Commit Graph

40225 Commits

Author SHA1 Message Date
Aaron Jorbin dd3ad3ac51 GENERAL: Remove magic quote functions
The path to magic quote sanity took a fun and exciting turn: PHP core removed it and WordPress updated the minimum version.

For the formally external pclzip, the code is commented out to make investigating easier and in case we ever need to merge upstream (if that still exists) changes.

Props ayeshrajans, jrf, jorbin.
See #47783.
Fixes #18322.

Built from https://develop.svn.wordpress.org/trunk@46105


git-svn-id: http://core.svn.wordpress.org/trunk@45917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-13 22:21:01 +00:00
desrosj 8a2bbf777a Correct the version number specified in [46102].
See #45361.
Built from https://develop.svn.wordpress.org/trunk@46104


git-svn-id: http://core.svn.wordpress.org/trunk@45916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-13 18:55:56 +00:00
Adam Silverstein a3eba2c201 Login and Registration: reset password - ensure submit button disabled when field empty.
Fix an issue where the submit button was enabled with an empty password when the user previously checked "Confirm use of weak password" for a weak password, then cleared the password field.

Props henry.wright.
Fixes #47924.


Built from https://develop.svn.wordpress.org/trunk@46103


git-svn-id: http://core.svn.wordpress.org/trunk@45915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-13 18:30:55 +00:00
desrosj 7bbce99655 Menus: Nav menu locations should not be integers.
When nav menu location slugs are integers, some hard to debug results can occur. `register_nav_menus()` utilizes `array_merge()` which renumbers numeric indexes, starting from 0. Because of this, numeric menu locations will almost always be changed.

This change introduces a `_doing_it_wrong()` notice to inform developers that nav menu locations should always be strings.

Props audrasjb, desrosj, welcher.
Fixes #45361.
Built from https://develop.svn.wordpress.org/trunk@46102


git-svn-id: http://core.svn.wordpress.org/trunk@45914 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-13 17:58:55 +00:00
Sergey Biryukov 55378bd295 REST API: Use correct parameter name in `rest_validate_value_from_schema()` error messages.
Props manzoorwanijk.
Fixes #47905.
Built from https://develop.svn.wordpress.org/trunk@46101


git-svn-id: http://core.svn.wordpress.org/trunk@45913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-13 03:06:55 +00:00
Adam Silverstein 67fd6e281f Multisite: improve `sites_pre_query` and `networks_pre_query` filters, avoiding db queries.
Improve the `pre_query` filters in multisite classes introduced in r44983. Return (non null) values immediately,
avoiding the database queries entirely, similar to other `pre_query` filters.

Props spacedmonkey, SergeyBiryukov, felipeelia.
Fixes #47599.


Built from https://develop.svn.wordpress.org/trunk@46100


git-svn-id: http://core.svn.wordpress.org/trunk@45912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-12 22:17:55 +00:00
K. Adam White c148f0aa55 REST API: Accept string path in rest_ensure_request.
Update `rest_ensure_request()` to accept a string path, permitting a string path to be passed to `rest_do_request()` as is indicated (previously inaccurately) in that method's PHPDoc.

Props TimothyBlynJacobs, kadamwhite.
Fixes #40614.

Built from https://develop.svn.wordpress.org/trunk@46099


git-svn-id: http://core.svn.wordpress.org/trunk@45911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-12 21:47:57 +00:00
K. Adam White 742ab2d68b REST API: Return term resources in "edit" context after PUT or POST request.
Props westonruter, dlh.
Fixes #41411.


Built from https://develop.svn.wordpress.org/trunk@46098


git-svn-id: http://core.svn.wordpress.org/trunk@45910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-12 21:29:57 +00:00
Sergey Biryukov b987372d75 Mail: Update PHPMailer to 5.2.27.
The full list of changes is available here:
https://github.com/PHPMailer/PHPMailer/compare/v5.2.22...PHPMailer:v5.2.27

Props MattyRob, ayeshrajans, rogueresearch, bgermann, slaFFik, Presskopp, aaroncampbell.
Fixes #40472.
Built from https://develop.svn.wordpress.org/trunk@46097


git-svn-id: http://core.svn.wordpress.org/trunk@45909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-12 14:37:57 +00:00
Sergey Biryukov 3591f1ad60 Text Changes: Correct "up-to-date" vs. "up to date" usage in a database update string and inline comments.
* "Up to date" is an adverb phrase that describes an action that brings something in line with the latest information.
* "Up-to-date" is an adjective phrase that is used as a synonym for "current".

Props socalchristina, hareesh-pillai, garrett-eclipse, desrosj, aprea.
Fixes #38998.
Built from https://develop.svn.wordpress.org/trunk@46096


git-svn-id: http://core.svn.wordpress.org/trunk@45908 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-12 13:06:57 +00:00
Sergey Biryukov cc6e23e4dc External Libraries: Update jQuery Color plugin to 2.1.2.
Props desrosj, hareesh-pillai, lovememore.
Fixes #31511.
Built from https://develop.svn.wordpress.org/trunk@46095


git-svn-id: http://core.svn.wordpress.org/trunk@45907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-12 12:41:54 +00:00
Sergey Biryukov b552f449db HTTP: Update the Root Certificate bundle.
Keep 1024-bit legacy root certificates re-added in [35919], except for those already expired, for compatibility with older OpenSSL versions.

Props skithund, paragoninitiativeenterprises.
Fixes #45807.
Built from https://develop.svn.wordpress.org/trunk@46094


git-svn-id: http://core.svn.wordpress.org/trunk@45906 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-12 12:04:59 +00:00
Sergey Biryukov 877f356334 External Libraries: Revert [46092] pending test failure investigation.
See #45785.
Built from https://develop.svn.wordpress.org/trunk@46093


git-svn-id: http://core.svn.wordpress.org/trunk@45905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-12 10:19:59 +00:00
desrosj f7f27c37aa External Libraries: Update Underscore to 1.9.1.
Changes: https://github.com/jashkenas/underscore/compare/1.8.3...1.9.1

Props mukesh27, hareesh-pillai.
Fixes #45785
Built from https://develop.svn.wordpress.org/trunk@46092


git-svn-id: http://core.svn.wordpress.org/trunk@45904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-11 19:22:54 +00:00
desrosj abed60bb51 Editor: Add missing block data fields for blocks registered server side.
In [44122], the `styles` and `parent` block fields were omitted on accident. This change makes it possible to reuse them on the client.

Props gziolo.
Fixes #47017.
Built from https://develop.svn.wordpress.org/trunk@46091


git-svn-id: http://core.svn.wordpress.org/trunk@45903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-11 14:52:56 +00:00
Sergey Biryukov 5289afac9b Accessibility: Comments: In `comment_form()`, remove `aria-describedby` attribute from the email field if there's no associated description in the `comment_notes_before` argument.
The attribute is meant to communicate to user agents and assistive technologies that the element has a description. If the referenced description is missing, it will be flagged as failure by any automated accessibility checker tool and, most importantly, is potentially confusing for assistive technologies users.

Props afercia, joedolson, dinhtungdu, donmhico, SergeyBiryukov.
Fixes #47975.
Built from https://develop.svn.wordpress.org/trunk@46090


git-svn-id: http://core.svn.wordpress.org/trunk@45902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-11 01:51:54 +00:00
Sergey Biryukov 4d1761c881 Coding Standards: Fix WPCS issue in [46088].
See #47110.
Built from https://develop.svn.wordpress.org/trunk@46089


git-svn-id: http://core.svn.wordpress.org/trunk@45901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-10 20:01:54 +00:00
Sergey Biryukov dcb08f0637 Docs: Fix placement of some duplicate hook references.
Hook documentation should be on the line directly above the line containing the `do_action()` or `apply_filters()` call. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of duplicate hook references.

Includes minor code layout fixes.

See #47110.
Built from https://develop.svn.wordpress.org/trunk@46088


git-svn-id: http://core.svn.wordpress.org/trunk@45900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-10 19:23:55 +00:00
Sergey Biryukov c9071ca2e6 Docs: Clarify the `int` return value in `comments_pre_query` filter DocBlock.
See #45800.
Built from https://develop.svn.wordpress.org/trunk@46087


git-svn-id: http://core.svn.wordpress.org/trunk@45899 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-10 19:04:56 +00:00
Adam Silverstein b3e64f0947 Comments: add a new `comments_pre_query` filter to short circuit WP_Comment_Query 'get_comments' queries.
Return a non-null value to bypass WordPress's default comment queries.

Props felipeelia, spacedmonkey.
Fixes #45800.


Built from https://develop.svn.wordpress.org/trunk@46086


git-svn-id: http://core.svn.wordpress.org/trunk@45898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-10 18:42:56 +00:00
Sergey Biryukov 49b4cfc034 Accessibility: Media: Replace `@` with `at` in the displayed date format.
The `@` symbol makes sense in the context of email addresses, but does not have a universal meaning in the context of dates.

Props audrasjb, afercia.
Fixes #47893.
Built from https://develop.svn.wordpress.org/trunk@46085


git-svn-id: http://core.svn.wordpress.org/trunk@45897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-09 00:07:57 +00:00
Sergey Biryukov 86a10090a0 Accessibility: Comments: Replace `@` with `at` in the displayed date format.
The `@` symbol makes sense in the context of email addresses, but does not have a universal meaning in the context of dates.

Props birgire, afercia, audrasjb, SergeyBiryukov.
Fixes #47893.
Built from https://develop.svn.wordpress.org/trunk@46084


git-svn-id: http://core.svn.wordpress.org/trunk@45896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-08 23:53:55 +00:00
Sergey Biryukov f8ba775d7c Accessibility: Posts, Post Types: Replace `@` with `at` in the displayed date format.
The `@` symbol makes sense in the context of email addresses, but does not have a universal meaning in the context of dates.

Props birgire, afercia, audrasjb, SergeyBiryukov.
Fixes #47832.
Built from https://develop.svn.wordpress.org/trunk@46083


git-svn-id: http://core.svn.wordpress.org/trunk@45895 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-08 23:24:56 +00:00
Sergey Biryukov 0393a78206 Docs: Fix typo in `WP_Hook::resort_active_iterations()` description.
Props itowhid06.
Fixes #47999.
Built from https://develop.svn.wordpress.org/trunk@46082


git-svn-id: http://core.svn.wordpress.org/trunk@45894 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-08 13:16:55 +00:00
Andrew Ozz c0b5127683 Upload: Reset the temp upload reference in Plupload when the file is not an image.
See #47872.
Built from https://develop.svn.wordpress.org/trunk@46081


git-svn-id: http://core.svn.wordpress.org/trunk@45893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-08 02:28:55 +00:00
Sergey Biryukov e26f739e53 Posts, Post Types: Revert [46079] pending test failure investigation.
See #47824.
Built from https://develop.svn.wordpress.org/trunk@46080


git-svn-id: http://core.svn.wordpress.org/trunk@45892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-07 19:33:55 +00:00
Sergey Biryukov 7828fe7e6a Posts, Post Types: Avoid a PHP warning when `the_content()` is called outside of the loop.
Fixes #47824.
Built from https://develop.svn.wordpress.org/trunk@46079


git-svn-id: http://core.svn.wordpress.org/trunk@45891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-07 14:33:56 +00:00
Andrew Ozz 2d6a772400 Fix "white spaces at end of line" in docblock (IDE) woes after [46077].
See #32437.
Built from https://develop.svn.wordpress.org/trunk@46078


git-svn-id: http://core.svn.wordpress.org/trunk@45890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-07 02:12:55 +00:00
Andrew Ozz 1de168e016 Media: Improve handling of cases where an uploaded image matches exactly a defined intermediate size. In most of these cases the original image has been edited by the user and is "web ready", there is no need for an identical intermediate image.
Introduces the `wp_image_resize_identical_dimensions` filter so plugins and themes can determine whether a new image with identical dimensions should be created, defaults to false.

Props wpdennis, HKandulla, galbaras, azaozz.
See #32437.
Built from https://develop.svn.wordpress.org/trunk@46077


git-svn-id: http://core.svn.wordpress.org/trunk@45889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-07 01:34:55 +00:00
Andrew Ozz dc8349ba0a Media: Add handling for "BIG" images. When the users upload a big image, typically a photo, scale it down to make it suitable for web use. Then use the scaled image as the "full" size, and keep the originally uploaded image for creating high quality sub-sizes in the future and in case the users want to download it later.
Introduces `wp_get_original_image_path()` that retrieves the path to the originally uploaded image in all cases, and `big_image_size_threshold` filter to set the pixel value above which images will be scaled. The same value is used as max-width and max-height when scaling.

See #47873.
Built from https://develop.svn.wordpress.org/trunk@46076


git-svn-id: http://core.svn.wordpress.org/trunk@45888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-07 01:07:55 +00:00
Andrew Ozz 630bad3a4f Uploads: Improve the error message shown when all attempts to create image sub-sizes fail.
Props afercia.
See #47872.
Built from https://develop.svn.wordpress.org/trunk@46075


git-svn-id: http://core.svn.wordpress.org/trunk@45887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-06 23:48:55 +00:00
whyisjake f4562e5516 Remove the extra call for wp-sanitize from the script loader.
Fixes #47986

Built from https://develop.svn.wordpress.org/trunk@46073


git-svn-id: http://core.svn.wordpress.org/trunk@45885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-06 21:49:59 +00:00
Sergey Biryukov 699c6001fd Upgrade/Install: Escape the `%` in `width="100%"` in a `printf()` call in `Plugin_Upgrader_Skin::after()`.
Props afragen.
Fixes #47989.
Built from https://develop.svn.wordpress.org/trunk@46072


git-svn-id: http://core.svn.wordpress.org/trunk@45884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-06 06:26:56 +00:00
Sergey Biryukov c1e3b68b19 Docs: Improve documentation for `do_meta_boxes` action.
Props felipeelia, killua99, SergeyBiryukov.
Fixes #46542.
Built from https://develop.svn.wordpress.org/trunk@46071


git-svn-id: http://core.svn.wordpress.org/trunk@45883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-06 00:06:56 +00:00
Sergey Biryukov 6cab9557fb REST API: Mark `WP_REST_Users_Controller::update_current_item()` and `::delete_current_item()` as public.
Props dkarfa.
Fixes #47967.
Built from https://develop.svn.wordpress.org/trunk@46070


git-svn-id: http://core.svn.wordpress.org/trunk@45882 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-05 23:18:55 +00:00
Sergey Biryukov 65747e3c91 Docs: Remove extra spaces in various REST API DocBlocks.
See #47110.
Built from https://develop.svn.wordpress.org/trunk@46069


git-svn-id: http://core.svn.wordpress.org/trunk@45881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-05 23:05:55 +00:00
Sergey Biryukov 7fb9cba55a Docs: Correct DocBlocks for `WP_REST_Posts_Controller::get_available_actions()` and `WP_REST_Revisions_Controller::get_parent()`.
Props dkarfa.
Fixes #47966.
Built from https://develop.svn.wordpress.org/trunk@46068


git-svn-id: http://core.svn.wordpress.org/trunk@45880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-05 22:59:54 +00:00
Andrew Ozz ee005d8fc5 Fix (unrelated) test after [46066].
See #43524.
Built from https://develop.svn.wordpress.org/trunk@46067


git-svn-id: http://core.svn.wordpress.org/trunk@45879 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-05 22:53:56 +00:00
Andrew Ozz 3b976836a8 Media: Add two new intermediate image sizes, 1536px and 2048px. They are meant to enhance the way WordPress displays images on the front-end on larger, high-density devices. They make it possible to generate more suitable `srcset` and `sizes` attributes, and not use the original, often non-optimized image.
Also change the default `max_srcset_image_width` value to match the new max size.

Props pierlo, azaozz.
See #43524.
Built from https://develop.svn.wordpress.org/trunk@46066


git-svn-id: http://core.svn.wordpress.org/trunk@45878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-05 22:27:58 +00:00
Andrea Fercia 8fe3c3fa23 Widgets: Fix "jumpiness" when reordering widgets by dragging them.
Props ketanumretiya030, mukesh27, andraganescu, audrasjb.
Fixes #46941.

Built from https://develop.svn.wordpress.org/trunk@46028


git-svn-id: http://core.svn.wordpress.org/trunk@45839 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 21:49:59 +00:00
Andrea Fercia 17652fb3d4 Widgets: Fix "jumpiness" when reordering widgets by dragging them.
Props ketanumretiya030, mukesh27, andraganescu, audrasjb.
Fixes #46941.

Built from https://develop.svn.wordpress.org/trunk@46028


git-svn-id: http://core.svn.wordpress.org/trunk@45838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 21:49:48 +00:00
Sergey Biryukov b9d4003d26 Coding Standards: Fix WPCS issue in [45990].
Built from https://develop.svn.wordpress.org/trunk@46019


git-svn-id: http://core.svn.wordpress.org/trunk@45830 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 21:45:07 +00:00
desrosj 30ac675795 Fix for URL sanitization that can lead to cross-site scripting (XSS) attacks.
Props irsdl, sstoqnov, whyisjake.
Built from https://develop.svn.wordpress.org/trunk@45997


git-svn-id: http://core.svn.wordpress.org/trunk@45808 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 17:52:56 +00:00
Sergey Biryukov 62b22b86a7 Improve handling the existing `rel` attribute in `wp_rel_nofollow_callback()`.
Props xknown, sstoqnov.
Built from https://develop.svn.wordpress.org/trunk@45990


git-svn-id: http://core.svn.wordpress.org/trunk@45801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 17:37:55 +00:00
whyisjake 90d9bdc54c Update wp.a11y.speak() to sanitize HTML before display.
Props iandunn, adamsilverstein, sstoqnov, peterwilsoncc

Built from https://develop.svn.wordpress.org/trunk@45979


git-svn-id: http://core.svn.wordpress.org/trunk@45790 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 17:13:21 +00:00
Sergey Biryukov c86ee39ff4 Improve URL validation in `wp_validate_redirect()`.
Props vortfu, whyisjake, peterwilsoncc.
Built from https://develop.svn.wordpress.org/trunk@45971


git-svn-id: http://core.svn.wordpress.org/trunk@45782 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:57:56 +00:00
Andrea Fercia 187d747198 Bundled Theme: Twenty Nineteen: Use human-friendly color names.
For better accessibility, the Primary and Secondary theme colors have now more understandable names.
Changes the names "Primary" and "Secondary" to "Blue" and "Dark Blue". Fallbacks to the `hex` color codes when the theme is set to use a custom Primary color.

Props kjellr, aduth, audrasjb.
Fixes #46698.

Built from https://develop.svn.wordpress.org/trunk@45964


git-svn-id: http://core.svn.wordpress.org/trunk@45775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:47:10 +00:00
Andrea Fercia 8cb7918905 Bundled Theme: Twenty Nineteen: Fix the nesting of the `main` element.
The `main` element must not appear as a descendant of the `section` element. Correct markup is the first requirement to make user agents and assistive technologies work properly.

Changes the `<section>` element that was wrapping the `<main>` element to a `<div>`.

Props albertomake, ryelle, desrosj, ianbelanger, audrasjb.
Fixes #47066.

Built from https://develop.svn.wordpress.org/trunk@45942


git-svn-id: http://core.svn.wordpress.org/trunk@45753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:27:54 +00:00
Sergey Biryukov 761cd81a01 Escape the output in `wp_ajax_upload_attachment()`.
Props whyisjake, sstoqnov.
Built from https://develop.svn.wordpress.org/trunk@45936


git-svn-id: http://core.svn.wordpress.org/trunk@45747 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:09:56 +00:00
whyisjake 50d33282c1 Remove _convert_urlencoded_to_entities() from the get_the_content() callback.
Props vortfu, whyisjake, peterwilsoncc

Built from https://develop.svn.wordpress.org/trunk@45935


git-svn-id: http://core.svn.wordpress.org/trunk@45746 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-04 16:04:56 +00:00