Gary Pendergast
7d9b5b14b5
Libraries: Update zxcvbn from version 1.0 to 4.4.1
...
This includes masses of bug fixes, as well as tweaks to how passwords are scored.
QUnit tests have been updated to reflect tha scoring changes.
Full changelog: https://github.com/dropbox/zxcvbn/compare/v1.0...v4.4.1
Fixes #31647 .
Built from https://develop.svn.wordpress.org/trunk@39596
git-svn-id: http://core.svn.wordpress.org/trunk@39536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 11:23:42 +00:00
James Nylen
d7ab7fdf5a
REST API: Do not include the `password` argument when getting media items
...
Currently, `attachment` is the only post type exposed via the REST API that
does not support password protection, but it's possible for other post types to
remove password support.
Fixes #38977 .
Built from https://develop.svn.wordpress.org/trunk@39595
git-svn-id: http://core.svn.wordpress.org/trunk@39535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 03:51:44 +00:00
James Nylen
0b599cce41
REST API: Do not error on empty JSON body
...
It's fairly common for clients to send `Content-Type: application/json` with an
empty body. While technically not valid JSON, we've historically supported
this behaviour, so it shouldn't cause an error.
Props JPry.
Fixes #39150 .
Built from https://develop.svn.wordpress.org/trunk@39594
git-svn-id: http://core.svn.wordpress.org/trunk@39534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 03:34:41 +00:00
Boone Gorges
aa644128d6
Taxonomy: Use `get_term_link()` instead of `get_category_link()` in `get_term_parents_list()`.
...
`get_category_link()` is a wrapper for `get_term_link()`. Using the
unwrapped function makes more sense semantically (it's taxonomy-
agnostic) and it's also more parsimonious (the `WP_Error` check in
`get_category_link()` is redundant with similar checks just before
in `get_term_link()`).
Props keesiemeijer.
Fixes #17069 .
Built from https://develop.svn.wordpress.org/trunk@39593
git-svn-id: http://core.svn.wordpress.org/trunk@39533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 02:57:41 +00:00
Ryan McCue
20aa5d7150
General: Correctly detect trailing newline when prepending.
...
We need to check that the final line is actually an artifact of explode(), not just an empty input string.
See #37082 .
Built from https://develop.svn.wordpress.org/trunk@39592
git-svn-id: http://core.svn.wordpress.org/trunk@39532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 02:48:41 +00:00
Ryan McCue
fbc00b31ef
General: Remove most uses of create_function()
...
create_function() is equivalent to eval(), and most of our uses can be refactored. This is simpler, more secure, and slightly more performant.
Props sgolemon.
Fixes #37082 .
Built from https://develop.svn.wordpress.org/trunk@39591
git-svn-id: http://core.svn.wordpress.org/trunk@39531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-13 01:49:39 +00:00
Felix Arntz
6e2d9af8b6
Tests: Use `wp_delete_user()` during teardown to delete a single site's user.
...
Fixes failing tests for `get_dashboard_url()`.
Fixes #39065 .
Built from https://develop.svn.wordpress.org/trunk@39590
git-svn-id: http://core.svn.wordpress.org/trunk@39530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 23:18:40 +00:00
Felix Arntz
d784b5552c
Multisite: Replace `is_super_admin()` with `manage_network` in `get_dashboard_url()`.
...
Unit tests for `get_dashboard_url()` have been added.
Props iaaxpage.
Fixes #39065 . See #37616 .
Built from https://develop.svn.wordpress.org/trunk@39589
git-svn-id: http://core.svn.wordpress.org/trunk@39529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 22:41:39 +00:00
Felix Arntz
f704fc808a
Multisite: Handle capability check for removing oneself via `map_meta_cap()`.
...
Site administrators should not be able to remove themselves from a site. This moves the enforcement of this rule from `wp-admin/users.php` to `remove_user_from_blog()` via the `remove_user` capability, which furthermore allows us to get rid of two additional clauses and their `is_super_admin()` checks in `wp-admin/users.php`. A unit test for the new behavior has been added.
Fixes #39063 . See #37616 .
Built from https://develop.svn.wordpress.org/trunk@39588
git-svn-id: http://core.svn.wordpress.org/trunk@39528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 21:42:42 +00:00
Konstantin Obenland
ee36cf9214
Themes: Add missing square bracket in jQuery selector.
...
Fixes a bug in Safari where the UI wasn't updated after deleting a theme due to
the incomplete selector.
Props Hristo Sg.
Fixes #39246 .
Built from https://develop.svn.wordpress.org/trunk@39586
git-svn-id: http://core.svn.wordpress.org/trunk@39526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 09:32:41 +00:00
Weston Ruter
c9b863fc40
Customize: Prevent navigation in preview when clicking on child elements of preview links that have non-previewable URLs.
...
Fixes #39098 .
Built from https://develop.svn.wordpress.org/trunk@39584
git-svn-id: http://core.svn.wordpress.org/trunk@39524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 08:09:41 +00:00
Dion Hulse
5edd9b03e7
Remove the WordPress version number from `readme.html`.
...
See #35554
Built from https://develop.svn.wordpress.org/trunk@39583
git-svn-id: http://core.svn.wordpress.org/trunk@39523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 08:01:39 +00:00
Weston Ruter
8a89a50c69
Customize: Prevent edit shortcut from losing event handler after selective refresh.
...
Props sirbrillig.
See #27403 .
Fixes #39100 .
Built from https://develop.svn.wordpress.org/trunk@39581
git-svn-id: http://core.svn.wordpress.org/trunk@39521 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 07:52:43 +00:00
Dion Hulse
0a349c9641
PDF Images: Avoid a PHP Warning when attempting to process a file without an extension.
...
Props chandrapatel for initial patch.
Fixes #39195 .
Built from https://develop.svn.wordpress.org/trunk@39580
git-svn-id: http://core.svn.wordpress.org/trunk@39520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 06:19:41 +00:00
Dion Hulse
883689c816
Taxonomy: Restore the ability to use string-based `$args` in `wp_get_object_terms()`.
...
Props tyxla.
Fixes #39215
Built from https://develop.svn.wordpress.org/trunk@39578
git-svn-id: http://core.svn.wordpress.org/trunk@39518 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 05:47:42 +00:00
Weston Ruter
826a0323a2
Build/Test Tools: Facilitate SVN and Git being co-located in the same directory.
...
Ignore .svn in .gitignore, and ignore .git in svn:ignore.
Fixes #39245 .
Built from https://develop.svn.wordpress.org/trunk@39577
git-svn-id: http://core.svn.wordpress.org/trunk@39517 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 05:12:44 +00:00
Dion Hulse
bdf6087450
Bootstrap: Re-initialize any hooks added manually by `object-cache.php`.
...
Prior to 3.1 if a object cache dropin wanted to add actions, they needed to use `$wp_filter` directly.
Props jorbin.
Fixes #39132 .
Built from https://develop.svn.wordpress.org/trunk@39565
git-svn-id: http://core.svn.wordpress.org/trunk@39505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-12 01:29:42 +00:00
Peter Wilson
c21907ca1e
Options: Prevent unnecessary SQL updates by `update_option`.
...
Previously an option containing an object would trigger an SQL `UPDATE` on all calls to `update_option`, even if the old and new values were identical. This was due to the old and new values having differing resource IDs.
This change compares the old and new values as serialized data to remove the resource ID from the comparison.
Props salcode, bradyvercher, peterwilsoncc.
Fixes #38903 .
Built from https://develop.svn.wordpress.org/trunk@39564
git-svn-id: http://core.svn.wordpress.org/trunk@39504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-11 21:43:43 +00:00
Rachel Baker
d054b9afba
REST API: Allow schema sanitization_callback to be set to null to bypass fallback sanitization functions.
...
The logic in WP_REST_Request->sanitize_params() added in [39091] did not account for `null` or `false` being the sanitization_callback preventing overriding `rest_parse_request_arg()`. This fixes that oversight, allowing the built in sanitization function to be bypassed. See #38593 .
Props kkoppenhaver, rachelbaker, jnylen0.
Fixes #39042 .
Built from https://develop.svn.wordpress.org/trunk@39563
git-svn-id: http://core.svn.wordpress.org/trunk@39503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-11 21:26:43 +00:00
Weston Ruter
9669c60397
Customize: Fix ability to shift-click on placeholder/pre-saved nav menu items in preview to focus on corresponding control.
...
Fixes #39102 .
Built from https://develop.svn.wordpress.org/trunk@39562
git-svn-id: http://core.svn.wordpress.org/trunk@39502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-10 23:47:41 +00:00
Weston Ruter
57830bf2be
Customize: Deprecate `page_home` nav menu item starter content in favor of `home_link`; replace usage in Twenty Seventeen.
...
Props celloexpressions, westonruter.
Amends [38991].
See #38615 , #38114 .
Fixes #39104 .
Built from https://develop.svn.wordpress.org/trunk@39561
git-svn-id: http://core.svn.wordpress.org/trunk@39501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-10 23:39:43 +00:00
Weston Ruter
a366e58135
Customize: Trim whitespace for URLs supplied for `external_header_video` to prevent `esc_url_raw()` from making them invalid.
...
Props tyxla.
See #38172 .
Fixes #39125 .
Built from https://develop.svn.wordpress.org/trunk@39560
git-svn-id: http://core.svn.wordpress.org/trunk@39500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-10 07:00:45 +00:00
Weston Ruter
6527c24ab1
Customize: Prevent single quotes (apostrophes) in `custom_css` values from unexpectedly causing false positives for unbalanced character validation errors.
...
See #39218 , #35395 .
Fixes #39198 .
Built from https://develop.svn.wordpress.org/trunk@39559
git-svn-id: http://core.svn.wordpress.org/trunk@39499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-10 06:45:42 +00:00
Weston Ruter
1b96e389c0
Customize: Fix inability to delete nav menus by preventing `preview` filters from being added during `customize_save` admin ajax request.
...
Also prevent setting `nav_menu_locations[...]` values to `NaN` which gets sent as `null`.
Amends [38810].
See #30937 .
Fixes #39103 .
Built from https://develop.svn.wordpress.org/trunk@39558
git-svn-id: http://core.svn.wordpress.org/trunk@39498 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-10 06:30:46 +00:00
Weston Ruter
f1c383454b
Customize: Prevent scrolling `custom_css` textarea to top when pressing tab.
...
Props tyxla, sstoqnov for testing, celloexpressions for testing.
See #38667 .
Fixes #39134 .
Built from https://develop.svn.wordpress.org/trunk@39557
git-svn-id: http://core.svn.wordpress.org/trunk@39497 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-10 00:44:40 +00:00
John Blackbourn
5b15e8c11b
Build/Test Tools: Remove some more randomness.
...
See #37371
Built from https://develop.svn.wordpress.org/trunk@39556
git-svn-id: http://core.svn.wordpress.org/trunk@39496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-10 00:02:41 +00:00
John Blackbourn
da5255777a
Build/Test Tools: Reuse another fixture in the user capability tests.
...
See #38716
Built from https://develop.svn.wordpress.org/trunk@39555
git-svn-id: http://core.svn.wordpress.org/trunk@39495 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-09 23:36:41 +00:00
John Blackbourn
b5f7ab46dd
Build/Test Tools: Remove commented out tests that have existed in an unimplemented state since the dawn of the test infrastructure.
...
See #38716
Built from https://develop.svn.wordpress.org/trunk@39554
git-svn-id: http://core.svn.wordpress.org/trunk@39494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-09 23:12:41 +00:00
Andrea Fercia
10819d629f
Accessibility: Remove inappropriate content from the Edit Categories and Edit Tags screens headings.
...
See #26601 .
Built from https://develop.svn.wordpress.org/trunk@39553
git-svn-id: http://core.svn.wordpress.org/trunk@39493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-09 20:50:41 +00:00
Andrea Fercia
9d474c8206
Accessibility: Remove inappropriate content from the Edit Comments screen heading.
...
See #26601 .
Built from https://develop.svn.wordpress.org/trunk@39552
git-svn-id: http://core.svn.wordpress.org/trunk@39492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-09 18:59:40 +00:00
Andrea Fercia
c05f1dc805
Accessibility: Remove inappropriate content from the Network screens headings.
...
See #26601 .
Built from https://develop.svn.wordpress.org/trunk@39551
git-svn-id: http://core.svn.wordpress.org/trunk@39491 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-09 18:57:42 +00:00
Boone Gorges
97fd5ae77c
Docs: Correct param definition for `WP_Query::query()`.
...
Props Shelob9.
Fixes #38963 .
Built from https://develop.svn.wordpress.org/trunk@39550
git-svn-id: http://core.svn.wordpress.org/trunk@39490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-09 16:23:42 +00:00
Boone Gorges
74b6e1ba86
Taxonomy: Introduce `get_term_parents_list()`.
...
This new function is a taxonomy-agnostic version of `get_category_parents()`.
Props keesiemeijer, SergeyBiryukov, rafaehlers.
Fixes #17069 .
Built from https://develop.svn.wordpress.org/trunk@39549
git-svn-id: http://core.svn.wordpress.org/trunk@39489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-09 16:10:42 +00:00
Weston Ruter
d94530e721
Customize: Collapse available nav menu items panel when clicking outside over preview or over existing items.
...
Props rockwell15.
Fixes #38953 .
Built from https://develop.svn.wordpress.org/trunk@39548
git-svn-id: http://core.svn.wordpress.org/trunk@39488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-09 06:16:40 +00:00
Weston Ruter
d10cde75c6
Customize: Allow (optional) `url` parameter to be omitted in intercepted calls to `history.pushState()` and `history.replaceState()` in customize preview.
...
Fixes issue where calls without the `url` parameter erroneously end up rewriting the location path to `/undefined`.
Props Christian1012, westonruter.
Fixes #39175 .
Built from https://develop.svn.wordpress.org/trunk@39547
git-svn-id: http://core.svn.wordpress.org/trunk@39487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-09 01:59:41 +00:00
Weston Ruter
592c3fc7d7
Customize: Use `esc_url_raw()` instead of `wp_json_encode()` to eliminate extraneous slashes when outputting background image URL in CSS `url()`.
...
Props tyxla, westonruter.
See #22058 .
Fixes #39145 .
Built from https://develop.svn.wordpress.org/trunk@39546
git-svn-id: http://core.svn.wordpress.org/trunk@39486 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-09 01:43:42 +00:00
Weston Ruter
c68f1de5f8
Customize: Use selected user language for edit shortcuts in preview instead of site language.
...
Props ocean90.
Fixes #39009 .
Built from https://develop.svn.wordpress.org/trunk@39545
git-svn-id: http://core.svn.wordpress.org/trunk@39485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-08 19:32:59 +00:00
Boone Gorges
3a0e61e680
Allow apostrophes in email address during wp-login.php registration.
...
See #18039 for a related fix when creating users via the Dashboard.
Props tomdxw.
Fixes #34483 .
Built from https://develop.svn.wordpress.org/trunk@39544
git-svn-id: http://core.svn.wordpress.org/trunk@39484 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-08 03:58:45 +00:00
Andrea Fercia
76a5b4f3c2
Accessibility: Remove inappropriate content from the Menus screen heading.
...
See #26601 .
Built from https://develop.svn.wordpress.org/trunk@39543
git-svn-id: http://core.svn.wordpress.org/trunk@39483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 23:47:43 +00:00
Andrea Fercia
40e303237b
Accessibility: Remove inappropriate content from the old Edit Media screen heading.
...
See #26601 .
Built from https://develop.svn.wordpress.org/trunk@39542
git-svn-id: http://core.svn.wordpress.org/trunk@39482 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 23:30:40 +00:00
Andrea Fercia
2d76e0dfb2
Accessibility: Remove inappropriate content from the Widgets screen heading.
...
See #26601 .
Built from https://develop.svn.wordpress.org/trunk@39541
git-svn-id: http://core.svn.wordpress.org/trunk@39481 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 22:18:40 +00:00
Felix Arntz
da4cc4d9e2
Multisite: Replace `is_super_admin()` with `update_core` for update permissions.
...
Fixes #39060 . See #37616 .
Built from https://develop.svn.wordpress.org/trunk@39540
git-svn-id: http://core.svn.wordpress.org/trunk@39480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 22:14:42 +00:00
Felix Arntz
72380176dc
Multisite: Remove redundant `is_super_admin()` when checking for `edit_others_posts`.
...
The super admin on multisite as well as the administrator on non-multisite both have this capability already. For custom post types using different capabilities this change ensures that only users with that capability have permissions.
Fixes #39059 . See #37616 .
Built from https://develop.svn.wordpress.org/trunk@39539
git-svn-id: http://core.svn.wordpress.org/trunk@39479 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 22:09:42 +00:00
Andrea Fercia
57c2604200
Accessibility: Remove inappropriate content from the Edit User screen heading.
...
See #26601 .
Built from https://develop.svn.wordpress.org/trunk@39538
git-svn-id: http://core.svn.wordpress.org/trunk@39478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 22:08:43 +00:00
Andrea Fercia
2c227839d4
Accessibility: Remove inappropriate content from the Link Manager screens headings.
...
See #26601 .
Built from https://develop.svn.wordpress.org/trunk@39537
git-svn-id: http://core.svn.wordpress.org/trunk@39477 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 20:18:46 +00:00
Andrea Fercia
64f63499f8
Accessibility: Remove inappropriate content from the Add Plugins screen heading.
...
See #26601 .
Built from https://develop.svn.wordpress.org/trunk@39536
git-svn-id: http://core.svn.wordpress.org/trunk@39476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 19:06:41 +00:00
Andrea Fercia
993f895c29
Accessibility: Remove inappropriate content from the Plugins screen heading.
...
See #26601 .
Built from https://develop.svn.wordpress.org/trunk@39535
git-svn-id: http://core.svn.wordpress.org/trunk@39475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 18:48:40 +00:00
Andrea Fercia
87882d0463
Accessibility: Remove inappropriate content from the Users screen heading.
...
See #26601 .
Built from https://develop.svn.wordpress.org/trunk@39534
git-svn-id: http://core.svn.wordpress.org/trunk@39474 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 18:29:38 +00:00
Andrea Fercia
710b4431dd
Toolbar: remove some unnecessary CSS lines.
...
They were commented out in `admin-bar.css` since 3 years, see [26770].
Props kafleg, ketuchetan.
Fixes #39137 .
Built from https://develop.svn.wordpress.org/trunk@39533
git-svn-id: http://core.svn.wordpress.org/trunk@39473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 17:45:45 +00:00
Boone Gorges
f882fc1295
Comments: Clean up unused code after [38446].
...
When the direct SQL query was removed in [38446], part of the SQL
concatenation was not removed. This changeset fixes that.
Props david.binda.
Fixes #39142 .
Built from https://develop.svn.wordpress.org/trunk@39532
git-svn-id: http://core.svn.wordpress.org/trunk@39472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 15:52:44 +00:00