e. button classes can be passed without the "button-" prefix).
props lessbloat, helenyhou, trepmal, nacin. see #21598.
git-svn-id: http://core.svn.wordpress.org/trunk@21789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Remove bogus checks for enabling/disabling the 'themes' menu (something core does not handle out of the box) when in the network admin.
fixes#21123.
git-svn-id: http://core.svn.wordpress.org/trunk@21198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Rename WP_Customize to WP_Customize_Manager.
* Move customize-controls.php to wp-admin/customize.php.
* Make customize.php the formal entry point, rather than admin.php?customize=on.
* Rename is_current_theme_active() to is_theme_active().
* Add getters for the theme, settings, controls, and sections properties.
* Allow customize.php (no ?theme=) to load the active theme. Not used yet.
see #20736.
git-svn-id: http://core.svn.wordpress.org/trunk@20852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Limit recently_activated to the site dashboard, and properly remove bulk-activated plugins from the array.
* Remove code used from before the network admin, such as the unused 'network' plugin_status.
* Don't try to deactivate a plugin already deactivated.
* Use more specific caps (manage_network_plugins) rather than is_super_admin().
git-svn-id: http://svn.automattic.com/wordpress/trunk@20525 1a063a9b-81f0-0310-95a4-ce76da25c4cd