Includes minor formatting edits for consistency.
Follow-up to [53/tests], [12179], [12946], [35288], [37884], [38810], [38928], [46596], [48131], [52955], [53548], [53813], [53873], [54118], [54316], [54420], [54421], [54803].
See #56792.
Built from https://develop.svn.wordpress.org/trunk@54855
git-svn-id: http://core.svn.wordpress.org/trunk@54407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Calling the `wp_get_theme` function creates a instance of the `WP_Theme` class. This can be a performance issue, if all you need is one property of the class instance. This change replaces the usage of `wp_get_theme()->get_stylesheet()` with `get_stylesheet()` to improve performance.
Props spacedmonkey, flixos90, peterwilsoncc, desrosj.
Fixes#57057.
Built from https://develop.svn.wordpress.org/trunk@54817
git-svn-id: http://core.svn.wordpress.org/trunk@54369 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [53874] the optional `$locale` parameter was added to `load_textdomain()`. While most `load_textdomain()` calls in core were were updated, some were missed. Passing the original locale avoids the need to call `determine_locale()` by `load_textdomain()` which is used as a fallback.
Props ocean90, swissspidy, desrosj.
See #57060.
Built from https://develop.svn.wordpress.org/trunk@54797
git-svn-id: http://core.svn.wordpress.org/trunk@54349 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `register_block_type`, continue to allow passing arrays as the `editor_script`, `script`, `view_script`, `editor_style`, and `style` arguments. Note that those fields were soft-deprecated in favor of their `_handles` counterparts in [54155], which would allow specifying multiple items. At the same time, the deprecated fields were limited to `string` or `null`.
However, this broke existing code that passed an array as one of those arguments. For backwards compatibility, this change thus restores the previous behavior. It is implemented in `WP_Block_Type` as a pair of `__get()` and `__set()` methods that wrap around the corresponding `_handles` members, which are arrays of strings.
It also affects the REST API endpoint for block types. The latter’s schema has never allowed for anything other than `string` or `null` for any of those fields. For this reason, it now returns the first element of the array stored in the corresponding `_handles` member in `WP_Block_Type`.
Follow-up [54155].
Props nendeb55, costdev, gziolo, spacedmonkey, mukesh27, sergeybiryukov, audrasjb.
Fixes#56707.
Built from https://develop.svn.wordpress.org/trunk@54670
git-svn-id: http://core.svn.wordpress.org/trunk@54222 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset fixes a warning where `strip_tags()` expected its first parameter to be a string rather than an array. It contains the following changes:
- Removal of sanitize_callback to allow the REST API to handle the validation natively, this also causes the proper error to be output for `?slug[0][1]=2` that it's an invalid value.
- Ensure that `wp_parse_list()` only returns a single-dimensioned array, even if passed a multi-dimension array, which fits the functions expected use case and resolves warnings in code that expects the function to return a single-dimensioned array.
Props dd32, TimothyBlynJacobs.
Fixes#55838.
Built from https://develop.svn.wordpress.org/trunk@54476
git-svn-id: http://core.svn.wordpress.org/trunk@54035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When calling `register_rest_route()`, the `args` parameter for a route should be an array of arrays. However, some plugins/themes have passed an array of strings or key-value pairs which produces a PHP warning when `array_intersect_key` is used to filter the array keys based on an allowed list of schema keywords.
This change adds a check of the `args` parameter to ensure it's an array of arrays, presenting a `_doing_it_wrong` if any element of `args` is not an array and restructuring to an array of arrays. This change also adds a unit test for the incorrect usage described above, expecting that a `_doing_it_wrong` is produced.
Props slaFFik, desrosj, apermo, AndrewNZ, aristath, poena, dovyp, timothyblynjacobs, Hinjiriyo, johnmark8080, nateallen.
Fixes#51986.
Built from https://develop.svn.wordpress.org/trunk@54339
git-svn-id: http://core.svn.wordpress.org/trunk@53898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Not all requests are accompanied by a `$request['email']`. This leads to a PHP 8.1 "passing null to non-nullable" deprecation notice when the `WP_REST_Users_Controller::update_item()` method passes a `null` email address onto `email_exists()`, which eventually reached the `WP_User::get_data_by()` method where things go wrong.
In the next condition in the code of the `WP_REST_Users_Controller::update_item()` method - `if ( $owner_id && $owner_id !== $id )` - you can see that the code already takes this into account as it will not throw a `WP_Error` if `$owner_id` is falsey.
`WP_User::get_data_by()` returns `false` for a failed field request. The other functions through which the return value is passed through, do the same.
So, by setting a default value for `$owner_id` of `false` and only checking `email_exists()` when there is an email to check, the "passing null to non-nullable" deprecation notice is bypassed without breaking BC.
Fixes a whole slew of test errors along the lines of:
{{{
6) WP_Test_REST_Users_Controller::test_update_item_en_US_locale
trim(): Passing null to parameter https://github.com/WordPress/wordpress-develop/pull/1 ($string) of type string is deprecated
/var/www/src/wp-includes/class-wp-user.php:211
/var/www/src/wp-includes/pluggable.php:105
/var/www/src/wp-includes/user.php:1953
/var/www/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php:728
/var/www/src/wp-includes/rest-api/class-wp-rest-server.php:1143
/var/www/src/wp-includes/rest-api/class-wp-rest-server.php:990
/var/www/tests/phpunit/includes/spy-rest-server.php:67
/var/www/tests/phpunit/tests/rest-api/rest-users-controller.php:1719
/var/www/vendor/bin/phpunit:123
}}}
Follow-up to [44641], [38832].
Props jrf.
See #55656.
Built from https://develop.svn.wordpress.org/trunk@54317
git-svn-id: http://core.svn.wordpress.org/trunk@53876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit improves site editor templates by:
* Adds a post meta `is_wp_suggestion` to templates created from the site editor.
Why? To differentiate the templates created from the post editor in the Template panel in inspector controls and the templates suggested in site editor.
See [https://github.com/WordPress/gutenberg/pull/41387 Gutenberg PR 41387] for more details.
* Expands the template types that can be added to the site editor to include single custom post type and specific posts templates.
See [https://github.com/WordPress/gutenberg/pull/41189 Gutenberg PR 41189] for more details.
* Adds fallback template content on creation in site editor:
* Introduces `get_template_hierarchy()` to get the template hierarchy for a given template slug to be created.
* Adds a `lookup` route to `WP_REST_Templates_Controller` to get the fallback template content.
See [https://github.com/WordPress/gutenberg/pull/42520 Gutenberg PR 42520] for more details.
* Fixes a typo in default category template's description within `get_default_block_template_types()`.
See [https://github.com/WordPress/gutenberg/pull/42586 Gutenberg PR 42586] for more details.
* Changes field checks from `in_array()` to `rest_is_field_included()` in `WP_REST_Post_Types_Controller`.
* Adds an `icon` field to `WP_REST_Post_Types_Controller`
Follow-up to [53129], [52331], [52275], [52062], [51962], [43087].
Props ntsekouras, spacedmonkey, mamaduka, mburridge, jameskoster, bernhard-reiter, mcsf, hellofromTonya.
See #56467.
Built from https://develop.svn.wordpress.org/trunk@54269
git-svn-id: http://core.svn.wordpress.org/trunk@53828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Follow-up #54337, [52069]. Part of https://github.com/WordPress/gutenberg/issues/41236. More details in https://github.com/WordPress/gutenberg/issues/33542.
Allow passing more than one script per block for `editorScript`, `script`, and `viewScript` fields in the `block.json` metadata file. This aligns with the previously added changes for `style` and `editorStyle` fields.
This change impacts the `WP_Block_Type` class and the REST API endpoint for block types. To ensure backward compatibiliy old names were soft deprecated in favor of new fields that work with array values and have `_handles` suffix.
Props zieladam, dlh, timothyblynjacobs, aristath, bernhard-reiter.
Fixes#56408.
Built from https://develop.svn.wordpress.org/trunk@54155
git-svn-id: http://core.svn.wordpress.org/trunk@53714 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Dynamic (non-explicitly declared) properties are deprecated as of PHP 8.2 and are expected to become a fatal error in PHP 9.0.
There are a number of ways to mitigate this:
* If it is an accidental typo for a declared property: fix the typo.
* For known properties: declare them on the class.
* For unknown properties: add the magic `__get()`, `__set()`, et al. methods to the class or let the class extend `stdClass` which has highly optimized versions of these magic methods built in.
* For unknown ''use'' of dynamic properties, the `#[AllowDynamicProperties]` attribute can be added to the class. The attribute will automatically be inherited by child classes.
Trac ticket #56034 is open to investigate and handle the third and fourth type of situations, however it has become clear this will need more time and will not be ready in time for WP 6.1.
To reduce “noise” in the meantime, both in the error logs of WP users moving onto PHP 8.2, in the test run logs of WP itself, in test runs of plugins and themes, as well as to prevent duplicate tickets from being opened for the same issue, this commit adds the `#[AllowDynamicProperties]` attribute to all “parent” classes in WP.
The logic used for this commit is as follows:
* If a class already has the attribute: no action needed.
* If a class does not `extend`: add the attribute.
* If a class does `extend`:
- If it extends `stdClass`: no action needed (as `stdClass` supports dynamic properties).
- If it extends a PHP native class: add the attribute.
- If it extends a class from one of WP's external dependencies: add the attribute.
* In all other cases: no action — the attribute should not be needed as child classes inherit from the parent.
Whether or not a class contains magic methods has not been taken into account, as a review of the currently existing magic methods has shown that those are generally not sturdy enough and often even set dynamic properties (which they should not). See the [https://www.youtube.com/watch?v=vDZWepDQQVE live stream from August 16, 2022] for more details.
This commit only affects classes in the `src` directory of WordPress core.
* Tests should not get this attribute, but should be fixed to not use dynamic properties instead. Patches for this are already being committed under ticket #56033.
* While a number bundled themes (2014, 2019, 2020, 2021) contain classes, they are not a part of this commit and may be updated separately.
Reference: [https://wiki.php.net/rfc/deprecate_dynamic_properties PHP RFC: Deprecate dynamic properties].
Follow-up to [53922].
Props jrf, hellofromTonya, markjaquith, peterwilsoncc, costdev, knutsp, aristath.
See #56513, #56034.
Built from https://develop.svn.wordpress.org/trunk@54133
git-svn-id: http://core.svn.wordpress.org/trunk@53692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously when a user was locked from editing a post in the block editor, autosave functionality was allowed to overwrite changes made by the editor that has taken control. This patch honors the lock status keeping autosave from conflicitng with other content editors.
Props jhart35, adamsilverstein, sathyapulse, chanthaboune, primetimejas, joemcgill, kadamwhite.
Fixes#55659.
Built from https://develop.svn.wordpress.org/trunk@54130
git-svn-id: http://core.svn.wordpress.org/trunk@53689 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add support for a "_pretty" meta-parameter on all REST controllers which instructs WordPress to return pretty-printed JSON, for better readability when inspecting endpoint responses in curl output or certain developer tools.
Introduce the "rest_json_encode_options" filter to permit site owners to control this behavior globally.
Props Viper007Bond, TimothyBlynJacobs, chrisguitarguy, johnbillion, swissspidy, adamsilverstein, danielbachhuber, rmccue.
Fixes#41998.
Built from https://develop.svn.wordpress.org/trunk@54127
git-svn-id: http://core.svn.wordpress.org/trunk@53686 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset adds a new `page_cache` check which determines whether the site uses a full page cache, and in addition assesses the server response time. If no page cache is present and the server response time is slow, the check will suggest use of a page cache.
A few filters are included for customization of the check:
* `site_status_good_response_time_threshold` filters the number of milliseconds below which the server response time is considered good. The default value is based on the `server-response-time` Lighthouse audit and can be altered using this filter.
* `site_status_page_cache_supported_cache_headers` filters the map of supported cache headers and their callback to determine whether it was a cache hit. The default list includes commonly used cache headers, and it is filterable to support e.g. additional cache headers used by specific vendors.
Note that due to the nature of this check it is only run in production environments.
Props furi3r, westonruter, spacedmonkey, swissspidy, Clorith.
Fixes#56041.
Built from https://develop.svn.wordpress.org/trunk@54043
git-svn-id: http://core.svn.wordpress.org/trunk@53602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This removes the requirement that a Super Admin must be a member of the current site when they attempt to set an application password within the admin area of an individual site on the network.
Props TimothyBlynJacobs, ilovecats7, johnbillion, georgestephanis, johnjamesjacoby
Fixes#53224
Built from https://develop.svn.wordpress.org/trunk@53882
git-svn-id: http://core.svn.wordpress.org/trunk@53441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates `wp_get_latest_revision_id_and_total_count()` and its usage to be a bit more descriptive and a bit less repetitive, e.g. `$revisions['latest_id']` instead of `$revision['revision']`.
Includes updating the `@return` tag to explain when the function returns a `WP_Error`.
Follow-up to [53759], [53769], [53778], [53779].
See #55857.
Built from https://develop.svn.wordpress.org/trunk@53841
git-svn-id: http://core.svn.wordpress.org/trunk@53400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes a behavior where a draft created with the same slug as an existing post would set the existing post to a 404.
`wp_unique_post_slug()` returns the same slug for 'draft' or 'pending' posts, so to ensure that a unique slug is generated, this changeset adds the post data with the 'publish' status to `wp_unique_post_slug()`.
Props Toro_Unit, h2ham, peterwilsoncc, costdev, antonvlasenko, azaozz, ironprogrammer, audrasjb, hellofromTonya.
Fixes#52422.
Built from https://develop.svn.wordpress.org/trunk@53813
git-svn-id: http://core.svn.wordpress.org/trunk@53372 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset is a follow-up to [53751] which ensures the additional `sources` information stored in attachment metadata are available under `media_details` for each image size in the REST API responses for attachments.
Props mukesh27, eugenemanuilov, mitogh, flixos90, aaemnnosttv.
See #55443.
Built from https://develop.svn.wordpress.org/trunk@53786
git-svn-id: http://core.svn.wordpress.org/trunk@53345 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new name is `wp_get_latest_revision_id_and_total_count()`.
This aims to reduce ambiguity about what exactly is the "first" or "last" revision, and bring more consistency with similar wording elsewhere in core, e.g. latest posts, latest comments, etc.
Follow-up to [53759], [53769].
Props peterwilsoncc.
See #55857.
Built from https://develop.svn.wordpress.org/trunk@53778
git-svn-id: http://core.svn.wordpress.org/trunk@53337 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Includes:
* Renaming the function to `wp_get_last_revision_id_and_total_count()`.
* Making the default value for `$post` consistent with `wp_get_post_revisions()`.
* Making `WP_Error` codes more specific and using them in test assertions.
* Adjusting the function description per the documentation standards.
Follow-up to [53759].
Props JustinSainton, SergeyBiryukov.
See #55857.
Built from https://develop.svn.wordpress.org/trunk@53769
git-svn-id: http://core.svn.wordpress.org/trunk@53328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Do not call the `prepare_links` methods in core REST API controllers, unless the `_links` or `_embedded` fields are requested. There is no need to prepare links if they are never returned in the response. This saves resources, as many calls to `prepare_links` methods perform database queries.
Props Spacedmonkey, timothyblynjacobs, rachelbaker, desrosj, dlh, hellofromTonya.
Fixes#52992.
Built from https://develop.svn.wordpress.org/trunk@53760
git-svn-id: http://core.svn.wordpress.org/trunk@53319 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add new function called `wp_get_lastest_revision_id_and_total_count`, that performs an optimized query to get the last revision and total and use it in `WP_REST_Posts_Controller` class.
Props Spacedmonkey, timothyblynjacobs, furi3r, peterwilsoncc.
Fixes#55857.
Built from https://develop.svn.wordpress.org/trunk@53759
git-svn-id: http://core.svn.wordpress.org/trunk@53318 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `wp_new_comment()`, `wp_update_comment()`, and `wp_filter_comment()` functions already normalize the `user_ID` parameter internally to `user_id`, which matches the database field name.
This commit aims to bring some consistency when passing the parameter in core.
The corresponding `$user_ID` variable is also renamed to `$user_id` to match the other variables when not referring to the `$user_ID` global, which has an exception in the WordPress coding standards.
Follow-up to [8543], [8720], [12267], [12300], [26491], [28915], [28922], [34799], [49303].
See #55647, #56244.
Built from https://develop.svn.wordpress.org/trunk@53729
git-svn-id: http://core.svn.wordpress.org/trunk@53288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This moves the `::prepare_links()` methods in REST API classes next to `::prepare_item_for_response()` where they are used, to bring some consistency across the classes and make code navigation easier.
Includes wrapping some long lines for better readability.
Follow-up to [52079], [52051], [52342], [53721], [53722].
See #55647.
Built from https://develop.svn.wordpress.org/trunk@53724
git-svn-id: http://core.svn.wordpress.org/trunk@53283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Patterns on the [https://wordpress.org/patterns/ Pattern Directory] can have keywords for better discoverability while searching. The way these are stored [69548ff1f0 was changed from a taxonomy to meta value], but the `/wp/v2/pattern-directory/patterns` endpoint was still pulling from that old value.
The correct property to use for this field is `meta.wpop_keywords`, which returns a single string with comma-separated keywords.
Props ryelle, TimothyBlynJacobs.
See #56126.
Built from https://develop.svn.wordpress.org/trunk@53665
git-svn-id: http://core.svn.wordpress.org/trunk@53224 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Move logic to generate link to global styles to the `prepare_links` method in theme REST API controller. This way all logic to generate links is within the `prepare_links` method, bringing this controller inline with other REST API controllers.
Props SergeyBiryukov, Spacedmonkey.
Fixes#56018.
Built from https://develop.svn.wordpress.org/trunk@53544
git-svn-id: http://core.svn.wordpress.org/trunk@53133 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prime caches for all post parents in the post REST API controller using the `_prime_post_caches` function. Post parent objects are required as part of the `check_read_permission` method’s permission check in post REST API controller.
Props spacedmonkey, furi3r, peterwilsoncc, mitogh, madpixels.
Fixes#55593.
Built from https://develop.svn.wordpress.org/trunk@53506
git-svn-id: http://core.svn.wordpress.org/trunk@53095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a new parameter to `WP_Query` called `update_menu_item_cache` that when set to true, primes the caches for linked terms and posts for menu item post objects. This change moves logic
found in `wp_get_nav_menu_items` into a new function called `update_menu_item_cache`. Update the menu item REST API controller, to pass the `update_menu_item_cache` parameter to the
arguments used for the `WP_Query` run to get menu items.
Props furi3r, TimothyBlynJacobs, spacedmonkey, peterwilsoncc, mitogh.
Fixes#55620.
--This line, and those below, will be ignored--
M src/wp-includes/class-wp-query.php
M src/wp-includes/nav-menu.php
M src/wp-includes/rest-api/endpoints/class-wp-rest-menu-items-controller.php
M tests/phpunit/tests/post/nav-menu.php
Built from https://develop.svn.wordpress.org/trunk@53504
git-svn-id: http://core.svn.wordpress.org/trunk@53093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For a call to `WP_Query` or a post REST API request that contains posts from multiple authors, call the `cache_users` function, to ensure that all user data for post authors is primed in
a single database query. This results in far fewer database queries on multiple author sites.
Props spacedmonkey, timothyblynjacobs, peterwilsoncc.
Fixes#55716.
Built from https://develop.svn.wordpress.org/trunk@53482
git-svn-id: http://core.svn.wordpress.org/trunk@53071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.
Follow-up to [11383], [13096], [51597], [53452].
Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes#55852.
Built from https://develop.svn.wordpress.org/trunk@53455
git-svn-id: http://core.svn.wordpress.org/trunk@53044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[53218] introduced a bug of a wrong response from the `wp/v2/pattern-directory/patterns` endpoint with a `slug` parameter. As the response is cached, it can result in an incorrect list of available patterns supported by the current theme.
This commit resolves by:
* Limiting the `slug` to an `array` in the query parameters.
* When set, parsing and sorting the slug(s) and then serializing the sorted query args as part of the hashed transient keys.
Props antonvlasenko, timothyblynjacobs, spacedmonkey, costdev, hellofromTonya.
Follow-up to [53218], [53152], [51208].
Fixes#55617.
Built from https://develop.svn.wordpress.org/trunk@53333
git-svn-id: http://core.svn.wordpress.org/trunk@52922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Related Gutenberg issue: https://github.com/WordPress/gutenberg/issues/39889.
Backporting changes from the Gutenberg plugin:
- new Block Patterns REST API endpoint
- new Block Pattern Categories REST API endpoint
- updates to Query Loop related patterns
- support for custom taxonomies in Query Loop block
Props hellofromtonya, peterwilsoncc, ntsekouras, zieladam, ironprogrammer, spacedmonkey, timothyblynjacobs, antonvlasenko, jsnajdr.
See #55505.
Built from https://develop.svn.wordpress.org/trunk@53152
git-svn-id: http://core.svn.wordpress.org/trunk@52741 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Backports changes from Gutenberg to add functions required by Comment Query Loop and related blocks. Related unit tests depends on the new blocks and they will get added seperately.
Props darerodz, timothyblynjacobs.
See #55505.
Built from https://develop.svn.wordpress.org/trunk@53138
git-svn-id: http://core.svn.wordpress.org/trunk@52727 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changeset replaces contracted verb forms like `doesn't`, `can't`, or `isn't` with non-contracted forms like `does not`, `cannot`, or `is not`, for better consistency across the WordPress administration. It also updates some corresponding unit tests strings.
Props Presskopp, socalchristina, aandrewdixon, francina, SergeyBiryukov, JeffPaul, audrasjb, hellofromTonya.
Fixes#38913.
See #39176.
Built from https://develop.svn.wordpress.org/trunk@52978
git-svn-id: http://core.svn.wordpress.org/trunk@52567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update packages to include these bug fixes from Gutenberg:
- Site Logo: Add option to set site icon from Site Logo block
- Navigation: Enable even more compact setup state.
- Remove template parts from post content inserter an __unstable filter
- Template Editor Mode: Hide editor mode switcher
- Avoid using CSS variables for block gap styles
- Try to fix auto resizing in template part focus mode
- Lower the specificity of font size CSS Custom Properties in the editor
- Site icon: Fix site icon styling to display non-square site icons within a square button
- [Site Editor]: Register block editor shortcuts
- Update regex to handle 404 template slug
- Site Editor: Remove dead code
- [Block Editor]: Restrict delete multi selected blocks shortcut
- Fix: Gradients are not being applied by class
- Update: Make the global styles subtitles font smaller
- Post Content/Title: Reflect changes when previewing post
- ServerSideRender: Fix loading state
- [Block Library]: Fix editable post blocks in Query Loop with zero queryId
- Post Excerpt: Fix previews
- WP59: Contextualize "Export" string to differentiate it from other occurrences in WP Core
- Tools Panel: Fix race conditions caused by conditionally displayed ToolsPanelItems
- ToolsPanel: Allow items to register when panelId is null
- Font Size Picker: Allow non-integers as simple CSS values and in hints
- [Components - FontSizePicker]: Use incremental sequence of numbers as labels for the available font-sizes at the segmented control (conditionally)
See #54487.
Built from https://develop.svn.wordpress.org/trunk@52434
git-svn-id: http://core.svn.wordpress.org/trunk@52026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Regex changes from [52376] are reverted to restore the original regex patterns. Why? [52376] used an include characters pattern, which was too limiting. It did not account for localized characters, such as `é`, or other valid directory name characters.
The original theme directory regex pattern, i.e. `[^.\/]+(?:\/[^.\/]+)?` excluded the period `.` character. Removing the `.` character resolves the reported issue by allowing matching for `themes/theme-dirname-1.0/` or `themes/<subdirname>/theme-dirname-1.0/`.
As the pattern used an exclude approach, all characters are valid for matching except for `/`. However, not all characters are cross-platform valid for directory names. For example, the characters `/:<>*?"|` are not valid on Windows OS. The pattern now excludes those characters.
The theme's directory (or subdirectory) name pattern matching is now used in `WP_REST_Global_Styles_Controller`, `WP_REST_Templates_Controller`, and `WP_REST_Themes_Controller`.
Follow-up to [51003], [52051], [52275], [52376].
Props costdev, hellofromTonya, spacedmonkey, TimothyBlynJacobs, bijayyadav, kafleg.
Fixes#54596.
Built from https://develop.svn.wordpress.org/trunk@52399
git-svn-id: http://core.svn.wordpress.org/trunk@51991 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Themes whose `wp-content/themes/<dirname>` include valid non-alphanumeric (cross-platform) characters work for non-block themes, but did not previously resolve for block themes. For example, a block theme in `wp-content/themes/twentytwentytwo-0.4.0/` directory resulted a 404 "No route was found matching the URL and request method" response when attempting to customize it in the Site Editor.
This commit adds support for the following characters in a theme's root directory: `_`, `.`, `@`, `[`, `]`, `(`, and `)`. Subdirectory themes and `-` are already supported.
Follow-up to [51003], [52051], [52275].
Props mkaz, costdev, hellofromTonya, jffng, justinahinon, peterwilsoncc, spacedmonkey, TimothyBlynJacobs.
Fixes#54596.
Built from https://develop.svn.wordpress.org/trunk@52376
git-svn-id: http://core.svn.wordpress.org/trunk@51968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress Core is not really custom and does not reference "custom post type" in its function naming. This commit renames 2 public static methods:
* `WP_Theme_JSON_Resolver::get_user_custom_post_type_id()` renamed to `WP_Theme_JSON_Resolver::get_user_global_styles_post_id()`.
* `WP_Theme_JSON_Resolver::get_user_data_from_custom_post_type()` renamed to `WP_Theme_JSON_Resolver:: get_user_data_from_wp_global_styles()`.
Follow-up to [52049], [52051], [52069], [52232], [52275], [52364].
Props antonvlasenko, bernhard-reiter, costdev, desrosj, hellofromTonya, noisysocks, oandregal, SergeyBiryukov.
Fixes#54517.
Built from https://develop.svn.wordpress.org/trunk@52372
git-svn-id: http://core.svn.wordpress.org/trunk@51964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In [51962] the `rest_get_route_for_post` function was implemented in all places where link to a post's REST API endpoint is needed. However in this commit, the up link, which links to the parent post of the current object, did not use this function.
Props Spacedmonkey, SergeyBiryukov.
Fixes#53656.
Built from https://develop.svn.wordpress.org/trunk@52363
git-svn-id: http://core.svn.wordpress.org/trunk@51955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The new wp_global_styles post type is registered to use edit_theme_options in the capability settings. The WP_REST_Global_Styles_Controller class's permission checks methods use the capability in a hard coded form rather than looking up the capability via the post type object. Changing the permission callbacks to lookup capabilities via the post type object, allows theme and plugin developers to modify the capability used for editing global styles via a filter and these values to be respected via the Global Styles REST API.
Props Spacedmonkey, peterwilsoncc, hellofromTonya , antonvlasenko, TimothyBlynJacobs, costdev, zieladam.
Fixes#54516.
Built from https://develop.svn.wordpress.org/trunk@52342
git-svn-id: http://core.svn.wordpress.org/trunk@51934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Ensure that the export template endpoint returns a WP_Error object, including code and message, so that the site editor can display an error message.
Add some basic unit tests to ensure that permission checks are working as expected.
Follow-up to [52286].
Props Spacedmonkey, dlh, hellofromTonya , Mamaduka, TimothyBlynJacobs.
Fixes#54448.
Built from https://develop.svn.wordpress.org/trunk@52340
git-svn-id: http://core.svn.wordpress.org/trunk@51932 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Add a REST API to export site templates and template part as html files. When the REST API is requested, it responds by downloading a single ZIP file and exits early, without completing full request. To create the exported zip, the ZipArchive class is required. If this class is not present then the export will gracefully fail, returning a `WP_Error` object and 500 status error code.
Props spacedmonkey, youknowriad, Mamaduka, walbo, peterwilsoncc.
Fixes#54448 .
Built from https://develop.svn.wordpress.org/trunk@52286
git-svn-id: http://core.svn.wordpress.org/trunk@51878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the new menu items, global items and template controllers manually call the function `wp_after_insert_post()` to manually fire the action of the same name after all potential data is updated.
This accounts for the use case in which a theme or plugin developer has modified the endpoints use of either taxonomy or meta data.
The new parameter `$fire_after_hooks` is added to `wp_update_nav_menu_item()` to control whether the `wp_after_insert_post` action is fired when it in turn calls `wp_insert_post()`.
Props spacedmonkey, peterwilsoncc, zieladam.
Fixes#54536.
Built from https://develop.svn.wordpress.org/trunk@52276
git-svn-id: http://core.svn.wordpress.org/trunk@51868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update packages to include these bug fixes from Gutenberg:
- Update Pattern block category and add documentation
- Fix non existent menu handling in nav block
- Make Reusable blocks available in the Site Editor
- Add caching to WP_Theme_JSON_Resolver_Gutenberg::get_user_data_from_custom_post_type()
- theme.json: add appearanceTools flag to opt-in into appearance UI controls
- Update the block theme folders to templates and parts
- Remove reference to gutenberg_, swap with wp_
- Use table layout in templates list screen
- Update featured image placeholder graphic.
- [Inserter]: Adjust order of theme blocks and reorder inserter items
- Implement suitable fallback for Nav block on front end of site when no menu selected
- Toggle Group Control: add tooltip
- Use first non-empty Nav post as primary fallback for Nav block
- Change .nvmrc and documentation for Node.js version (LTS to 14.18.1)
- Update: Migrate global styles user database data on the rest endpoint
- Update global styles public API
- Update: Rename user preset origin to custom
- Try always generating navigation post title
- Show all templates and template parts on the site editor list screens
- Highlight "Site" in the navigation panel
- Fix template part slug generation when creating through the block placeholder
- [Block Library - Post Title]: Fix render error when setting Page to homepage
- Add 'Clear customizations' button to template list page
- Gallery v1: Allow clicks within replace media placeholder state
- Site Editor: Set the <title> on the list page to be same as the CPT name
- Gallery: Fix stuck image size options loader
- Cover: Fix undo trap
- Add success and error snackbars to the templates list page
- Fix: theme colors cannot override defaults
- Fix: Color palette is not being stored
- Add elements support to the typography panel in global styles
- Make links plural in global styles
- Add: Gradient palette editor
- Update some small style regressions in the template list
- Add: Transparency support on global styles colors
- Fix: apply by slug on all origins
- Render empty Nav block if no fallback block can be utilised
- Allow filtering of Nav block fallback
- Fix Nav block fallback DB query to match on full block grammar start tag
- Remove unstable max pages attribute from Nav block
- DateTimePicker: set PM hours correctly
- Update delete template button
- Site Editor: Template list add rename action
- Fix Nav block editing wrong entity on creation of new Menu
- [REST] Restore the missing double slash in the ID received by /templates
- Add icons to navigation sidebar items
- Update function names for the public global styles API functions
- Templates Controller: Add missing 'is_custom' prop
- Rename gutenberg_ to wp_ for some functions that land in WordPress 5.9
- [Block Library - Template Part]:Remove support for conversion to Reusable block
- Global Styles: Call "palettes" and not "color palettes" on panel label
- Add button text when no colors found
- Update: Global Styes: Count all color palette origins on the palette counter
- Rename navigationMenuId to ref
- Offset the parent iframe when computing Popover position
- Fix: Failing PHPUnit test
- Show theme, plugin or author in Added By column with appropriate icon or avatar
- Add origin and author to template rest api
See #54487.
Props talldanwp, mamaduka, oandregal.
Built from https://develop.svn.wordpress.org/trunk@52275
git-svn-id: http://core.svn.wordpress.org/trunk@51867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Navigation area were merged as part of full site editing and the new navigation block. This functionality is experimental and not currently used in WordPress core, so should be removed.
Props noisysocks, spacedmonkey, get_dave, zieladam.
Fixes#54506.
Built from https://develop.svn.wordpress.org/trunk@52272
git-svn-id: http://core.svn.wordpress.org/trunk@51864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The templates controller now respects the `_fields` parameter and filters the response accordingly. The schema has been updated to include all the fields returned. The `content.block_version` field has been added. The controller now returns WP_Error objects for improved error handling.
Add new unit tests.
Props TimothyBlynJacobs, hellofromtonya, zieladam.
Fixes#54422.
Built from https://develop.svn.wordpress.org/trunk@52186
git-svn-id: http://core.svn.wordpress.org/trunk@51778 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The menu items REST API controller was added in [52079]. This included functionality to add a "block" menu item type. This functionality is experimental and not currently used in WordPress core, so should be removed.
Props noisysocks.
See #40878.
Built from https://develop.svn.wordpress.org/trunk@52184
git-svn-id: http://core.svn.wordpress.org/trunk@51776 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update packages to include these bug fixes from Gutenberg:
- Navigation: Fix click-button size, submenu directions, scrollbars.
- Group - Fix overzealous regex when restoring inner containers
- Babel Preset: Update Babel packages to 7.16 version
- theme.json: adds a setting property that enables some other ones
- Polish metabox container.
- Fix submenu justification and spacer orientation.
- Fix Gutenberg 11.8.2 in WordPress trunk
- Strip meta tags from pasted links in Chromium
- Hide visilibility and status for navigation posts
- Navigation: Refactor and simplify setup state.
- Nav block menu switcher - decode HTML entities and utilise accessible markup pattern
- Rename fse_navigation_area to wp_navigation_area
- theme.json: adds a setting property that enables some other ones
- Revert "theme.json: adds a setting property that enables some other ones"
- Skip flaky image block test
- WordPress/gutenberg@3c935c4
- React to any errors coming up in gutenberg_migrate_menu_to_navigation_post
- Return wp error from wp_insert_post
- Fix not transforming logical assignments for packages
See #54337.
Built from https://develop.svn.wordpress.org/trunk@52161
git-svn-id: http://core.svn.wordpress.org/trunk@51753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update packages to include these bug fixes from Gutenberg:
- Force remount LinkControl when moving between links within same richtext block
- Site Editor: Change ToolsMoreMenuGroup slot-fill name
- Respect fields param for global styles REST API requests.
- Try ensuring the item after post content clears floats
- Fix submenus not opening on click
- Apply i18n functions to Nav block menu drops when selecting existing Menu
- Gallery: Make sure the mobile warning notice only runs when images are added to a new block
- Prepare navigation php code for core patch
- Address deprecation issues from Buttons flex layout PR.
- Block Library: Fix incorrect attributes definitions
- Fix Navigation accessibility issues
See #54337.
Built from https://develop.svn.wordpress.org/trunk@52103
git-svn-id: http://core.svn.wordpress.org/trunk@51695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit introduces the `/wp/v2/menus`, `/wp/v2/menu-items` and `/wp/v2/menu-locations` REST API endpoints. These endpoints are fully available to users with the `edit_theme_options` capability, but can be read by any user who can edit a REST API available post type.
The `nav_menu` taxonomy and `nav_menu_item` post type now map their capabilities to the `edit_theme_options` primitive capability. This allows developers to provide more fine-grained access control. However, if a developer is currently dynamically removing the `edit_theme_options` capability using `map_meta_cap`, they should use the `user_has_cap` filter instead.
The `wp_update_nav_menu_item()` function has been adjusted to return an error if saving the menu item post or assigning the menu item to a menu generate an error.
Lastly, a new menu item type is introduced, `block`, that can be used to store a Block as a menu item.
Props andraganescu, antonvlasenko, dingo_d, dlh, isabel_brison, kadamwhite, Mamaduka, NateWr, noisysocks, peterwilsoncc, ryelle, schlessera, soean, Spacedmonkey, talldanwp, TimothyBlynJacobs, tobifjellner, westonruter, wpscholar, zieladam.
Fixes#40878.
Built from https://develop.svn.wordpress.org/trunk@52079
git-svn-id: http://core.svn.wordpress.org/trunk@51671 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- First pass at adding the site editor from the Gutenberg plugin to
wp-admin/site-editor.php.
- Adds miscellaneous PHP changes from Gutenberg 10.1 - 11.9.
Follows [52042].
See #54337.
Props youknowriad, aristath, hellofromtonya, gziolo.
Built from https://develop.svn.wordpress.org/trunk@52069
git-svn-id: http://core.svn.wordpress.org/trunk@51661 1a063a9b-81f0-0310-95a4-ce76da25c4cd
By default, only users with the `edit_theme_options` capability can access the sidebars and widgets REST API endpoints. In this commit, A new `show_in_rest` parameter is added to the `register_sidebar` function. When enabled, all users will be able to access that sidebar and any widgets belonging to that sidebar.
This commit reduces the `context` for a widget's `instance` information to only `edit`. This is to ensure that internal widget data is not inadvertently exposed to the public. A future ticket may expose additional APIs to allow widget authors to indicate that their instance data can be safely exposed. REST API consumers intending to access this `instance` information should take care to explicitly set the `context` parameter to `edit`.
Props spacedmonkey, zieladam.
Fixes#53915.
Built from https://develop.svn.wordpress.org/trunk@52016
git-svn-id: http://core.svn.wordpress.org/trunk@51608 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improvements:
* Removes HTML tags from translatable strings. Uses `sprintf` with placeholder and translators comment.
* Spells out "OG" to "Open Graph" to help translators.
* Adds `@since` param to new filters.
* Improves comments for code standards and consistency.
* Improves readability by making multiple args multiline.
* Micro-optimizations to avoid unnecessary variable assignments.
Follow-up to [51973].
Props hellofromTonya, sergeybiryukov, swissspidy.
Fixes#54358.
Built from https://develop.svn.wordpress.org/trunk@52008
git-svn-id: http://core.svn.wordpress.org/trunk@51599 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds a new REST API endpoint (`/wp-block-editor/v1/url-details`) for retrieving information from an external URL.
Information retrieved:
* Title: content of the `<title>` element
* Icon: favicon image link
* Description: content of the `description` or `og:description` meta element
* Image: OG image link
This endpoint is used by the block editor for link previews.
Props get_dave, aduth, andraganescu, beaulebens, hellofromTonya, kevin940726, mamaduka, marekhrabe, mnelson4, noisysocks, obenland, ocean90, retrofox, shaunandrews, spacedmonkey, swissspidy, timothyblynjacobs, xknown, youknowriad.
Fixes#54358.
Built from https://develop.svn.wordpress.org/trunk@51973
git-svn-id: http://core.svn.wordpress.org/trunk@51562 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Use 3-digit, x.x.x-style semantic versioning for `@since` tags of the `$rest_namespace` property in `WP_Post_Type` and `WP_Taxonomy`.
Add a `@since` note to `WP_REST_Taxonomies_Controller::get_item_schema()` for the `visibility` and `rest_namespace` properties.
The `rest_base` property was also added after the method was initially introduced, but that happened during the same release cycle, so it doesn't need a separate `@since` note.
Follow-up to [38832], [39191], [42729], [51959], [51961], [51962], [51964].
See #53399.
Built from https://develop.svn.wordpress.org/trunk@51965
git-svn-id: http://core.svn.wordpress.org/trunk@51554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While a taxonomy can define a custom route by using the rest_base argument, a namespace of wp/v2 was assumed. This commit introduces support for a rest_namespace argument.
A new rest_get_route_for_taxonomy_items function has been introduced and the rest_get_route_for_term function updated to facilitate getting the correct route for taxonomies.
For maximum compatibility sticking with the default wp/v2 namespace is recommended until the API functions see wider use.
Props spacedmonkey.
Fixes#54267.
See [51962].
Built from https://develop.svn.wordpress.org/trunk@51964
git-svn-id: http://core.svn.wordpress.org/trunk@51553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While a custom post type can define a custom route by using the `rest_base` argument, a namespace of `wp/v2` was assumed. This commit introduces support for a `rest_namespace` argument.
A new `rest_get_route_for_post_type_items` function has been introduced and the `rest_get_route_for_post` function updated to facilitate getting the correct route for custom post types.
While the WordPress Core Block Editor bootstrap code has been updated to use these API functions, for maximum compatibility sticking with the default `wp/v2` namespace is recommended until the API functions see wider use.
Props spacedmonkey, swissspidy.
Fixes#53656.
Built from https://develop.svn.wordpress.org/trunk@51962
git-svn-id: http://core.svn.wordpress.org/trunk@51551 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `taxonomies` and `rest_base` properties were also added after the method was initially introduced, but that happened during the same release cycle, so they don't need a separate `@since` note.
Follow-up to [38832], [39097], [39191], [39647], [51959].
See #53399.
Built from https://develop.svn.wordpress.org/trunk@51961
git-svn-id: http://core.svn.wordpress.org/trunk@51550 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Similar to the existing `role`/`role__in`/`role__not_in` query arguments, this adds support for three new query arguments in `WP_User_Query`:
* `capability`
* `capability__in`
* `capability__not_in`
These can be used to fetch users with (or without) a specific set of capabilities, for example to get all users
with the capability to edit a certain post type.
Under the hood, this will check all existing roles on the site and perform a `LIKE` query against the `capabilities` user meta field to find:
* all users with a role that has this capability
* all users with the capability being assigned directly
Note: In WordPress, not all capabilities are stored in the database. Capabilities can also be modified using filters like `map_meta_cap`. These new query arguments do NOT work for such capabilities.
The prime use case for capability queries is to get all "authors", i.e. users with the capability to edit a certain post type.
Until now, `'who' => 'authors'` was used for this, which relies on user levels. However, user levels were deprecated a long time ago and thus never added to custom roles. This led to constant frustration due to users with custom roles missing from places like author dropdowns.
This updates any usage of `'who' => 'authors'` in core to use capability queries instead.
Subsequently, `'who' => 'authors'` queries are being **deprecated** in favor of these new query arguments.
Also adds a new `capabilities` parameter (mapping to `capability__in` in `WP_User_Query`) to the REST API users controller.
Also updates `twentyfourteen_list_authors()` in Twenty Fourteen to make use of this new functionality, adding a new `twentyfourteen_list_authors_query_args` filter to make it easier to override this behavior.
Props scribu, lgladdly, boonebgorges, spacedmonkey, peterwilsoncc, SergeyBiryukov, swissspidy.
Fixes#16841.
Built from https://develop.svn.wordpress.org/trunk@51943
git-svn-id: http://core.svn.wordpress.org/trunk@51532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While the new name is much better, it doesn't fully tell what will happen when invoked nor does it fully solve the root problems.
Why? The function is doing too much. And naming is hard.
Props azaozz, desrosj, andraganescu, zieladam, hellofromTonya.
See #53811.
Built from https://develop.svn.wordpress.org/trunk@51791
git-svn-id: http://core.svn.wordpress.org/trunk@51398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In each child and grandchild class, renames the first parameter to match the parent's method signature.
Why? PHP 8 introduces the ability to pass named arguments to function/method calls. This means the child and parent method signatures (i.e. parameter names) need to match.
Changes for readability:
- `@since` clearly specifies the original parameter name and its new name as well as why the change happened.
- In methods longer than a single line, the generic parameter is reassigned to the original parameter restoring it for context for use within the method. An inline comment is added to explain why this reassignment is made.
Follow-up to [38832], [39011], [39015], [39021], [39024], [39025], [39031], [39036], [43519], [43735], [43739], [43768], [46821], [48173], [48242], [49088], [50995], [51003], [51021].
Props jrf, hellofromTonya, sergeybiryukov, azaozz, desrosj, johnbillion.
See #51553.
Built from https://develop.svn.wordpress.org/trunk@51786
git-svn-id: http://core.svn.wordpress.org/trunk@51393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The original name `retrieve_widgets()` was unclear as it suggested it was a getter, i.e. getting the widgets. This function does more than get: finds orphaned widgets, assigns them to the inactive sidebar, and updates the database.
The new name is `sync_registered_widgets()` which better represents what happens when this function is invoked.
The original `retrieve_widgets()` function is soft deprecated to avoid unnecessary code churn downstream for developers that support more than the latest version of WordPress.
Follow-up to [18630].
Props zieladam, timothyblynjacobs, andraganescu, hellofromTonya.
See #53811.
Built from https://develop.svn.wordpress.org/trunk@51705
git-svn-id: http://core.svn.wordpress.org/trunk@51311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes the "Deprecated: Return type of `WP_REST_Request::[METHODNAME]($offset)` should be compatible with `ArrayAccess::[METHODNAME](): type`" warnings on PHP 8.1.
PHP native interfaces now have declared return types and methods in classes implementing these interfaces need to either have the return type declared (in a covariant compatible manner with the PHP native interface method declaration), or need to silence the deprecation warning using the `#[ReturnTypeWillChange]` attribute.
Follow-up to [51517], [51529], [51530].
Props jrf.
See #53635.
Built from https://develop.svn.wordpress.org/trunk@51531
git-svn-id: http://core.svn.wordpress.org/trunk@51142 1a063a9b-81f0-0310-95a4-ce76da25c4cd
It aligns with the changes proposed added in Gutenberg: https://github.com/WordPress/gutenberg/pull/33293.
The idea here is to split the growing webpack config into two parts: blocks and packages.
We need to add handling for JavaScript files that are going to be used with blocks on the frontend. They didn't work quite well with the current setup for entry points created for packages.
As part of the effort, it adds support for `viewScript` in `block.json` metadata file that is later translated to `$view_script` in `WP_Block_Type` class and exposed as `view_script` from the REST API endpoint for block types.
Props youknowriad, desrosj, aristath.
Fixes#53690.
Built from https://develop.svn.wordpress.org/trunk@51501
git-svn-id: http://core.svn.wordpress.org/trunk@51112 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This fixes a bug where widgets are unintentionally moved to the `wp_inactive_widgets` sidebar when batch updates occur through the REST API.
When batch requests are processed, only `$_wp_sidebars_widgets is updated by previous calls to `WP_REST_Widgets_Controller::create_item()`. `$sidebars_widgets` is not aware of the new widget’s intended location, and `retrieve_widgets()` mistakenly flags the widget as inactive.
Calling `wp_get_sidebars_widgets()` before `retrieve_widgets()` ensures both global variables match and is intended as a temporary fix until the root cause of the problem can be fixed.
Props zieladam, htmgarcia, timothyblynjacobs.
Fixes#53657.
Built from https://develop.svn.wordpress.org/trunk@51432
git-svn-id: http://core.svn.wordpress.org/trunk@51043 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This switches `WP_REST_Sidebars_Controller` to use `wp_sidebar_description()` for retrieving the `description` of a given sidebar instead of referencing the value in the `$wp_registered_sidebars` global variable directly.
`wp_sidebar_description()` uses `wp_kses()` to only allow the default list of `$allowed_tags` to be present in a sidebar’s `description`.
Props timothyblynjacobs, desrosj.
Fixes#53646.
Built from https://develop.svn.wordpress.org/trunk@51408
git-svn-id: http://core.svn.wordpress.org/trunk@51019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When a widget is removed from a sidebar, if it was removed from the middle of the list, the widgets property would become an object with numeric keys.
The sidebars controller now forces the widgets property to be a list.
Props walbo.
Fixes#53612.
Built from https://develop.svn.wordpress.org/trunk@51377
git-svn-id: http://core.svn.wordpress.org/trunk@50988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This adds the `$request` parameter to the `permissions_check()` methods within `WP_REST_Widgets_Controller` and adds `$request` as an allowed parameter to the `permissions_check()` method within `WP_REST_Templates_Controller`.
Even when this parameter is not used by default, it should be implemented to support the class being extended and the method overidden.
Props johnbillion, timothyblynjacobs.
Fixes#53593.
Built from https://develop.svn.wordpress.org/trunk@51349
git-svn-id: http://core.svn.wordpress.org/trunk@50958 1a063a9b-81f0-0310-95a4-ce76da25c4cd