Commit Graph

44 Commits

Author SHA1 Message Date
audrasjb 006c1baf95 Grouped backports to the 5.2 branch.
- Editor: Bump @wordpress packages for the branch,
- Media: Refactor search by filename within the admin,
- REST API: Lockdown post parameter of the terms endpoint,
- Customize: Escape blogname option in underscores templates,
- Query: Validate relation in `WP_Date_Query`,
- Posts, Post types: Apply KSES to post-by-email content,
- General: Validate host on "Are you sure?" screen,
- Posts, Post types: Remove emails from post-by-email logs,
- Pings/trackbacks: Apply KSES to all trackbacks,
- Mail: Reset PHPMailer properties between use,
- Comments: Apply kses when editing comments,
- Widgets: Escape RSS error messages for display.

Merges [54521-54530] to the 5.2 branch.
Props audrasjb, costdev, cu121, dd32, davidbaumwald, ehtis, johnbillion, johnjamesjacoby, martinkrcho, matveb, oztaser, paulkevan, peterwilsoncc, ravipatel, SergeyBiryukov, talldanwp, timothyblynjacobs, tykoted, voldemortensen, vortfu, xknown.

Built from https://develop.svn.wordpress.org/branches/5.2@54563


git-svn-id: http://core.svn.wordpress.org/branches/5.2@54118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-17 18:08:45 +00:00
whyisjake bf5d4c15cc Customize: Add additional filters to Customizer to prevent JSON corruption.
User: Invalidate `user_activation_key` on password update.
Query: Ensure that only a single post can be returned on date/time based queries.
Block Editor: Coding standards, properly escape class names.
Cache API: Ensure proper escaping around the stats method in the cache API.
Formatting: Expand `sanitize_file_name` to have better support for utf8 characters.

Brings the changes in [47633], [47634], [47635], [47636], [47637], and [47638] to the 5.2 branch.

Props: aduth, batmoo, ehti, ellatrix, jorgefilipecosta, nickdaugherty, noisysocks, pento, peterwilsoncc, sergeybiryukov, sstoqnov, talldanwp, westi, westonruter, whyisjake, whyisjake, xknown.

Built from https://develop.svn.wordpress.org/branches/5.2@47645


git-svn-id: http://core.svn.wordpress.org/branches/5.2@47420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-29 16:07:54 +00:00
whyisjake f82ed753cf Query: Remove the static query property.
Prevent unauthenticated views of publicly queryables content types.

Props aaroncampbell, whyisjake, nickdaugherty, xknown.

Built from https://develop.svn.wordpress.org/branches/5.2@46479


git-svn-id: http://core.svn.wordpress.org/branches/5.2@46277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 15:51:54 +00:00
Andrew Ozz dd6391bb09 Fix `setup_postdata()` to set the (inside the loop) globals before `the_post` action is fired. Follow-up from #42814 and [44941].
Props david.binda, spacedmonkey, boonebgorges, birgire, jorbin, azaozz.
Merges [45285] from trunk.
Fixes #47114 for 5.2.


Built from https://develop.svn.wordpress.org/branches/5.2@45286


git-svn-id: http://core.svn.wordpress.org/branches/5.2@45095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-04 21:08:18 +00:00
Sergey Biryukov 7d74080b80 Privacy: Introduce Privacy Policy page helpers:
* `is_privacy_policy()` template tag
* `privacy-policy.php` template
* `.privacy-policy` body class
* `.menu-item-privacy-policy` menu item class

Props garrett-eclipse, birgire, xkon, Clorith.
Fixes #44005.
Built from https://develop.svn.wordpress.org/trunk@44966


git-svn-id: http://core.svn.wordpress.org/trunk@44797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 19:48:50 +00:00
Boone Gorges 05fa2363ab Posts: Avoid the use of globals in `get_the_content()` and related functions.
This changeset introduces `$post` parameters to `get_the_content()` and
`wp_trim_excerpt()`. When a `$post` object is passed to one of these functions,
the functions will operate on the data from that object, rather than from the
post globals (`$authordata`, `$page`, etc). This ensures that the functions work
in a predictable manner when used outside of the regular post loop.

The global-mismatch problem is surfaced in cases where `get_the_excerpt()` is
called outside of the post loop, on posts that don't have a defined excerpt. In
these cases, the post globals - used to generate a fallback excerpt - may refer
to the incorrect object, resulting in PHP notices or other unpredictable
behavior. See #36934 for a related issue.

Props spacedmonkey, kraftbj, Shital Patel.
Fixes #42814.
Built from https://develop.svn.wordpress.org/trunk@44941


git-svn-id: http://core.svn.wordpress.org/trunk@44772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-20 15:49:49 +00:00
desrosj 04dff0e2a9 Docs: Update `since` annotations for adding `LIKE` comparisons with meta keys.
Previously introduced in [42768].

Fixes #42409.
Built from https://develop.svn.wordpress.org/trunk@44518


git-svn-id: http://core.svn.wordpress.org/trunk@44349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 14:55:49 +00:00
Gary Pendergast 344348ba5b Query: Fix some code formatting issues introduced in [44452].
See #38034.


Built from https://develop.svn.wordpress.org/trunk@44456


git-svn-id: http://core.svn.wordpress.org/trunk@44287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-08 04:32:50 +00:00
Boone Gorges 5950f27205 Query: Standardize treatment of 'orderby' values `post__in`, `post_parent__in`, and `post_name__in`.
Ordering by `post__in` was introduced in [21776], but the code assumed that
`post__in` would be a comma-separated string listing post IDs. When an array
of post IDs was passed to the `post__in` query var, 'orderby=post__in' was
not respected. This changeset changes this behavior by handling
'orderby=post__in' in the same way as most other values of 'orderby',
which ensures that arrays as well as strings can be properly parsed.

The same treatment is given to the similar `post_name__in` and
`post_parent__in` options of 'orderby', so that most query generation for
orderby clauses happens in the same place, instead of in special cases.

A slight change in the resulting SQL (related to the whitespace around
parentheses and commas) necessitates a change to an existing REST API test
that does a string comparison against the SQL query.

Props mgibbs189, kelvink.
Fixes #38034.
Built from https://develop.svn.wordpress.org/trunk@44452


git-svn-id: http://core.svn.wordpress.org/trunk@44283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-08 03:33:49 +00:00
desrosj c7c9bc7585 Query: Remove nextpage block delimiters when setting up global post data.
`WP_Query::setup_postdata()` splits the post up by `<!--nextpage-->`, which causes invalid block data to be contained in the post content.

This change removes the `<!-- wp:nextpage -->` and `<!-- /wp:nextpage -->`, as well.

Props pento, youknowriad, azaozz, noisysocks.

Merges [43940] into trunk.

See #45401.
Built from https://develop.svn.wordpress.org/trunk@44276


git-svn-id: http://core.svn.wordpress.org/trunk@44106 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-17 19:29:51 +00:00
John Blackbourn 47d32decd6 Docs: Correct and improve various inline documentation.
See #42505

Built from https://develop.svn.wordpress.org/trunk@43582


git-svn-id: http://core.svn.wordpress.org/trunk@43411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-27 14:28:26 +00:00
Gary Pendergast 56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
John Blackbourn 2361ca884f Docs: Document more parameters and properties using typed array notation.
See #41756

Built from https://develop.svn.wordpress.org/trunk@42876


git-svn-id: http://core.svn.wordpress.org/trunk@42706 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-25 19:33:31 +00:00
Dominik Schilling 5c291d49de Pinking shears.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42843


git-svn-id: http://core.svn.wordpress.org/trunk@42673 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-18 14:23:33 +00:00
Boone Gorges 35ad9e9efc Allow `LIKE` queries against the 'key' value in meta queries.
The new `compare_key=LIKE` parameter works in conjunction with `key` in a
similar way to the `compare=LIKE` and `value`: by doing a "compares" `LIKE`
query. This allows developers to do partial matches against keys when
doing meta queries.

Props mariovalney, chasewg.
Fixes #42409.
Built from https://develop.svn.wordpress.org/trunk@42768


git-svn-id: http://core.svn.wordpress.org/trunk@42598 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-01 04:03:33 +00:00
Aaron Jorbin 8a884f562a Query: Fix warning on counting non countable
Adds tests to continue the behavior for both null and strings.

See https://wiki.php.net/rfc/counting_non_countables for information on the PHP change.

Fixes #42860.
Props janak007 and ayeshrajans for initial patches.




Built from https://develop.svn.wordpress.org/trunk@42581


git-svn-id: http://core.svn.wordpress.org/trunk@42410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-01-24 01:21:31 +00:00
Gary Pendergast aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Gary Pendergast c90cfa3b50 General: Fix some precision alignment formatting warnings.
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.

See #41057.


Built from https://develop.svn.wordpress.org/trunk@42228


git-svn-id: http://core.svn.wordpress.org/trunk@42057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-26 23:57:55 +00:00
John Blackbourn 67c973f95e Docs: Correct parameter type documentation for various `__call()` methods.
See #42505

Built from https://develop.svn.wordpress.org/trunk@42151


git-svn-id: http://core.svn.wordpress.org/trunk@41982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-10 22:56:47 +00:00
John Blackbourn 4a16295dc5 Docs: Standardise the format used for documenting parameters passed by reference.
See #35974, #41017

Built from https://develop.svn.wordpress.org/trunk@41688


git-svn-id: http://core.svn.wordpress.org/trunk@41522 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 22:14:46 +00:00
John Blackbourn 9fdbe6538e Docs: Remove `&` prefixes from parameter documentation to avoid doc parsing errors.
Props sudar for the original patch.

See #35974

Built from https://develop.svn.wordpress.org/trunk@41686


git-svn-id: http://core.svn.wordpress.org/trunk@41520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 22:03:33 +00:00
Drew Jaynes 0860bb2771 Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes.
Prior to about 2013, many class methods lacked even access modifiers which made the `@access` notations that much more useful. Now that we've gotten to a point where the codebase is more mature from a maintenance perspective and we can finally remove these notations. Notable exceptions to this change include standalone functions notated as private as well as some classes still considered to represent "private" APIs.

See #41452.

Built from https://develop.svn.wordpress.org/trunk@41162


git-svn-id: http://core.svn.wordpress.org/trunk@41002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 00:41:44 +00:00
Drew Jaynes beb67c9512 Docs: Improve the DocBlock summary for `WP_Query::parse_orderby()`.
See #41017.

Built from https://develop.svn.wordpress.org/trunk@41042


git-svn-id: http://core.svn.wordpress.org/trunk@40892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-13 15:44:41 +00:00
Drew Jaynes e1a227cf11 Docs: Document usage of the `$wpdb` global in `WP_Query::parse_search()` and `WP_Query::parse_orderby()`.
Props avinapatel.
Fixes #41313.

Built from https://develop.svn.wordpress.org/trunk@41041


git-svn-id: http://core.svn.wordpress.org/trunk@40891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-13 15:42:44 +00:00
Boone Gorges 848bcf3b28 Introduce `$comment_count` param for `WP_Query`.
This parameter allows querying for posts with a specific value of
`comment_count`. It is also possible to query for posts that match
a `comment_count` comparison by passing an array with 'value' and
'compare' operators (eg `array( 'compare' => '>', 'value' => 5 )`).

Props ramon fincken.
Fixes #28399.
Built from https://develop.svn.wordpress.org/trunk@40978


git-svn-id: http://core.svn.wordpress.org/trunk@40828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-01 11:25:44 +00:00
Drew Jaynes 4b0e64aa8c Docs: Add missing `@since`, `@access`, and `@global` notations to the DocBlock for `WP_Query::parse_search_order()`.
Props dixitadusara.
Fixes #41045.

Built from https://develop.svn.wordpress.org/trunk@40972


git-svn-id: http://core.svn.wordpress.org/trunk@40822 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-30 16:08:44 +00:00
Drew Jaynes af5b2ca7f5 Docs: Add more useful summaries to the DocBlocks for boolean `$is_*` properties in `WP_Query`.
Props megane9988 for the initial patch.
Fixes #34726.

Built from https://develop.svn.wordpress.org/trunk@40966


git-svn-id: http://core.svn.wordpress.org/trunk@40816 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-30 03:44:46 +00:00
Boone Gorges 8951af8ebb Introduce `loop_no_results` action.
This action fires when a `WP_Query` query returns no results.

Props mgibbs189.
Props #40850.
Built from https://develop.svn.wordpress.org/trunk@40923


git-svn-id: http://core.svn.wordpress.org/trunk@40773 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-23 01:55:44 +00:00
Sergey Biryukov 3abb3087df Docs: Correct parameter description for `posts_join` filter.
Props anhskohbo.
Fixes #40991.
Built from https://develop.svn.wordpress.org/trunk@40912


git-svn-id: http://core.svn.wordpress.org/trunk@40762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-15 12:46:41 +00:00
Sergey Biryukov 564d6a0c90 Docs: Update the description of `is_singular()` and `WP_Query::is_singular()` to be parsed correctly by developer.wordpress.org.
Props grapplerulrich.
Fixes #39948.
Built from https://develop.svn.wordpress.org/trunk@40103


git-svn-id: http://core.svn.wordpress.org/trunk@40040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-02-23 10:30:43 +00:00
Sergey Biryukov 9d7ea04936 I18N: Merge similar strings in `_deprecated_argument()` calls.
Add translator comments.

Props ramiy, SergeyBiryukov.
Fixes #39020.
Built from https://develop.svn.wordpress.org/trunk@40028


git-svn-id: http://core.svn.wordpress.org/trunk@39965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-29 11:50:41 +00:00
Dominik Schilling 85384297a6 Query: Ensure that queries work correctly with post type names with special characters.
Built from https://develop.svn.wordpress.org/trunk@39952


git-svn-id: http://core.svn.wordpress.org/trunk@39889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-26 13:33:45 +00:00
Boone Gorges af885f45cf Query: Improve documentation for `orderby=relevance` in `WP_Query`.
Props dots.
Fixes #39336.
Built from https://develop.svn.wordpress.org/trunk@39636


git-svn-id: http://core.svn.wordpress.org/trunk@39576 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-23 02:31:41 +00:00
Boone Gorges 97fd5ae77c Docs: Correct param definition for `WP_Query::query()`.
Props Shelob9.
Fixes #38963.
Built from https://develop.svn.wordpress.org/trunk@39550


git-svn-id: http://core.svn.wordpress.org/trunk@39490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-09 16:23:42 +00:00
Drew Jaynes 568838bebd Docs: Update the DocBlock description for `WP_Query::is_single()` to mention that it works for any post types excluding pages.
Props ryankienstra.
Fixes #38225.

Built from https://develop.svn.wordpress.org/trunk@39052


git-svn-id: http://core.svn.wordpress.org/trunk@38994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 06:34:34 +00:00
Boone Gorges bcc26664ed Query: Allow the prefix used for search term exclusion to be filtered.
[38792] allowed `WP_Query`'s hyphen-as-exclusion-prefix feature to be
disabled via filter. A more general solution is to allow the prefix to
be filtered; returning an empty value from a filter callback works to
disable the feature.

Props dlh.
Fixes #38099.
Built from https://develop.svn.wordpress.org/trunk@38844


git-svn-id: http://core.svn.wordpress.org/trunk@38787 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-20 18:42:29 +00:00
Boone Gorges 9783a3df6b Query: Allow the hyphen-prefix-for-search-exclusion feature to be disabled by filter.
WordPress 4.4 introduced "hyphen exclusion" for search terms, so that
"foo -bar" would return posts containing "foo" AND not containing "bar".
The new filter 'wp_query_use_hyphen_for_exclusion' allows developers
to disable this feature when it's known that their content will contain
semantically important leading hyphens.

Props chriseverson, choongsavvii.
Fixes #38099.
Built from https://develop.svn.wordpress.org/trunk@38792


git-svn-id: http://core.svn.wordpress.org/trunk@38735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-14 20:06:28 +00:00
Gary Pendergast af69f4ab1a General: Restore usage of `$wpdb`, instead of `$this->db`.
Hiding the `$wpdb` global behind a property decreases the readability of the code, as well as causing irrelevant output when dumping an object.

Reverts [38275], [38278], [38279], [38280], [38387].
See #37699.


Built from https://develop.svn.wordpress.org/trunk@38768


git-svn-id: http://core.svn.wordpress.org/trunk@38711 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-10 06:38:31 +00:00
Boone Gorges 132f3d0d19 Query: Eliminate unnecessary `wp_list_filter()` call in `get_queried_object()`.
The refactor in [30711] swapped out the old `queries` property for the
new `queried_terms`, but should also have gotten rid of the now-
superfluous `wp_list_filter()` call.

Fixes #37962.
Built from https://develop.svn.wordpress.org/trunk@38586


git-svn-id: http://core.svn.wordpress.org/trunk@38529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-09 19:49:29 +00:00
Boone Gorges 163d59f8e1 Query: Avoid PHP notice in `get_queried_object()` when query contains `NOT EXISTS` tax query.
Props johnjamesjacoby.
See #37962.
Built from https://develop.svn.wordpress.org/trunk@38585


git-svn-id: http://core.svn.wordpress.org/trunk@38528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-09 19:37:38 +00:00
Dion Hulse 227a80eba3 Query: Use `AND` in a SQL query rather than `&&`.
This appears to have been the only instance of `&&` being used in SQL, so for consistency lets remove it.

Props scrappy@hub.org.
Fixes #37903.

Built from https://develop.svn.wordpress.org/trunk@38491


git-svn-id: http://core.svn.wordpress.org/trunk@38432 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-01 05:11:31 +00:00
Scott Taylor af71985625 Query: r38356, you were not long for this world.
Fixes #37830.

Built from https://develop.svn.wordpress.org/trunk@38471


git-svn-id: http://core.svn.wordpress.org/trunk@38412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 16:53:29 +00:00
Scott Taylor faccc617fb Query: collapse several of the `is_*` methods using `__call()`. Add `@method` annotations.
Fixes #37830.

Built from https://develop.svn.wordpress.org/trunk@38356


git-svn-id: http://core.svn.wordpress.org/trunk@38297 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-25 19:42:43 +00:00
Scott Taylor d5f28fdad8 Query: move `WP_Query` into its own file via `svn cp`.
See #37827.

Built from https://develop.svn.wordpress.org/trunk@38351


git-svn-id: http://core.svn.wordpress.org/trunk@38292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-25 17:20:38 +00:00