Commit Graph

37128 Commits

Author SHA1 Message Date
Sergey Biryukov 6fa2cea232 Docs: Add `@access private` entries for `_get_component_from_parsed_url_array()` and `_wp_translate_php_url_constant_to_key()`.
Props ajayghaghretiya1.
Fixes #41282.
Built from https://develop.svn.wordpress.org/trunk@41573


git-svn-id: http://core.svn.wordpress.org/trunk@41406 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 22:00:47 +00:00
Sergey Biryukov bcb126292c I18N: Merge two similar error strings.
Props ramiy.
Fixes #39172.
Built from https://develop.svn.wordpress.org/trunk@41572


git-svn-id: http://core.svn.wordpress.org/trunk@41405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 20:55:45 +00:00
Andrew Ozz 58b769a057 Plupload: also delete `plupload.full.min.js` when updating.
See #41755.
Built from https://develop.svn.wordpress.org/trunk@41571


git-svn-id: http://core.svn.wordpress.org/trunk@41404 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 20:48:46 +00:00
Andrew Ozz 41ad3f294f Plupload: minify and load `plupload.js` and `moxie.js` separately to make them easier to debug.
Props gmariani405, azaozz.
Fixes #41755.
Built from https://develop.svn.wordpress.org/trunk@41570


git-svn-id: http://core.svn.wordpress.org/trunk@41403 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 20:10:48 +00:00
Sergey Biryukov b07cffe99a Media: Improve the preview of transparent images in Attachment Details modal by using CSS3 to show a checkered background.
Props powerzilly, stevepuddick.
Fixes #41948.
Built from https://develop.svn.wordpress.org/trunk@41569


git-svn-id: http://core.svn.wordpress.org/trunk@41402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 19:57:47 +00:00
Sergey Biryukov 7c4cdbff27 Admin CSS: Autoprefixer for [41329].
See #39662.
Built from https://develop.svn.wordpress.org/trunk@41568


git-svn-id: http://core.svn.wordpress.org/trunk@41401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 19:51:47 +00:00
Sergey Biryukov ba67e5f09c Docs: Correct filename references in duplicate hook comments for `post_password_required` filter.
Props coffee2code.
Fixes #41959.
Built from https://develop.svn.wordpress.org/trunk@41567


git-svn-id: http://core.svn.wordpress.org/trunk@41400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 18:34:45 +00:00
Sergey Biryukov c2dcfa5278 Help/About: Tweak Help tabs on Users screen for consistency with Posts screen.
Props bnap00, Arena94.
Fixes #40553.
Built from https://develop.svn.wordpress.org/trunk@41566


git-svn-id: http://core.svn.wordpress.org/trunk@41399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 18:31:48 +00:00
Sergey Biryukov f69b784ec7 Embeds: Introduce `embed_thumbnail_id` filter for thumbnail image ID in the embed template.
Props ketuchetan, Dency, jontyravi, Ov3rfly.
Fixes #39759.
Built from https://develop.svn.wordpress.org/trunk@41565


git-svn-id: http://core.svn.wordpress.org/trunk@41398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 17:35:48 +00:00
Sergey Biryukov 5046ef73c3 Docs: Correct description for `insert_user_meta` filter.
Props milana_cap, desrosj.
Fixes #41951.
Built from https://develop.svn.wordpress.org/trunk@41564


git-svn-id: http://core.svn.wordpress.org/trunk@41397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 13:14:45 +00:00
Sergey Biryukov 4db08514ea Taxonomy: Convert tag cloud in Tags meta box to a list (`<ul>`) for better semantics and accessibility.
An unordered list allows screen reader users to know in advance how many tags are within the list.

Props audrasjb, afercia.
Fixes #40187.
Built from https://develop.svn.wordpress.org/trunk@41563


git-svn-id: http://core.svn.wordpress.org/trunk@41396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 11:28:44 +00:00
Sergey Biryukov fff6cc8fc8 Docs: Change `$args` to `$r` in the DocBlock for `http_api_debug` filter to match the variable name.
Props bor0, ronakganatra.
Fixes #41379.
Built from https://develop.svn.wordpress.org/trunk@41562


git-svn-id: http://core.svn.wordpress.org/trunk@41395 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 09:33:47 +00:00
Weston Ruter bf1eb1b505 Plugin Editor: Use `include_once` instead of `include` in `plugin_sandbox_scrape()` to fix unit tests broken with [41560].
See #39766.

Built from https://develop.svn.wordpress.org/trunk@41561


git-svn-id: http://core.svn.wordpress.org/trunk@41394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 02:01:45 +00:00
Weston Ruter aff467e1cb Plugin Editor: Improve reliability of detecting PHP fatal errors when editing an active plugin.
* Invalidate PHP opcache after file is updated to ensure `include` will ''include'' the written changes.
* Define `WP_ADMIN` when activating plugin in sandbox so plugin code targeting admin will be loaded.
* Do actions that get triggered when loading the admin to ensure plugin code runs that could cause errors on plugin editor screen (and lock out access).
* Fix ability to re-activate a plugin after editing a PHP file other than the main plugin file, and ensure PHP fatal error will be displayed in such cases.
* Consolidate duplicated code into `plugin_sandbox_scrape()` and re-use in `activate_plugin()`.
* Show an error notice instead of a success notice when a file is updated but a plugin was deactivated due to a fatal error.
* Update style of warning when editing an active plugin to be styled as an actual warning notice.

See #12423, #21622.
Fixes #39766.

Built from https://develop.svn.wordpress.org/trunk@41560


git-svn-id: http://core.svn.wordpress.org/trunk@41393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 01:36:48 +00:00
Adam Silverstein 415e9379f9 Revisions: correct a timezone display issue.
When preparing the data for the revisions screen, add ' +0000' to the gmt date string before passing it thru `strtotime`.

Props biranit, nacin, buley.
Fixes #25365.

Built from https://develop.svn.wordpress.org/trunk@41559


git-svn-id: http://core.svn.wordpress.org/trunk@41392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 23:33:44 +00:00
Weston Ruter f0b5c39bde Customize: Introduce extensible code editor Customizer control for CodeMirror.
* Adds `WP_Customize_Code_Editor_Control` and `wp.customize.CodeEditorControl()`.
* Control respects user preference for syntax highlighting, showing a textarea when user opts out.
* Code editor control takes the ad hoc code for Additional CSS and makes it reusable and extensible, for Additional CSS in core and plugins to use (such as Jetpack).
* Replace `settings` arg in `wp_enqueue_code_editor()` with separate args for `codemirror`, `csslint`, `jshint`, and `htmlhint`.
* Prefix `codemirror` script and style handles with `wp-` to prevent collisions, as also the object is exported as `wp.CodeMirror` in JS.
* Reduce indent size in Customizer code editor instances and Custom HTML widget to use tab size of 2 instead of 4 to save on space.

See #12423, #38707, #35395.
Fixes #41897.

Built from https://develop.svn.wordpress.org/trunk@41558


git-svn-id: http://core.svn.wordpress.org/trunk@41391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 23:04:45 +00:00
Adam Silverstein 43eb51d4a6 Customizer: retain aspect ration when cropping media w/ shift+click/drag.
Enforce a 1:1 ratio when holding the shift key and dragging in the image cropping tool in the customizer context.

Props melchoyce, mikeschroder.
Fixes #40211.

Built from https://develop.svn.wordpress.org/trunk@41557


git-svn-id: http://core.svn.wordpress.org/trunk@41390 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 22:45:44 +00:00
Adam Silverstein 220d5aec74 Login: Password reset - add hide icon & confirm weak password checkbox.
Extends the password features added in 4.3 to the password reset flow.

Props johnbillion, manolis09, umesh.nevase, Nikschavan.


Built from https://develop.svn.wordpress.org/trunk@41556


git-svn-id: http://core.svn.wordpress.org/trunk@41389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 21:29:48 +00:00
Konstantin Obenland 27536e99c5 Widgets: Improved sidebar mapping on theme switch
Builds on efforts brought forward in #17979.

This will send sidebars through three levels of mapping:

1. If both themes have only one sidebar, that gets mapped.
2. If both themes have sidebars with the same slug, they get mapped.
3. Sidebars that (even partially) match slugs from a similar kind of sidebar will get mapped.

Finally, if the theme has previously been active and we have a record of its 
sidebar configuration then, any unmapped sidebar will be restored to its 
previous state.

Props westonruter, obenland, alexvorn2, timmydcrawford.
See #39693.


Built from https://develop.svn.wordpress.org/trunk@41555


git-svn-id: http://core.svn.wordpress.org/trunk@41388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 18:46:46 +00:00
Andrew Ozz 76296ef657 Remove SWFUpload,
- Refactor swfupload.js to output a simple upload form, and handlers.js.
- Delete the SWFUpload plugins directory and swfupload.swf.
- Remove flash cookies "hack" from async-upload.php.

See #41752.
Built from https://develop.svn.wordpress.org/trunk@41554


git-svn-id: http://core.svn.wordpress.org/trunk@41387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 16:35:48 +00:00
Adam Silverstein 639d215300 REST API JS Client: Improve nonce handling, refresh stale nonce on sync.
Keep the nonce used for cookie based authentication fresh by pulling in and using any new nonce supplied in the response headers.

* Enable passing nonce to init so each api/endpoint can use a unique nonce.
* Store nonce for endpoint on endpointModel.
* New model helper `nonce()` retrieves a model's routeModel nonce.
* When a response header contains a nonce that doesn't match the stored nonce, replace it.

Fixes #40422.

Built from https://develop.svn.wordpress.org/trunk@41553


git-svn-id: http://core.svn.wordpress.org/trunk@41386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 12:58:45 +00:00
John Blackbourn 9aeedde6ae Multisite: Correct the docs for `maybe_add_existing_user_to_blog()`.
See #41017

Built from https://develop.svn.wordpress.org/trunk@41552


git-svn-id: http://core.svn.wordpress.org/trunk@41385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 12:28:44 +00:00
Sergey Biryukov da3e29eeba Docs: Use correct order of arguments in the DocBlock for `WP_Hook::has_filter()`.
Props munyagu.
Fixes #41941.
Built from https://develop.svn.wordpress.org/trunk@41551


git-svn-id: http://core.svn.wordpress.org/trunk@41384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 10:00:48 +00:00
Weston Ruter 800ad7bd04 Customize: Let media control button labels better automatically reflect the specified MIME type.
Props Christian1012, celloexpressions, westonruter.
Fixes #38796.

Built from https://develop.svn.wordpress.org/trunk@41550


git-svn-id: http://core.svn.wordpress.org/trunk@41383 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-20 21:24:46 +00:00
Weston Ruter 379e0371dd Widgets: Omit attributes from an Image widget's link when they are empty.
Props subrataemfluence, Nenad Obradovic, westonruter.
See #39993.
Fixes #41919.

Built from https://develop.svn.wordpress.org/trunk@41549


git-svn-id: http://core.svn.wordpress.org/trunk@41382 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-20 19:45:46 +00:00
Sergey Biryukov 6918752529 Twenty Seventeen: Document the type of `$item` argument in `twentyseventeen_dropdown_icon_to_menu_link()` more accurately.
Props ndoublehwp.
Fixes #41923.
Built from https://develop.svn.wordpress.org/trunk@41548


git-svn-id: http://core.svn.wordpress.org/trunk@41381 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-20 18:15:46 +00:00
Weston Ruter 067970ca82 Widgets: Add Customizer preview support to the Category widget when navigating to a category via dropdown.
Switch to using a `form` that is submitted as opposed to making a direct JavaScript call to change the `window.location`. This ensures the Customizer is able to inject the customized state into the request.

Fixes #41671.

Built from https://develop.svn.wordpress.org/trunk@41547


git-svn-id: http://core.svn.wordpress.org/trunk@41380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-20 03:16:46 +00:00
Dominik Schilling f2589e222e Taxonomy/Users: Use correct escaping function for URLs.
Built from https://develop.svn.wordpress.org/trunk@41522


git-svn-id: http://core.svn.wordpress.org/trunk@41355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 21:14:47 +00:00
Aaron Campbell fc930d3dae Database: Hardening to bring `wpdb::prepare()` inline with documentation.
`wpdb::prepare()` supports %s, %d, and %F as placeholders in the query string. Any other non-escaped % will be escaped.


Built from https://develop.svn.wordpress.org/trunk@41496


git-svn-id: http://core.svn.wordpress.org/trunk@41329 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 17:56:45 +00:00
Aaron Campbell 5225e026ef Database: Don’t trigger `_doing_it_wrong()` for null values in `wpdb::prepare()`.
While `wpdb::prepare()` does not support null values (see #12819) they still appear in the wild like in the WordPress Importer and other plugins.


Built from https://develop.svn.wordpress.org/trunk@41483


git-svn-id: http://core.svn.wordpress.org/trunk@41316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 16:06:45 +00:00
Aaron Campbell 70b2127909 Database: Hardening for `wpdb::prepare()`
Previously if you passed an array of values for placeholders, additional values could be passed as well. Now additional values will be ignored.


Built from https://develop.svn.wordpress.org/trunk@41470


git-svn-id: http://core.svn.wordpress.org/trunk@41303 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 14:48:47 +00:00
John Blackbourn 69de73224f Filesystem API: Ensure filenames are valid before attempting to unzip them to ensure malformed file paths don't cause issues.
Built from https://develop.svn.wordpress.org/trunk@41457


git-svn-id: http://core.svn.wordpress.org/trunk@41290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 14:36:47 +00:00
Aaron Campbell 1115a36cda oEmbed: Add extra hardening around allowed HTML for improved sandboxing.
Built from https://develop.svn.wordpress.org/trunk@41448


git-svn-id: http://core.svn.wordpress.org/trunk@41281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 13:43:05 +00:00
John Blackbourn e088205014 General: Add missing URL-encoding and add extra hardening to plugin and template names when they're displayed in the admin area.
Props kawauso, Mte90 for initial patches

Fixes #13377

Built from https://develop.svn.wordpress.org/trunk@41399


git-svn-id: http://core.svn.wordpress.org/trunk@41232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 10:11:43 +00:00
Dominik Schilling 9041e7a071 Taxonomy/Users: Provide a fallback for incorrect HTTP referrers.
Built from https://develop.svn.wordpress.org/trunk@41398


git-svn-id: http://core.svn.wordpress.org/trunk@41231 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 09:13:44 +00:00
Dominik Schilling 12694b6b92 Customize: Ensure valid themes in the preview.
Built from https://develop.svn.wordpress.org/trunk@41397


git-svn-id: http://core.svn.wordpress.org/trunk@41230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 08:39:45 +00:00
Dominik Schilling 83853f9fd2 TinyMCE: Improve the previews for shortcodes.
Built from https://develop.svn.wordpress.org/trunk@41395


git-svn-id: http://core.svn.wordpress.org/trunk@41228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 08:19:45 +00:00
Dominik Schilling c2ead9d046 Editor: Prevent adding `javascript:` and `data:` URLs through the inline link dialog.
Built from https://develop.svn.wordpress.org/trunk@41393


git-svn-id: http://core.svn.wordpress.org/trunk@41226 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 08:01:45 +00:00
Weston Ruter f6a26be345 Customize: Add notifications API to sections and panels.
* Adds a `notifications` property to instances of `wp.customize.Panel` and `wp.customize.Section`.
* Adds a `setupNotifications()` method to `Panel`, `Section`, and `Control`.
* Adds a `getNotificationsContainerElement()` method to the `Panel` and `Section` classes, like `Control` has.
* Replace hard-coded notification in header media section with a notification.
* Limit rendering notifications to panels and sections that are expanded, and to controls that have an expanded section.

See #34893, #35210, #38778.
Fixes #38794.

Built from https://develop.svn.wordpress.org/trunk@41390


git-svn-id: http://core.svn.wordpress.org/trunk@41223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 05:40:44 +00:00
Weston Ruter d544ac92f0 Customize: Show notification error with "Your homepage displays" control when homepage and posts page are set to be the same (but not empty).
* Show global error notiafication when saving is blocked due to client-side setting invalidity.
* Refactor `wp.customize.Notifications#render()` to ensure a notification re-renders if its `message` or data changes but its `code` does not.

Props MatheusGimenez, sixhours, westonruter, karmatosed, aocean90, zoonini, michelleweber, melchoyce.
See #35210.
Fixes #21492.

Built from https://develop.svn.wordpress.org/trunk@41389


git-svn-id: http://core.svn.wordpress.org/trunk@41222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 00:46:45 +00:00
Weston Ruter 3abea17301 Customize: Add `wp_is_uuid()` validation function with optional second `$version=4` parameter to enforce v4 random UUIDs.
Props jonathanbardo.
Fixes #39778.

Built from https://develop.svn.wordpress.org/trunk@41388


git-svn-id: http://core.svn.wordpress.org/trunk@41221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-18 23:04:44 +00:00
Weston Ruter 19e3d8bc41 Customize: Use `input` event instead of `keyup` or `propertychange` events when listening for changes in `wp.customize.Element` instances.
Ensures that a control's `Element` is updated in response to pasting into the field. Also fixes issue where inputs using "new" HTML5 types (like `url` and `number`) were not updating in the preview during keystrokes. The use of `input` was previously blocked due to needing to support IE9, but this is no longer a concern since IE<11 is no longer supported.

See #38845, #28477.
Fixes #35832.

Built from https://develop.svn.wordpress.org/trunk@41387


git-svn-id: http://core.svn.wordpress.org/trunk@41220 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-18 19:11:48 +00:00
Peter Wilson 10970701d7 Emoji: Invert value returned by UN test for accuracy.
The JavaScript testing for UN flag support was passing when it failed, and failing when it passes.

This inverts the result to take more traditional approach of returning the correct result.

Unprops Pento.
Fixes #41852.


Built from https://develop.svn.wordpress.org/trunk@41386


git-svn-id: http://core.svn.wordpress.org/trunk@41219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-17 22:52:47 +00:00
Weston Ruter c8eb741afd Code Editor: Remove `scrollIntoView` of editor's cursor line upon focus to prevent jumping issues for editor scroll position.
See #41850, #41879.

Built from https://develop.svn.wordpress.org/trunk@41385


git-svn-id: http://core.svn.wordpress.org/trunk@41218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-17 03:58:44 +00:00
Weston Ruter e5b3921ca4 Code Editor: Scroll the cursor line into view instead of the entire editor when focused.
See #41850.
Fixes #41879.

Built from https://develop.svn.wordpress.org/trunk@41384


git-svn-id: http://core.svn.wordpress.org/trunk@41217 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-17 03:35:47 +00:00
Sergey Biryukov 2f701f7d0e Media: Rename "Insert Media" window title to "Add Media" for consistency with the "Add Media" button.
Props danieltj.
Fixes #41704.
Built from https://develop.svn.wordpress.org/trunk@41383


git-svn-id: http://core.svn.wordpress.org/trunk@41216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-16 11:03:45 +00:00
Sergey Biryukov ca92da1dcc Twenty Fifteen: Add missing comma in `ie.css`.
Props lalitpendhare.
Fixes #41890.
Built from https://develop.svn.wordpress.org/trunk@41382


git-svn-id: http://core.svn.wordpress.org/trunk@41215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-16 05:12:48 +00:00
Adam Silverstein 6b3432b9a4 JSDocs: add the jsdoc folder to .gitignore and svn:ignore.
Props netweb.
Fixes #41682.

Built from https://develop.svn.wordpress.org/trunk@41381


git-svn-id: http://core.svn.wordpress.org/trunk@41214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-15 20:14:47 +00:00
Felix Arntz f2d9abd022 Multisite: Introduce `get_main_site_id()`.
This function can be used to easily get the main site ID of a given network via the optional `$network_id` parameter, which defaults to the current network. The existing `is_main_site()` now uses the new function internally and now accepts an optional `$network_id` parameter as well.

The main purpose of the new function at this point is to ensure that the `WP_Network::$blog_id` property is always set. Magic getters in the class have been adjusted to auto-fill the property when it is accessed and empty. Furthermore the function encapsulates logic that was previously part of `ms_load_current_site_and_network()` and has been replaced with a call to the function now.

Props spacedmonkey, jeremyfelt, johnjamesjacoby, flixos90.
Fixes #29684.

Built from https://develop.svn.wordpress.org/trunk@41380


git-svn-id: http://core.svn.wordpress.org/trunk@41213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-15 11:15:52 +00:00
Adam Silverstein 938e93fe1f wp.sanitize - fix namespace for calls to `stripTags`.
Fixes an `undefined` JavaScript error in PressThis since [41061].

Props afercia.
Fixes #41883.

Built from https://develop.svn.wordpress.org/trunk@41379


git-svn-id: http://core.svn.wordpress.org/trunk@41212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-14 19:29:44 +00:00