When just doing `wp_publish_post()` for the changeset from `customize.php`, any option-based settings will fail to get saved because `WP_Customize_Manager` would have already been loaded with `settings_previewed`, resulting in `update_option()` calls being short-circuited. So an admin-ajax request to `customize_save` is used to work around this.
Props westonruter, jeremyfelt, dlh for testing, LittleBigThing for testing.
Amends [41626].
See #28721, #39221.
Fixes#42457 for trunk.
Built from https://develop.svn.wordpress.org/trunk@42138
git-svn-id: http://core.svn.wordpress.org/trunk@41969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The admin bar render methods use some cute tricks which don't come close to the WordPress coding standards. So that we can more easily apply automated code fixing to the codebase, these tricks need to be removed.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42128
git-svn-id: http://core.svn.wordpress.org/trunk@41959 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `wpdb::placeholder_escape()`, the key for `hash_hmac()` defaults to `AUTH_SALT`, but `hash_hmac()` will return an empty string if the key is empty.
This had the side effect of the string `{}` being incorrectly replaced with a `%` character in queries just about to be run on the database.
Props jsonfry.
Fixes#42431.
Built from https://develop.svn.wordpress.org/trunk@42120
git-svn-id: http://core.svn.wordpress.org/trunk@41949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `wpdb::placeholder_escape()`, the key for `hash_hmac()` falls back to `rand()` when `AUTH_SALT` is undefined. `hash_hmac()` requires the key to be a string, however, so we need to cast it as such.
Props mkomar.
Fixes#42401.
Built from https://develop.svn.wordpress.org/trunk@42119
git-svn-id: http://core.svn.wordpress.org/trunk@41948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Consider both `selectedChangesetStatus` and `changesetStatus` states when deciding to disable.
* Factor out common logic into `canSwitchTheme` function on `ThemesPanel`.
* Keep Live Preview and Install buttons disabled in Themes controls and detail overlays when appropriate.
Props westonruter, dlh.
Amends [41788].
See #42126, #37661, #39896.
Fixes#42406.
Built from https://develop.svn.wordpress.org/trunk@42113
git-svn-id: http://core.svn.wordpress.org/trunk@41942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevent edits to 2-level deep theme files from returning a `disallowed_theme_file` error when attempting to save an edit. Aligns logic for gathering `$allowed_files` in `theme-editor.php` for listing files with the validation logic in `wp_edit_theme_plugin_file()`.
Amends [41806].
See #6531.
Fixes#42425.
Built from https://develop.svn.wordpress.org/trunk@42112
git-svn-id: http://core.svn.wordpress.org/trunk@41941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.
This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.
See #41925.
Built from https://develop.svn.wordpress.org/trunk@42056
git-svn-id: http://core.svn.wordpress.org/trunk@41885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improve the logic determining which endpoints support the trash by enumerating them. Endpoints that don't support the trash require `force=true` when deleting. The previous approach relied on the `force` argument description, which is a translated string and was fragile. In the future, we can expose whether an endpoint supports the trash as part of its schema and automate this logic.
Props Soean.
Fixes#40672.
Built from https://develop.svn.wordpress.org/trunk@42047
git-svn-id: http://core.svn.wordpress.org/trunk@41881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the original function introduced in [41380], and subsequently [41861], only the network ID was passed to the new `pre_get_main_site_id` filter. In order to make give quick access to other network properties, it was decided to pass the whole object instead. The changeset includes an additional test.
Fixes#29684.
Built from https://develop.svn.wordpress.org/trunk@42043
git-svn-id: http://core.svn.wordpress.org/trunk@41877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Let min hour be 0 and max be 23 in 24-hour time; let min hour be 1 and max be 12 in 12-hour time.
* Show error notification when an invalid date value is provided, not just when not a future date.
* Fix translation of custom validity message.
* Start checking for validity after all inputs have been initially populated.
* Remove support for being able to enter 24:00.
* Cease forcing date input elements from being casted to integers, to allow for invalid inputs to be detected.
Props westonruter, Presskopp, peterwilsoncc, atachibana for testing.
See #39896, #28721.
Fixes#42373.
Built from https://develop.svn.wordpress.org/trunk@42042
git-svn-id: http://core.svn.wordpress.org/trunk@41876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Passing `options.params` when constructing `Partial` is now deprecated in favor of just passing `options`.
* Improve usage of jsdoc in JS `Partial` class.
* Also add `defaults` property to `wp.customize.selectiveRefresh.Partial` class for parity with `Control`.
See #42083.
Built from https://develop.svn.wordpress.org/trunk@42037
git-svn-id: http://core.svn.wordpress.org/trunk@41871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Deprecate PHP classes `WP_Customize_New_Menu_Section` and `WP_Customize_New_Menu_Control`.
* Deprecate JS class `wp.customize.Menus.NewMenuControl`.
* Also introduce `wp.customize.Menus.createNavMenu()` for logic to create nav menus separately from the logic for handling UI interactions.
Amends [41768].
See #40104, #42364.
Fixes#42357.
Built from https://develop.svn.wordpress.org/trunk@42034
git-svn-id: http://core.svn.wordpress.org/trunk@41868 1a063a9b-81f0-0310-95a4-ce76da25c4cd