The default error handler `wp_handle_upload_error()` expects a reference for the first parameter but `call_user_func()` doesn't pass parameters by reference. The current code didn't produce any issues until now. PHP 7.0.9 (and PHP 7.1) is now stricter and prevents calling the error handler with a warning:
> PHP Warning: Parameter 1 to wp_handle_upload_error() expected to be a reference, value given.
To restore the error handler `_wp_handle_upload()` now uses `call_user_func_array()`.
Merge of [38235] to the 4.6 branch.
Props jbrinley.
Props jorbin for review.
See #37570.
Built from https://develop.svn.wordpress.org/branches/4.6@38236
git-svn-id: http://core.svn.wordpress.org/branches/4.6@38177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Merges [38221] to the 4.6 branch.
Before this change, when a bulk update was canceled due dismissing the FTP credentials modal, part of the actions didn't get canceled. This meant the "There is a new version of…” notices become blank and the updates you had checked became unchecked. Now, the notices remain and you are essentially returned to the screen you had before. Strings are also updated to improve ARIA usage.
Fixes#37563.
Props ocean90, swissspidy, obenland, afercia.
Built from https://develop.svn.wordpress.org/branches/4.6@38222
git-svn-id: http://core.svn.wordpress.org/branches/4.6@38163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* "-1" is an invalid nonce error, show 'An error has occurred. Please reload the page and try again.'.
* "error" means that the connection to the server was lost, show 'Connection lost or the server is busy. Please try again later.'.
* Escape the message in `wp-updates-admin-notice` because the response may include HTML.
* Remove HTML tags in `wp.updates.isValidResponse()` to make PHP's error messages more readable.
Merge of [38205] to the 4.6 branch.
Props azaozz for review.
See #37583.
Built from https://develop.svn.wordpress.org/branches/4.6@38206
git-svn-id: http://core.svn.wordpress.org/branches/4.6@38147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
An upgrader class is used in conjunction with an upgrader skin class. A skin class handles the logging for an upgrade and informs a user about the progress and failures.
The current Ajax install/update handlers are using the `Automatic_Upgrader_Skin` class because during an Ajax request no output is intended. The difference between Ajax updates and automatic updates is that you will see the full log (usually by email) while Ajax updates focus only on success or failure. For that `Automatic_Upgrader_Skin` has one disadvantage: It doesn't provide a way to retrieve failure messages which were passed through `WP_Upgrader_Skin::error()` by the upgrader.
To solve this issue a new skin `WP_Ajax_Upgrader_Skin` has been introduced. The skin extends `Automatic_Upgrader_Skin` and overrides the `error()` and `feedback()` methods to intercept all errors, which can be a `WP_Error` object or a string.
This updates all four Ajax handler for installing/updating themes/plugins to use the new skin. They now also check the skin for any intercepted errors and pass them on to the user.
Merge of [38199] to the 4.6 branch.
Props flixos90, obenland, ocean90.
Props DrewAPicture, pento for review.
See #37531.
Built from https://develop.svn.wordpress.org/branches/4.6@38200
git-svn-id: http://core.svn.wordpress.org/branches/4.6@38141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Merge of [38185] to the 4.6 branch
When doing a bulk update, if there are failures the user needs to know about that. This makes it clearer that you can click on the notification to see more details, especially for screen reader users.
Fixes#37510.
Props juhise, Ankit K Gupta, afercia, jorbin, ocean90.
Built from https://develop.svn.wordpress.org/branches/4.6@38187
git-svn-id: http://core.svn.wordpress.org/branches/4.6@38128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Since [37221] the upload form is added to every plugin install screen via `install_plugins_upload()`. Previously the form was added through the `install_plugins_upload` (alias of `install_plugins_$tab`) action which allowed plugin authors to replace the form. This restores the previous behaviour.
* Add the form only to non-upload plugin install screens.
* Replace `install_plugins_upload()` with the `install_plugins_upload` and `install_plugins_pre_upload` actions.
* Remove `$upload_tab_class` and add a CSS class for the current tab to `.wrap`
* Adjust CSS selectors and toggle the whole container to support upload without an `upload-plugin` class.
Props DavidAnderson, ocean90.
Fixes#37495.
Built from https://develop.svn.wordpress.org/trunk@38172
git-svn-id: http://core.svn.wordpress.org/trunk@38113 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Under certain conditions upgrades on Windows may fail because `wp_tempnam()` gets called in a loop.
This can happen when `wp_tempnam()` is called with `\.maintenance` for the `$filename` parameter. The function strips the extension, in this case `.maintenance`, which results in an empty filename. Because it's empty, `wp_tempnam()` calls itself with `dirname( '\.maintenance' )`. On *nix systems this would be `"/"` which allows `wp_tempnam()` to fall back on `time()`. But on Windows it's `"\"`.
This change adds the backslash to the list of characters which allow `wp_tempnam()` to fall back on `time()`.
See [32322], [31936].
Fixes#33999.
Built from https://develop.svn.wordpress.org/trunk@38151
git-svn-id: http://core.svn.wordpress.org/trunk@38092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Update DocBlock to use third-person singular verb and to include a period at the end.
* Use `submit_button()` for the submit button.
* Escape the ID attribute.
* Apply the same to `WP_List_Table::search_box()`.
See #37230.
Built from https://develop.svn.wordpress.org/trunk@38146
git-svn-id: http://core.svn.wordpress.org/trunk@38087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`$context` is a full path to the directory that is tested for being writable. A path shouldn't be a boolean value.
This also updates `WP_Upgrader_Skin::request_filesystem_credentials()` and `Automatic_Upgrader_Skin::request_filesystem_credentials()` and adds missing docs.
Props DrewAPicture, ocean90.
Fixes#37412.
Built from https://develop.svn.wordpress.org/trunk@38138
git-svn-id: http://core.svn.wordpress.org/trunk@38079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Rename the `$post_type` parameter to `$box` for clarity and consistency with other meta box functions.
* Make the docs more consistent with `post_format_meta_box()` and other meta box functions.
* Correct type and description for the third argument of `nav_menu_items_{$post_type_name}_recent` filter.
See #37211.
Built from https://develop.svn.wordpress.org/trunk@38129
git-svn-id: http://core.svn.wordpress.org/trunk@38070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, changing the post thumbnail of a published post in the edit screen
would immediately apply the change, rather than waiting for the post to be
saved before applying the update. This could lead to someone unintentionally
editing the post thumbnail on a published post, and made it impossible to
preview changes to post thumbnails on published posts before saving the change.
This introduces a new Ajax handler, `wp_ajax_get_post_thumbnail_html()` to
retrieve the HTML for the post thumbnail meta box without updating the post
meta value for `_thumbnail_id`. It also allows post thumbnail changes to be
previewed by passing the `_thumbnail_id` as a query variable to the preview
screen and adding a new filter, `_wp_preview_post_thumbnail_filter()`, which
gets applied to `get_post_metadata` during the post preview process.
Props flixos90.
Fixes#12922.
Built from https://develop.svn.wordpress.org/trunk@38118
git-svn-id: http://core.svn.wordpress.org/trunk@38059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `IMAGE_EDIT_OVERWRITE` is set to true, edited image files are
supposed to be deleted when an image is restored to the original.
However, when an image was edited more than once, and then restored,
files created during previous edits were left behind.
Fixes this behavior by updating `wp_save_image()` to clean up
leftover images after each edit when `IMAGE_EDIT_OVERWRITE` is true.
Props bradt, chriscct7, joemcgill.
Fixes#32171.
Built from https://develop.svn.wordpress.org/trunk@38113
git-svn-id: http://core.svn.wordpress.org/trunk@38054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Both list tables provide different actions based on where they are loaded, regular admin or network admin. Since there is only one Ajax handler for both screens we have to set the current screen before using the list tables.
Props swissspidy, ocean90.
Fixes#37373.
Built from https://develop.svn.wordpress.org/trunk@38091
git-svn-id: http://core.svn.wordpress.org/trunk@38032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Remove title attributes.
* Show "Install Now" and "Details" links if the importer isn't installed yet.
* Show a "Run Importer" link if the importer is installed. It also handles activation if the plugin isn't activated.
* Add `aria-label` attributes to each link.
* Unify the importer descriptions to make them independent from the plugin state. The API was changed in [meta3690].
* Adjust JavaScript callbacks for ajaxified importer installs.
Props afercia, swissspidy, ocean90.
See #24766.
Fixes#35191.
Built from https://develop.svn.wordpress.org/trunk@38075
git-svn-id: http://core.svn.wordpress.org/trunk@38016 1a063a9b-81f0-0310-95a4-ce76da25c4cd