Commit Graph

38788 Commits

Author SHA1 Message Date
Sergey Biryukov 8f49d94630 Privacy: Rename `username_or_email_to_export` POST variable on Erase Personal Data screen to a more generic `username_or_email_for_privacy_request`.
Props ianbelanger, allendav.
Fixes #44181.
Built from https://develop.svn.wordpress.org/trunk@43478


git-svn-id: http://core.svn.wordpress.org/trunk@43305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 14:15:25 +00:00
Andrew Ozz b1330814e2 Privacy: Add `$request` to `$email_data` to make it available to all filters.
Props desrosj.
Fixes #44379.
Built from https://develop.svn.wordpress.org/trunk@43477


git-svn-id: http://core.svn.wordpress.org/trunk@43304 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 13:53:25 +00:00
Andrew Ozz 04b8839454 Privacy: Add filter for the subject of the erasure complete notification emails.
Props desrosj.
Fixes #44265.
Built from https://develop.svn.wordpress.org/trunk@43475


git-svn-id: http://core.svn.wordpress.org/trunk@43302 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 13:42:25 +00:00
Andrew Ozz 323a5a2dc8 Privacy: Fix tests after [43467].
See #44141.

Built from https://develop.svn.wordpress.org/trunk@43471


git-svn-id: http://core.svn.wordpress.org/trunk@43298 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 09:58:24 +00:00
Andrew Ozz 3b3542fe15 Privacy: Add a setting to disable comment cookie consent.
Fixes #44373.
Built from https://develop.svn.wordpress.org/trunk@43469


git-svn-id: http://core.svn.wordpress.org/trunk@43296 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 09:08:26 +00:00
Andrew Ozz cc1bfb1e55 Privacy: Don't replace comment author URL and email with anything.
Props TZ-Media, desrosj, birgire.
Fixes #44141.
Built from https://develop.svn.wordpress.org/trunk@43467


git-svn-id: http://core.svn.wordpress.org/trunk@43294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 09:00:25 +00:00
Gary Pendergast 46fa15291f Streams: Return early from `wp_is_stream()` for paths that aren't streams.
Some versions of PHP appear to have a memory leak that is occasionally triggered by calling `stream_get_wrappers()`. In order to avoid calling this, we can return early from `wp_is_stream()` when `$path` doesn't contain `://`.

Props pbiron, JPry, dontstealmyfish.
Fixes #44532.


Built from https://develop.svn.wordpress.org/trunk@43466


git-svn-id: http://core.svn.wordpress.org/trunk@43293 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 07:54:25 +00:00
Gary Pendergast 0e5e77a895 Privacy: Remove some unnecessary code comments.
[42967] introduced some WPCS-related comments, probably accidentally saved by an IDE.

Props burhandodhy.
Fixes #44590.


Built from https://develop.svn.wordpress.org/trunk@43465


git-svn-id: http://core.svn.wordpress.org/trunk@43292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 07:43:24 +00:00
Gary Pendergast 7c696fbed2 Editor: Use `apply_filters_deprecated()` for some deprecated filters.
The `htmledit_pre` and `richedit_pre` filters have been deprecated since 4.3.0, since before `apply_filters_deprecated()` existed. They're now correctly run using `apply_filters_deprecated()`.

Props sebastienthivinfocom, lbenicio, ianbelanger.
Fixes #44341.


Built from https://develop.svn.wordpress.org/trunk@43464


git-svn-id: http://core.svn.wordpress.org/trunk@43291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 07:38:24 +00:00
Gary Pendergast c173331dc4 REST API: Fix some incorrect `@since` tags.
[43437] included some new methods, which were incorrectly tagged as being `@since 4.9.7`. This updates them to `4.9.8`.

Props danielbachhuber.
Fixes 44287.


Built from https://develop.svn.wordpress.org/trunk@43463


git-svn-id: http://core.svn.wordpress.org/trunk@43290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 07:27:25 +00:00
Gary Pendergast 17899c1932 REST API: Attachments controller should respect upload limits.
When the REST API is in use on WordPress multisite, the `WP_REST_Attachments_Controller` should respect the "Max upload file size" and "Site upload space" site options.

Props flixos90, danielbachhuber.
Fixes #43751.


Built from https://develop.svn.wordpress.org/trunk@43462


git-svn-id: http://core.svn.wordpress.org/trunk@43289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 07:22:29 +00:00
Sergey Biryukov be92bbbbbb Docs: Change `@since` entry for `add_inline_data` action added in [42676] to 4.9.8.
See #36085.
Built from https://develop.svn.wordpress.org/trunk@43460


git-svn-id: http://core.svn.wordpress.org/trunk@43287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 15:27:25 +00:00
Sergey Biryukov cf4f8d8737 Login and Registration: Set a better default value for `$wp_error` parameter in `login_header()`.
To prevent someone from passing a string (which would not be added to a new `WP_Error` instance), check for `is_wp_error()` explicitly.

Props desrosj, chetan200891, spyderbytes, lbenicio, sebastien@thivinfo.com, abdullahramzan.
Fixes #44052.
Built from https://develop.svn.wordpress.org/trunk@43457


git-svn-id: http://core.svn.wordpress.org/trunk@43284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 14:10:26 +00:00
Sergey Biryukov 4faf05ca6a Privacy: Change `@since` entry for `_wp_privacy_settings_filter_draft_page_titles()` added in [43376] to 4.9.8.
See #44100.
Built from https://develop.svn.wordpress.org/trunk@43454


git-svn-id: http://core.svn.wordpress.org/trunk@43281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 13:48:25 +00:00
Sergey Biryukov 357a663899 Privacy: Change `@since` entry for `user_request_confirmed_email_subject` filter added in [43373] to 4.9.8.
See #44382.
Built from https://develop.svn.wordpress.org/trunk@43451


git-svn-id: http://core.svn.wordpress.org/trunk@43278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 12:12:25 +00:00
Andrew Ozz 26ca877782 TinyMCE: update to 4.8.0, changelog: https://www.tiny.cloud/docs/changelog/#version480july112018
Fixes #44134.
Built from https://develop.svn.wordpress.org/trunk@43447


git-svn-id: http://core.svn.wordpress.org/trunk@43274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 08:07:26 +00:00
Aaron Jorbin 691dc59ad3 Privacy: Silence is golden and invisible.
"Be more discrete." declared matt in [3155], and since then, "Silence is Golden" has been the calling card of placeholder index files. Historically, these have been php files, but [43012] changed that and added index.html files for privacy export generated folders.

The php silence files produce no visible content. This adds consistency with these new html files in that there will be no visible content. Silence will fall when the question is asked.

Fixes #44195.
Props audrasjb, rafsuntaskin, Ov3rfly, johnbillion, pento


Built from https://develop.svn.wordpress.org/trunk@43446


git-svn-id: http://core.svn.wordpress.org/trunk@43273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-15 23:39:27 +00:00
Gary Pendergast 7216f9e623 REST API: Update the test fixture generator following [43439]
As [43439] added data that contains object IDs, it can cause `wp-api-generated.js` to be unnecessarily regenerated.

Regenerating our list of fixtures that need normalising rectifies this.

See #44321.


Built from https://develop.svn.wordpress.org/trunk@43441


git-svn-id: http://core.svn.wordpress.org/trunk@43268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-13 04:46:25 +00:00
Gary Pendergast fd6f50e86f REST API: Tweak permission checks for taxonomy and term endpoints
To match behaviour in the Classic Editor, we need to slightly loosen permissions on taxonomy and term endpoints. This allows users to create terms to assign to a post that they're editing.

Props danielbachhuber.
Fixes #44096.


Built from https://develop.svn.wordpress.org/trunk@43440


git-svn-id: http://core.svn.wordpress.org/trunk@43267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-13 04:24:25 +00:00
Gary Pendergast 2f803422fa REST API: Expose revision count and last revision ID on Post response
So that REST API clients can show appropriate UI for a post's revisions, it needs to know how many revisions the post has, and what the latest revision ID is.

Props kadamwhite, danielbachhuber, birgire, TimothyBlynJacobs.
Fixes #44321.


Built from https://develop.svn.wordpress.org/trunk@43439


git-svn-id: http://core.svn.wordpress.org/trunk@43266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-13 04:07:24 +00:00
Gary Pendergast 0ba364411d REST API: Declare user capabilities using JSON Hyper Schema's "targetSchema".
There are a variety of operations a WordPress user can only perform if they have the correct capabilities. A REST API client should only display UI for one of these operations if the WordPress user can perform the operation.

Rather than requiring REST API clients to calculate whether to display UI based on potentially complicated combinations of user capabilities, `targetSchema` allows us to expose a single flag to show whether the corresponding UI should be displayed.

This change also includes flags on post objects for the following actions:

- `action-publish`: The current user can publish this post.
- `action-sticky`: The current user can make this post sticky, and the post type supports sticking.
- `action-assign-author': The current user can change the author on this post.
- `action-assign-{$taxonomy}`: The current user can assign terms from the "$taxonomy" taxonomy to this post.
- `action-create-{$taxonomy}`: The current user can create terms int the "$taxonomy" taxonomy.

Props TimothyBlynJacobs, danielbachhuber.
Fixes #44287.


Built from https://develop.svn.wordpress.org/trunk@43437


git-svn-id: http://core.svn.wordpress.org/trunk@43264 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-11 06:23:27 +00:00
Sergey Biryukov 632d61cead Plugins: Disable "Install Now" button for plugins that require a higher version of PHP or WordPress.
Display a notice with an explanation and the steps required to resolve the issue.

Props afragen, schlessera, flixos90, nerrad, melchoyce, boemedia, hedgefield, joyously, johnalarcon, lakenh, afercia, acirujano, ibantxillo, SergeyBiryukov.
Fixes #43986.
Built from https://develop.svn.wordpress.org/trunk@43436


git-svn-id: http://core.svn.wordpress.org/trunk@43263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-09 13:45:25 +00:00
Felix Arntz 9768bde3c4 Privacy: Fix a further inconsistency of site name and URL usage in notification emails.
This is a follow-up to [43388].

Props desrosj.
Fixes #44396.

Built from https://develop.svn.wordpress.org/trunk@43435


git-svn-id: http://core.svn.wordpress.org/trunk@43262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-08 13:55:28 +00:00
John Blackbourn 60252611be Date/Time: Add support for the `c` and `r` shorthand formats in `date_i18n()`.
Props Rarst, pbearne

Fixes #20973

Built from https://develop.svn.wordpress.org/trunk@43434


git-svn-id: http://core.svn.wordpress.org/trunk@43261 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 23:10:25 +00:00
John Blackbourn 4c2fcf36a3 Media: Update the `@since` tag for `wp_normalize_path()` as this has been backported to th 3.9 (and all other) branches.
See #42837

Built from https://develop.svn.wordpress.org/trunk@43406


git-svn-id: http://core.svn.wordpress.org/trunk@43234 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 15:21:25 +00:00
John Blackbourn c9dce0606b Media: Limit thumbnail file deletions to the same directory as the original file.
Built from https://develop.svn.wordpress.org/trunk@43392


git-svn-id: http://core.svn.wordpress.org/trunk@43220 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 14:32:25 +00:00
atimmer 44b8c2e36b Docs: Fix default values for `customize/controls.js`.
The old values cannot be parsed by JSDoc.

Props herregroen.
Fixes #44520.

Built from https://develop.svn.wordpress.org/trunk@43391


git-svn-id: http://core.svn.wordpress.org/trunk@43219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 14:07:24 +00:00
Felix Arntz 5f461574e8 Tests: Fix failing test after [43388].
Fixes #44396.

Built from https://develop.svn.wordpress.org/trunk@43390


git-svn-id: http://core.svn.wordpress.org/trunk@43218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 08:53:25 +00:00
Felix Arntz 46589d1578 Date/Time: Fix usage of `$gmt` parameter in `date_i18n()` and clarify its behavior.
The docs for `date_i18n()` and its filter now correctly state that the `$gmt` parameter is only taken into account if no timestamp is provided. Furthermore, a bug with that parameter is fixed, as it is now ensured that the timezone used with it is `UTC`.

Props Rarst.
Fixes #38771.

Built from https://develop.svn.wordpress.org/trunk@43389


git-svn-id: http://core.svn.wordpress.org/trunk@43217 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-04 23:43:25 +00:00
Felix Arntz 057b221af7 Privacy: Use consistent values for the site name and URL used in notification emails.
The functions `send_confirmation_on_profile_email()`, `_wp_privacy_send_request_confirmation_notification()`, `_wp_privacy_send_erasure_fulfillment_notification()`, and `wp_send_user_request()` all include a title and URL indicating the current site. However, so far they have dealt with those values inconsistently, sometimes using the site values, other times using the network values if in a multisite. This changeset ensures that only the current site is taken into account in all cases and that special characters in the site name are consistently decoded.

Props subrataemfluence, desrosj.
Fixes #44396.

Built from https://develop.svn.wordpress.org/trunk@43388


git-svn-id: http://core.svn.wordpress.org/trunk@43216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-03 17:00:25 +00:00
Felix Arntz dc036d5333 Date/Time: Add support for `gmt_offset` to `date_i18n()`.
Prior to this change, `date_i18n()` only supported the `timezone_string` option, causing incorrect timezones to appear in formatted dates on sites that still rely on the `gmt_offset` option.

Props Rarst.
Fixes #34835.

Built from https://develop.svn.wordpress.org/trunk@43387


git-svn-id: http://core.svn.wordpress.org/trunk@43215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-03 15:59:25 +00:00
Felix Arntz b76a714bba Taxonomy: Introduce `is_taxonomy_viewable()`.
This utility function allows for easy detection whether terms for a taxonomy are considered publicly viewable.

Props andizer.
Fixes #44466.

Built from https://develop.svn.wordpress.org/trunk@43386


git-svn-id: http://core.svn.wordpress.org/trunk@43214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-03 10:29:28 +00:00
Sergey Biryukov efafeed66c Docs: Add missing backtick in `delete_metadata()` DocBlock.
Props dilipbheda, cliffpaulick.
Fixes #44433.
Built from https://develop.svn.wordpress.org/trunk@43385


git-svn-id: http://core.svn.wordpress.org/trunk@43213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-02 17:58:27 +00:00
Sergey Biryukov 99e3bb9077 Date/Time: Simplify `mysql_to_rfc3339()`.
Erasing timezone with a regular expression is redundant, the date could be just formatted in the respective format instead.

Props Rarst.
Fixes #42542.
Built from https://develop.svn.wordpress.org/trunk@43384


git-svn-id: http://core.svn.wordpress.org/trunk@43212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:45:53 +00:00
Sergey Biryukov 67716d1367 Docs: Correct description for `mysql_to_rfc3339()`.
Despite historical function name, the output does not conform to RFC3339 format, which must contain timezone.

Props Rarst.
See #42542.
Built from https://develop.svn.wordpress.org/trunk@43383


git-svn-id: http://core.svn.wordpress.org/trunk@43211 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:45:29 +00:00
Felix Arntz 76c25aa14b Multisite: Count users in a more performant way when listing sites in the network admin.
Props spacedmonkey.
Fixes #44368.

Built from https://develop.svn.wordpress.org/trunk@43382


git-svn-id: http://core.svn.wordpress.org/trunk@43210 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:45:03 +00:00
Felix Arntz e350e822f8 Role/Capability: Rename `upgrade_php` capability to more suitable `update_php`.
This brings the name in line with user-facing language and similar names of existing related capabilities. Since the capability has not been part of any WordPress release, it can be renamed without any backward-compatibility implications.

Also missing props benhuberman for [43006].

Fixes #44457.

Built from https://develop.svn.wordpress.org/trunk@43381


git-svn-id: http://core.svn.wordpress.org/trunk@43209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:44:38 +00:00
Sergey Biryukov b98ef36c97 Docs: Improve documentation for `date_i18n()`'s second argument.
Despite previously being labeled as a Unix timestamp, in reality it's a sum of Unix timestamp and timezone offset in seconds.

Props Rarst.
See #38771.
Built from https://develop.svn.wordpress.org/trunk@43380


git-svn-id: http://core.svn.wordpress.org/trunk@43208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:44:12 +00:00
Andrew Ozz be6aa715fe Privacy: use `wp_login_url()` for the link in the user confirmation email.
Props desrosj, usmankhalid.
Fixes #44353.
Built from https://develop.svn.wordpress.org/trunk@43379


git-svn-id: http://core.svn.wordpress.org/trunk@43207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:43:47 +00:00
K. Adam White a89c86c711 REST API: Support meta registration for specific object subtypes.
Introduce an `object_subtype` argument to the args array for `register_meta()` which can be used to limit meta registration to a single subtype (e.g. a custom post type or taxonomy, vs all posts or taxonomies).

Introduce `register_post_meta()` and `register_term_meta()` wrapper methods for `register_meta` to provide a convenient interface for the common case of registering meta for a specific taxonomy or post type. These methods work the way plugin developers have often expected `register_meta` to function, and should be used in place of direct `register_meta` where possible.

Props flixos90, tharsheblows, spacedmonkey.
Fixes #38323.


Built from https://develop.svn.wordpress.org/trunk@43378


git-svn-id: http://core.svn.wordpress.org/trunk@43206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:43:21 +00:00
Gary Pendergast 0db068da94 Emoji: Update Twemoji to version 11.0.
{U+01F9B9}

Props kraftbj,
Fixes #44339.


Built from https://develop.svn.wordpress.org/trunk@43377


git-svn-id: http://core.svn.wordpress.org/trunk@43205 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:42:55 +00:00
Andrew Ozz 7e9be993e6 Privacy: append `(Draft)` to draft page titles in the page drop-down on the Privacy Settings screen.
Props allendav, desrosj.
Fixes #44100.
Built from https://develop.svn.wordpress.org/trunk@43376


git-svn-id: http://core.svn.wordpress.org/trunk@43204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:42:29 +00:00
Andrew Ozz 3ce87b62f9 Privacy: add user request type to the admin notification email subject.
Props birgire, desrosj.
Fixes #44099.
Built from https://develop.svn.wordpress.org/trunk@43375


git-svn-id: http://core.svn.wordpress.org/trunk@43203 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:42:03 +00:00
Andrew Ozz 2afe7146c8 Privacy: on the Privacy Settings screen change `view` to `preview` when a draft page is selected for the privacy policy.
Props garrett-eclipse, desrosj.
Fixes #44131.
Built from https://develop.svn.wordpress.org/trunk@43374


git-svn-id: http://core.svn.wordpress.org/trunk@43202 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:41:37 +00:00
Andrew Ozz ac269e570e Privacy: filter the email subject in `_wp_privacy_send_request_confirmation_notification()`.
Props garrett-eclipse, birgire, desrosj.
Fixes #44382.
Built from https://develop.svn.wordpress.org/trunk@43373


git-svn-id: http://core.svn.wordpress.org/trunk@43201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:41:13 +00:00
Andrew Ozz cefaaa0b51 Privacy: add `esc_html` to assertion in test_wp_comments_personal_data_exporter.
Props mermel, 1naveengiri.
Fixes #44113.
Built from https://develop.svn.wordpress.org/trunk@43371


git-svn-id: http://core.svn.wordpress.org/trunk@43199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:40:21 +00:00
Andrew Ozz b363ace996 Privacy: do not show the comment cookies opt-in checkbox (on the front-end comments form) when comment cookies are disabled.
Props felipeelia, johnbillion.
Fixes #44342.
Built from https://develop.svn.wordpress.org/trunk@43370


git-svn-id: http://core.svn.wordpress.org/trunk@43198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:39:57 +00:00
John Blackbourn ef97b99f66 Build/Test Tools: Introduce support for a `WP_TESTS_CONFIG_FILE_PATH` constant to override the test suite config file location.
This can be used in phpunit.xml:

{{{
<php>
	<const name="WP_TESTS_CONFIG_FILE_PATH" value="/path/to/wp-tests-config.php" />
</php>
}}}

Props clarinetlord

Fixes #39734

Built from https://develop.svn.wordpress.org/trunk@43369


git-svn-id: http://core.svn.wordpress.org/trunk@43197 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:39:31 +00:00
John Blackbourn 0aa2902436 Security: Harden the random aspect of the hash used for user profile and admin email address changes.
Props BjornW

Fixes #43771

Built from https://develop.svn.wordpress.org/trunk@43367


git-svn-id: http://core.svn.wordpress.org/trunk@43195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:38:43 +00:00
John Blackbourn 35ca5f61f8 Options, Meta APIs: Use the correct escaping function when outputting the meta box context.
Props khaihong, abdullahramzan, leanderiversen, aryamaaru, lbenicio, palmiak

Fixes #44274

Built from https://develop.svn.wordpress.org/trunk@43365


git-svn-id: http://core.svn.wordpress.org/trunk@43193 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:37:51 +00:00