Commit Graph

28730 Commits

Author SHA1 Message Date
Jeremy Felt 8f35b191db Use a less complex approach for enforcing path slashes in `update_blog_details()`
Ensure leading and traling slashes are in place and don't touch anything in the middle. Validating with `array_filter()` would have missed a possible valid falsy path - `/my-path/0/`.

Props nacin.

Fixes #18117.

Built from https://develop.svn.wordpress.org/trunk@31158


git-svn-id: http://core.svn.wordpress.org/trunk@31139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-12 04:21:22 +00:00
Jeremy Felt 343a6587cf Check for existence of data from `get_blogaddress_by_id()` before returning a URL
* Prevent a notice when an invalid ID is used with `get_blogaddres_by_id()`.
* Return a falsy empty string rather than the previous "http://".
* Add unit tests for `get_blogaddress_by_id()`.

Props nerrad.

Fixes #30566.

Built from https://develop.svn.wordpress.org/trunk@31157


git-svn-id: http://core.svn.wordpress.org/trunk@31138 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-12 02:24:22 +00:00
Jeremy Felt 40bcb404a3 Update `home` and `siteurl` after path slashes are validated in `update_blog_details()`
When editing a site, if `home` and `siteurl` are checked to be updated along with a site's domain and path, they should receive the results of any modifications in `update_blog_details()` rather than trusting the POST data.

Previously, it was possible to save a value without a leading slash on the path, causing an invalid URL to be stored.

Props earnjam.

Fixes #30417.

Built from https://develop.svn.wordpress.org/trunk@31156


git-svn-id: http://core.svn.wordpress.org/trunk@31137 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-12 01:57:23 +00:00
Jeremy Felt eaf7f8df74 Enforce leading and trailing slashes on paths updated with `update_blog_details()`
In multisite, core expects the stored value for a site's path to have leading and trailing slashes. When these slashes are missing, it becomes impossible to visit the site.

This enforces proper `/path/` creation in `update_blog_details()`, most likely used when updating an existing site through `site-info.php`.

Props earnjam, simonwheatley.

Fixes #18117. Fixes #23865.

Built from https://develop.svn.wordpress.org/trunk@31155


git-svn-id: http://core.svn.wordpress.org/trunk@31136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-12 01:43:22 +00:00
Gary Pendergast 34636a0e41 If `get_avatar_data()` is passed an empty value for the default avatar, we should be using the site's `avatar_default` option instead.
See #21195

Built from https://develop.svn.wordpress.org/trunk@31154


git-svn-id: http://core.svn.wordpress.org/trunk@31135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-12 00:23:24 +00:00
Gary Pendergast 3d051df3c9 In `get_avatar_data()`, there's no need to return `false` if we couldn't find an avatar, as Gravatar can handle being given an empty email hash. This allows the default avatar to show when no email address is given.
See #21195


Built from https://develop.svn.wordpress.org/trunk@31153


git-svn-id: http://core.svn.wordpress.org/trunk@31134 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-12 00:20:24 +00:00
Gary Pendergast 4bc89fef32 In `get_avatar()`, revert the `<img>` tag attributes to using single quotes, instead of double quotes. This behaviour was changed in [31107], but caused problems for code that attempted to parse the `<img>` tag.
See #21195


Built from https://develop.svn.wordpress.org/trunk@31152


git-svn-id: http://core.svn.wordpress.org/trunk@31133 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-12 00:03:24 +00:00
Scott Taylor eed3698c49 In `WP_Query`, only call magic method internals again whitelists of properties and methods, `$compat_fields` and `$compat_methods`. Remove `__unset()` since `__set()` is not implemented.
See #30891.

Built from https://develop.svn.wordpress.org/trunk@31151


git-svn-id: http://core.svn.wordpress.org/trunk@31132 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 22:41:24 +00:00
Scott Taylor 61e12e00c1 In `WP_Comment_Query`, only allow `__call()` to run against `->get_search_sql()`.
See #30891.

Built from https://develop.svn.wordpress.org/trunk@31150


git-svn-id: http://core.svn.wordpress.org/trunk@31131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 22:33:24 +00:00
Scott Taylor 0e84d59de5 In `wp_xmlrpc_server`, only allow `__call()` to run against `->_multisite_getUsersBlogs()`.
See #30891.

Built from https://develop.svn.wordpress.org/trunk@31149


git-svn-id: http://core.svn.wordpress.org/trunk@31130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 22:31:22 +00:00
Scott Taylor ed4e7b01d4 In `WP_oEmbed`, only allow `__call()` to run against a whitelist of methods, `$compat_methods`.
See #30891.

Built from https://develop.svn.wordpress.org/trunk@31148


git-svn-id: http://core.svn.wordpress.org/trunk@31129 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 22:27:23 +00:00
Scott Taylor a4092e90f0 In `WP_Roles`, only allow `__call()` to run against `->_init()`.
See #30891.

Built from https://develop.svn.wordpress.org/trunk@31147


git-svn-id: http://core.svn.wordpress.org/trunk@31128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 22:23:23 +00:00
Scott Taylor e6fc90f973 In `WP_List_Table`, only call magic method internals again whitelists of properties and methods, `$compat_fields` and `$compat_methods`.
See #30891.

Built from https://develop.svn.wordpress.org/trunk@31146


git-svn-id: http://core.svn.wordpress.org/trunk@31127 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 22:20:22 +00:00
Scott Taylor 2749e46178 In `WP_Filesystem_Base`, make the only `private` member, `$cache`, `public` and remove magic methods. `$cache` was always `public` until [28487], has been essentially `public` via a magic method since.
See #30891.

Built from https://develop.svn.wordpress.org/trunk@31145


git-svn-id: http://core.svn.wordpress.org/trunk@31126 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 22:04:22 +00:00
Scott Taylor a79c242038 In `WP_User_Query`, only call magic method internals against a whitelist of properties, `$compat_fields`.
See #30891.

Built from https://develop.svn.wordpress.org/trunk@31144


git-svn-id: http://core.svn.wordpress.org/trunk@31125 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 22:00:23 +00:00
Andrew Ozz d079899553 TinyMCE wpView: when clicking in the editor optimize the caret placement before or after a view. Props avryl, fixes #30938.
Built from https://develop.svn.wordpress.org/trunk@31143


git-svn-id: http://core.svn.wordpress.org/trunk@31124 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 20:42:23 +00:00
Andrew Ozz 49c0b22828 TinyMCE: fix (switch) the indent/outdent icons in RTL mode so the arrow points at the proper direction. Props avryl, fixes #21281.
Built from https://develop.svn.wordpress.org/trunk@31142


git-svn-id: http://core.svn.wordpress.org/trunk@31123 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 20:30:26 +00:00
Boone Gorges 77875a273e `Walker::$has_children` should be public for backward compatibility.
See [31137]. See #30891.
Built from https://develop.svn.wordpress.org/trunk@31141


git-svn-id: http://core.svn.wordpress.org/trunk@31122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 01:56:22 +00:00
Boone Gorges 5c0ddb8602 Default `$parent` in `category_exists()` should default to null rather than 0.
[29863] made the corresponding change in `term_exists()`. Failure to change the
default value in `category_exists()` meant that an unspecified value for
`$parent` would limit results to top-level categories.

Includes unit tests and corrected function documentation.

Props hissy.
Fixes #30975 for trunk.
Built from https://develop.svn.wordpress.org/trunk@31140


git-svn-id: http://core.svn.wordpress.org/trunk@31121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 01:26:27 +00:00
Scott Taylor c9bc1cc46e `WP_Ajax_Response` has one property only, `$responses`. It was public until [28508], when it became `private` in name only. Is it worth 4 magic methods to pretend that this property is `private`? It is not.
Make it `public` and remove the magic methods.

See #30891.

Built from https://develop.svn.wordpress.org/trunk@31139


git-svn-id: http://core.svn.wordpress.org/trunk@31120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 00:13:23 +00:00
Scott Taylor d8e5aabab5 In `WP_Error`:
* `wp_send_json_error()` accesses `$errors` on an instance, it must be `public`
* `$error_data` is a local message cache for error codes and doesn't particularly hide info, would be the only non-public field or method in the class

Make `$errors` and `$error_data` public and remove magic methods.

See #30891.

Built from https://develop.svn.wordpress.org/trunk@31138


git-svn-id: http://core.svn.wordpress.org/trunk@31119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 00:01:22 +00:00
Scott Taylor b962499be6 In `Walker`:
* Every subclass of `Walker` overrides `$db_fields` and makes it public
* `wp_list_comments()` accesses `->max_pages` on an instance of `Walker`, it must be public
* `$has_children` was added as `protected` in 4.0. doesn't need BC

Make `$db_fields` and `$max_pages` public and remove magic methods.

See #30891.

Built from https://develop.svn.wordpress.org/trunk@31137


git-svn-id: http://core.svn.wordpress.org/trunk@31118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 23:44:23 +00:00
Scott Taylor eab3aa7802 In `WP_MatchesMapRegex`:
* Exactly one method was made private in [28516], and is only used internally.
* 2 properties were made private, but they just store variables passed to the constructor.
* Instances of this class are never created in core. `WP_MatchesMapRegex::apply()` is called statically in `WP->parse_request()` and `url_to_postid()`. 

The chances that: 
1) this class is used as an instance somewhere and 
2) the properties that have always been marked `@access private` and begin with `_` were used publicly

...is extremely low.

Remove the magic methods, I should not have added them.

While we're at it, use the PHP5-style `__construct()` instead of the class name.

See #30891.

Built from https://develop.svn.wordpress.org/trunk@31136


git-svn-id: http://core.svn.wordpress.org/trunk@31117 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 23:27:21 +00:00
Scott Taylor 65a459b34f In `WP_Text_Diff_Renderer_Table`:
* In [28525], `$_diff_threshold`, `$inline_diff_renderer`, and `$_show_split_view` were marked `protected`; magic methods were also added.
* The magic methods should only perform operations on a whitelisted set of properties, now specified in `$compat_fields`
* Remove `__call()`, is unnecessary and can wreak havoc on the parent class.

This class is used in one place: `wp_text_diff()`.

See #30891.

Built from https://develop.svn.wordpress.org/trunk@31135


git-svn-id: http://core.svn.wordpress.org/trunk@31116 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 22:58:24 +00:00
Scott Taylor a56d920454 In `Custom_Image_Header`:
* In [28481], `$admin_header_callback` and `$admin_image_div_callback` were set to `private` based on their erroneous `@param` values
* `$admin_header_callback` and `$admin_image_div_callback` are used as hook callbacks - as such, they must be `public`
* In [28521] and [28524], magic methods were added for back-compat
* Currently, there are 4 properties marked `private`: `$uploaded_headers`, `$default_headers`, `$page`, and `$updated` - `$page` and `$uploaded_headers` are never used and `$updated` was added by me in [30187] during 4.1. `$default_headers` does not necessarily need to be `private`

Set `$admin_header_callback` and `$admin_image_div_callback` to `public`.
Remove the `$page` property - it duplicated the `$page` local var and is referenced/used nowhere.
Remove the `$uploaded_headers` property - it is used nowhere and is dead code.
Set `$default_headers` to `public`.
Remove the magic methods - they were beyond overkill and rendered moot by the above changes.

See #30891.

Built from https://develop.svn.wordpress.org/trunk@31134


git-svn-id: http://core.svn.wordpress.org/trunk@31115 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 22:11:22 +00:00
Scott Taylor 61f5cc459e In `Custom_Background`:
* In [28481], `$admin_header_callback` and `$admin_image_div_callback` were set to `private` based on their erroneous `@param` value
* `$admin_header_callback` and `$admin_image_div_callback` are used as hook callbacks - as such, they must be `public`
* In [28521] and [28524], magic methods were added for back-compat
* Currently, there are 2 properties marked `private`, `$page` and `$updated` - `$page` is never used and `$updated` was added by me in [30186] during 4.1

Set `$admin_header_callback` and `$admin_image_div_callback` to `public`.
Remove the `$page` property - it duplicated the `$page` local var and is referenced/used nowhere.
Remove the magic methods - they were beyond overkill and rendered moot by the above changes.

See #30891.

Built from https://develop.svn.wordpress.org/trunk@31133


git-svn-id: http://core.svn.wordpress.org/trunk@31114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 21:59:22 +00:00
Scott Taylor 806b2e9bae `get_post()` takes `$output` as its 2nd param. The `@return` annotation should reflect the function's ability to return an array.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31132


git-svn-id: http://core.svn.wordpress.org/trunk@31113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 21:38:23 +00:00
Scott Taylor 56d6682461 In `edit-form-advanced.php`:
* `get_permalink( $post_ID )` can return `false`, set it to a variable and check it
* Using the variable allows us to replace 11 separate calls to `get_permalink( $post_ID )` in the file
* These notices were triggered by the potential for `false` to be passed to `esc_url()`

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31131


git-svn-id: http://core.svn.wordpress.org/trunk@31112 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 21:21:22 +00:00
Scott Taylor a6d6ba957b `get_header_image()` can return `false`. In `Custom_Image_Header->step_1()`, check the value before setting the `background-image` portion of the `style` attribute. Setting the the URL to empty string will cause the current request to be set as the source of the background image.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31130


git-svn-id: http://core.svn.wordpress.org/trunk@31111 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 21:08:22 +00:00
Scott Taylor aaae4e9df0 Since `get_theme_mod()` returns `false` on failure, `$background_image_thumb` can be set to it and checked instead of calling `get_background_image()` 3 times in `Custom_Background->admin_page()`.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31129


git-svn-id: http://core.svn.wordpress.org/trunk@31110 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 20:44:22 +00:00
Scott Taylor 2b6b7c0235 Declare `$action` as a global in `wp-admin/comment.php`.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31128


git-svn-id: http://core.svn.wordpress.org/trunk@31109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 20:42:24 +00:00
Scott Taylor 5547115dc2 Fix some `@param` docs that have chars too close them.
Add `@property` annotations to `WP_User` and `WP_Post`.
Remove erroneous `@param`s from image editor class methods.
Officially add the property `$_column_headers` to `WP_List_Table`.	

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31127


git-svn-id: http://core.svn.wordpress.org/trunk@31108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 06:57:22 +00:00
Scott Taylor 0a511680f4 Adding a `@return` annotation to constructors is generally not recommended as a constructor does not have a meaningful return value. Constructors do not have meaningful return values, anything that is returned from here is discarded.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31126


git-svn-id: http://core.svn.wordpress.org/trunk@31107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 06:54:23 +00:00
Scott Taylor da99d29a59 Adding a `@return` annotation to constructors is generally not recommended as a constructor does not have a meaningful return value - anything that is returned is discarded.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31125


git-svn-id: http://core.svn.wordpress.org/trunk@31106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 06:13:22 +00:00
Scott Taylor 1b3f91f500 Declare `$wp_version`, `$required_php_version`, and `$required_mysql_version` as globals in install and upgrade admin files.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31124


git-svn-id: http://core.svn.wordpress.org/trunk@31105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 05:57:22 +00:00
Scott Taylor 1bac6fb886 In `wp-admin/includes/revision.php`, `$post->modified` is a coding error. It should be `$post->post_modified`.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31123


git-svn-id: http://core.svn.wordpress.org/trunk@31104 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 05:50:22 +00:00
Scott Taylor d6ce5dd553 `WP_Upgrader` will take any "skin" that is passed to it, and set `->skin` via composition. The default type of `->skin` is `WP_Upgrader_Skin`, which doesn't have methods declared for `->bulk_header()` and `->bulk_footer()`. Add noop methods to `WP_Upgrader_Skin`.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31122


git-svn-id: http://core.svn.wordpress.org/trunk@31103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 05:42:22 +00:00
Scott Taylor 84867b3e9c Admin globals:
* Declare `$wp_importers` as a global in `admin.php`
* Declare `$post_type`, `$post_type_object`, and  `$post` as globals where applicable

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31121


git-svn-id: http://core.svn.wordpress.org/trunk@31102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 05:29:22 +00:00
Scott Taylor ac654632fe Use `PHP_SAPI` constant instead of `php_sapi_name()` in `iis7_supports_permalinks()`, `wp_fix_server_vars()`, and `wp_redirect()`.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31120


git-svn-id: http://core.svn.wordpress.org/trunk@31101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 04:59:22 +00:00
Scott Taylor afd09f1f04 In `wp_ajax_upload_attachment()`, `wp_check_filetype_and_ext()` doesn't need a 3rd param - it already defaults to `null`. Passing `false` would fail a strict check
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31119


git-svn-id: http://core.svn.wordpress.org/trunk@31100 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 04:55:25 +00:00
Andrew Ozz 3324fb71f6 TinyMCE editor-expand: when kitchensink is off hide the statusbar on loading, and when the editor is shorter then the viewport. Props avryl, fixes #30961.
Built from https://develop.svn.wordpress.org/trunk@31118


git-svn-id: http://core.svn.wordpress.org/trunk@31099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 01:32:26 +00:00
Andrew Ozz 71885dceca Media modal: do not attempt to focus the hidden file input field added by Plupload when tabbing. Props afercia, fixes #30392.
Built from https://develop.svn.wordpress.org/trunk@31117


git-svn-id: http://core.svn.wordpress.org/trunk@31098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-09 21:47:29 +00:00
Scott Taylor 709698a579 In `Custom_Background` and `Custom_Header`:
* In `->init()`, don't check `current_user_can()` since `add_theme_page()` will return `false` immediately if the cap check fails. 
* Bail if `add_theme_page()` returns `false`
* `wp_check_filetype_and_ext()` doesn't need a 3rd param, it already defaults to `null`. Passing `false` would fail a strict check.

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31116


git-svn-id: http://core.svn.wordpress.org/trunk@31097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-09 21:07:22 +00:00
Scott Taylor 236d8ae9dc After [31016], would be cool if we actually included the `froogaloop` file to interact with Vimeo.
Props dimadin.
Fixes #29267.

Built from https://develop.svn.wordpress.org/trunk@31115


git-svn-id: http://core.svn.wordpress.org/trunk@31096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-09 20:04:23 +00:00
Boone Gorges df945fcdcb In `get_permalink()`, don't resolve to pretty permalink if post has 'future' status.
We already do this for other non-public statuses, to prevent leaking non-public
information about unpublished posts.

Props e.mazovetskiy, CalEvans.
Fixes #30910.
Built from https://develop.svn.wordpress.org/trunk@31114


git-svn-id: http://core.svn.wordpress.org/trunk@31095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-09 16:40:22 +00:00
Sergey Biryukov 7b04e6d4f4 Add variable type for sync_category_tag_slugs() parameters.
props tillkruess.
fixes #30718.
Built from https://develop.svn.wordpress.org/trunk@31113


git-svn-id: http://core.svn.wordpress.org/trunk@31094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-09 11:19:22 +00:00
Sergey Biryukov 2be2af7789 Avoid a PHP notice in _WP_Editors::wp_fullscreen_html() when no $post global is set.
props marcochiesi.
fixes #30071.
Built from https://develop.svn.wordpress.org/trunk@31112


git-svn-id: http://core.svn.wordpress.org/trunk@31093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-09 10:28:23 +00:00
Sergey Biryukov a2f9b410f8 Toolbar: Make network admin accessible via keyboard.
props Cheffheid.
fixes #29422.
Built from https://develop.svn.wordpress.org/trunk@31111


git-svn-id: http://core.svn.wordpress.org/trunk@31092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-09 09:51:22 +00:00
Sergey Biryukov e214fce67f Use localized format for Last Updated date in plugin details modal, for consistency with [31055].
see #30717.
Built from https://develop.svn.wordpress.org/trunk@31110


git-svn-id: http://core.svn.wordpress.org/trunk@31091 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-09 06:21:22 +00:00
Sergey Biryukov d5d0b367ab Improve documentation for media_handle_upload().
props ericlewis.
fixes #30962.
Built from https://develop.svn.wordpress.org/trunk@31109


git-svn-id: http://core.svn.wordpress.org/trunk@31090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-09 05:05:23 +00:00