Prior to 4.9, this function was accidentally taxonomy-agnostic in most cases.
The fix in [40979] caused a regression in this function. For backward
compatibility, we make it explicit that the query is by ID only.
See #42771.
Built from https://develop.svn.wordpress.org/trunk@42367
git-svn-id: http://core.svn.wordpress.org/trunk@42196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prior to version 4.9, a quirk in the implementation of `get_term()` caused
`get_category_link( 123 )` to fetch the taxonomy archive link for term 123
even if 123 is not in the 'category' taxonomy. The quirk was fixed in [40979];
see #40671. This bugfix introduced a regression for theme authors who were
expecting the old behavior.
By lifting the 'category' restriction, we allow the template function to work
in the old way.
Fixes#42717. See #42771.
Built from https://develop.svn.wordpress.org/trunk@42364
git-svn-id: http://core.svn.wordpress.org/trunk@42193 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Update the comment reply JavaScript to be unobtrusive and use events rather than inline `onclick` attributes.
Along with bringing the code into the 2010s this prevents an edge-case in which `addComment.moveForm()` could be called before the JavaScript has loaded.
Props peterwilsoncc, bradparbs.
Fixes#31590.
Built from https://develop.svn.wordpress.org/trunk@42360
git-svn-id: http://core.svn.wordpress.org/trunk@42189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
There are situations where the REST API client wants to be able to read and set the permalink_structure option. Though this doesn’t fix the use case of front-end rendered unauthenticated websites, it still has utility as a setting in it’s own right.
Props aduth.
See #41014.
Built from https://develop.svn.wordpress.org/trunk@42359
git-svn-id: http://core.svn.wordpress.org/trunk@42188 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The permissions error message when a request tries to fetch post statuses unauthenticated is incorrect. It was a copy/paste from elsewhere, as indicated by the use of "in this post type" where this is no post type referenced.
Props schlessera.
Fixes#42303.
Built from https://develop.svn.wordpress.org/trunk@42356
git-svn-id: http://core.svn.wordpress.org/trunk@42185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The 409 error code is intended for situations where it is expected that the user will resolve the conflict and resubmit the same request. We use 400 error codes for other routes when a duplicate request is made. The 400 status code tells the user they need to modify their request for it to be successful.
Props shooper.
Fixes#42781. See #41370.
Built from https://develop.svn.wordpress.org/trunk@42354
git-svn-id: http://core.svn.wordpress.org/trunk@42183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change means that only the leading portion of a locale code gets passed to MediaElement, removing problems that arise from locales such as `de_DE_formal` and `pt_PT_ao90`.
Props erich_k4wp, blobfolio, flixos90, ocean90, joemcgill, SergeyBiryukov.
Fixes#42574
Built from https://develop.svn.wordpress.org/trunk@42251
git-svn-id: http://core.svn.wordpress.org/trunk@42080 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`rest_url()` inconsistent addes slashes to the passed path depending on whether the site has pretty permalinks enabled. Apart from being inconsistent, this also caused the unit tests to fail when pretty permalinks are enabled.
Props frank-klein.
Fixes#42452. See #41451.
Built from https://develop.svn.wordpress.org/trunk@42250
git-svn-id: http://core.svn.wordpress.org/trunk@42079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
We have a handful of super long regexen that are written over multiple lines, as a collection of strings concatenated together. Each string is indented appropriately for the regex, but PHPCS doesn't recognised this, so defaults to removing the extra whitespace.
Disabling the `Squiz.Strings.ConcatenationSpacing.PaddingFound` rule for these blocks stops the extra whitespace from being removed.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42249
git-svn-id: http://core.svn.wordpress.org/trunk@42078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
While caching here seemed like a good idea in theory, in practice the cache would be often stale causing development issues.
We exclude common folders (such as `node_modules`) from the scanning to avoid directories which are not useful to the end-user, so as long as those exclusion lists are held up this shouldn't cause too much of a degredation in the future.
We may consider adding caching here again in the future if it's determined that it is really needed.
Props precies, ibenic, mariovalney, schlessera, and all the others who commented on the ticket(s).
This partually reverts [41806].
See #6531.
Fixes#42573.
Built from https://develop.svn.wordpress.org/trunk@42242
git-svn-id: http://core.svn.wordpress.org/trunk@42071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42228
git-svn-id: http://core.svn.wordpress.org/trunk@42057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When the setup process reads `wp-config-sample.php`, it assumes that there are no spaces inside the brackes of the `define()`s. Unfortunately, this doesn't match our coding standards, so will no longer work correctly once we start enforcing them.
This also improves coding standards of the generated `wp-config.php` file.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42218
git-svn-id: http://core.svn.wordpress.org/trunk@42047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This pattern occurs a handful of times across the codebase:
`<div class="foo<?php if ( $bar ) { echo ' baz'; } ?>">`
Unfortunately, it doesn't really play nicely with `phpcbf`, so all instances need to be removed in preperation for auto code formatting.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42217
git-svn-id: http://core.svn.wordpress.org/trunk@42046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `meta_box_cb` argument was introduced in [25572] to allow plugin
authors to provide a custom callback for rendering their taxonomy's meta
box on the post edit screen. However, the routine used to handle the saving
of these custom taxonomy meta boxes was not customizable, but was instead
based simply on whether the taxonomy was hierarchicaly. See [13535].
The new `meta_box_sanitize_cb` argument defaults to the "tag" routine for
non-hierarchical taxonomies and the "category" routine for hierarchical ones,
thereby maintaining the current default behavior. Developers can override this
when the data passed from their `meta_box_cb` differs.
Props boonebgorges, ZaneMatthew, stephenharris.
Fixes#36514.
Built from https://develop.svn.wordpress.org/trunk@42211
git-svn-id: http://core.svn.wordpress.org/trunk@42040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- When switching to the Text view, wait until after the Visual editor element has been hidden, before focussing the `<textarea>`.
- When switching to the Visual view, only scroll if the cursor is not visible on the current screen.
Fixes#42530.
Built from https://develop.svn.wordpress.org/trunk@42175
git-svn-id: http://core.svn.wordpress.org/trunk@42005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Simplify regular expression for checking URL validity to just do basic checks to confirm the value looks like a URL. Leave the complete validation to the server-side logic in `WP_Customize_Nav_Menu_Item_Setting::sanitize()` to avoid having to maintain two separate codebases for validating URLs.
Props westonruter, SergeyBiryukov for testing.
Amends [41697].
See #32816.
Fixes#42506 for trunk.
Built from https://develop.svn.wordpress.org/trunk@42153
git-svn-id: http://core.svn.wordpress.org/trunk@41984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When just doing `wp_publish_post()` for the changeset from `customize.php`, any option-based settings will fail to get saved because `WP_Customize_Manager` would have already been loaded with `settings_previewed`, resulting in `update_option()` calls being short-circuited. So an admin-ajax request to `customize_save` is used to work around this.
Props westonruter, jeremyfelt, dlh for testing, LittleBigThing for testing.
Amends [41626].
See #28721, #39221.
Fixes#42457 for trunk.
Built from https://develop.svn.wordpress.org/trunk@42138
git-svn-id: http://core.svn.wordpress.org/trunk@41969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The admin bar render methods use some cute tricks which don't come close to the WordPress coding standards. So that we can more easily apply automated code fixing to the codebase, these tricks need to be removed.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42128
git-svn-id: http://core.svn.wordpress.org/trunk@41959 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `wpdb::placeholder_escape()`, the key for `hash_hmac()` defaults to `AUTH_SALT`, but `hash_hmac()` will return an empty string if the key is empty.
This had the side effect of the string `{}` being incorrectly replaced with a `%` character in queries just about to be run on the database.
Props jsonfry.
Fixes#42431.
Built from https://develop.svn.wordpress.org/trunk@42120
git-svn-id: http://core.svn.wordpress.org/trunk@41949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In `wpdb::placeholder_escape()`, the key for `hash_hmac()` falls back to `rand()` when `AUTH_SALT` is undefined. `hash_hmac()` requires the key to be a string, however, so we need to cast it as such.
Props mkomar.
Fixes#42401.
Built from https://develop.svn.wordpress.org/trunk@42119
git-svn-id: http://core.svn.wordpress.org/trunk@41948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Consider both `selectedChangesetStatus` and `changesetStatus` states when deciding to disable.
* Factor out common logic into `canSwitchTheme` function on `ThemesPanel`.
* Keep Live Preview and Install buttons disabled in Themes controls and detail overlays when appropriate.
Props westonruter, dlh.
Amends [41788].
See #42126, #37661, #39896.
Fixes#42406.
Built from https://develop.svn.wordpress.org/trunk@42113
git-svn-id: http://core.svn.wordpress.org/trunk@41942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Prevent edits to 2-level deep theme files from returning a `disallowed_theme_file` error when attempting to save an edit. Aligns logic for gathering `$allowed_files` in `theme-editor.php` for listing files with the validation logic in `wp_edit_theme_plugin_file()`.
Amends [41806].
See #6531.
Fixes#42425.
Built from https://develop.svn.wordpress.org/trunk@42112
git-svn-id: http://core.svn.wordpress.org/trunk@41941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
[41496] removed support for numbered placeholders in queries send through `wpdb::prepare()`, which, despite being undocumented, were quite commonly used.
This change restores support for numbered placeholders (as well as a subset of placeholder formatting), while also adding extra checks to ensure the correct number of arguments are being passed to `wpdb::prepare()`, given the number of placeholders.
See #41925.
Built from https://develop.svn.wordpress.org/trunk@42056
git-svn-id: http://core.svn.wordpress.org/trunk@41885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Improve the logic determining which endpoints support the trash by enumerating them. Endpoints that don't support the trash require `force=true` when deleting. The previous approach relied on the `force` argument description, which is a translated string and was fragile. In the future, we can expose whether an endpoint supports the trash as part of its schema and automate this logic.
Props Soean.
Fixes#40672.
Built from https://develop.svn.wordpress.org/trunk@42047
git-svn-id: http://core.svn.wordpress.org/trunk@41881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In the original function introduced in [41380], and subsequently [41861], only the network ID was passed to the new `pre_get_main_site_id` filter. In order to make give quick access to other network properties, it was decided to pass the whole object instead. The changeset includes an additional test.
Fixes#29684.
Built from https://develop.svn.wordpress.org/trunk@42043
git-svn-id: http://core.svn.wordpress.org/trunk@41877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Let min hour be 0 and max be 23 in 24-hour time; let min hour be 1 and max be 12 in 12-hour time.
* Show error notification when an invalid date value is provided, not just when not a future date.
* Fix translation of custom validity message.
* Start checking for validity after all inputs have been initially populated.
* Remove support for being able to enter 24:00.
* Cease forcing date input elements from being casted to integers, to allow for invalid inputs to be detected.
Props westonruter, Presskopp, peterwilsoncc, atachibana for testing.
See #39896, #28721.
Fixes#42373.
Built from https://develop.svn.wordpress.org/trunk@42042
git-svn-id: http://core.svn.wordpress.org/trunk@41876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Passing `options.params` when constructing `Partial` is now deprecated in favor of just passing `options`.
* Improve usage of jsdoc in JS `Partial` class.
* Also add `defaults` property to `wp.customize.selectiveRefresh.Partial` class for parity with `Control`.
See #42083.
Built from https://develop.svn.wordpress.org/trunk@42037
git-svn-id: http://core.svn.wordpress.org/trunk@41871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Deprecate PHP classes `WP_Customize_New_Menu_Section` and `WP_Customize_New_Menu_Control`.
* Deprecate JS class `wp.customize.Menus.NewMenuControl`.
* Also introduce `wp.customize.Menus.createNavMenu()` for logic to create nav menus separately from the logic for handling UI interactions.
Amends [41768].
See #40104, #42364.
Fixes#42357.
Built from https://develop.svn.wordpress.org/trunk@42034
git-svn-id: http://core.svn.wordpress.org/trunk@41868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Expand containing panel when expanding themes section.
* Consolidate UI changes related to a section's expanded state change.
* Prevent collapsing current section when expanding.
* Auto-expand first themes section when expanding panel if one is not expanded already.
See #37661, #42354.
Fixes#42360.
Built from https://develop.svn.wordpress.org/trunk@42033
git-svn-id: http://core.svn.wordpress.org/trunk@41867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Eliminate Media control template from having dependency on `params.settings.default` for element ID, to fix compat with `params.settings` array or single `params.setting`. See #36167.
* Move description out of label and add `aria-describedby` to Media control's Select button. See #30738, #33085.
* Obtain notification container whenever content is (re-)rendered (such as for Media control). See #38794.
* Re-render notifications after control content is re-rendered, if control is in expanded section. See #38794.
Amends [41390].
See #36167, #38794, #33085, #30738.
Built from https://develop.svn.wordpress.org/trunk@42031
git-svn-id: http://core.svn.wordpress.org/trunk@41865 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `publish_settings` section is a fundamental dependency for Customizer, so it must be guaranteed to be registered.
Also unconditionally register core types for panels, sections, and controls in case plugin unhooks all `customize_register` actions.
See #39896.
Fixes#42337.
Built from https://develop.svn.wordpress.org/trunk@42025
git-svn-id: http://core.svn.wordpress.org/trunk@41859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes issue specifically with attempting to access an orphaned control's `elements` immediately after it has been added. Normally this would not happen because a control would not be registered without a section, and also a control should only be interacted with once its `embedded` deferred has been resolved.
Also harden logic for gathering list of deferred setting IDs.
See #37964.
Fixes#42330.
Built from https://develop.svn.wordpress.org/trunk@42024
git-svn-id: http://core.svn.wordpress.org/trunk@41858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Twenty Ten: Reduces image size and removes image borders for galleries in widget areas.
Twenty Eleven: Reduces image size and removes image borders for galleries in widget areas.
Twenty Twelve: Reduces image size for some gallery sizes in widget areas.
Twenty Thirteen: Ensure proper clearing for images, hide captions for some gallery column combos and ensure good display for galleries in widget areas.
Twenty Fourteen: Ensure proper clearing for images and hide captions for some gallery column combos for galleries in widget areas.
Twenty Seventeen: Hide captions for some gallery column combos for galleries in widget areas.
Props joyously, williampatton, davidakennedy, melchoyce, crunnells.
Fixes#41969.
Built from https://develop.svn.wordpress.org/trunk@42019
git-svn-id: http://core.svn.wordpress.org/trunk@41853 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This now treats files containing `./` as valid, and also treats files containing a trailing `../` as valid due to widespread use of this pattern in theme and plugin zip files.
Adds tests.
Props Ipstenu, borgesbruno, DavidAnderson, philipjohn, birgire
Fixes#42016, #36170
Built from https://develop.svn.wordpress.org/trunk@42011
git-svn-id: http://core.svn.wordpress.org/trunk@41845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Allow updating oEmbed cache during `parse-embed` requests for non-post editors (such as widgets).
* Update any existing `oembed_cache` post when `usecache` and TTL has passed.
* Do not overwrite a previously valid cache with `{{unknown}}`.
Props dlh.
See #34115.
Fixes#42310.
Built from https://develop.svn.wordpress.org/trunk@42009
git-svn-id: http://core.svn.wordpress.org/trunk@41843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In r41727 the ability to sanitise and validate objects from JSON schema was added, with a whitelist approach. It was decided we should pass through all non-registered properties to reflect the behaviour of the root object in register_rest_route. To prevent arbitrary extra data via setting objects, we force additionalProperties to false in the settings endpoint.
See #38583.
Built from https://develop.svn.wordpress.org/trunk@42000
git-svn-id: http://core.svn.wordpress.org/trunk@41834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fixes a bug where menu assignements couldn't be changed when previewing a theme.
Also removes an unnecessary call to menu mapping after a theme switch from the customizer and makes sure the locations option is always written, for good measure.
Props westonruter.
See #39692.
Built from https://develop.svn.wordpress.org/trunk@41995
git-svn-id: http://core.svn.wordpress.org/trunk@41829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously attempted in [40256], which caused the test for decoded curly quotes to fail in some environments.
`$_SERVER['REQUEST_URI']` contains the encoded URI, so this version removes the failing tests and only checks for encoded curly quotes.
Props joostdevalk, lancewillett, SergeyBiryukov.
Fixes#20383.
Built from https://develop.svn.wordpress.org/trunk@41991
git-svn-id: http://core.svn.wordpress.org/trunk@41825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Adds checks throughout to allow for `wp_new_comment()` returning a `WP_Error` instance.
Updates the docs for the `pre_comment_approved` filter to include that it can be passed an error.
Props enrico.sorcinelli, ryotsun.
Fixes#39730.
Built from https://develop.svn.wordpress.org/trunk@41980
git-svn-id: http://core.svn.wordpress.org/trunk@41814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Also remove `enum` for validating allowed templates to allow plugins to dynamically supply their own templates for specific posts, even when they are not in the theme.
Props TimothyBlynJacobs, jnylen0, swissspidy.
Fixes#39996.
Built from https://develop.svn.wordpress.org/trunk@41979
git-svn-id: http://core.svn.wordpress.org/trunk@41813 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Reverting this for 4.9. It will be added back in a future version of WordPress. This doesn't mean that you shouldn't be trying Gutenberg, just that it isn't ready for a call out to a larger audience. But if you are the type to read commit messages, https://github.com/WordPress/gutenberg could use your pull requests and comments on issues.
Reverts [41931] [41900] [41896] [41895]
See #41316
Built from https://develop.svn.wordpress.org/trunk@41978
git-svn-id: http://core.svn.wordpress.org/trunk@41812 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The customizer and the theme installer use `visibility: hidden` on the body when
they open full-overlays screens. The FTP credentials modal needs a visibility
property set back to `visible` to be visible over those overlays.
Props purnendu.
Fixes#42205.
Built from https://develop.svn.wordpress.org/trunk@41972
git-svn-id: http://core.svn.wordpress.org/trunk@41806 1a063a9b-81f0-0310-95a4-ce76da25c4cd