Commit Graph

33 Commits

Author SHA1 Message Date
Weston Ruter e7747ce23e Script Loader: Use `wp_get_script_tag()` and `wp_get_inline_script_tag()`/`wp_print_inline_script_tag()` helper functions to output scripts on the frontend and login screen.
Using script tag helper functions allows plugins to employ the `wp_script_attributes` and `wp_inline_script_attributes` filters to inject the `nonce` attribute to apply Content Security Policy (e.g. Strict CSP). Use of helper functions also simplifies logic in `WP_Scripts`.

* Update `wp_get_inline_script_tag()` to wrap inline script in CDATA blocks for XHTML-compatibility when not using HTML5.
* Ensure the `type` attribute is printed first in `wp_get_inline_script_tag()` for back-compat.
* Wrap existing `<script>` tags in output buffering to retain IDE supports.
* In `wp_get_inline_script_tag()`, append the newline to `$javascript` before it is passed into the `wp_inline_script_attributes` filter so that the CSP hash can be computed properly.
* In `the_block_template_skip_link()`, opt to enqueue the inline script rather than print it.
* Add `ext-php` to `composer.json` under `suggest` as previously it was an undeclared dependency for running PHPUnit tests.
* Update tests to rely on `DOMDocument` to compare script markup, normalizing unsemantic differences.

Props westonruter, spacedmonkey, flixos90, 10upsimon, dmsnell, mukesh27, joemcgill, swissspidy, azaozz.
Fixes #58664.
See #39941.

Built from https://develop.svn.wordpress.org/trunk@56687


git-svn-id: http://core.svn.wordpress.org/trunk@56199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-25 21:05:21 +00:00
Pascal Birchler 5edb22187d I18N: Introduce `switch_to_user_locale()`.
This new function makes it easier to switch to a specific user’s locale by reducing duplicate code and storing the user’s ID as additional context for plugins to consume. Existing usage of `switch_to_locale()` in core has been replaced with `switch_to_user_locale()` where appropriate.

Also, this change ensures `WP_Locale_Switcher` properly filters `determine_locale` so that anyyone using the `determine_locale()` function will get the correct locale information when switching is in effect.

Props costdev.
Fixes #57123.
See #26511.
Built from https://develop.svn.wordpress.org/trunk@55161


git-svn-id: http://core.svn.wordpress.org/trunk@54694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-01-30 10:27:16 +00:00
Sergey Biryukov c03305852e Code Modernization: Add `AllowDynamicProperties` attribute to all (parent) classes.
Dynamic (non-explicitly declared) properties are deprecated as of PHP 8.2 and are expected to become a fatal error in PHP 9.0.

There are a number of ways to mitigate this:
* If it is an accidental typo for a declared property: fix the typo.
* For known properties: declare them on the class.
* For unknown properties: add the magic `__get()`, `__set()`, et al. methods to the class or let the class extend `stdClass` which has highly optimized versions of these magic methods built in.
* For unknown ''use'' of dynamic properties, the `#[AllowDynamicProperties]` attribute can be added to the class. The attribute will automatically be inherited by child classes.

Trac ticket #56034 is open to investigate and handle the third and fourth type of situations, however it has become clear this will need more time and will not be ready in time for WP 6.1.

To reduce “noise” in the meantime, both in the error logs of WP users moving onto PHP 8.2, in the test run logs of WP itself, in test runs of plugins and themes, as well as to prevent duplicate tickets from being opened for the same issue, this commit adds the `#[AllowDynamicProperties]` attribute to all “parent” classes in WP.

The logic used for this commit is as follows:
* If a class already has the attribute: no action needed.
* If a class does not `extend`: add the attribute.
* If a class does `extend`:
 - If it extends `stdClass`: no action needed (as `stdClass` supports dynamic properties).
 - If it extends a PHP native class: add the attribute.
 - If it extends a class from one of WP's external dependencies: add the attribute.
* In all other cases: no action — the attribute should not be needed as child classes inherit from the parent.

Whether or not a class contains magic methods has not been taken into account, as a review of the currently existing magic methods has shown that those are generally not sturdy enough and often even set dynamic properties (which they should not). See the [https://www.youtube.com/watch?v=vDZWepDQQVE live stream from August 16, 2022] for more details.

This commit only affects classes in the `src` directory of WordPress core.
* Tests should not get this attribute, but should be fixed to not use dynamic properties instead. Patches for this are already being committed under ticket #56033.
* While a number bundled themes (2014, 2019, 2020, 2021) contain classes, they are not a part of this commit and may be updated separately.

Reference: [https://wiki.php.net/rfc/deprecate_dynamic_properties PHP RFC: Deprecate dynamic properties].

Follow-up to [53922].

Props jrf, hellofromTonya, markjaquith, peterwilsoncc, costdev, knutsp, aristath.
See #56513, #56034.
Built from https://develop.svn.wordpress.org/trunk@54133


git-svn-id: http://core.svn.wordpress.org/trunk@53692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-12 15:47:14 +00:00
John Blackbourn beac9601fa Docs: Corrections and improvements to docblocks for function and hooks relating to fatal error handling.
See #54729

Built from https://develop.svn.wordpress.org/trunk@53316


git-svn-id: http://core.svn.wordpress.org/trunk@52905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-29 19:17:11 +00:00
John Blackbourn 2cb4ebefe2 Docs: Replace `$this` in hook param docs with more appropriate names.
`$this` is a pseudo-variable that cannot be used as the name of a function parameter, so renaming these helps prevent errors when implementing hook callback functions.

Fixes #53457

Built from https://develop.svn.wordpress.org/trunk@51518


git-svn-id: http://core.svn.wordpress.org/trunk@51129 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-07-30 19:35:58 +00:00
John Blackbourn 6f3a940e64 Plugins: Replace usage of `$this` in action and filter parameter docblocks with more appropriate variable names.
See #51800, #52217

Fixes #52243

Built from https://develop.svn.wordpress.org/trunk@49946


git-svn-id: http://core.svn.wordpress.org/trunk@49645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-08 14:30:14 +00:00
Sergey Biryukov c88c8db417 Docs: Add a reference to `WP_Customize_Partial::__construct()` for information on accepted arguments in `WP_Customize_Selective_Refresh::add_partial()`.
Synchronize the documentation between two places, use `WP_Customize_Partial::__construct()` as the canonical source.

Props marekdedic.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48617


git-svn-id: http://core.svn.wordpress.org/trunk@48379 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-25 19:40:05 +00:00
Sergey Biryukov 19bca10d79 Coding Standards: Replace `echo sprintf()` with `printf()`.
See #49542.
Built from https://develop.svn.wordpress.org/trunk@48111


git-svn-id: http://core.svn.wordpress.org/trunk@47880 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 13:18:11 +00:00
Sergey Biryukov ac9b6fcef8 Docs: Use a consistent description for the `$manager` parameter in various Customizer class constructions.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47383


git-svn-id: http://core.svn.wordpress.org/trunk@47170 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-26 15:33:05 +00:00
Sergey Biryukov 47ed56f38f Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant.
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.

This commit also includes:

* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
 * `wp-admin/admin-header.php`
 * `wp-admin/admin-footer.php`
 * `wp-includes/version.php`

Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes #48082.
Built from https://develop.svn.wordpress.org/trunk@47198


git-svn-id: http://core.svn.wordpress.org/trunk@46998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-06 06:33:11 +00:00
Sergey Biryukov b08c42eb80 Docs: Correct `@type` annotation for `WP_Customize_Selective_Refresh::$current_partial_id`.
Props diddledan.
Fixes #46854.
Built from https://develop.svn.wordpress.org/trunk@45428


git-svn-id: http://core.svn.wordpress.org/trunk@45239 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-26 02:12:52 +00:00
John Blackbourn 2361ca884f Docs: Document more parameters and properties using typed array notation.
See #41756

Built from https://develop.svn.wordpress.org/trunk@42876


git-svn-id: http://core.svn.wordpress.org/trunk@42706 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-25 19:33:31 +00:00
Gary Pendergast aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Drew Jaynes 0860bb2771 Docs: Remove `@access` notations from method DocBlocks in wp-includes/* classes.
Prior to about 2013, many class methods lacked even access modifiers which made the `@access` notations that much more useful. Now that we've gotten to a point where the codebase is more mature from a maintenance perspective and we can finally remove these notations. Notable exceptions to this change include standalone functions notated as private as well as some classes still considered to represent "private" APIs.

See #41452.

Built from https://develop.svn.wordpress.org/trunk@41162


git-svn-id: http://core.svn.wordpress.org/trunk@41002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 00:41:44 +00:00
Weston Ruter e8e5a71a85 Docs: Improve phpdoc for `WP_Customize_Manager`, `WP_Customize_Control`, `WP_Customize_Setting`, and `WP_Customize_Selective_Refresh`.
Props 4nickpick, sagarprajapati, ketuchetan, BharatKambariya, mrahmadawais, westonruter.
Fixes #39671.

Built from https://develop.svn.wordpress.org/trunk@40804


git-svn-id: http://core.svn.wordpress.org/trunk@40662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-19 20:25:41 +00:00
Weston Ruter c78f903a7b Customize: Fix selective refresh when customizing the 404 template.
Overrides the 404 status during partial refresh requests to serve back 200 so that the request is not deemed a failure and invoke the fallback behavior (full refresh).

See #27355.
Fixes #40018.

Built from https://develop.svn.wordpress.org/trunk@40316


git-svn-id: http://core.svn.wordpress.org/trunk@40223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-23 16:57:43 +00:00
Sergey Biryukov ff749bc66c Docs: Correct `@access` entries and duplicate hook references in `WP_Customize_Selective_Refresh`.
Props keesiemeijer.
Fixes #39501.
Built from https://develop.svn.wordpress.org/trunk@39734


git-svn-id: http://core.svn.wordpress.org/trunk@39674 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-06 22:09:13 +00:00
Weston Ruter c68f1de5f8 Customize: Use selected user language for edit shortcuts in preview instead of site language.
Props ocean90.
Fixes #39009.

Built from https://develop.svn.wordpress.org/trunk@39545


git-svn-id: http://core.svn.wordpress.org/trunk@39485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-08 19:32:59 +00:00
Weston Ruter 8f9f75598b Customize: Remove edit shortcut toggle button from preview since visibility is now linked with pane visibility.
Amends [39131].
Props westonruter, sirbrillig.
See #27403.
Fixes #38668.

Built from https://develop.svn.wordpress.org/trunk@39144


git-svn-id: http://core.svn.wordpress.org/trunk@39084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-04 20:54:30 +00:00
Weston Ruter 71afe657b6 Customize: Add edit shortcuts in customizer preview to visually expose editable elements and focus on the corresponding controls when clicked.
* Edit shortcuts show initially for a moment and then fade away so as to not get in the way of the preview. 
* Visibility of edit shortcuts is toggled by clicking/touching anywhere inert in the document.
* Implements UI for mobile and touch devices which do not support shift-click.
* Adds `editShortcutVisibility` state.
* Adds new methods to `wp.customize.selectiveRefresh.Partial` for managing edit shortcuts.

Incorporates aspects of the Customize Direct Manipulation feature plugin.

Props sirbrillig, mattwiebe, celloexpressions, melchoyce, westonruter, afercia.
Fixes #27403.

Built from https://develop.svn.wordpress.org/trunk@38967


git-svn-id: http://core.svn.wordpress.org/trunk@38910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 20:03:32 +00:00
Weston Ruter f1ba1918c9 Customize: Implement customized state persistence with changesets.
Includes infrastructure developed in the Customize Snapshots feature plugin.

See https://make.wordpress.org/core/2016/10/12/customize-changesets-technical-design-decisions/

Props westonruter, valendesigns, utkarshpatel, stubgo, lgedeon, ocean90, ryankienstra, mihai2u, dlh, aaroncampbell, jonathanbardo, jorbin.
See #28721.
See #31089.
Fixes #30937.
Fixes #31517.
Fixes #30028.
Fixes #23225.
Fixes #34142.
Fixes #36485.

Built from https://develop.svn.wordpress.org/trunk@38810


git-svn-id: http://core.svn.wordpress.org/trunk@38753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-18 20:05:31 +00:00
Weston Ruter bce5ea9494 Customize: Use new `$status_code` parameter for `wp_send_json_error()` instead of calling `status_header()` separately.
Props johnbillion.
See #35666.
Fixes #37897.

Built from https://develop.svn.wordpress.org/trunk@38478


git-svn-id: http://core.svn.wordpress.org/trunk@38419 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 19:01:28 +00:00
Scott Taylor a3ffebce30 Bootstrap: do not go gentle into that good night r38411, r38412, and parts of r38389.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38470


git-svn-id: http://core.svn.wordpress.org/trunk@38411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 16:31:29 +00:00
Scott Taylor 390ceba6c7 Bootstrap: after r38409 and r38410, revert r38402 which reverted r38399.
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38411


git-svn-id: http://core.svn.wordpress.org/trunk@38352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 22:32:37 +00:00
Dion Hulse 0e31a46161 Bootstrap: Revert [38399] as it's broken `/build/` and subsequently core.svn.wordpress.org.
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.

See #36335

Built from https://develop.svn.wordpress.org/trunk@38402


git-svn-id: http://core.svn.wordpress.org/trunk@38343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 14:37:32 +00:00
Scott Taylor 6a529648cf Bootstrap: Autoload classes using a Composer-generated PHP 5.2-compatible Autoloader.
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.

The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php

We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php

When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.

The future is now.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38399


git-svn-id: http://core.svn.wordpress.org/trunk@38340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 09:15:29 +00:00
Weston Ruter 1c2324f834 Customize: Update server-sent setting validation notifications as changes are entered.
Send back setting validities with full refreshes and selective refreshes so that invalid settings can have notifications displayed immediately before attempting save, and so that these notifications can be cleared as soon as the input is corrected.

* Splits out JS logic for listing controls into separate methods  `wp.customize.Setting.prototype.findControls()` and `wp.customize.findControlsForSettings()`.
* Adds a `setting` property to the `data` on notifications added to controls that are synced from their settings.
* Adds `selective-refresh-setting-validities` message sent from preview to pane.
* Changes `WP_Customize_Manager::validate_setting_values()` to return when settings are valid as well as invalid.
* Adds `WP_Customize_Manager::prepare_setting_validity_for_js()`.
* Add setting validities to data exported to JS in Customizer Preview and in selective refresh responses.

Fixes #36944.

Built from https://develop.svn.wordpress.org/trunk@37700


git-svn-id: http://core.svn.wordpress.org/trunk@37666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-14 19:17:28 +00:00
Drew Jaynes 7add7e84f5 Docs: Add a missing version and access information to the DocBlock for the `WP_Customize_Selective_Refresh->$manager` property, introduced in [36586].
See #27355. See #35986.

Built from https://develop.svn.wordpress.org/trunk@37011


git-svn-id: http://core.svn.wordpress.org/trunk@36978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-16 16:39:26 +00:00
Drew Jaynes 3bdf4f1524 Docs: Standardize the file header and class summarries for the file containing `WP_Customize_Selective_Refresh`, introduced in [36586].
See #27355. See #35986.

Built from https://develop.svn.wordpress.org/trunk@37010


git-svn-id: http://core.svn.wordpress.org/trunk@36977 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-16 16:29:26 +00:00
Weston Ruter d27ae61355 Customize: Remove selective refresh error message from appearing inline within the preview.
The error message will still be available in the developer console.

Removes part of [36586].
See #27355.
Fixes #36164.

Built from https://develop.svn.wordpress.org/trunk@36890


git-svn-id: http://core.svn.wordpress.org/trunk@36857 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-09 04:37:28 +00:00
Weston Ruter aa2db425d8 Customize: Skip exporting partials to client and handling rendering requests if user can't modify associated settings.
Introduces `WP_Customize_Partial::check_capabilities()` for parity with `WP_Customize_Control::check_capabilities()`.
 
See #27355.
Fixes #35914.

Built from https://develop.svn.wordpress.org/trunk@36643


git-svn-id: http://core.svn.wordpress.org/trunk@36610 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 18:14:26 +00:00
Weston Ruter 53e0315242 Customize: Let `WP_Customize_Selective_Refresh` class be `final` to match manager and other component classes.
This class is not intended to be extended.
 
See #27355.

Built from https://develop.svn.wordpress.org/trunk@36624


git-svn-id: http://core.svn.wordpress.org/trunk@36591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 01:28:25 +00:00
Weston Ruter 6b775d4afe Customize: Add selective refresh framework with implementation for widgets and re-implementation for nav menus.
See https://make.wordpress.org/core/2016/02/16/selective-refresh-in-the-customizer/.

Props westonruter, valendesigns, DrewAPicture, ocean90.
Fixes #27355.

Built from https://develop.svn.wordpress.org/trunk@36586


git-svn-id: http://core.svn.wordpress.org/trunk@36553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-19 18:41:28 +00:00