On the user edit screen improve handling and clarify language: rename the "Generate Password" and "Show password" buttons to "Set New Password". Clicking it always generates a password. Also: improve inline code comments and descriptions.
Props afercia, bookdude13, michaelarestad, pento.
Fixes#42852.
Built from https://develop.svn.wordpress.org/trunk@49248
git-svn-id: http://core.svn.wordpress.org/trunk@49010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `WP_AUTO_UPDATE_CORE` constant now supports `beta` and `rc` values.
This makes it possible for sites to opt-in to updating to RC (or beta) releases without having to install a plugin, or run on a development version.
Props dd32, knutsp.
Fixes#51319.
Built from https://develop.svn.wordpress.org/trunk@49245
git-svn-id: http://core.svn.wordpress.org/trunk@49007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows for customizing the arguments used to generate the Quick Edit authors drop-down.
Additionally, pass the `$bulk` argument to the `quick_edit_dropdown_pages_args` filter, for consistency.
Props Mista-Flo, garrett-eclipse, hellofromTonya.
Fixes#47685.
Built from https://develop.svn.wordpress.org/trunk@49238
git-svn-id: http://core.svn.wordpress.org/trunk@49000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows Site Health tests to check if the current environment type is set to `development` or `local`.
Use the new method:
* In HTTPS tests, instead of a hardcoded check for `localhost`.
* In `WP_DEBUG` and `WP_DEBUG_DISPLAY` tests, to set the status to `recommended` instead of `critical`.
Props dkotter, Clorith, DavidAnderson, joyously, knutsp, afragen, SergeyBiryukov.
Fixes#47058.
Built from https://develop.svn.wordpress.org/trunk@49237
git-svn-id: http://core.svn.wordpress.org/trunk@48999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change adds additional logic to catch HTTP failures that do not return a `WP_Error` object (for example, a wp-json REST API error error).
This also fixes instances where REST API callbacks performed from cron do not work due to a lack of authentication by introducing a direct callback route that asynchronous tests can register.
Props dd32, clorith, timothyblynjacobs.
Fixes#51547.
Built from https://develop.svn.wordpress.org/trunk@49232
git-svn-id: http://core.svn.wordpress.org/trunk@48994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When `noopener noreferrer` was originally added in #37941 and related tickets, the `noreferrer` bit was specifically included due to Firefox not supporting `noopener` at the time.
Since `noopener` has been supported by all major browsers for a while, it should now be safe to remove the `noreferrer` attribute from core.
Props Mista-Flo, audrasjb, joostdevalk, jonoaldersonwp, peterwilsoncc, elgameel.
Fixes#49558.
Built from https://develop.svn.wordpress.org/trunk@49215
git-svn-id: http://core.svn.wordpress.org/trunk@48977 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Instead of one cache entry for all upload folders for a site on multisite, this now caches for each folder and invalidates that cache based on context. In multisite, this should speed up `get_dirsize` calls since older directories that are much less likely to change will no longer have the size recalculated.
Props janthiel, A5hleyRich, batmoo.
Fixes#19879.
Built from https://develop.svn.wordpress.org/trunk@49212
git-svn-id: http://core.svn.wordpress.org/trunk@48974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Using the canonical function name for PHP functions is strongly recommended, as aliases may be deprecated or removed without (much) warning.
This replaces all uses of the following:
* `join()` with `implode()`
* `sizeof()` with `count()`
* `is_writeable()` with `is_writable()`
* `doubleval()` with a `(float)` cast
In part, this is a follow-up to #47746.
Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49193
git-svn-id: http://core.svn.wordpress.org/trunk@48955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* `WP_List_Table::get_default_primary_column_name()` is a protected method, so calling it statically with the class name is bad practice.
* Similarly, this applies when calling a private constructor in `WP_Screen::get()`.
Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49192
git-svn-id: http://core.svn.wordpress.org/trunk@48954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The allowed format for bulk actions is now an associative array where each element represents either a top level option value and label, or an array representing an optgroup and its options.
For a standard option, the array element key is the field value and the array element value is the field label.
For an optgroup, the array element key is the label and the array element value is an associative array of options as above.
Props goldenapples, mattkeys, valentinbora, davidbaumwald
Fixes#19278
Built from https://develop.svn.wordpress.org/trunk@49190
git-svn-id: http://core.svn.wordpress.org/trunk@48952 1a063a9b-81f0-0310-95a4-ce76da25c4cd
- Enable arranging only when the Screen Options tab is open.
- Prevent accidental/unintended dragging. Seen it happen mostly on laptops when using the mousepad/trackpad.
- Improve discoverability and usefulness by always showing the "drop zones" outline when postboxes are draggable/arrangeable.
- Add some (brief) explanation to the Screen Options tab helping the user understand what options are available and how to change them. This is especially helpful for screen reader users to give an idea how to use the screen options and what to expect.
- Fix/enhance some of the code in `postbox.js` and make it coding standards compliant.
See #50699.
Built from https://develop.svn.wordpress.org/trunk@49179
git-svn-id: http://core.svn.wordpress.org/trunk@48941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This avoids overlapping with action buttons and brings some consistency to bottom paddings across various screens.
Props passoniate, afercia, anuj2, rolfsiebers, uxkai, ireneyoast, thijsvanloef, hellofromTonya, audrasjb, helen, SergeyBiryukov.
Fixes#49246.
Built from https://develop.svn.wordpress.org/trunk@49178
git-svn-id: http://core.svn.wordpress.org/trunk@48940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Introduces the action `wp_after_insert_post` inside a wrapper function of the same name. This hook allows plugin developers to access a posts full data (including its terms and meta data) regardless of the workflow used to save it.
A new parameter is introduced to `wp_insert_post()` to indicate whether the hook should be fired within the function call or will be fired afterward.
Props aristath, Collizo4sky, danielbachhuber, joyously, kadamwhite, kraftbj, markparnell, mikeschroder, noisysocks, peterwilsoncc, SergeyBiryukov, talldanwp, thewebprincess, TimothyBlynJacobs.
Fixes#45114.
Built from https://develop.svn.wordpress.org/trunk@49172
git-svn-id: http://core.svn.wordpress.org/trunk@48934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This provides more flexibility when writing tests and benefits from running in a front-end context which is necessary for some tests like checking that updates are supported. Additionally, this provides a more robust interface for developers who want to integrate with Site Health tests.
Because the `wp/v2` endpoint is reserved for modeling core entities, site health is registered in its own `wp-site-health/v1` namespace.
The existing ajax actions have been maintained for backward compatibility.
Props Clorith, chrisvanpatten, afragen, pokhriyal, TimothyBlynJacobs.
Fixes#48105.
Built from https://develop.svn.wordpress.org/trunk@49154
git-svn-id: http://core.svn.wordpress.org/trunk@48916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Deprecate the `l10n` property on `communityEventsData`.
* Introduce `version` parameter for `deprecateL10nObject` and backfill the version for deprecated objects in 5.5.0.
* Add a noop version of `deprecateL10nObject` for QUnit testing.
Fixes#51498.
Built from https://develop.svn.wordpress.org/trunk@49151
git-svn-id: http://core.svn.wordpress.org/trunk@48913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `date` and `end_date` fields are ''WP'' timestamps representing the venue's local time. As of meta:changeset:10270 (#meta4480), new `start_unix_timestamp` and `end_unix_timestamp` values are available, providing a proper ''Unix'' timestamp in the UTC timezone. Using those is more precise, and removes the time window where the event has expired but still appears in the Events Widget.
To simplify the function, it now only accepts and returns the events themselves, rather than the entire response body.
See #51130
See #meta4480
Related: https://make.wordpress.org/core/2019/09/23/date-time-improvements-wp-5-3/
Built from https://develop.svn.wordpress.org/trunk@49145
git-svn-id: http://core.svn.wordpress.org/trunk@48907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This allows for edits to be made to a restored post before it goes live again. This also prevents scheduled posts being published unexpectedly if they are untrashed after their originally scheduled date.
The old behaviour of restoring untrashed posts to their original status can be reinstated using the `wp_untrash_post_set_previous_status()` helper function.
Also fixes an issue where the incorrect post ID gets passed to hooks if no post ID is passed to the function.
Props harrym, bananastalktome, jaredcobb, chriscct7, melchoyce, johnbillion, pankajmohale
Fixes#23022
Built from https://develop.svn.wordpress.org/trunk@49125
git-svn-id: http://core.svn.wordpress.org/trunk@48887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix an issue where users could save a password with only spaces, or spaces at the beginning or end of their password, preventing them from logging in.
Props ronakganatra, 1naveengiri, ajensen, oolleegg55, bookdude13, nrqsnchz, aristath.
Fixes#42766.
Built from https://develop.svn.wordpress.org/trunk@49118
git-svn-id: http://core.svn.wordpress.org/trunk@48880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
These days there are often 2 posts published close to each other, like a release announcement and a Month In WordPress post. When that happens, the earlier post is often pushed out of the widget before many people have had a chance to see it.
Ideally, the number of total items would remain at `4`, to reduce visual clutter. Implementing a conditional item would require a significant refactor, though. Increasing the total number of items to `5` is a practical compromise.
Props hlashbrooke, tellyworth.
Fixes#43441.
Built from https://develop.svn.wordpress.org/trunk@49114
git-svn-id: http://core.svn.wordpress.org/trunk@48876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
In WordPress 4.4 the REST API was first introduced. A few releases later in WordPress 4.7, the Content API endpoints were added, paving the way for Gutenberg and countless in-site experiences. In the intervening years, numerous plugins have built on top of the REST API. Many developers shared a common frustration, the lack of external authentication to the REST API.
This commit introduces Application Passwords to allow users to connect to external applications to their WordPress website. Users can generate individual passwords for each application, allowing for easy revocation and activity monitoring. An authorization flow is introduced to make the connection flow simple for users and application developers.
Application Passwords uses Basic Authentication, and by default is only available over an SSL connection.
Props georgestephanis, kasparsd, timothyblynjacobs, afercia, akkspro, andraganescu, arippberger, aristath, austyfrosty, ayesh, batmoo, bradyvercher, brianhenryie, helen, ipstenu, jeffmatson, jeffpaul, joostdevalk, joshlevinson, kadamwhite, kjbenk, koke, michael-arestad, Otto42, pekz0r, salzano, spacedmonkey, valendesigns.
Fixes#42790.
Built from https://develop.svn.wordpress.org/trunk@49109
git-svn-id: http://core.svn.wordpress.org/trunk@48871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The admin menu icons are included as a visual element to support the text links. Without the `aria-hidden=“true”` attribute, they are also exposed to assistive technologies (which can process icon fonts in unpredictable ways).
This change improves the experience for multiple types of assistive technologies, including screen reading and voice control software. With `aria-hidden=“true”` added, the icons will not be read, and a user can now trigger a click of a top level admin menu item with commands such as “click posts”, or “click plugins”.
Props joedolson, afercia, audrasjb, adriantirusli.
Fixes#51012.
Built from https://develop.svn.wordpress.org/trunk@48963
git-svn-id: http://core.svn.wordpress.org/trunk@48725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The recommended approach for any plugins using these globals or properties is to switch to the newer `wp.i18n` functions.
In the meantime, this ensures that accessing any of these globals does not break the rest of the code on the page, and an appropriate warning message is logged to the JavaScript console.
Follow-up to: https://core.trac.wordpress.org/query?summary=~wp.i18n&milestone=5.5
Props omarreiss, peterwilsoncc, kbjohnson90, johnbillion, TimothyBlynJacobs, joostdevalk, ocean90, desrosj, SergeyBiryukov.
Fixes#51123.
Built from https://develop.svn.wordpress.org/trunk@48923
git-svn-id: http://core.svn.wordpress.org/trunk@48685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
If any admin functions are used within the filter, their existence should be checked with `function_exists()` before being used.
Follow-up to [47763], [48620].
Props audrasjb, garrett-eclipse, Howdy_McGee, dlh, khag7, SergeyBiryukov.
Fixes#51081.
Built from https://develop.svn.wordpress.org/trunk@48910
git-svn-id: http://core.svn.wordpress.org/trunk@48672 1a063a9b-81f0-0310-95a4-ce76da25c4cd