Commit Graph

656 Commits

Author SHA1 Message Date
Sergey Biryukov 1f85e7484f Docs: Consistently use third-person singular verbs for various filter descriptions, per the documentation standards.
See #50768.
Built from https://develop.svn.wordpress.org/trunk@48782


git-svn-id: http://core.svn.wordpress.org/trunk@48544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-11 00:34:08 +00:00
Sergey Biryukov 350ad6141e Coding Standards: Use consistent formatting for translator comments in `wp-includes/rest-api.php`.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@48765


git-svn-id: http://core.svn.wordpress.org/trunk@48527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-09 01:46:07 +00:00
Sergey Biryukov bb0630caa9 I18N: Use a placeholder instead of the `\` character in a translatable string in `WP_REST_Users_Controller::check_user_password()`.
Props ramiy.
Fixes #50812.
Built from https://develop.svn.wordpress.org/trunk@48692


git-svn-id: http://core.svn.wordpress.org/trunk@48454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-30 12:28:06 +00:00
TimothyBlynJacobs c461697c31 REST API: Remove assets field from block directory controller.
Gutenberg no longer uses the assets field to fetch the assets for the installed block so this field can be dropped from the endpoint. This allows us to reintroduce it at a later point without needing to worry about backward compatibility.

See #50732.

Built from https://develop.svn.wordpress.org/trunk@48656


git-svn-id: http://core.svn.wordpress.org/trunk@48418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-28 04:10:10 +00:00
TimothyBlynJacobs 86ea4f0838 REST API: Fix warning when using `set_param()` on a JSON request with no body.
In [47559] the `WP_REST_Request::set_param()` method was adjusted to try and overwrite an existing parameter definition before forcing the value in the first parameter slot. If `set_param()` was called on a request with an `application/json` content type and an empty body, a PHP warning would be issued. This was due to the JSON parameter type not being set to an array when the body is empty.

This commit avoids the warning by adding an `is_array()` check before calling `array_key_exists`. Ideally, `WP_REST_Reuest::parse_json_params()` would set the JSON parameter type to an empty array in this case, but that is too large of a change at this point in the cycle.

Props manooweb.
Fixes #50786.

Built from https://develop.svn.wordpress.org/trunk@48642


git-svn-id: http://core.svn.wordpress.org/trunk@48404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-27 18:46:05 +00:00
whyisjake de5533e56b REST API: Install plugin translations after the plugin install. This only installs for the plugin in question, not all plugins.
Support for retrieving the langauge pack alongside the install API request was added in https://meta.trac.wordpress.org/changeset/10091 to avoid having to make a plugin update check during the REST API check.

Fixes #50732.
Props dd32, ocean90, ryelle, swissspidy, tellyworth, whyisjake, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48641


git-svn-id: http://core.svn.wordpress.org/trunk@48403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-27 18:31:06 +00:00
Sergey Biryukov aa22457754 REST API: Use a consistent description for the `textdomain` schema property between plugins and themes controllers.
Follow-up to [48242], [48627].

Props audrasjb.
Fixes #50776. See #50321.
Built from https://develop.svn.wordpress.org/trunk@48628


git-svn-id: http://core.svn.wordpress.org/trunk@48390 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-26 21:54:03 +00:00
Sergey Biryukov e7eaaa97b1 REST API: Use a consistent name for the `textdomain` schema property between plugins, themes, and block directory controllers.
Follow-up to [48242].

See #50321, #50776.
Built from https://develop.svn.wordpress.org/trunk@48627


git-svn-id: http://core.svn.wordpress.org/trunk@48389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-26 21:49:03 +00:00
Sergey Biryukov 61b2cb7761 Docs: Correct `@since` version for `WP_REST_Plugins_Controller::get_item_schema()`.
Follow-up to [48242].

See #50321.
Built from https://develop.svn.wordpress.org/trunk@48626


git-svn-id: http://core.svn.wordpress.org/trunk@48388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-26 21:42:03 +00:00
Sergey Biryukov ebfe7ca39a I18N: Remove `<code>` tags in an error message in `WP_REST_Posts_Controller::get_item_schema()` for consistency with other strings.
Follow-up to [48610].

See #50759.
Built from https://develop.svn.wordpress.org/trunk@48613


git-svn-id: http://core.svn.wordpress.org/trunk@48375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-25 16:41:02 +00:00
Sergey Biryukov 29b0a259df I18N: Move code out of a translatable string in `WP_REST_Posts_Controller::get_item_schema()`.
Props ramiy.
Fixes #50759.
Built from https://develop.svn.wordpress.org/trunk@48610


git-svn-id: http://core.svn.wordpress.org/trunk@48372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-25 16:28:04 +00:00
John Blackbourn 124972f2c6 Docs: Further corrections and improvements to various inline docblocks.
See #49572
Built from https://develop.svn.wordpress.org/trunk@48576


git-svn-id: http://core.svn.wordpress.org/trunk@48338 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 07:39:02 +00:00
Sergey Biryukov 5323fa05e5 REST API: Use consistent error messages when managing network plugins.
Props ramiy.
Fixes #50729.
Built from https://develop.svn.wordpress.org/trunk@48556


git-svn-id: http://core.svn.wordpress.org/trunk@48318 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 22:01:03 +00:00
Sergey Biryukov 3061a680a9 Media: Pass the attachment ID to the `wp_image_file_matches_image_meta` filter.
Props spacedmonkey.
Fixes #50722.
Built from https://develop.svn.wordpress.org/trunk@48547


git-svn-id: http://core.svn.wordpress.org/trunk@48309 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 16:55:08 +00:00
TimothyBlynJacobs b8d5e161eb REST API: Issue a _doing_it_wrong when registering a route without a permission callback.
The REST API treats routes without a permission_callback as public. Because this happens without any warning to the user, if the permission callback is unintentionally omitted or misspelled, the endpoint can end up being available to the public. Such a scenario has happened multiple times in the wild, and the results can be catostrophic when it occurs.

For REST API routes that are intended to be public, it is recommended to set the permission callback to the `__return_true` built in function.

Fixes #50075.
Props rmccue, sorenbronsted, whyisjake, SergeyBiryukov, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48526


git-svn-id: http://core.svn.wordpress.org/trunk@48288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 12:03:05 +00:00
Andrew Ozz 562a59f553 REST API, Media: Add `X-WP-Upload-Attachment-ID` HTTP header to enable retrying of post-processing of edited images if the server runs out of resources. This is the same as after uploading a new image, will do up to five additional requests to let the server create all image sub-sizes.
Fixes #50711.
Built from https://develop.svn.wordpress.org/trunk@48525


git-svn-id: http://core.svn.wordpress.org/trunk@48287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-21 03:00:04 +00:00
Andrew Ozz c2639c74ff REST API, Media: Fix/improve the inline docs and name of the new `wp_edited_image_metadata` filter.
Props desrosj, azaozz.

See #44405.
Built from https://develop.svn.wordpress.org/trunk@48518


git-svn-id: http://core.svn.wordpress.org/trunk@48280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-20 21:04:03 +00:00
Andrew Ozz 689c224476 Media: Migrate the data from the attachment post of the parent image when saving an edited image. Copy:
- `post_title`,
- `post_content` (image description),
- `post_excerpt` (image caption as saved in the DB),
- `_wp_attachment_image_alt` meta (alt text for the img tag as saved in the DB).

Props spacedmonkey, joedolson, TimothyBlynJacobs, azaozz.
Fixes #50675.
Built from https://develop.svn.wordpress.org/trunk@48510


git-svn-id: http://core.svn.wordpress.org/trunk@48272 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-19 21:19:04 +00:00
Andrew Ozz 2d728713ac REST API: Prevent attachment ID/image source mismatch when editing an image.
Fixes #50565.
Built from https://develop.svn.wordpress.org/trunk@48498


git-svn-id: http://core.svn.wordpress.org/trunk@48260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-16 21:56:08 +00:00
TimothyBlynJacobs df2b9b1689 REST API: Add Content-Disposition, Content-MD5 and X-WP-Nonce as allowed cors headers.
The Content-Disposition and Content-MD5 headers allow for easier file uploading across domains by using a File/Blob object directly. The X-WP-Nonce header is allowed for making cross-origin and same-origin authenticated requests consistent.

Additionally a filter is introduced, "rest_allowed_cors_headers", to simplify the process of allowing additional request headers.

Props rmccue, TimothyBlynJacobs.
Fixes #41696.

Built from https://develop.svn.wordpress.org/trunk@48452


git-svn-id: http://core.svn.wordpress.org/trunk@48221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-12 19:37:12 +00:00
TimothyBlynJacobs a59fb4e50f REST API: Sanitize block renderer attributes.
In [48069] the Block Renderer was changed to register a single route for all dynamic blocks. Validation was dynamically applied based on the requested block, but sanitization was not. This commit adds the same sanitization back to the block attributes.

Props manooweb.
Fixes #50620. See #48079.

Built from https://develop.svn.wordpress.org/trunk@48437


git-svn-id: http://core.svn.wordpress.org/trunk@48206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-11 20:34:05 +00:00
Sergey Biryukov d322fb66de Docs: Synchronize and correct documentation for various metadata functions and filters.
Follow-up to [47390], [47611], [48192], [48402].

See #49572, #43941, #45464.
Built from https://develop.svn.wordpress.org/trunk@48411


git-svn-id: http://core.svn.wordpress.org/trunk@48180 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-09 11:26:07 +00:00
Sergey Biryukov 6bf6bc451f Docs: Miscellaneous DocBlock corrections.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48408


git-svn-id: http://core.svn.wordpress.org/trunk@48177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-08 13:15:03 +00:00
TimothyBlynJacobs 13b10697bf REST API, Meta: Introduce support for default metadata values.
The `register_meta()` API now officially supports specifying a default metadata value. When `get_metadata()` is called for a meta key that does not yet exist for the object, this default value will be returned instead of an empty string.

A new function is introduced `get_metadata_raw` to retrieve the raw metadata value from the database, without applying the registered default.

Props spacedmonkey, flixos90, rmccue, kadamwhite, mnelson4, johnbillion, chrisvanpatten, TimothyBlynJacobs.
Fixes #43941.


Built from https://develop.svn.wordpress.org/trunk@48402


git-svn-id: http://core.svn.wordpress.org/trunk@48171 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 20:47:05 +00:00
Andrew Ozz d1dc207128 Media, REST API: Allow media edit endpoint to find remote files.
Props jonsurrell.
Fixes #50595.
Built from https://develop.svn.wordpress.org/trunk@48386


git-svn-id: http://core.svn.wordpress.org/trunk@48155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 16:51:04 +00:00
TimothyBlynJacobs 0615a9ab37 REST API: Use new `rest_get_route_for_post()` in the post search handler.
In [48273] the rest_get_route_for_post function was introduced. This simplifies determining the REST API route for any given post object and adds a filter for custom controllers.

Props ravatparmar.
Fixes #50529.

Built from https://develop.svn.wordpress.org/trunk@48381


git-svn-id: http://core.svn.wordpress.org/trunk@48150 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-07 15:31:02 +00:00
TimothyBlynJacobs 0386c0ae6c REST API: Remove specific multi-type schema handling from the themes controller.
Multi-type schema handling was improved in [48306]. In particular, it now allows for sanitizing a multi-typed value that wouldn't validate. Removing this handling will make 3rd party registered theme features more robust.

Fixes #50562.

Built from https://develop.svn.wordpress.org/trunk@48308


git-svn-id: http://core.svn.wordpress.org/trunk@48077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-05 01:06:02 +00:00
TimothyBlynJacobs 5af864369c REST API: Introduce endpoint for editing images.
To facilitate inline image editing in Gutenberg, a new endpoint at wp/v2/media/<id>/edit has been introduced. This is functionally similar to the existing ajax image editor, however the REST API editor creates a new attachment record instead of updating an existing attachment.

Fixes #44405.
Props ajlende, ellatrix, spacedmonkey, azaozz.


Built from https://develop.svn.wordpress.org/trunk@48291


git-svn-id: http://core.svn.wordpress.org/trunk@48060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-04 04:15:05 +00:00
Sergey Biryukov ec571bdcf6 Docs: Spell "falsey" in a consistent way.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48275


git-svn-id: http://core.svn.wordpress.org/trunk@48044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-02 11:30:02 +00:00
TimothyBlynJacobs 083134f694 REST API: Introduce plugin management and block directory endpoints.
These endpoints facilitate the Block Directory Inserter feature in Gutenberg. Users can now install, activate, deactivate, and delete plugins over the REST API. The block directoryendpoint allows searching for available blocks from the WordPress.org block directory.

Props cklee, talldanwp, noisysocks, joen, soean, youknowriad, dufresnesteven, gziolo, dd32, tellyworth, ryelle, spacedmonkey, TimothyBlynJacobs.
Fixes #50321.


Built from https://develop.svn.wordpress.org/trunk@48242


git-svn-id: http://core.svn.wordpress.org/trunk@48011 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-01 04:24:03 +00:00
Sergey Biryukov f5942603c0 Comments: Make `wp_update_comment()` return a `WP_Error` object for a canceled update, if `$wp_error` parameter is true.
Remove redundant checks for `wp_update_comment()` results being `false`, as the function always returns a `WP_Error` object now if `$wp_error` is true.

Follow-up to [48154], [48215], [48216].

See #39732.
Built from https://develop.svn.wordpress.org/trunk@48218


git-svn-id: http://core.svn.wordpress.org/trunk@47987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-29 23:42:03 +00:00
Sergey Biryukov c892c420b7 Docs: Miscellaneous DocBlock corrections.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48198


git-svn-id: http://core.svn.wordpress.org/trunk@47967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-28 11:53:04 +00:00
Sergey Biryukov 37d48e2f2e Users: Merge two similar error messages about usernames with invalid characters.
Props ramiy, garrett-eclipse, chetan200891.
Fixes #47003.
Built from https://develop.svn.wordpress.org/trunk@48195


git-svn-id: http://core.svn.wordpress.org/trunk@47964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-27 23:44:09 +00:00
Sergey Biryukov 5aa7f46a4f Docs: Improve DocBlocks in `wp-includes/theme.php` per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48189


git-svn-id: http://core.svn.wordpress.org/trunk@47958 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-27 12:02:03 +00:00
Sergey Biryukov 40c389c95e Docs: Standardize on "Returning a value from the filter" vs. "Passing a value to the filter".
The filter is the callback function added with `add_filter()`, therefore the hook passes a value to the filter, and the filter returns a value to change its behaviour.

The documentation is referring to the latter.

Props johnbillion.
See #49572, #16557.
Built from https://develop.svn.wordpress.org/trunk@48185


git-svn-id: http://core.svn.wordpress.org/trunk@47954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 18:49:09 +00:00
TimothyBlynJacobs 9f14967ff0 REST API: Introduce Block Types endpoint.
This endpoint allows a user to retrieve the block type definition for all server-side registered block types.

Props spacedmonkey, aduth, gziolo, ocean90, TimothyBlynJacobs.
Fixes #47620.

Built from https://develop.svn.wordpress.org/trunk@48173


git-svn-id: http://core.svn.wordpress.org/trunk@47942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 00:46:07 +00:00
TimothyBlynJacobs 9dc7058be9 Themes: Introduce register_theme_feature API.
Currently themes can declare support for a given feature by using add_theme_support(). This commit adds a register_theme_feature() API that allows plugins and WordPress Core to declare a list of available features that themes can support.

The REST API uses this to expose a theme's supported features if the feature has been registered with "show_in_rest" set to true.

Props kadamwhite, spacedmonkey, williampatton, desrosj, TimothyBlynJacobs.
Fixes #49406.

Built from https://develop.svn.wordpress.org/trunk@48171


git-svn-id: http://core.svn.wordpress.org/trunk@47940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-25 22:13:10 +00:00
whyisjake bb7601f6d0 Comments: Allow `wp_update_comment()` to return `WP_Error()`.
The `wp_update_comment_data` filter introduced in 4.7 allows comment data to be filtered before it is updated in the database.

The patch aims to handle `WP_Error` as the filter above return value in a similar manner as is done for `wp_new_comment()`.


Fixes #39732.

Props: enricosorcinelli, swissspidy, gkloveweb, jnylen0, jbpaul17, afercia, SergeyBiryukov, audrasjb, imath, davidbaumwald.

Built from https://develop.svn.wordpress.org/trunk@48154


git-svn-id: http://core.svn.wordpress.org/trunk@47923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-24 00:05:12 +00:00
desrosj 4b60af1a6a General: Remove “whitelist” and “blacklist” in favor of more clear and inclusive language.
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”

With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).

Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.

Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.

Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes #50413.
Built from https://develop.svn.wordpress.org/trunk@48121


git-svn-id: http://core.svn.wordpress.org/trunk@47890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-22 17:26:13 +00:00
TimothyBlynJacobs 88f54b22ba REST API: Add "Link" to the list of exposed cors headers.
Currently, only the X-WP-Total and X-WP-TotalPages headers are exposed which means that clients have to manually construct the URL to implement pagination instead of using the "prev" and "next" Links.

Additionally, a filter "rest_exposed_cors_headers" is introduced to make it simpler for plugins to expose additional headers.

Props Toro_Unit, ayeshrajans.
Fixes #50369.

Built from https://develop.svn.wordpress.org/trunk@48112


git-svn-id: http://core.svn.wordpress.org/trunk@47881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 23:56:12 +00:00
Sergey Biryukov e13c363b17 Docs: Capitalize "ID", when referring to a post ID, term ID, etc. in a more consistent way.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48104


git-svn-id: http://core.svn.wordpress.org/trunk@47873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 12:02:12 +00:00
Sergey Biryukov a576a13246 Docs: Remove an empty line between `@param` and `@return` tags, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48102


git-svn-id: http://core.svn.wordpress.org/trunk@47871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 11:18:09 +00:00
John Blackbourn 1a77bb81d8 Docs: Remove unnecessary variables names from `@return` tags.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48100


git-svn-id: http://core.svn.wordpress.org/trunk@47869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-19 22:55:12 +00:00
TimothyBlynJacobs 41f70ae5f8 REST API: Only register one block renderer route.
Every block has a different set of attributes. These attributes are specified as a JSON Schema object. Previously, every block registered its own block renderer route using its attributes for the schema. This allowed for the attributes to be validated using the built in endpoint validation rules. It had the unfortunate side effect, however, of creating a large number of nearly identical REST API routes, one for each dynamic block. Each registered route has a performance impact. As the number of server side blocks goes up, this becomes more and more of an issue.

Now, we register a single block renderer route and dynamically validate the attributes based on the selected block.

Fixes #48079.
Props gziolo, TimothyBlynJacobs.

Built from https://develop.svn.wordpress.org/trunk@48069


git-svn-id: http://core.svn.wordpress.org/trunk@47836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-17 03:22:12 +00:00
TimothyBlynJacobs 941a31318c REST API: Fix updating "multiple" meta keys with non-string values.
Previously, the REST API would end up deleting each row of metadata and recreating it unnecessarily. This was caused by a type mismatch where the metadata API would always return a string value, and the REST API operated on a typed value.

The REST API now applies the same sanitization and type casting for "multiple" meta keys and "single" meta keys.

Fixes #49339.
Props renathoc.

Built from https://develop.svn.wordpress.org/trunk@47943


git-svn-id: http://core.svn.wordpress.org/trunk@47716 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-10 02:22:13 +00:00
desrosj 784908ae5f Coding Standards: PHP short ternary operator syntax is not allowed.
WPCS 2.2.0 added a sniff for detecting short ternary operator syntax, which is not allowed per the Core handbook.

Follow up of [47927].
Fixes #50258.
Built from https://develop.svn.wordpress.org/trunk@47929


git-svn-id: http://core.svn.wordpress.org/trunk@47702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-08 21:27:10 +00:00
desrosj c591d94cc5 General: Remove or add inline comments to `$HTTP_RAW_POST_DATA` occurrences.
The `$HTTP_RAW_POST_DATA` global was deprecated in PHP 5.6 and removed completely in PHP 7.0. In general, `php://input` should be used instead of `$HTTP_RAW_POST_DATA`.

Because WordPress Core still supports PHP 5.6, some plugins or sites may still rely on this variable being present and populated with the expected data. For that reason, occurrences of the variable will remain with updated inline documentation until support for PHP 5.6 is officially dropped in WordPress.

Props skoskie, jrf, desrosj, TimothyBlynJacobs.
See #49922.
Fixes #49810.
Built from https://develop.svn.wordpress.org/trunk@47926


git-svn-id: http://core.svn.wordpress.org/trunk@47700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-08 19:55:10 +00:00
TimothyBlynJacobs 5efaf888a5 REST API: Support the (min|max)Items JSON Schema keywords.
A future commit will add support for the uniqueItems keyword.

Props sorenbronsted.
See #48821.

Built from https://develop.svn.wordpress.org/trunk@47923


git-svn-id: http://core.svn.wordpress.org/trunk@47697 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-07 22:42:13 +00:00
TimothyBlynJacobs 171356a890 REST API: Add additional fields to the themes controller.
When the themes controller was introduced it only returned a theme's supported features. This adds the majority of a theme's header information to the response.

Props ockham, spacedmonkey.
Fixes #49906.

Built from https://develop.svn.wordpress.org/trunk@47921


git-svn-id: http://core.svn.wordpress.org/trunk@47695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-07 06:46:10 +00:00
whyisjake 00df557404 REST API: Ensure that all properties of `get_endpoint_args_for_item_schema` are listed.
* Add new var $valid_schema_properties to match rest_validate_value_from_schema()
* Unit test to ensure all valid properties exists, and non-valid properties are ignored

Fixes: #50301.
Props: pentatonicfunk, TimothyBlynJacobs.


Built from https://develop.svn.wordpress.org/trunk@47911


git-svn-id: http://core.svn.wordpress.org/trunk@47685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-04 16:43:08 +00:00
Sergey Biryukov 95d53b9a66 Docs: Correct `@return` value for `WP_REST_Meta_Fields::get_value()`.
Props chrisvanpatten.
Fixes #50259.
Built from https://develop.svn.wordpress.org/trunk@47858


git-svn-id: http://core.svn.wordpress.org/trunk@47634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-27 09:44:11 +00:00
Dominik Schilling ed71319421 Role/Capability: Use meta caps `edit_post`, `read_post`, and `delete_post` directly.
Rather than consulting the post type object, let `map_meta_cap()` handle that for us.

Props peterwilsoncc, ocean90.
Fixes #50128.
See #23226.
Built from https://develop.svn.wordpress.org/trunk@47850


git-svn-id: http://core.svn.wordpress.org/trunk@47626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-23 15:24:07 +00:00
Dominik Schilling aaeab2f3f5 Rest API: Ensure `rest_ensure_response()` upgrades `WP_HTTP_Response` to `WP_REST_Response`.
An instance of `WP_HTTP_Response` doesn't ensure that the required methods used in `WP_REST_Server::dispatch()` exist, currently causing a fatal error.

Props ali11007, TimothyBlynJacobs, ocean90.
Fixes #49495.
Built from https://develop.svn.wordpress.org/trunk@47849


git-svn-id: http://core.svn.wordpress.org/trunk@47625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-23 14:36:09 +00:00
TimothyBlynJacobs 46854d7322 REST API: Support more JSON Schemas when filtering a response by context.
The array type, multi-types, and the additional properties keyword are now supported. Additionally, the filter recurses to an infinite depth.

Fixes #48819.

Built from https://develop.svn.wordpress.org/trunk@47758


git-svn-id: http://core.svn.wordpress.org/trunk@47534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-04 02:46:05 +00:00
TimothyBlynJacobs 7023be21f5 REST API: Accept POST requests in the block renderer endpoint.
Rendering a block is idempotent, so a GET is the most natural request method. However, the maximum length of URLs prevented blocks with large attributes from being rendered.

Props ryankienstra.
Fixes #49680.

Built from https://develop.svn.wordpress.org/trunk@47756


git-svn-id: http://core.svn.wordpress.org/trunk@47532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-03 22:58:05 +00:00
Sergey Biryukov 61a2f62ffd Comments: Use `comment` instead of an empty string for the `comment_type` DB field value in comments table.
This is the first step to bring support for custom comment types into WordPress.

Add a scheduled upgrade routine to update the type value for existing comments, in batches of 100 at a time.

Props imath, aaroncampbell, jeremyfelt, dshanske.
Fixes #49236.
Built from https://develop.svn.wordpress.org/trunk@47597


git-svn-id: http://core.svn.wordpress.org/trunk@47372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-17 19:35:06 +00:00
K. Adam White 951b1d89db REST API: Handle parameter types consistently within set_param().
A request has multiple parameter types, including "query" and "json." Updating a parameter could previously modify a key's value in the wrong parameter type, leading to confusing and self-contradictory response objects.

Props mnelson4, TimothyBlynJacobs, vagios, jnylen0.
Fixes #40838.

Built from https://develop.svn.wordpress.org/trunk@47559


git-svn-id: http://core.svn.wordpress.org/trunk@47334 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-09 19:30:07 +00:00
K. Adam White 51619c00a4 REST API: Fix revisions controller get_item permission check.
r45812 incorrectly introduced a delete_post permissions check into the get_item method, breaking some plugins which requested revisions when generating previews.

Props sorenbronsted, yohannp, TimothyBlynJacobs.
Fixes #49645.

Built from https://develop.svn.wordpress.org/trunk@47547


git-svn-id: http://core.svn.wordpress.org/trunk@47322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-03 19:40:08 +00:00
K. Adam White 58d5aad2a3 REST API: Fix _fields filtering of registered rest fields.
Use rest_is_field_included when determining which additional fields to include to permit filtering by nested field properties.

Props Dudo, kadamwhite, TimothyBlynJacobs.
Fixes #49648.

Built from https://develop.svn.wordpress.org/trunk@47511


git-svn-id: http://core.svn.wordpress.org/trunk@47286 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-26 17:52:16 +00:00
Sergey Biryukov d6178e1dcf REST API: Fix typo in `disable-custom-gradients` theme feature description.
Props Ipstenu, tobifjellner, pixelverbieger.
Reviewed by ocean90, johnbillion, SergeyBiryukov.
Fixes #49585.
Built from https://develop.svn.wordpress.org/trunk@47432


git-svn-id: http://core.svn.wordpress.org/trunk@47219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-06 00:17:05 +00:00
John Blackbourn 056dad9c2c Docs: Use more specific types in parameter descriptions in place of `mixed`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47397


git-svn-id: http://core.svn.wordpress.org/trunk@47184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-01 10:38:07 +00:00
Sergey Biryukov cbe5f9963a Docs: Improve documentation for `WP_REST_Attachments_Controller`.
This adds a missing DocBlock for `::register_routes()` and parameter descriptions for `::post_process_item()`.

Includes minor documenation fixes in other REST API classes for consistency.

Props dkarfa, mukesh27, SergeyBiryukov.
Fixes #48841.
Built from https://develop.svn.wordpress.org/trunk@47391


git-svn-id: http://core.svn.wordpress.org/trunk@47178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-28 12:31:08 +00:00
Sergey Biryukov 3a333ef030 Coding Standards: Use strict comparison for `normalize_whitespace()` checks when comparing revisions or autosaves.
Props dkarfa, itowhid06, TimothyBlynJacobs.
Fixes #47965.
Built from https://develop.svn.wordpress.org/trunk@47372


git-svn-id: http://core.svn.wordpress.org/trunk@47159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 19:35:09 +00:00
K. Adam White a5f16272dd REST API: Permit access to the themes controller if user can edit any post type.
Check a more exhaustive list of post type editing caps beyond "edit_post" to ensure custom user roles with access to to specific post types may still use block editor functionality depending on theme features.

Props miyauchi, TimothyBlynJacobs.
Fixes #46723.

Built from https://develop.svn.wordpress.org/trunk@47361


git-svn-id: http://core.svn.wordpress.org/trunk@47148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 15:20:08 +00:00
K. Adam White 8faf366ab9 REST API: Apply all relevant block rendering filters when rendering block previews.
Several filters were introduced to the render_block method since the initial implementation of the block-renderer/ endpoints, causing the output of those endpoints to diverge from the rendered content of blocks on the frontend.

Props kadamwhite, TimothyBlynJacobs, miinasikk.
Fixes #49387.

Built from https://develop.svn.wordpress.org/trunk@47360


git-svn-id: http://core.svn.wordpress.org/trunk@47147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 15:05:06 +00:00
K. Adam White 480372b07c REST API: Fix namespace shadowing issue in route matching logic.
Following [47260] a namespace such as "test-ns" prevents any namespace such as "test-ns/v1" from being found when matching routes.
While not best practice, this was an unintentional back-compat break; this patch restores the original behavior.

Props david.binda, TimothyBlynJacobs.
Fixes #48530.


Built from https://develop.svn.wordpress.org/trunk@47351


git-svn-id: http://core.svn.wordpress.org/trunk@47138 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-24 18:07:08 +00:00
TimothyBlynJacobs 5031baa32b REST API: Don't assume all item schemas have properties.
All schema types, not just objects, are permitted as the base type of a resource. A future patch could add validation support for those types, but this fix only prevents a PHP warning from being issued.

Props dhavalkasvala, johnwatkins0, birgire.
Fixes #48785.

Built from https://develop.svn.wordpress.org/trunk@47328


git-svn-id: http://core.svn.wordpress.org/trunk@47122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-20 16:58:06 +00:00
TimothyBlynJacobs 450d49183b REST API: Fix links format in OPTIONS requests for non-variable routes.
Props nsundberg, johnwatkins0, birgire.
Fixes #49149.

Built from https://develop.svn.wordpress.org/trunk@47326


git-svn-id: http://core.svn.wordpress.org/trunk@47120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-20 00:55:05 +00:00
Sergey Biryukov 61986acde9 Users: Limit the scope of admin files required in `WP_REST_Users_Controller`.
This requires only `wp-admin/includes/user.php` for `get_editable_roles()`, instead of `wp-admin/includes/admin.php`.

Follow-up to [43589].

Props johnwatkins0.
Fixes #49450.
Built from https://develop.svn.wordpress.org/trunk@47299


git-svn-id: http://core.svn.wordpress.org/trunk@47099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 05:33:06 +00:00
Sergey Biryukov 8f877dc875 Docs: Improve inline comments for `require_once` calls in `WP_REST_Users_Controller` per the documentation standards.
Follow-up to [47295].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47298


git-svn-id: http://core.svn.wordpress.org/trunk@47098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:56:06 +00:00
Sergey Biryukov 97380ec1ce Docs: Fix typo in a comment in `WP_REST_Attachments_Controller::create_item()`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47297


git-svn-id: http://core.svn.wordpress.org/trunk@47097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:30:04 +00:00
Sergey Biryukov 1d5d5b3e87 REST API: Restore `wp-admin/includes/image.php` requirement in `WP_REST_Attachments_Controller::create_item()`.
Although the file is already included via the `::insert_attachment()` method, this addresses an inconsistency and corrects a misleading comment.

It also reduces the possibility of a future error in case `::insert_attachment()` is no longer called earlier in `::create_item()` at some point.

Follow-up to [43850] and [44206].

Props luisrivera.
Fixes #49449.
Built from https://develop.svn.wordpress.org/trunk@47296


git-svn-id: http://core.svn.wordpress.org/trunk@47096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:24:07 +00:00
Sergey Biryukov 445e2859ab Docs: Improve inline comments for `require_once()` calls in `WP_REST_Attachments_Controller`.
See #49449, #48303.
Built from https://develop.svn.wordpress.org/trunk@47295


git-svn-id: http://core.svn.wordpress.org/trunk@47095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-17 03:13:05 +00:00
K. Adam White c85c8f5235 REST API: Introduce rest_{$this->post_type}_item_schema filter to enable manipulation of schema values.
register_rest_field can be used to add properties to a schema, but no mechanism existed to alter existing properties like "content".
Running the schema through this filter lets plugins append additional sub-properties to existing schema definitions.

Props luisherranz, TimothyBlynJacobs, swissspidy, westonruter, kadamwhite.
Fixes #47779.


Built from https://develop.svn.wordpress.org/trunk@47265


git-svn-id: http://core.svn.wordpress.org/trunk@47065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 16:28:06 +00:00
K. Adam White 12709269c1 REST API: Allow meta to be set when creating a new media record via REST.
Props TimothyBlynJacobs, apermo.
Fixes #44567.

Built from https://develop.svn.wordpress.org/trunk@47261


git-svn-id: http://core.svn.wordpress.org/trunk@47061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 03:39:06 +00:00
K. Adam White 23696bb074 REST API: Match REST API routes on namespace before performing regex checks.
Rule out groups of API endpoints by simple namespace string comparison to reduce the number of regex checks necessary when matching a route.

Props TimothyBlynJacobs.
Fixes #48530.

Built from https://develop.svn.wordpress.org/trunk@47260


git-svn-id: http://core.svn.wordpress.org/trunk@47060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 03:22:05 +00:00
K. Adam White 25d8f7240e REST API: List all core theme feature support details in /themes endpoint response.
Fully list which first-party core theme features are supported in the /themes endpoint response. This brings the REST API themes controller's response more in line with the output of get_theme_support().

Props adamboro, apieschel, koke, spacedmonkey, TimothyBlynJacobs.
See #49037.

Built from https://develop.svn.wordpress.org/trunk@47258


git-svn-id: http://core.svn.wordpress.org/trunk@47058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 02:00:07 +00:00
TimothyBlynJacobs 7019add74e REST API: Add support for the REDIRECT_HTTP_AUTHORIZATION header.
Previously the REST API did not account for server configurations where the Authorization header must be added using ModRewrite. This caused major DUX issues when trying to use custom authentication mechanisms.

Fixes #47077.
Props dshanske, cklosows.

Built from https://develop.svn.wordpress.org/trunk@47239


git-svn-id: http://core.svn.wordpress.org/trunk@47039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-10 16:08:16 +00:00
Sergey Biryukov a6949956d1 Administration: Capitalize `Trash` consistently in various messages and comments.
When used as a noun referring to the "virtual" place, `Trash` should be capitalized.

Props garrett-eclipse, aandrewdixon, Presskopp.
Fixes #45317.
Built from https://develop.svn.wordpress.org/trunk@47233


git-svn-id: http://core.svn.wordpress.org/trunk@47033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-10 04:12:07 +00:00
TimothyBlynJacobs 5ecd61023a REST API: Introduce selective link embedding.
Previously the _embed flag would embed all embeddable links in a response even if only a subset of the links were necessary. Now, a list of link relations can be passed in the _embed parameter to restrict the list of embedded objects.

Props rheinardkorf, adamsilverstein, jnylen0, cklosows, chrisvanpatten, TimothyBlynJacobs.
Fixes #39696.

Built from https://develop.svn.wordpress.org/trunk@47224


git-svn-id: http://core.svn.wordpress.org/trunk@47024 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-09 20:54:05 +00:00
Sergey Biryukov e79f7f71aa REST API: Merge "not allowed to create new terms" permission error message with an existing string.
Follow-up to [39309], [39313].

See #38857.
Built from https://develop.svn.wordpress.org/trunk@47166


git-svn-id: http://core.svn.wordpress.org/trunk@46966 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-02 05:41:03 +00:00
K. Adam White b78819c3fa REST API: Reuse previously-generated embedded objects when building collection response.
Store each generated embedded object in a temporary cache when querying for linked resources so that repeated links to the same resource do not trigger repeated queries or processing.

Props TimothyBlynJacobs.
Fixes #48838.


Built from https://develop.svn.wordpress.org/trunk@47138


git-svn-id: http://core.svn.wordpress.org/trunk@46938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-30 20:22:07 +00:00
Sergey Biryukov 001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov 2900bb8ea7 Docs: Update links to https://secure.php.net/, they now redirect to https://www.php.net/.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47088


git-svn-id: http://core.svn.wordpress.org/trunk@46888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-20 03:14:06 +00:00
Sergey Biryukov dd4d98a368 Docs: In various `@return` tags, list the expected type first, instead of `false`.
Follow-up to [46696].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47060


git-svn-id: http://core.svn.wordpress.org/trunk@46860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-11 18:32:05 +00:00
Sergey Biryukov ea6e0cc3ca Coding Standards: Use Yoda conditions in `wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php`.
Props jenilk.
Fixes #49150.
Built from https://develop.svn.wordpress.org/trunk@47050


git-svn-id: http://core.svn.wordpress.org/trunk@46850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-08 11:32:02 +00:00
Sergey Biryukov ce48d7502c REST API: Display the actual conflicting value in addition to the taxonomy name in the `_doing_it_wrong()` message for a conflicting `rest_base` or `name` property.
Follow-up to [47037] and [47045].

Props TimothyBlynJacobs.
See #48401.
Built from https://develop.svn.wordpress.org/trunk@47046


git-svn-id: http://core.svn.wordpress.org/trunk@46846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-06 17:09:04 +00:00
Sergey Biryukov a540d748d3 REST API: Display the taxonomy name in the `_doing_it_wrong()` message for a conflicting `rest_base` or `name` property, to match the translator comment.
Follow-up to [47037].

See #48401.
Built from https://develop.svn.wordpress.org/trunk@47045


git-svn-id: http://core.svn.wordpress.org/trunk@46845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-06 16:47:02 +00:00
Sergey Biryukov 28639fc8d5 I18N: Replace `rest_authentication_errors` filter name with a placeholder in a translatable string.
Follow-up to [38947] and [40038].

See #38446.
Built from https://develop.svn.wordpress.org/trunk@47044


git-svn-id: http://core.svn.wordpress.org/trunk@46844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-06 16:21:04 +00:00
K. Adam White 08f53ef906 REST API: Issue doing_it_wrong if a taxonomy's specified rest_base is already in use by a different resource.
Props fgiannar, TimothyBlynJacobs, kingkool68, SergeyBiryukov.
Fixes #48401.


Built from https://develop.svn.wordpress.org/trunk@47037


git-svn-id: http://core.svn.wordpress.org/trunk@46837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-03 19:24:03 +00:00
K. Adam White 7660fcda61 REST API: Short-circuit comment controller permissions check if commented-upon post type does not exist.
Props imani3011, dragosh635, subrataemfluence, timothyblynjacobs.
Fixes #42238.


Built from https://develop.svn.wordpress.org/trunk@47036


git-svn-id: http://core.svn.wordpress.org/trunk@46836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-03 18:44:03 +00:00
Sergey Biryukov 9bec6f1e54 REST API: Synchronize permission checks in `::get_items_permissions_check()` methods for post types, post statuses, and users:
* Only query post types with `'show_in_rest' => true` instead of looping over all post types and checking the `show_in_rest` property separately.
* Return from the `foreach()` loop as soon as the permission check succeeded.

Props pbiron, TimothyBlynJacobs, SergeyBiryukov.
Fixes #49118.
Built from https://develop.svn.wordpress.org/trunk@47034


git-svn-id: http://core.svn.wordpress.org/trunk@46834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-03 02:28:03 +00:00
whyisjake 9e87c5b7b4 Ensure that a user can publish_posts before making a post sticky.
Props: danielbachhuber, whyisjake, peterwilson, xknown.


Built from https://develop.svn.wordpress.org/trunk@46893


git-svn-id: http://core.svn.wordpress.org/trunk@46693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-12 17:52:02 +00:00
John Blackbourn f93ee2ca76 Docs: Increase the specificity of various docblock parameter types and return types.
See #48303
Built from https://develop.svn.wordpress.org/trunk@46823


git-svn-id: http://core.svn.wordpress.org/trunk@46623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-06 22:43:04 +00:00
John Blackbourn aa1fdcbd52 Docs: Correct various docblocks documentation.
See #48303
Built from https://develop.svn.wordpress.org/trunk@46821


git-svn-id: http://core.svn.wordpress.org/trunk@46621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-06 22:23:04 +00:00
Sergey Biryukov 1d1c74385f REST API: Use strict `in_array()` checks for the list of usernames blacklisted via `illegal_user_logins` filter.
See #48839.
Built from https://develop.svn.wordpress.org/trunk@46804


git-svn-id: http://core.svn.wordpress.org/trunk@46604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-29 22:04:02 +00:00
Sergey Biryukov 86c441140b REST API: Use a strict `in_array()` check in `WP_REST_Request::get_parameter_order()`.
See #48839.
Built from https://develop.svn.wordpress.org/trunk@46803


git-svn-id: http://core.svn.wordpress.org/trunk@46603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-29 22:01:03 +00:00
Sergey Biryukov d33571f7d5 REST API: Use a strict `in_array()` check in `WP_REST_Meta_Fields::get_registered_fields()`.
Props dkarfa.
Fixes #48839.
Built from https://develop.svn.wordpress.org/trunk@46802


git-svn-id: http://core.svn.wordpress.org/trunk@46602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-29 21:59:03 +00:00
Sergey Biryukov 04ba6a1d8f Docs: Correct parameter type for `$item` in `WP_REST_Terms_Controller::prepare_item_for_response()`.
Props diddledan, TimothyBlynJacobs.
Fixes #48616.
Built from https://develop.svn.wordpress.org/trunk@46731


git-svn-id: http://core.svn.wordpress.org/trunk@46531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-14 08:55:02 +00:00
John Blackbourn 3def77672d Docs: Correct some invalid hook docblocks.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46729


git-svn-id: http://core.svn.wordpress.org/trunk@46529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-12 22:42:02 +00:00
Sergey Biryukov 3d623995a8 Docs: In various `@return` tags, list the expected type first, instead of `WP_Error`.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@46696


git-svn-id: http://core.svn.wordpress.org/trunk@46496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-11 02:43:03 +00:00
Sergey Biryukov 1f816ad18d Docs: Use the `{@see ...}` tag for the replacement in `@deprecated` tags, so that Developer Reference could automatically link to the replacement.
Props jrf.
See #48255.
Built from https://develop.svn.wordpress.org/trunk@46685


git-svn-id: http://core.svn.wordpress.org/trunk@46485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-09 13:05:02 +00:00
John Blackbourn f545bb3f63 Docs: Improve documentation of known return types, plus other docs fixes.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46660


git-svn-id: http://core.svn.wordpress.org/trunk@46460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-05 21:23:02 +00:00
whyisjake 5b4fe55ee8 REST API: Fix for Yoda condition.
Little coding standards fix for the REST API.

Props mukesh27, spenserhale.

Fixes #48337.

Built from https://develop.svn.wordpress.org/trunk@46654


git-svn-id: http://core.svn.wordpress.org/trunk@46454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-05 17:38:03 +00:00
TimothyBlynJacobs 5124c542e1 REST API: Add tax relation parameter to posts collection.
The REST API supports filtering by terms across multiple taxonomies using an AND relation. This adds support for an OR relation by adding "tax_relation=OR" as a query parameter.

Props earnjam.
Fixes #44326.

Built from https://develop.svn.wordpress.org/trunk@46646


git-svn-id: http://core.svn.wordpress.org/trunk@46446 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-03 23:14:02 +00:00
Sergey Biryukov 2651ff3ae8 Docs: Update URLs in some `@link` tags and switch them to HTTPS.
Props tsuyoring.
Fixes #48479.
Built from https://develop.svn.wordpress.org/trunk@46626


git-svn-id: http://core.svn.wordpress.org/trunk@46423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-01 14:57:02 +00:00
John Blackbourn c08dbe5236 Docs: Coding standards fix after [46608].
See #48303

Built from https://develop.svn.wordpress.org/trunk@46609


git-svn-id: http://core.svn.wordpress.org/trunk@46406 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-28 19:35:07 +00:00
John Blackbourn 817807e5be Docs: Remove some funky nested filters.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46608


git-svn-id: http://core.svn.wordpress.org/trunk@46405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-28 19:04:05 +00:00
K. Adam White cfec48cc31 REST API: Cast empty meta values to correct scalar types in REST response.
Introducing complex meta value handling in [45807] unintentionally removed value casting for empty scalar meta values.

Props TimothyBlynJacobs, chrisvanpatten, rmccue, kadamwhite.
Fixes #48363.


Built from https://develop.svn.wordpress.org/trunk@46563


git-svn-id: http://core.svn.wordpress.org/trunk@46360 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-21 19:10:06 +00:00
Sergey Biryukov e8fcc3fbe7 Docs: Fix typo in a comment in `WP_REST_Settings_Controller::prepare_value()`.
Convert the comment to a multi-line format per the documentation standards.

Props itowhid06.
See #48296.
Built from https://develop.svn.wordpress.org/trunk@46471


git-svn-id: http://core.svn.wordpress.org/trunk@46269 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-13 10:02:04 +00:00
Peter Wilson 8730eb34e3 Docs: Correct comment typo in WP_REST_Terms_Controller::update_item().
Props manikmist09.
Fixes #48295. See #47110.

Built from https://develop.svn.wordpress.org/trunk@46469


git-svn-id: http://core.svn.wordpress.org/trunk@46267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-13 02:42:01 +00:00
K. Adam White 55560a708f REST API: Do not addslash when receiving meta arrays of non-string values.
Slashing non-string data caused PUT requests containing unmodified meta arrays of integers to fail the check against the existing stored meta value, causing a 500 when posting an unmodified response body back to the server.

Props TimothyBlynJacobs, augustuswm.
Fixes #48264.

Built from https://develop.svn.wordpress.org/trunk@46454


git-svn-id: http://core.svn.wordpress.org/trunk@46252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-09 17:36:01 +00:00
K. Adam White ed11103f39 REST API: Ensure rest_controller instantiates the post type's declared REST controller class.
Ensures that the ::get_rest_controller() method will always return an instanceof the expected controller class, or null.
Removes unused private static property $post_type_controllers.

Props dlh, TimothyBlynJacobs.
Fixes #45677.


Built from https://develop.svn.wordpress.org/trunk@46435


git-svn-id: http://core.svn.wordpress.org/trunk@46233 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 13:43:02 +00:00
K. Adam White 5815551dfe REST API: Permit embedding of the 'self' link relation in the /search endpoint.
Removes a special-case prohibition against embedding 'self' which prevented ?_embed from being used with the /wp/v2/search endpoint.

Props TimothyBlynJacobs, chrisvanpatten, kadamwhite.
Fixes #47684.


Built from https://develop.svn.wordpress.org/trunk@46434


git-svn-id: http://core.svn.wordpress.org/trunk@46232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 04:45:02 +00:00
K. Adam White de6d164870 REST API: Ensure users with "moderate_comments" capability may edit comments.
Props meloniq.
Fixes #47024.


Built from https://develop.svn.wordpress.org/trunk@46433


git-svn-id: http://core.svn.wordpress.org/trunk@46231 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 04:02:02 +00:00
Andrew Ozz 67b2ff7bc3 REST API: Add support for continuing the post-processing of images after upload. Flow:
1. `POST /wp/v2/media`.
2. If the upload failed (HTTP 500 error), look for a response header with `X-WP-Upload-Attachment-ID` header that contains the newly created attachment ID.
3. `POST /wp/v2/media/{id}/post-process` with `{ "action": "create-image-subsizes" }`. This request may still fail, but it will save its progress.
4. On continued failure, `DELETE /wp/v2/media/{id}` to give up on the upload and instruct the user to resize their image before uploading.

Props TimothyBlynJacobs.
Fixes #47987.
Built from https://develop.svn.wordpress.org/trunk@46422


git-svn-id: http://core.svn.wordpress.org/trunk@46220 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-07 17:06:03 +00:00
Sergey Biryukov 736403a26e REST API: Combine `array` and `object` cases in `WP_REST_Meta_Fields::get_default_for_type()` to remove duplicated line.
Add missing description for `$type` parameter.

Props itowhid06, dkarfa.
Fixes #48169.
Built from https://develop.svn.wordpress.org/trunk@46346


git-svn-id: http://core.svn.wordpress.org/trunk@46145 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-29 22:34:57 +00:00
K. Adam White 10772e8499 REST API: Introduce WP_Post_Type::get_rest_controller() caching method to prevent unnecessary REST controller construction.
Cache REST controller references on their associated post type object to prevent unnecessary controller re-instantiation, which previously caused "rest_prepare_{$post_type}" and "rest_{$post_type}_query" to run twice per request.

Props TimothyBlynJacobs, patrelentlesstechnologycom.
Fixes #45677.

Built from https://develop.svn.wordpress.org/trunk@46272


git-svn-id: http://core.svn.wordpress.org/trunk@46084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-23 20:25:57 +00:00
K. Adam White ef86b03619 REST API: Introduce date_floating property on status endpoint response objects.
Expose a date_floating property on all status objects to permit clients (including the block editor) to make correct decisions about date handling for posts of varying status.

Props mnelson4, earnjam, kadamwhite, jnylen0, nerrad, pento.
See #39953.


Built from https://develop.svn.wordpress.org/trunk@46252


git-svn-id: http://core.svn.wordpress.org/trunk@46064 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-23 17:40:58 +00:00
K. Adam White b15c0d410e REST API: Pass "null" as the post date property to reset post to initial "floating" date value.
Props TimothyBlynJacobs, adamsilverstein, jnylen0, mnelson4.
Fixes #44975.


Built from https://develop.svn.wordpress.org/trunk@46249


git-svn-id: http://core.svn.wordpress.org/trunk@46061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-23 17:25:57 +00:00
desrosj 3cf6276ed0 Code Modernization: Remove JSON extension workarounds for PHP < 5.6.
The PHP native JSON extension has been bundled and compiled with PHP by default since version 5.2.0. Because the minimum version of PHP required by WordPress is now 5.6.20 (see #46594 and [45058]), JSON extension related polyfills and backwards compatibility code can now be removed.

This change removes code that supported JSON related functionality on older versions of PHP. This includes (but is not limited to) checks that `json_last_error()` exists, checking and setting the `JSON_UNESCAPED_SLASHES` and `JSON_PRETTY_PRINT` constants if not previously defined, and deprecating the `_wp_json_prepare_data()` function (which was 100% workaround code).

Follow up of [46205].

See #47699.
Props jrf, Clorith, pento.
Built from https://develop.svn.wordpress.org/trunk@46206


git-svn-id: http://core.svn.wordpress.org/trunk@46018 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-20 20:08:57 +00:00
K. Adam White 6c931ed61a REST API: Revert [45687].
This change may not be needed and further investigation is required before we accept it into a release.

See #46907.


Built from https://develop.svn.wordpress.org/trunk@46191


git-svn-id: http://core.svn.wordpress.org/trunk@46003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-19 15:50:59 +00:00
K. Adam White 66f907b2eb REST API: Support dot.nested hierarchical properties in _fields query parameter.
Enable clients to opt-in to receipt of one or more specific sub-properties within a response, and not other sub-properties.
Skip potentially expensive filtering and processing for post resources which were explicitly not requested.

Props kadamwhite, TimothyBlynJacobs, dlh.
Fixes #42094.

Built from https://develop.svn.wordpress.org/trunk@46184


git-svn-id: http://core.svn.wordpress.org/trunk@45996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-19 14:05:55 +00:00
Aaron Jorbin dd3ad3ac51 GENERAL: Remove magic quote functions
The path to magic quote sanity took a fun and exciting turn: PHP core removed it and WordPress updated the minimum version.

For the formally external pclzip, the code is commented out to make investigating easier and in case we ever need to merge upstream (if that still exists) changes.

Props ayeshrajans, jrf, jorbin.
See #47783.
Fixes #18322.

Built from https://develop.svn.wordpress.org/trunk@46105


git-svn-id: http://core.svn.wordpress.org/trunk@45917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-13 22:21:01 +00:00
K. Adam White 742ab2d68b REST API: Return term resources in "edit" context after PUT or POST request.
Props westonruter, dlh.
Fixes #41411.


Built from https://develop.svn.wordpress.org/trunk@46098


git-svn-id: http://core.svn.wordpress.org/trunk@45910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-12 21:29:57 +00:00
Sergey Biryukov dcb08f0637 Docs: Fix placement of some duplicate hook references.
Hook documentation should be on the line directly above the line containing the `do_action()` or `apply_filters()` call. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of duplicate hook references.

Includes minor code layout fixes.

See #47110.
Built from https://develop.svn.wordpress.org/trunk@46088


git-svn-id: http://core.svn.wordpress.org/trunk@45900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-10 19:23:55 +00:00
Sergey Biryukov 6cab9557fb REST API: Mark `WP_REST_Users_Controller::update_current_item()` and `::delete_current_item()` as public.
Props dkarfa.
Fixes #47967.
Built from https://develop.svn.wordpress.org/trunk@46070


git-svn-id: http://core.svn.wordpress.org/trunk@45882 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-05 23:18:55 +00:00
Sergey Biryukov 65747e3c91 Docs: Remove extra spaces in various REST API DocBlocks.
See #47110.
Built from https://develop.svn.wordpress.org/trunk@46069


git-svn-id: http://core.svn.wordpress.org/trunk@45881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-05 23:05:55 +00:00
Sergey Biryukov 7fb9cba55a Docs: Correct DocBlocks for `WP_REST_Posts_Controller::get_available_actions()` and `WP_REST_Revisions_Controller::get_parent()`.
Props dkarfa.
Fixes #47966.
Built from https://develop.svn.wordpress.org/trunk@46068


git-svn-id: http://core.svn.wordpress.org/trunk@45880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-05 22:59:54 +00:00
Sergey Biryukov e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation.
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
Sergey Biryukov 16b8d91baa I18N: Improve translator comments.
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.

Includes minor code layout fixes.

Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!

Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes #44360.
Built from https://develop.svn.wordpress.org/trunk@45926


git-svn-id: http://core.svn.wordpress.org/trunk@45737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-01 17:13:59 +00:00
K. Adam White 181d77f04e REST API: Only cast scalar types to string when comparing new & old meta values.
Newly-supported array and object meta types should not be cast to strings.

Props TimothyBlynJacobs, caercam.
Fixes #47928.

Built from https://develop.svn.wordpress.org/trunk@45903


git-svn-id: http://core.svn.wordpress.org/trunk@45714 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-28 03:08:55 +00:00
K. Adam White 7eed5eff61 REST API: Always return post types list in taxonomies endpoint response as an array.
Prevents a non-sequential post type array such as [ 0 => 'post', 2 => 'page' ] from being improperly converted to an object in the taxonomy endpoint's response JSON.

Props TimothyBlynJacobs, birgire, spectacula.
Fixes #42209.

Built from https://develop.svn.wordpress.org/trunk@45813


git-svn-id: http://core.svn.wordpress.org/trunk@45624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 22:12:55 +00:00
K. Adam White 00cb4c7dbd REST API: Prevent deletion of post revisions.
Allowing the client to delete revisions breaks the "audit trail" functionality. This is not allowed in WordPress and shouldn't be allowed through the API.
While not recommended, a plugin may opt-in to the previous behavior by setting a custom 'delete_post' capability for the revisions post type.

Props dlh, danielbachhuber, TimothyBlynJacobs, azaozz, kadamwhite.
Fixes #43709.


Built from https://develop.svn.wordpress.org/trunk@45812


git-svn-id: http://core.svn.wordpress.org/trunk@45623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 22:01:55 +00:00
K. Adam White 5dbb64d0dd REST API: Cache results of get_item_schema on controller instances for performance.
Caches the output of get_item_schema() to avoid redundant recomputation of translatable strings and other computed values. This method is called many times per item in each REST request, and the results of the method should not vary between calls.
Additional schema fields are not cached.

Props kadamwhite, joehoyle, TimothyBlynJacobs.
Fixes #47871.

Built from https://develop.svn.wordpress.org/trunk@45811


git-svn-id: http://core.svn.wordpress.org/trunk@45622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 21:09:55 +00:00
K. Adam White dbfa0c7ed4 REST API: Clarify arguments passed to rest route get & update callbacks.
Update doc block argument definitions to clarify that the REST API always passes an array to the `get_callback` and always passes an entity object to the `update_callback`.

Props TimothyBlynJacobs, salzano.
Fixes #44432.


Built from https://develop.svn.wordpress.org/trunk@45810


git-svn-id: http://core.svn.wordpress.org/trunk@45621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 20:04:55 +00:00
K. Adam White 8dcc10693f REST API: Do not send response body if status is 204 or body is null.
Status code 204 should indicate no response body is sent. Previously, a "null" string was sent, which MacOS Safari would try to parse as JSON and thereby fail to complete the request.

Props TimothyBlynJacobs, andizer, matthias.thiel.
Fixes #43691.


Built from https://develop.svn.wordpress.org/trunk@45809


git-svn-id: http://core.svn.wordpress.org/trunk@45620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 19:56:55 +00:00
K. Adam White 5b318f1dda REST API: Support 'object' and 'array' types in register_meta() schemas.
Extends meta registration to support complex schema values, mirroring the functionality in the settings controller.
Error when trying to modify a meta key containing schema-nonconformant data.

Props @TimothyBlynJacobs, @birgire, @mnelson4, @flixos90.
Fixes #43392.


Built from https://develop.svn.wordpress.org/trunk@45807


git-svn-id: http://core.svn.wordpress.org/trunk@45618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 17:17:55 +00:00
Sergey Biryukov c26f1c5d90 Taxonomy: Fix deprecated calls to `get_terms()`.
The taxonomy should be passed as part of `$args`, rather than as its own argument.

Props sgastard, mukesh27, SergeyBiryukov.
Fixes #47819.
Built from https://develop.svn.wordpress.org/trunk@45723


git-svn-id: http://core.svn.wordpress.org/trunk@45534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-03 03:35:56 +00:00
K. Adam White 5f9ba92af4 REST API: Skip processing fields which are not present in the selected context.
In `WP_REST_Controller::get_fields_for_response()`, exclude fields which are not registered to appear in the request's context.

In conjunction with r45705 this prevents the unnecessary computation of the sample permalink when making a request that is not context=edit.

Props dlh.
Fixes #45605.

Built from https://develop.svn.wordpress.org/trunk@45706


git-svn-id: http://core.svn.wordpress.org/trunk@45517 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-31 20:21:56 +00:00
K. Adam White d296736b75 REST API: Generate sample permalink only when a dependent field is requested.
The sample permalink will now only be generated if the derivative `permalink_template` or `generated_slug` fields are to be included in the response, preventing an unnecessary database request for each post (via `wp_unique_post_slug()`) when those fields are not requested.

Props dlh.
See #45605.

Built from https://develop.svn.wordpress.org/trunk@45705


git-svn-id: http://core.svn.wordpress.org/trunk@45516 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-31 20:00:57 +00:00
Dominik Schilling 4d3ca52c45 REST API: Pass current request object to `rest_authentication_errors` filter in `WP_REST_Server::check_authentication()`.
Fixes #46907.
Built from https://develop.svn.wordpress.org/trunk@45687


git-svn-id: http://core.svn.wordpress.org/trunk@45498 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-27 13:44:57 +00:00
Sergey Biryukov 33b2fbc7e7 REST API: Make "Could not update meta value in database" error messages more helpful.
Props apermo, AkSDvP.
Fixes #46252.
Built from https://develop.svn.wordpress.org/trunk@45681


git-svn-id: http://core.svn.wordpress.org/trunk@45492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-26 13:20:56 +00:00
Gary Pendergast a571a7d621 Code Modernisation: Fix known instances of array access on data types that can't be accessed as arrays.
PHP 7.4 addes a warning when trying access a null/bool/int/float/resource (everything but array, string and object) as if it were an array.

This change fixes all of these warnings visible in unit tests.

Props jrf.
See #47704.



Built from https://develop.svn.wordpress.org/trunk@45639


git-svn-id: http://core.svn.wordpress.org/trunk@45450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-15 06:25:57 +00:00
Sergey Biryukov e85a5c64a3 REST API: Allow `rest_get_avatar_urls()` to accept full user, post, or comment objects, rather than just an email address, to provide better flexibility for alternative avatar data.
Since the function uses `get_avatar_url()` internally, which already supports it, this should not have any backward compatibility concerns.

Props donmhico, dshanske, pputzer, joehoyle, TimothyBlynJacobs.
Fixes #40030.
Built from https://develop.svn.wordpress.org/trunk@45632


git-svn-id: http://core.svn.wordpress.org/trunk@45443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-14 14:35:56 +00:00
Gary Pendergast abcbee954f Coding Standards: Fix instances of `WordPress.PHP.NoSilencedErrors.Discouraged`.
Noteable changes:
- The `magic_quotes_runtime` and `magic_quotes_sybase` settings were removed in PHP 5.4, so no longer need to be set.
- Some functions that use external libraries can generate errors that can't be tested for, so are globally allowed to silence errors.
- Quite a few functions would cause errors if `safe_mode` was set. This setting was removed in PHP 5.4.
- Only a handful of `header()` calls needed corresponding `headers_sent()` checks for unit tests to pass, but more may need to be added as the nightlies builds are tested.

See #46732.

Built from https://develop.svn.wordpress.org/trunk@45611


git-svn-id: http://core.svn.wordpress.org/trunk@45422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-09 05:45:58 +00:00
Gary Pendergast 4803fc405e Coding Standards: Fix the `Squiz.PHP.DisallowMultipleAssignments` violations in `wp-includes`.
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45590


git-svn-id: http://core.svn.wordpress.org/trunk@45401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-02 23:42:58 +00:00
Sergey Biryukov e23ce44744 REST API: Call `WP_REST_Server::get_compact_response_links()` and `::get_raw_data()` static methods the right way.
Props andizer, TimothyBlynJacobs.
Fixes #47578.
Built from https://develop.svn.wordpress.org/trunk@45566


git-svn-id: http://core.svn.wordpress.org/trunk@45377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-06-26 18:07:54 +00:00
Sergey Biryukov 2205bc5e92 I18N: Merge duplicate "Invalid post parent ID" strings.
Props ramiy.
Fixes #47270.
Built from https://develop.svn.wordpress.org/trunk@45444


git-svn-id: http://core.svn.wordpress.org/trunk@45255 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-26 19:05:53 +00:00
Sergey Biryukov c77e771c84 Date/Time: Replace all instances of `date()` with `gmdate()`.
Use of `date()` in core depends on PHP timezone set to UTC and not changed by third party code (which cannot be guaranteed).

`gmdate()` is functionally equivalent, but is not affected by PHP timezone setting: it's always UTC, which is the exact behavior the core needs.

Props nielsdeblaauw, Rarst.
Fixes #46438. See #44491.
Built from https://develop.svn.wordpress.org/trunk@45424


git-svn-id: http://core.svn.wordpress.org/trunk@45235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-26 00:12:54 +00:00
Sergey Biryukov 1a24aaa380 Docs: Add a `@see` reference to `WP_REST_Revisions_Controller` in `WP_REST_Autosaves_Controller` DocBlock.
Props chintan1896.
Fixes #47232.
Built from https://develop.svn.wordpress.org/trunk@45307


git-svn-id: http://core.svn.wordpress.org/trunk@45116 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-14 23:53:57 +00:00
Sergey Biryukov cbd6fd7a30 Docs: Add missing `@see` tag to `WP_REST_Post_Search_Handler` DocBlock.
Props vishitshah.
Fixes #47230.
Built from https://develop.svn.wordpress.org/trunk@45305


git-svn-id: http://core.svn.wordpress.org/trunk@45114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-14 15:00:07 +00:00
Sergey Biryukov 6860a1d759 Docs: Convert `@see` reference in `WP_REST_Request` DocBlock to `@link`, to avoid a broken link in Developer Reference.
See #47110.
Built from https://develop.svn.wordpress.org/trunk@45304


git-svn-id: http://core.svn.wordpress.org/trunk@45113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-14 14:56:08 +00:00
K. Adam White 0b6f00fde2 REST API: Always urlencode_deep() query args in get_items methods.
Passing all received query arguments through urlencode_deep ensures that the full set of query arguments are encoded in the same way.

Props dmsnell.
Fixes #46199

Built from https://develop.svn.wordpress.org/trunk@45267


git-svn-id: http://core.svn.wordpress.org/trunk@45076 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-25 00:08:52 +00:00
Sergey Biryukov b6471e9be4 Bootstrap/Load: Remove duplicate leading slashes on inclusion of various files under `ABSPATH`.
Props dmsnell, birgire, szepe.viktor.
Fixes #46327.
Built from https://develop.svn.wordpress.org/trunk@45190


git-svn-id: http://core.svn.wordpress.org/trunk@44999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-13 04:46:52 +00:00
K. Adam White fac9f5f9fb REST API: Avoid undefined-property notice when setting parent term to 0.
Only try to access `term_id` once `$parent_term` is known to be a `WP_Term`.

Props dlh, earnjam.
Fixes #44983.

Built from https://develop.svn.wordpress.org/trunk@44965


git-svn-id: http://core.svn.wordpress.org/trunk@44796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 18:59:52 +00:00
K. Adam White 5a10d82b33 REST API: Remove unused attachments controller method.
The `validate_user_can_query_private_statuses` method is itself unused, and calls a parent class method previously removed in r39104.

Props dlh.
Fixes #45611.


Built from https://develop.svn.wordpress.org/trunk@44934


git-svn-id: http://core.svn.wordpress.org/trunk@44765 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-19 03:28:51 +00:00
Aaron Jorbin 71cf332e65 Replace usages of basename() with wp_basename() in order to support multibyte filenames
This is focused on the pieces of code that touch media files and the tests that support them. `basename` isn't multibyte compatible out of the box. See http://php.net/basename and https://bugs.php.net/bug.php?id=62119.

See #43170.
Props Viper007Bond.

Built from https://develop.svn.wordpress.org/trunk@44785


git-svn-id: http://core.svn.wordpress.org/trunk@44617 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-01 20:58:52 +00:00
desrosj 56bb62543d REST API: Allow a user to change the letter casing of their email.
When a `PUT` request is performed to update a user, a `rest_user_invalid_email` error is incorrectly being returned when the email exists with different letter casing, even if it belongs to the user being updated. `email_exists()` performs a case insensitive lookup, but the conditional statement following that lookup was performing a strict comparison between the new email and the user’s current email.

This changes that comparison to instead compare the user ID returned by `email_exists()` with the user ID being updated. This more closely matches the logic used in `edit_user()` and allows a user to change the letter casing of their email.

Props fuchsws, rachelbaker, desrosj.
Fixes #44672.
Built from https://develop.svn.wordpress.org/trunk@44641


git-svn-id: http://core.svn.wordpress.org/trunk@44472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-17 21:25:51 +00:00
Felix Arntz a71d208785 General: Fix problematic string to array parsing.
WordPress has historically often used code like `preg_split( '/[\s,]+/', $var )` to parse a string of comma-separated values into an array. However, this approach was causing an empty string to not be parsed into an empty array as expected, but rather into an array with the empty string as its sole element.

This was among other areas causing problems in the REST API where passing an empty request parameter could cause that request to fail because, instead of it being ignored, that parameter would be compared against the valid values for it, which typically do not include an empty string.

Props david.binda, sstoqnov.
Fixes #43977.

Built from https://develop.svn.wordpress.org/trunk@44546


git-svn-id: http://core.svn.wordpress.org/trunk@44377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-10 21:06:49 +00:00
desrosj cd7b916d55 REST API: Introduce `rest_post_search_query` filter.
This filter allows the query arguments to be manipulated for a post search query in the REST API.

Props Chouby, swissspidy.
Fixes #45454.
Built from https://develop.svn.wordpress.org/trunk@44482


git-svn-id: http://core.svn.wordpress.org/trunk@44313 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-08 21:45:48 +00:00
Sergey Biryukov 8880458212 REST API: Remove a duplicate `require_once()`.
In `WP_REST_Attachments_Controller::create_item()`, `wp-admin/includes/image.php` was being `require_once()`-ed... twice. The superflous `require_once()` has been quietly removed.

Props david.binda.
Merges [44206] to trunk.
Fixes #45420.
Built from https://develop.svn.wordpress.org/trunk@44309


git-svn-id: http://core.svn.wordpress.org/trunk@44139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-19 03:27:26 +00:00
desrosj bc9dfcfeb1 REST API: Preserve unknown, respect `null` in server-side block rendering.
- Skips validation where there is no attribute definition, but keeps the attribute value. Previously, the attribute would be omitted from the attributes passed to `render_callback`. Notably, this resolves an issue where `render_callback` cannot receive a block's `align` and `customClassName` attribute values, since these are defined as a client-side filter.
- Validates `null` as a proper value in its own right. Previously, a client implementation of a block could track `{“attribute":null}` as an explicitly empty value, and the server would wrongly initiate defaulting behavior. The new behavior will now only populate a default value if the attribute is not defined at all, including when unset in its being invalid per the attribute schema. 

Props aduth, noisysocks, youknowriad, danielbachhuber.

Merges [43918] to trunk.

See #45145 for the patch, #45098 for the original ticket.
Built from https://develop.svn.wordpress.org/trunk@44269


git-svn-id: http://core.svn.wordpress.org/trunk@44099 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-17 18:00:52 +00:00
desrosj f2b97f3c7f REST API: Always include `title.raw`/`content.raw` for Blocks in `context=view`.
Demarcations for reusable blocks are always expected to be accessible by clients.

Props noisysocks, youknowriad.

Merges [43917] to trunk.

See #45145 for the patch, #45098 for the original ticket.
Built from https://develop.svn.wordpress.org/trunk@44268


git-svn-id: http://core.svn.wordpress.org/trunk@44098 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-17 17:22:52 +00:00
Sergey Biryukov ff3ea55f76 REST API: Include fields with null schema in `get_fields_for_response()`.
In [43736], we prevented rendering fields when not present in `?_fields=`. However, because `get_fields_for_response()` is dependent on `get_item_schema()`, any custom fields registered with a null schema would be incorrectly excluded from the response. Because the REST API permits a null schema for `register_rest_field()`, those fields should be included in the available fields for a response.

Props danielbachhuber.
Merges [43908] to trunk.
Fixes #45220.
Built from https://develop.svn.wordpress.org/trunk@44254


git-svn-id: http://core.svn.wordpress.org/trunk@44084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-17 03:29:47 +00:00
Sergey Biryukov 940a4be804 REST API: Avoid using 'parent' as path argument name for autosaves.
When 'parent' is set as the path argument name, it gets passed down through to the `create_item()` method and can erroneously reset the 'parent' value on the post itself. Instead, we rename the argument to 'id' and replicate the revision controller's `get_items_permissions_check()` to instead reference 'id'.

Also ensures revision query params (of which there are many) aren't exposed as the query params for autosaves (of which there are two).

Props TimothyBlynJacobs.
Merges [43897] to trunk.
See #43316.
Built from https://develop.svn.wordpress.org/trunk@44250


git-svn-id: http://core.svn.wordpress.org/trunk@44080 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-17 03:26:22 +00:00
Jeremy Felt 58fdce722c REST API: Prevent duplicate firing of `rest(_after)?_insert_attachment` actions.
Merges [43862] from the 5.0 branch to trunk.

Props danielbachhuber, peterwilsoncc.
Fixes #45269.
See #42864.

Built from https://develop.svn.wordpress.org/trunk@44225


git-svn-id: http://core.svn.wordpress.org/trunk@44055 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-17 03:05:20 +00:00
Jeremy Felt e42dd489bc REST API: Restore access to audio/video metadata functions.
Ensures `wp_read_video_metadata()`/`wp_read_audio_metadata()` functions are available when uploading video and audio. Fixes error introduced in [43589].

Merges [43850] from the 5.0 branch to trunk.

Props ocean90.
See #43757.

Built from https://develop.svn.wordpress.org/trunk@44216


git-svn-id: http://core.svn.wordpress.org/trunk@44046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-16 01:26:53 +00:00
Gary Pendergast d2782aabc5 REST API: Improve performance by avoiding `call_user_func()`.
The `get_compact_response_links()` method was introduced in WP 4.5, and this conditional is no longer necessary.

Merges [43834] from the 5.0 branch to trunk.

Props schlessera, timothyblynjacobs.
Fixes #45189.

Built from https://develop.svn.wordpress.org/trunk@44173


git-svn-id: http://core.svn.wordpress.org/trunk@44003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 06:04:55 +00:00
Jeremy Felt c3e927d2c8 REST API: Add endpoints for blocks.
`WP_REST_Block_Renderer_Controller` allows rendering of server-side rendered blocks, whilst `WP_REST_Blocks_Controller` allows retrieving of reusable blocks.

Merges [43805] and [43806] from the 5.0 branch to trunk.

Props desrosj, danielbachhuber, pento, Presskopp, swissspidy.
See #45065, #45098.

Built from https://develop.svn.wordpress.org/trunk@44150


git-svn-id: http://core.svn.wordpress.org/trunk@43980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 02:35:38 +00:00
Jeremy Felt c339798b49 Themes: Introduce responsive embeds support.
Responsive embeds is a way for a theme to opt in to WordPress dynamically scaling the width/height of an embed. When a theme supports responsive embeds, a `wp-embed-responsive` class is added to the `<body>` tag. This information is also presented through the REST API for clients to respect.

Merges [43790] and [43791] from the 5.0 branch to trunk.

Props desrosj, danielbachhuber, ocean90.
Fixes #45125.

Built from https://develop.svn.wordpress.org/trunk@44138


git-svn-id: http://core.svn.wordpress.org/trunk@43968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 01:50:37 +00:00
Gary Pendergast 423c828330 REST API: Include `block_version` on Post `content` object.
The `block_version` denotes which version of Blocks the `post_content` contains. Introduces new `block_version()` function for versioning Blocks.

Merges [43770] from the 5.0 branch to trunk.

Props danielbachhuber, birgire.
Fixes #43887.

Built from https://develop.svn.wordpress.org/trunk@44127


git-svn-id: http://core.svn.wordpress.org/trunk@43957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 00:55:37 +00:00
desrosj d4d16ec083 REST API: Introduce Autosaves controller and endpoint.
- Adds `WP_REST_Autosaves_Controller` which extends `WP_REST_Revisions_Controller`.
- Autosaves endpoint is registered for all post types except attachment because even post types without revisions enabled are expected to autosave.
- Because setting the `DOING_AUTOSAVE` constant pollutes the test suite, autosaves tests are run last. We may want to improve upon this later. 

Also, use a truly impossibly high number in User Controller tests. The number `100`, (or `7777` in `trunk`), could be valid in certain test run configurations. The `REST_TESTS_IMPOSSIBLY_HIGH_NUMBER` constant is impossibly high for this very reason.

Finally, Skip Autosaves controller test for multisite. There's a PHP 5.2 edge case where paths calculated differently, possibly caused by differing version of PHPUnit.

Props adamsilverstein, aduth, azaozz, danielbachhuber, rmccue, danielbachhuber.

Merges [43767], [43768], [43769] to trunk.

See #45132, #45131.
Fixes #45128, #43316.
Built from https://develop.svn.wordpress.org/trunk@44126


git-svn-id: http://core.svn.wordpress.org/trunk@43956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 22:42:38 +00:00
desrosj 4e57c6f941 REST API: Slash existing meta values when comparing with incoming meta upates.
When comparing the old and new values for a meta key being set, ensure both values are sanitized using the same logic so that equal values match.

props boonebgorges, dcavins, MattGeri, pilou69, TimothyBlynJacobs, kadamwhite.

Merges [43740] to trunk.

Fixes #42069.
Built from https://develop.svn.wordpress.org/trunk@44113


git-svn-id: http://core.svn.wordpress.org/trunk@43943 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 16:30:37 +00:00
Gary Pendergast 6cbb6f9bd2 REST API: Introduce controller for searching across post types.
Introduces a `WP_REST_Search_Controller` class which registers a `/wp/v2/search` endpoint. Search types are handled by extending `WP_REST_Search_Handler`. The default search type is `WP_REST_Post_Search_Handler` but can be filtered by plugins or a theme.

Merges [43739,43741] from the 5.0 branch to trunk.

Props danielbachhuber, flixos90, pento, rmccue, joehoyle.
Fixes #39965.


Built from https://develop.svn.wordpress.org/trunk@44107


git-svn-id: http://core.svn.wordpress.org/trunk@43937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 09:38:25 +00:00
desrosj 6e3adbfe8c REST API: Fire actions after items are completely updated/inserted.
The existing `rest_insert_*` actions are fired before meta and additional fields are updated. These new `rest_after_*` actions fire after all write operations have completed.

Props timothyblynjacobs, danielbachhuber.

Merges [43737] to trunk.

Fixes #42864.
Built from https://develop.svn.wordpress.org/trunk@43987


git-svn-id: http://core.svn.wordpress.org/trunk@43819 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-12 21:12:24 +00:00
desrosj a5b0312f1e REST API: Don't add fields to object when not included in `?_fields=`.
In [43087], we improved REST API performance by only rendering the fields specified in the request. Similarly, any fields registered with `register_rest_field()` should only be rendered when included in `?_fields=`.

Props dlh, danielbachhuber.

Merges [43736] to trunk.

Fixes #45099.
Built from https://develop.svn.wordpress.org/trunk@43986


git-svn-id: http://core.svn.wordpress.org/trunk@43818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-12 20:51:25 +00:00
Jeremy Felt c108cbfa52 REST API: Introduce themes endpoint to expose theme-supports values for the active theme.
In order to correctly render parts of its UI, the new editor needs to be aware of the active theme's post-formats and post-thumbnails support. This data is exposed by querying for the active theme on a new /wp/v2/themes endpoint for sufficiently privileged users.

Merges [43734], [43735] to trunk.

props desrosj.
Fixes #45016.

Built from https://develop.svn.wordpress.org/trunk@43985


git-svn-id: http://core.svn.wordpress.org/trunk@43817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-12 03:33:24 +00:00
Jeremy Felt a0446fdfe8 REST API: Include permalink_template/generated_slug for Posts
In order for clients to present permalink previews, the REST API must share the computed results of get_sample_permalink(). These two values are now exposed as permalink_template and generated_slug for public, viewable post types, but only for context=edit.

Merges [43720] to trunk.

Props danielbachhuber, rahulsprajapati.
Fixes #45017.

Built from https://develop.svn.wordpress.org/trunk@43980


git-svn-id: http://core.svn.wordpress.org/trunk@43812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-12 02:12:24 +00:00
desrosj a36830c4cb REST API: Enable users with read_private_posts to query for them.
An authorized request with the read_private_posts capability for a post type should be able to GET /wp/v2/posts for posts of status=private. This query is further sanity-checked by WP_REST_Posts_Controller->check_read_permission(), which is unchanged.

Props rachelbaker, soulseekah, twoelevenjay.

Moves [43694] from the 5.0 branch to trunk.

Fixes #43701.
Built from https://develop.svn.wordpress.org/trunk@43979


git-svn-id: http://core.svn.wordpress.org/trunk@43811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-11 22:30:24 +00:00
Aaron Jorbin e945a21758 REST API: Declare unfiltered_html capability in links.
Because user capabilities can be modified at runtime, the REST API needs to expose them in some evaluated but declarative manner for clients to interpret. JSON Hyper Schema targetSchema provides an appropriate paradigm for doing so.

Merges [43682] to trunk.

Props timothyblynjacobs.

Fixes #45014.

Built from https://develop.svn.wordpress.org/trunk@43974


git-svn-id: http://core.svn.wordpress.org/trunk@43806 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-11 04:13:23 +00:00
Aaron Jorbin 8169b49e75 REST API: Persist attributes for attachment links
In [43437], the link definition implementation caused attachment links to be unexpectedly nested under an attributes key. This changeset restores the prior behavior.

Merges [43681] to trunk.

Props TimothyBlynJacobs, danielbachhuber.
Fixes #44750.

Built from https://develop.svn.wordpress.org/trunk@43973


git-svn-id: http://core.svn.wordpress.org/trunk@43805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-11 04:01:26 +00:00
K. Adam White 42b578ad94 REST API: Pass correct ID to `meta->update_value` to permit setting term meta during term creation.
Props joehoyle.
Fixes #44834.


Built from https://develop.svn.wordpress.org/trunk@43636


git-svn-id: http://core.svn.wordpress.org/trunk@43465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-12 23:56:24 +00:00
Rachel Baker d372b53ad7 REST API: Load missing required file for multisite users in `WP_REST_Attachments_Controller::create_item()`.
Requires wp-admin/includes/image.php to make `wp_read_image_metadata()` function available. Fixes error introduced in [43589].

Props ocean90, soulseekah.
Fixes #43757.
Built from https://develop.svn.wordpress.org/trunk@43604


git-svn-id: http://core.svn.wordpress.org/trunk@43433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-31 23:46:23 +00:00
Rachel Baker ad5cb69c91 REST API: Load missing required file for multisite users in `WP_REST_Attachments_Controller::check_upload_size()`.
Requires wp-admin/includes/ms.php to make `upload_is_user_over_quota()` function available to multisite users uploading files.

Props JakePT, rachelbaker.
Fixes #44864.
Built from https://develop.svn.wordpress.org/trunk@43603


git-svn-id: http://core.svn.wordpress.org/trunk@43432 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-31 23:26:24 +00:00
Rachel Baker 062568e6b6 REST API: Limit the scope of wp-admin files required in WP_REST_Attachments_Controller methods.
Narrow the scope of the included wp-admin files loaded for `wp_generate_attachment_metadata()`, `wp_handle_upload()`, `wp_tempnam()`, and `wp_handle_sideload()`. Requires only wp-admin/includes/file.php and wp-admin/includes/image.php instead of wp-admin/includes/admin.php. 

Props lonelyvegan, soulseekah, pratikthink.
Fixes #43757.
Built from https://develop.svn.wordpress.org/trunk@43589


git-svn-id: http://core.svn.wordpress.org/trunk@43418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-29 03:23:25 +00:00
Felix Arntz 9fe4db814a REST API: Support pagination, order, search and other common query parameters for revisions.
The original REST API revisions controller relied on `wp_get_post_revisions()`, getting all revisions of a post without any possibility to restrict the result. This changeset replaces that function call with a proper `WP_Query` setup, replicating how `wp_get_post_revisions()` works while offering parameters to alter the default behavior.

Props adamsilverstein, birgire, flixos90.
Fixes #40510.

Built from https://develop.svn.wordpress.org/trunk@43584


git-svn-id: http://core.svn.wordpress.org/trunk@43413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-28 12:23:26 +00:00
John Blackbourn 47d32decd6 Docs: Correct and improve various inline documentation.
See #42505

Built from https://develop.svn.wordpress.org/trunk@43582


git-svn-id: http://core.svn.wordpress.org/trunk@43411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-27 14:28:26 +00:00
Gary Pendergast 56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Sergey Biryukov 2072479adc REST API: Ensure attachments created with `WP_REST_Attachments_Controller::create_item()` on Windows have a relative path.
Props ocean90, SergeyBiryukov, redcastor.
Fixes #40861.
Built from https://develop.svn.wordpress.org/trunk@43529


git-svn-id: http://core.svn.wordpress.org/trunk@43358 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-24 16:52:25 +00:00
K. Adam White a7735117b6 Docs: Update @since version to 4.9.8 for meta registration subtype handling.
This feature has been backported to 4.9.8 so 5.0.0 is inaccurate.

See #38323.

Built from https://develop.svn.wordpress.org/trunk@43520


git-svn-id: http://core.svn.wordpress.org/trunk@43349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-23 17:02:25 +00:00
John Blackbourn 49fdd95ac0 Docs: Correct the parameter type for `WP_REST_Post_Types_Controller::prepare_item_for_response()`.
Props subrataemfluence

Fixes #44437

Built from https://develop.svn.wordpress.org/trunk@43519


git-svn-id: http://core.svn.wordpress.org/trunk@43348 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-22 12:26:28 +00:00
Gary Pendergast c173331dc4 REST API: Fix some incorrect `@since` tags.
[43437] included some new methods, which were incorrectly tagged as being `@since 4.9.7`. This updates them to `4.9.8`.

Props danielbachhuber.
Fixes 44287.


Built from https://develop.svn.wordpress.org/trunk@43463


git-svn-id: http://core.svn.wordpress.org/trunk@43290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 07:27:25 +00:00
Gary Pendergast 17899c1932 REST API: Attachments controller should respect upload limits.
When the REST API is in use on WordPress multisite, the `WP_REST_Attachments_Controller` should respect the "Max upload file size" and "Site upload space" site options.

Props flixos90, danielbachhuber.
Fixes #43751.


Built from https://develop.svn.wordpress.org/trunk@43462


git-svn-id: http://core.svn.wordpress.org/trunk@43289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 07:22:29 +00:00
Gary Pendergast fd6f50e86f REST API: Tweak permission checks for taxonomy and term endpoints
To match behaviour in the Classic Editor, we need to slightly loosen permissions on taxonomy and term endpoints. This allows users to create terms to assign to a post that they're editing.

Props danielbachhuber.
Fixes #44096.


Built from https://develop.svn.wordpress.org/trunk@43440


git-svn-id: http://core.svn.wordpress.org/trunk@43267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-13 04:24:25 +00:00
Gary Pendergast 2f803422fa REST API: Expose revision count and last revision ID on Post response
So that REST API clients can show appropriate UI for a post's revisions, it needs to know how many revisions the post has, and what the latest revision ID is.

Props kadamwhite, danielbachhuber, birgire, TimothyBlynJacobs.
Fixes #44321.


Built from https://develop.svn.wordpress.org/trunk@43439


git-svn-id: http://core.svn.wordpress.org/trunk@43266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-13 04:07:24 +00:00
Gary Pendergast 0ba364411d REST API: Declare user capabilities using JSON Hyper Schema's "targetSchema".
There are a variety of operations a WordPress user can only perform if they have the correct capabilities. A REST API client should only display UI for one of these operations if the WordPress user can perform the operation.

Rather than requiring REST API clients to calculate whether to display UI based on potentially complicated combinations of user capabilities, `targetSchema` allows us to expose a single flag to show whether the corresponding UI should be displayed.

This change also includes flags on post objects for the following actions:

- `action-publish`: The current user can publish this post.
- `action-sticky`: The current user can make this post sticky, and the post type supports sticking.
- `action-assign-author': The current user can change the author on this post.
- `action-assign-{$taxonomy}`: The current user can assign terms from the "$taxonomy" taxonomy to this post.
- `action-create-{$taxonomy}`: The current user can create terms int the "$taxonomy" taxonomy.

Props TimothyBlynJacobs, danielbachhuber.
Fixes #44287.


Built from https://develop.svn.wordpress.org/trunk@43437


git-svn-id: http://core.svn.wordpress.org/trunk@43264 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-11 06:23:27 +00:00
K. Adam White a89c86c711 REST API: Support meta registration for specific object subtypes.
Introduce an `object_subtype` argument to the args array for `register_meta()` which can be used to limit meta registration to a single subtype (e.g. a custom post type or taxonomy, vs all posts or taxonomies).

Introduce `register_post_meta()` and `register_term_meta()` wrapper methods for `register_meta` to provide a convenient interface for the common case of registering meta for a specific taxonomy or post type. These methods work the way plugin developers have often expected `register_meta` to function, and should be used in place of direct `register_meta` where possible.

Props flixos90, tharsheblows, spacedmonkey.
Fixes #38323.


Built from https://develop.svn.wordpress.org/trunk@43378


git-svn-id: http://core.svn.wordpress.org/trunk@43206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:43:21 +00:00
Sergey Biryukov 4c43e71478 REST API: When handling `who=authors` query parameter for `GET wp/v2/users`, only check `edit_posts` for post types that support `author`.
Props danielbachhuber.
Fixes #42202.
Built from https://develop.svn.wordpress.org/trunk@43137


git-svn-id: http://core.svn.wordpress.org/trunk@42966 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 06:52:21 +00:00
Gary Pendergast 2f792d442b REST API: Filter responses based on the `_fields` parameter, before data is processed.
Historically, the REST API would generate the entire response object, including running expensive filters, then it would apply the `_fields` parameter, discarding the fields that weren't specificed.

This change causes `_fields` to be applied earlier, so that only requested fields are processed.

Props danielbachhuber.
See #43874.


Built from https://develop.svn.wordpress.org/trunk@43087


git-svn-id: http://core.svn.wordpress.org/trunk@42916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 01:25:21 +00:00
Gary Pendergast 52d0b2f982 REST API: Include `viewable` attribute on Post Type resource for `edit` context
For the block editor to be able to expose the Preview button correctly, it needs to know the `is_post_type_viewable()` setting, this change adds it to the Post Type response.

Props danielbachhuber.
Fixes #43739.


Built from https://develop.svn.wordpress.org/trunk@43007


git-svn-id: http://core.svn.wordpress.org/trunk@42836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-27 03:06:21 +00:00
Gary Pendergast 41968f7ea9 REST API: Add `who=authors` as a query parameter for `GET wp/v2/users`.
Any WordPress user who can `edit_posts` of a post type with `show_in_rest=true` can query for authors. This maps to current WordPress behavior where a WordPress user who can view the Manage Posts view for a post type can see any WordPress user assigned to a post (whether published or draft).

This implementation, over restricting `who=authors` to users with `list_users`, gives us future flexibility in displaying lists of posts. It still respects more restrictive permissions for `context=edit`.

Props danielbachhuber.
Fixes #42202.


Built from https://develop.svn.wordpress.org/trunk@43001


git-svn-id: http://core.svn.wordpress.org/trunk@42830 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-25 13:06:21 +00:00
Gary Pendergast e22489f06c REST API: Remove `permalink_structure` from the index.
This was originally added to allow Gutenberg to do permalink editing, but is no longer required. It's also superceded by #41014.

Reverts [42142].
Fixes #42465.


Built from https://develop.svn.wordpress.org/trunk@42997


git-svn-id: http://core.svn.wordpress.org/trunk@42826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-23 04:12:20 +00:00
Gary Pendergast 7630cc1bad REST API: Fix a typo introduced in [42729].
Props danielbachhuber.
Fixes #42707.


Built from https://develop.svn.wordpress.org/trunk@42973


git-svn-id: http://core.svn.wordpress.org/trunk@42802 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-13 00:56:21 +00:00
Sergey Biryukov 0e802a627d General: Introduce `WP_Error::has_errors()` method and use it where appropriate.
Props robdxw, DrewAPicture, SergeyBiryukov.
Fixes #42742.
Built from https://develop.svn.wordpress.org/trunk@42761


git-svn-id: http://core.svn.wordpress.org/trunk@42591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-27 02:31:31 +00:00
Sergey Biryukov 08227812a0 Docs: Remove `@static` notations from method DocBlocks in `wp-includes/*` classes.
This tag has been used in the past, but should no longer be used. Just using the `static` keyword in code is enough for PhpDocumentor on PHP5+ to recognize static variables and methods, and PhpDocumentor will mark them as static.

Props birgire.
See #42803.
Built from https://develop.svn.wordpress.org/trunk@42746


git-svn-id: http://core.svn.wordpress.org/trunk@42576 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-25 20:22:30 +00:00
Gary Pendergast cf49eacd62 REST API: Translate the taxonomy visibility description strings.
This was missed in [42729].

Props TimothyBlynJacobs.
Fixes #42707.


Built from https://develop.svn.wordpress.org/trunk@42730


git-svn-id: http://core.svn.wordpress.org/trunk@42560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-22 00:59:30 +00:00
Gary Pendergast d6923d285c REST API: Show taxonomy visibility settings.
For Gutenberg and other admin-type interfaces, it's useful to be able to see the visibility settings for taxonomies.

Props joehoyle, pento.
Fixes #42707.


Built from https://develop.svn.wordpress.org/trunk@42729


git-svn-id: http://core.svn.wordpress.org/trunk@42559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-22 00:24:31 +00:00
John Blackbourn 91464bce65 Docs: Add missing code formatting to various `@since` entries.
See #42505

Built from https://develop.svn.wordpress.org/trunk@42678


git-svn-id: http://core.svn.wordpress.org/trunk@42506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-09 16:55:31 +00:00
Sergey Biryukov 35653f0432 Media: Bring consistency to `getimagesize()` error suppression.
Props chasewg, joemcgill, jeremyfelt.
Fixes #42480.
Built from https://develop.svn.wordpress.org/trunk@42449


git-svn-id: http://core.svn.wordpress.org/trunk@42279 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-01-15 19:44:47 +00:00
Rachel Baker a787006298 REST API: Return the proper status code for failed permission callbacks in `WP_REST_Server->dispatch()`.
Use the `rest_authorization_required_code()` function to return a 401 status code when a permission callback fails due to a user not being logged in.

Props jaswrks.
Fixes #42828.
Built from https://develop.svn.wordpress.org/trunk@42421


git-svn-id: http://core.svn.wordpress.org/trunk@42252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-30 20:37:47 +00:00
Joe Hoyle 12c03d7aa8 REST API: Fix permissions error message in post statuses controller.
The permissions error message when a request tries to fetch post statuses unauthenticated is incorrect. It was a copy/paste from elsewhere, as indicated by the use of "in this post type" where this is no post type referenced.

Props schlessera.
Fixes #42303.
Built from https://develop.svn.wordpress.org/trunk@42356


git-svn-id: http://core.svn.wordpress.org/trunk@42185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-03 20:49:47 +00:00
Rachel Baker 0e656c1a10 REST API: Correct HTTP status code in error for requests to create a duplicate term.
The 409 error code is intended for situations where it is expected that the user will resolve the conflict and resubmit the same request. We use 400 error codes for other routes when a duplicate request is made. The 400 status code tells the user they need to modify their request for it to be successful.

Props shooper.
Fixes #42781. See #41370.
Built from https://develop.svn.wordpress.org/trunk@42354


git-svn-id: http://core.svn.wordpress.org/trunk@42183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-03 19:09:49 +00:00
Rachel Baker 01eeeb80fd REST API: Add existing term_id to the error data object when attempting to create a duplicate term.
Props shooper, coleh.
Fixes #42597. See #41370.
Built from https://develop.svn.wordpress.org/trunk@42350


git-svn-id: http://core.svn.wordpress.org/trunk@42179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-03 18:11:53 +00:00
Gary Pendergast aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Gary Pendergast e8229a25d5 REST API: Add `permalink_structure` to the index endpoint.
This allows Gutenberg to implement permalink editing.

Props schlessera.
Fixes #42465.


Built from https://develop.svn.wordpress.org/trunk@42142


git-svn-id: http://core.svn.wordpress.org/trunk@41973 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-10 06:11:51 +00:00
Joe Hoyle bebb0b0d82 REST API: Don’t remove unregistered properties from objects in schema.
In r41727 the ability to sanitise and validate objects from JSON schema was added, with a whitelist approach. It was decided we should pass through all non-registered properties to reflect the behaviour of the root object in register_rest_route. To prevent arbitrary extra data via setting objects, we force additionalProperties to false in the settings endpoint.

See #38583.
Built from https://develop.svn.wordpress.org/trunk@42000


git-svn-id: http://core.svn.wordpress.org/trunk@41834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-24 21:05:49 +00:00
Weston Ruter 29d213cfbd REST API: Allow passing existing template value for posts even when template no longer exists.
Also remove `enum` for validating allowed templates to allow plugins to dynamically supply their own templates for specific posts, even when they are not in the theme.

Props TimothyBlynJacobs, jnylen0, swissspidy.
Fixes #39996.

Built from https://develop.svn.wordpress.org/trunk@41979


git-svn-id: http://core.svn.wordpress.org/trunk@41813 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-23 22:11:46 +00:00
K. Adam White 30827e4a4f REST API: Support ordering response collection by listed slugs.
Adds an "include_slug" orderby value for REST API collections to permit returning a collection filtered by slugs in the same order in which those slugs are specified.
Previously, the order of slugs provided with the ?slug query parameter had no effect on the order of the returned records.

Props wonderboymusic, ocean90, boonebgorges.
Fixes #40826.


Built from https://develop.svn.wordpress.org/trunk@41760


git-svn-id: http://core.svn.wordpress.org/trunk@41594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-05 00:37:47 +00:00
K. Adam White 704fb3900b REST API: Support objects in settings schema.
Enables register_setting to accept an object as its schema value, allowing settings to accept non-scalar values through the REST API.
This whitelists the added type in the settings controller, and passes properties from argument registration into the validation functions.

Props joehoyle.
See #38583.


Built from https://develop.svn.wordpress.org/trunk@41758


git-svn-id: http://core.svn.wordpress.org/trunk@41592 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-05 00:19:49 +00:00
K. Adam White fe29c9c881 REST API: Return 409 status when attempting to create an existing term.
Fixes an issue where submitting a well-formed request to create a term inappropriately returns a 500 error status if that term already exists.
HTTP 5xx error codes should be reserved for unexpected server errors, so "409 Conflict" is a more appropriate response.

Props alibasheer, guzzilar, shooper.
Fixes #41370.


Built from https://develop.svn.wordpress.org/trunk@41737


git-svn-id: http://core.svn.wordpress.org/trunk@41571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 16:24:46 +00:00
John Blackbourn 090dfae53e REST API: Avoid counting an uncountable type when checking read permissions for comment posts.
This avoids deprecated notices from showing in PHP 7.2 and above.

Props ayeshrajans
Fixes #41457

Built from https://develop.svn.wordpress.org/trunk@41735


git-svn-id: http://core.svn.wordpress.org/trunk@41569 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 15:38:49 +00:00
K. Adam White 18d9cc6051 REST API: Specify specific json-schema version.
Explicitly specifies that the REST API uses JSON Schema draft-04,
as JSON Schema has deprecated versionless schema URIs and recommends
the use of a specific draft version.

Props @TimothyBlynJacobs
Fixes #41734


Built from https://develop.svn.wordpress.org/trunk@41731


git-svn-id: http://core.svn.wordpress.org/trunk@41565 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 14:52:46 +00:00
Joe Hoyle f276b4901b REST API: Support for objects in schema validation and sanitization.
When registering routes developers can now define their complex objects in the schema and benefit from the automatic validation and sanitization in the REST API. This also paves the way for support for complex object registration via register_meta and register_setting.

See #38583.
Props TimothyBlynJacobs5.
Built from https://develop.svn.wordpress.org/trunk@41727


git-svn-id: http://core.svn.wordpress.org/trunk@41561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 08:27:47 +00:00
Sergey Biryukov 486ab09a0e I18N: Add translator comments for placeholders in `WP_REST_Controller` strings.
Props ramiy.
Fixes #41667.
Built from https://develop.svn.wordpress.org/trunk@41591


git-svn-id: http://core.svn.wordpress.org/trunk@41424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-25 10:27:43 +00:00
Sergey Biryukov 4a42f4e835 I18N: Replace code fragments in translatable strings for `rest_trash_not_supported` errors with a placeholder.
Props ramiy.
Fixes #41643.
Built from https://develop.svn.wordpress.org/trunk@41588


git-svn-id: http://core.svn.wordpress.org/trunk@41421 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-24 22:29:46 +00:00
Sergey Biryukov 982ba72da9 I18N: Replace method name in a translatable string in `WP_REST_Controller::register_routes()` with a placeholder.
Props ramiy.
Fixes #41667.
Built from https://develop.svn.wordpress.org/trunk@41587


git-svn-id: http://core.svn.wordpress.org/trunk@41420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-24 22:04:46 +00:00
Sergey Biryukov deb9b82032 Docs: Remove "to to" dittography from inline comments.
Props birgire.
See #41841.
Built from https://develop.svn.wordpress.org/trunk@41354


git-svn-id: http://core.svn.wordpress.org/trunk@41187 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-09 13:49:43 +00:00
Felix Arntz 1d0478d4b1 REST API: Allow site administrators to edit user roles in multisite.
While site administrators cannot generally edit users in multisite, they have always been able to change the roles of users on their site. In the REST API however, this has not been possible so far. This changeset brings parity with how it is handled in the administration panel: A REST request to edit only a user's roles succeeds correctly, while a REST request to edit any further details of a user fails.

Props jnylen0.
Fixes #40263.

Built from https://develop.svn.wordpress.org/trunk@41226


git-svn-id: http://core.svn.wordpress.org/trunk@41066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 21:59:44 +00:00
Felix Arntz 7e2ca92e69 Multisite: Introduce a `can_add_user_to_blog` filter to prevent adding a user to a site.
Under certain circumstances, it can be necessary that a user should not be added to a site, beyond the restrictions that WordPress core applies. With the new `can_add_user_to_blog` filter, plugin developers can run custom checks and return an error in case of a failure, that will prevent the user from being added.

The user-facing parts and the REST API route that interact with `add_user_to_blog()` have been adjusted accordingly to provide appropriate error feedback when a user could not be added to a site. Furthermore, two existing error feedback messages in the site admin's "New User" screen have been adjusted to properly show inside an error notice instead of a success notice.

Props jmdodd.
Fixes #41101.

Built from https://develop.svn.wordpress.org/trunk@41225


git-svn-id: http://core.svn.wordpress.org/trunk@41065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 21:41:45 +00:00
James Nylen 0ef4d4289f REST API: Exclude numeric parameters from regex parsing
The list of endpoint parameters should only include explicitly named and requested parameters.

Props flixos90, rmccue, jnylen0.
Fixes #40704.

Built from https://develop.svn.wordpress.org/trunk@41223


git-svn-id: http://core.svn.wordpress.org/trunk@41063 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 19:55:43 +00:00
John Blackbourn b140e8f574 General: Fix various instances of incorrect filter docs and incorrect filter and action parameters.
Props keesiemeijer for identifying the issues

See #38462

Built from https://develop.svn.wordpress.org/trunk@41219


git-svn-id: http://core.svn.wordpress.org/trunk@41059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 15:43:43 +00:00
Sergey Biryukov e412ea2e6b Docs: Replace HTTP links to stackoverflow.com in DocBlocks with HTTPS.
Update the Nginx "Missing (disappearing) HTTP Headers" link.

Props johnpgreen.
Fixes #41331.
Built from https://develop.svn.wordpress.org/trunk@41189


git-svn-id: http://core.svn.wordpress.org/trunk@41029 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-30 14:52:44 +00:00
Drew Jaynes 0860bb2771 Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes.
Prior to about 2013, many class methods lacked even access modifiers which made the `@access` notations that much more useful. Now that we've gotten to a point where the codebase is more mature from a maintenance perspective and we can finally remove these notations. Notable exceptions to this change include standalone functions notated as private as well as some classes still considered to represent "private" APIs.

See #41452.

Built from https://develop.svn.wordpress.org/trunk@41162


git-svn-id: http://core.svn.wordpress.org/trunk@41002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 00:41:44 +00:00
James Nylen 8f6088ba6e REST API: Add a filter to allow modifying the response *after* embedded data is added.
Fixes #38964.

Built from https://develop.svn.wordpress.org/trunk@40961


git-svn-id: http://core.svn.wordpress.org/trunk@40811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-29 13:17:43 +00:00
James Nylen 252ab08d88 REST API: Fix changing parameters with `set_param()` for some requests.
Prior to this commit, `WP_Rest_Request::get_param()` traversed through the parameter order but `WP_Rest_Request::set_param()` did not. For JSON requests (and likely other situations as well), this meant that changing a parameter with `set_param()` would have no effect on `get_param()`.

Props TimothyBlynJacobs.
Fixes #40344.


Built from https://develop.svn.wordpress.org/trunk@40815


git-svn-id: http://core.svn.wordpress.org/trunk@40673 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-22 16:16:42 +00:00
James Nylen df5b8dcc82 REST API: Avoid sending blank `Last-Modified` headers with authenticated requests.
This commit adds a new `WP_REST_Server#remove_header` method and uses it to clear the `Last-Modified` header when the "no caching" headers are sent (by default for all authenticated REST API requests).  This matches the behavior of the `nocache_headers` function used in other parts of WordPress.

Previously, the REST API would send an empty `Last-Modified` header in this situation.  Under some server and browser configurations, this causes browsers to cache authenticated REST API requests, which is undesirable.

Props iv3rson76, zinigor, rmccue, jnylen0.
Fixes #40444.

Built from https://develop.svn.wordpress.org/trunk@40805


git-svn-id: http://core.svn.wordpress.org/trunk@40663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-19 20:27:44 +00:00
James Nylen 802c923873 REST API: Improve a few more strings added after the 4.7 string freeze.
See #39178.

See also #40720 for potential follow-up steps.

Built from https://develop.svn.wordpress.org/trunk@40606


git-svn-id: http://core.svn.wordpress.org/trunk@40476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-10 19:41:41 +00:00
James Nylen 7d337c1327 REST API: Add `author`, `modified`, and `parent` sort order options for posts.
These (and a few others that can be revisited later if needed) were present in
beta versions of the WP REST API but were removed during the merge to WP 4.7.

Props ChopinBach, jnylen0.
Fixes #38693.

Built from https://develop.svn.wordpress.org/trunk@40605


git-svn-id: http://core.svn.wordpress.org/trunk@40475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-10 18:52:44 +00:00
Ryan McCue 131518542e REST API: Include featured_media in embed responses.
Props kadamwhite, jnylen0, westonruter.
Fixes #39805.

Built from https://develop.svn.wordpress.org/trunk@40602


git-svn-id: http://core.svn.wordpress.org/trunk@40472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-10 04:46:43 +00:00
Ryan McCue ba94bd62a0 REST API: Set global $post when preparing revisions.
For compatibility with filters on hooks on content filters (such as shortcodes), we need to set the global. This mirrors the Posts controller.

Props pdufour, jnylen0.
Fixes #40626.

Built from https://develop.svn.wordpress.org/trunk@40601


git-svn-id: http://core.svn.wordpress.org/trunk@40471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-10 04:32:39 +00:00
Joe Hoyle b0a327cf3c REST API: WP_REST_Request::remove_header() should canonicalize header names.
When headers are stored in WP_REST_Request internally they are canonicalized. This step already happens on setting / getting headers in any way, but was missed when implementing remove_header().

Props TimothyBlynJacobs.
Fixes #40347.

Built from https://develop.svn.wordpress.org/trunk@40577


git-svn-id: http://core.svn.wordpress.org/trunk@40447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-07 04:09:41 +00:00
Adam Silverstein 428afdaa5a REST API: Improve strings added after 4.7 string freeze.
Clarify the `rest_orderby_include_missing_include` error message.

Props PranaliPatel.
Fixes #39178.

Built from https://develop.svn.wordpress.org/trunk@40571


git-svn-id: http://core.svn.wordpress.org/trunk@40441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-05 18:49:47 +00:00
James Nylen 99b13790c2 REST API: Allow fetching multiple users at once via the `slug` parameter.
This matches similar changes previously made for posts (#38579) and terms (#40027).

Props curdin, MatheusGimenez.
Fixes #40213.

Built from https://develop.svn.wordpress.org/trunk@40378


git-svn-id: http://core.svn.wordpress.org/trunk@40285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-05 22:25:43 +00:00
James Nylen 1979815aef REST API: Update description string of terms endpoint `slug` parameter.
As a follow-up to [40376], and for consistency with the posts endpoint, we should indicate in the description that the `slug` filter parameter can accept multiple values.

See #40027.

Built from https://develop.svn.wordpress.org/trunk@40377


git-svn-id: http://core.svn.wordpress.org/trunk@40284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-05 21:08:43 +00:00
James Nylen 9f2d94b211 REST API: Allow fetching multiple terms at once via the `slug` parameter.
This matches a similar change previously made for posts (#38579) and an upcoming change for users (#40213).

Props wonderboymusic, MatheusGimenez, curdin.
Fixes #40027.

Built from https://develop.svn.wordpress.org/trunk@40376


git-svn-id: http://core.svn.wordpress.org/trunk@40283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-05 20:25:46 +00:00
Pascal Birchler 0d42f8549c REST API: Use `get_gmt_from_date()` when preparing a draft post for response.
This prevents wrong dates when dealing with DST, see [40115] and [40284].

Props nerrad.
Fixes #40136.
Built from https://develop.svn.wordpress.org/trunk@40324


git-svn-id: http://core.svn.wordpress.org/trunk@40231 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-24 17:32:46 +00:00
Rachel Baker f78ceb362e REST API: Confirm the parent post object of an attachment exists in `WP_REST_Posts_Controller::check_read_permission()`.
Avoid a PHP Error when attempting to embed the parent post of an attachment, when the parent post ID is invalid. Instead check if the parent post object exists before checking the read permission for the parent post.

Props GhostToast.
Fixes #39881. 

Built from https://develop.svn.wordpress.org/trunk@40306


git-svn-id: http://core.svn.wordpress.org/trunk@40213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-20 04:30:46 +00:00
James Nylen 27aa0664df REST API: Add `gmt_offset` and `timezone_string` to the base `/wp-json` response.
The site's current timezone offset is an important piece of information for any REST API client that needs to manipulate dates.  It has not been previously available.

Expose both the `gmt_offset` (the site's current offset from UTC in hours) and `timezone_string` (which also provides information about daylight savings time) via the "site info" endpoint (the base `/wp-json` response).

Also update the `wp-api-generated.js` fixture file with the changes to the default API responses.

Props sagarkbhatt.
Fixes #39854.

Built from https://develop.svn.wordpress.org/trunk@40238


git-svn-id: http://core.svn.wordpress.org/trunk@40168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-07 05:48:41 +00:00
James Nylen 0c005fdb0e REST API: Fix behavior of `sticky` posts filter when no posts are sticky.
Previously, when getting posts from the API with `sticky=true`, if there were no sticky posts set, the query would return all posts  as if the `sticky` argument was not set.  In this situation, the query should return an empty array instead.

A `sticky=true` query that should return an empty array (in the previous situation, or with `include` and no intersecting post IDs) was also broken in that it would query the post with ID 1.

Finally, this commit significantly improves test coverage for the `sticky` filter argument, including direct testing of the `WHERE` clauses generated by `WP_Query`.

Props ryelle.
Fixes #39947.

Built from https://develop.svn.wordpress.org/trunk@40122


git-svn-id: http://core.svn.wordpress.org/trunk@40059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-02-25 05:03:42 +00:00