Previously the user was shown a message that the page was created, but might not understand that they still need to visit the page and publish it. Redirecting them to the page makes it more obvious that additional steps are involved.
Props Clorith, xkon, azaozz.
Fixes#43926.
Built from https://develop.svn.wordpress.org/trunk@43160
git-svn-id: http://core.svn.wordpress.org/trunk@42989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new features are very important for some users, because of their GDPR obligations. They're also spread across multiple top-level menus, making them less discoverable. An admin pointer will help to ensure that users are aware of the new tools and how to find them.
Props desrosj, andreamiddleton, allendav, xkon.
Fixes#43942.
Built from https://develop.svn.wordpress.org/trunk@43158
git-svn-id: http://core.svn.wordpress.org/trunk@42987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The personal data export and erasure tools allow plugins to register their own callbacks, in order to add additional data to the export and erasure processes. Previously, these were registered without specifying a constant identifier in the array of callbacks. Using mutable integers makes it difficult for plugins to modify the callbacks of other plugins, though.
Using associative array keys instead provides a covenient and reliable way to identify and interact with another plugin's callbacks.
Props desrosj, allendav, ocean90.
Fixes#43931.
Built from https://develop.svn.wordpress.org/trunk@43154
git-svn-id: http://core.svn.wordpress.org/trunk@42983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In many common Multisite use cases, the network administrator will want to set a network-wide privacy policy -- via the `privacy_policy_url` filter -- for consistency and convenience. When that's done, the Privacy Settings screen on individual sites becomes unnecessary, and may confuse administrators of those sites when they see that their changes don't have any effect on the policy link in the footer.
Since we can't programatically determine which behavior the network admins would like, the safest default setting is to restrict the ability to super admins, and let them delegate it to individual site owners via a plugin, if they'd like to.
Fixes#43935.
Built from https://develop.svn.wordpress.org/trunk@43147
git-svn-id: http://core.svn.wordpress.org/trunk@42976 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The page was originally placed under `Tools` so that it would be grouped with the pages to export and erase personal data, since they're all part of the effort to bring privacy management tools to Core ahead of GDPR's deadline. After more consideration, though, it makes sense to move this page to the `Settings` menu, since it's fundamental purpose is to configure an option, rather than to facilitate a recurring task. This keeps all of the configuration pages in a single place, making them consistent and easier to find.
Exporting and erasing personal data are recurring tasks, so they still make sense under the `Tools` menu.
Props xkon, helen, melchoyce, allendav, desrosj, ocean90, azaozz.
Fixes#43873.
Built from https://develop.svn.wordpress.org/trunk@43145
git-svn-id: http://core.svn.wordpress.org/trunk@42974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In these contexts, "privacy policy" is not a proper noun, and therefore should not be capitalized.
The remaining uses are page titles and section headers, where capitalization is appropriate.
Props idea15, garrett-eclipse, allendav.
Fixes#43435.
Built from https://develop.svn.wordpress.org/trunk@43132
git-svn-id: http://core.svn.wordpress.org/trunk@42961 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The previous sentence was gramatically awkward, and using the term "compliance" could accidentally be mistaken by a site owner for a promise by WordPress that their site will be compliant after using the tool, which is not necessarily true.
Props idea15, allendav, azaozz, iandunn.
See #43435.
Built from https://develop.svn.wordpress.org/trunk@43131
git-svn-id: http://core.svn.wordpress.org/trunk@42960 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Personal data collection is more likely for registered users than casual visitors, and the privacy policy might have been updated since a user last logged in. Those changes could impact the collection of personal data from registered users, so it makes sense to provide a link to the policy before users log in.
Props voneff, xkon, melchoyce, chetan200891, desrosj.
Fixes#43721.
Built from https://develop.svn.wordpress.org/trunk@43120
git-svn-id: http://core.svn.wordpress.org/trunk@42949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Multisite networks have a variety of use cases, and in many of them single-site administrators are not trusted to take actions that affect the whole network, require making decisions about legal compliance, etc. By default, those actions should require super admin capabilities. Plugins can be used to override that behavior if a particular site's use case calls for it.
Props allendav, jeremyfelt, iandunn.
Fixes#43919.
Built from https://develop.svn.wordpress.org/trunk@43085
git-svn-id: http://core.svn.wordpress.org/trunk@42914 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This runs immediately after the data export file has been successfully created, allowing plugins to introduce some workflow customizations. For example, a plugin could password-protect the export file, for peace of mind, even though the CSPRN in the filename makes brute force attacks nearly impossible.
See #43546.
Built from https://develop.svn.wordpress.org/trunk@43047
git-svn-id: http://core.svn.wordpress.org/trunk@42876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The primary means of protecting the files is the CSPRN appended to the filename, but there is no reason to keep the files after the data subject has downloaded them, so deleting them provides an additional layer of protection. Previously this was done from `wp_privacy_generate_personal_data_export_file()`, but that does not guarantee that it will be run regularly, and on smaller sites that could result in export files being exposed for much longer than necessary.
`wp_privacy_delete_old_export_files()` was moved to a front end file, so that it can be called from `cron.php`.
This introduces the `wp_privacy_export_expiration` filter, which allows plugins to customize how long the exports are kept before being deleted.
`index.html` was added to the `$exclusions` parameter of `list_files()` to make sure that it isn't deleted. If it were, then poorly-configured servers would allow the directory to be traversed, exposing all of the exported files.
Props iandunn, desrosj.
See #43546.
Built from https://develop.svn.wordpress.org/trunk@43046
git-svn-id: http://core.svn.wordpress.org/trunk@42875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`rand()` is deterministic and therefore offers much less protection in this context. `wp_generate_password()` is a convenient wrapper around `wp_rand()`, which uses `random_int()` to generate cryptographically-secure psuedorandom numbers.
See #43546.
Built from https://develop.svn.wordpress.org/trunk@43045
git-svn-id: http://core.svn.wordpress.org/trunk@42874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- really disables buttons when they look disabled (when navigation is at the first or last theme)
- when navigation is at the first or last theme, moves focus to the other navigation button, to avoid a focus loss
- improves the buttons visually hidden accessibility text
Props walbo, afercia.
Fixes#36627.
Built from https://develop.svn.wordpress.org/trunk@43020
git-svn-id: http://core.svn.wordpress.org/trunk@42849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
By making the pagination links use the default style for buttons, color contrast
is improved and the CSS is simplified. Improves consistency with other UI controls.
Also, slightly increases the white space below the pagination links.
Props benoitchantre, afercia.
Fixes#41858.
Built from https://develop.svn.wordpress.org/trunk@43019
git-svn-id: http://core.svn.wordpress.org/trunk@42848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The updated version of the nag is shorter, more on point and less aggressive than the previous one. It integrates better with the other dashboard widgets and fixes several accessibility concerns. A yellow warning color is used when the current PHP version is outdated, a red error color is used when it is also insecure.
Props afercia, birgire, danieltj, flixos90, johnjamesjacoby, karmatosed, Luciano Croce, nerrad, pento, schlessera, SergeyBiryukov, sonjaleix.
Fixes#41191.
Built from https://develop.svn.wordpress.org/trunk@43006
git-svn-id: http://core.svn.wordpress.org/trunk@42835 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This iterates on earlier versions of the code, in order to handle more edge cases. An arbitrary string like `or=\"` will now be stripped, as well as reachability scopes like `%eth0`.
Props eamax, soulseekah, iandunn.
Fixes#41083.
Built from https://develop.svn.wordpress.org/trunk@42968
git-svn-id: http://core.svn.wordpress.org/trunk@42797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`edit_user()` can also update user roles but was still using the `edit_users` capability instead of the newer `promote_users` capability introduced in [14176].
This makes the role handling consistent with the bulk dropdown menu for role changes.
Props flixos90, johnjamesjacoby, ocean90.
Fixes#42564.
Built from https://develop.svn.wordpress.org/trunk@42855
git-svn-id: http://core.svn.wordpress.org/trunk@42685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
A new global multisite table `wp_blogmeta` is added to the database schema, and a set of `*_site_meta()` API functions are introduced.
The implementation fails gracefully when the new table is not yet available, which may happen especially shortly after the core update, before the network has been upgraded to the new database schema. The presence of the table is detected once and stored as a global setting on the main network.
Core does not yet use site metadata, but there are several use-cases to be implemented or explored in the near future, and it allows plugins to extend sites with arbitrary data, which will come in particularly handy with the upcoming REST API endpoint for sites.
Props spacedmonkey, johnjamesjacoby, jeremyfelt, flixos90.
Fixes#37923.
Built from https://develop.svn.wordpress.org/trunk@42836
git-svn-id: http://core.svn.wordpress.org/trunk@42666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This new dashboard widget is shown on WordPress sites which are powered by a PHP version which WordPress considers outdated, in order to inform site owners about the resulting problems and to explain how to upgrade to a supported version. An education page for that purpose has been previously created that the widget links to. The link is translatable so that localized versions of the page can be referred to as they become available.
The nag follows the example of the Browse Happy dashboard widget and is only visible for administrators, or network administrators when using multisite. To determine whether it needs to be displayed, a new wordpress.org API introduced prior is called that handles the version logic in a centralized location.
Props flixos90, hedgefield, schlessera.
Fixes#41191.
Built from https://develop.svn.wordpress.org/trunk@42832
git-svn-id: http://core.svn.wordpress.org/trunk@42662 1a063a9b-81f0-0310-95a4-ce76da25c4cd