Commit Graph

113 Commits

Author SHA1 Message Date
Joe McGill 9fa577589c Grouped backports to the 6.1 branch.
- REST API: Limit `search_columns` for users without `list_users`.
- Comments: Prevent users who can not see a post from seeing comments on it.
- Application Passwords: Prevent the use of some pseudo protocols in application passwords.
- Restrict media shortcode ajax to certain type
- REST API: Ensure no-cache headers are sent when methods are overriden.
- Prevent unintended behavior when certain objects are unserialized.

Merges [56833], [56834], [56835], [56836], [56837], and [56838] to the 6.1 branch.
Props xknown, jorbin, Vortfu, joehoyle, timothyblynjacobs, peterwilsoncc, ehtis, tykoted, martinkrcho, paulkevan, dd32, antpb, rmccue.

Built from https://develop.svn.wordpress.org/branches/6.1@56867


git-svn-id: http://core.svn.wordpress.org/branches/6.1@56378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-10-12 18:16:46 +00:00
davidbaumwald b266a2d535 Shortcodes: Revert recent `apply_shortcodes` and `do_shortcode` changes.
[54248] reversed the wrapping of `do_shortcode` and `apply_shortcodes` and updated all direct internal calls of `do_shortcode` to `apply_shortcodes` after [47004].  After further consideration, the long history of `do_shortcodes` should be favored over any subjective semantic improvements.  This change reverts the remaining changes from #55883 not already reverted in [54278].

Follow-up to [47004], [54248], and [54278].

Props azaozz, jorbin.
See #55883.
Built from https://develop.svn.wordpress.org/trunk@54319


git-svn-id: http://core.svn.wordpress.org/trunk@53878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-26 22:43:10 +00:00
audrasjb 85cb9e4963 Shortcodes: Reverse wrapping of `apply_shortcodes()` and `do_shortcode()`.
This changeset reverses the wrapping of `apply_shortcodes()` and `do_shortcode()` such that `apply_shortcodes()` is now the recommended function. In addition:

- Calls to `do_shortcode()` have been changed to `apply_shortcodes()`.
- Some default filter callbacks have been changed from `'do_shortcode'` to `'apply_shortcodes'`.
- Applicable documentation has been updated to refer to `apply_shortcodes()` instead.

Follow-up to [47004].

Props SergeyBiryukov, rafiahmedd, namithjawahar, peterwilsoncc, costdev.
Fixes #55883.

Built from https://develop.svn.wordpress.org/trunk@54248


git-svn-id: http://core.svn.wordpress.org/trunk@53807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-20 10:31:14 +00:00
audrasjb d5971fc876 Docs: Misc fixes in Shortcode API function and hook descriptions, as per documentation standards.
See #55646.

Built from https://develop.svn.wordpress.org/trunk@53585


git-svn-id: http://core.svn.wordpress.org/trunk@53173 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-06-28 20:37:15 +00:00
Sergey Biryukov e05ffb46a5 Coding Standards: Remove a one-time `$message` variable in some `_doing_it_wrong()` calls.
This brings some consistency with most other calls.

Follow-up to [23378], [25605], [34745], [36219], [44108], [46111], [48156].

See #52627.
Built from https://develop.svn.wordpress.org/trunk@51154


git-svn-id: http://core.svn.wordpress.org/trunk@50763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-06-15 15:22:58 +00:00
Sergey Biryukov 5c663524c2 Docs: In various `@return` tags, list the expected type first, instead of `false`.
Follow-up to [46696], [47060], [49926], [49927], [49929].

See #51800.
Built from https://develop.svn.wordpress.org/trunk@49963


git-svn-id: http://core.svn.wordpress.org/trunk@49664 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-15 20:08:07 +00:00
Sergey Biryukov 0e3147c40e Coding Standards: Replace alias PHP functions with the canonical names.
Using the canonical function name for PHP functions is strongly recommended, as aliases may be deprecated or removed without (much) warning.

This replaces all uses of the following:
* `join()` with `implode()`
* `sizeof()` with `count()`
* `is_writeable()` with `is_writable()`
* `doubleval()` with a `(float)` cast

In part, this is a follow-up to #47746.

Props jrf.
See #50767.
Built from https://develop.svn.wordpress.org/trunk@49193


git-svn-id: http://core.svn.wordpress.org/trunk@48955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-18 17:27:06 +00:00
Sergey Biryukov dc7bda9620 Docs: Add brackets to function names in some `@see` tags, for consistency.
Props ravipatel, davidbaumwald.
Fixes #51441.
Built from https://develop.svn.wordpress.org/trunk@49092


git-svn-id: http://core.svn.wordpress.org/trunk@48854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-05 14:03:02 +00:00
John Blackbourn 9bc7d0a776 Docs: Another pass at some inline docs fixes mostly made by PHPCBF.
See #49572, #50744
Built from https://develop.svn.wordpress.org/trunk@48590


git-svn-id: http://core.svn.wordpress.org/trunk@48352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 21:11:05 +00:00
Sergey Biryukov 7932193708 Coding Standards: Use strict comparison where static strings are involved.
This reduces the number of `WordPress.PHP.StrictComparisons.LooseComparison` issues in half, from 1897 to 890.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47808


git-svn-id: http://core.svn.wordpress.org/trunk@47584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-16 18:42:12 +00:00
Sergey Biryukov 641c632b0c Coding Standards: Use Yoda conditions where appropriate.
See #49222.
Built from https://develop.svn.wordpress.org/trunk@47219


git-svn-id: http://core.svn.wordpress.org/trunk@47019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-09 16:55:09 +00:00
Sergey Biryukov b2a1146380 Coding Standards: Adjust coding standards to always omit parentheses for `include`/`require` statements.
These are language constructs, not function calls, so the parentheses are unnecessary.

This updates the PHPCS configuration file the enforce the sniff until it is moved from the `WordPress-Extra` ruleset to the `WordPress-Core` ruleset upstream.

Follow-up to [47198].

Props desrosj, jrf, GaryJ.
Fixes #49376.
Built from https://develop.svn.wordpress.org/trunk@47207


git-svn-id: http://core.svn.wordpress.org/trunk@47007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-07 19:16:06 +00:00
Sergey Biryukov 001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov f9b0dfbb8b Docs: Correct description for `shortcode_atts_{$shortcode}` filter.
Props glebkema.
Fixes #49225.
Built from https://develop.svn.wordpress.org/trunk@47087


git-svn-id: http://core.svn.wordpress.org/trunk@46887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-19 13:41:08 +00:00
Sergey Biryukov 9b3a895631 Shortcodes: Introduce `apply_shortcodes()` as an alias for `do_shortcode()`.
This better aligns with the semantics of applying filters to the input and returning a result, rather than performing an action and outputting to the current buffer.

Props ljasinskipl, thefarlilacfield.
Fixes #37422.
Built from https://develop.svn.wordpress.org/trunk@47004


git-svn-id: http://core.svn.wordpress.org/trunk@46804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-21 20:12:03 +00:00
Sergey Biryukov 6ed1a7b615 Docs: Correct the documentation placement for `wp_print_styles` and `shortcode_atts_{$shortcode}` hooks.
Props jrf.
See #48255.
Built from https://develop.svn.wordpress.org/trunk@46688


git-svn-id: http://core.svn.wordpress.org/trunk@46488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-09 13:43:01 +00:00
Sergey Biryukov b052bca67e Shortcodes: Revert [46369] for now to allow more time to investigate and prepare for backward compatibility changes.
Also reverts follow-up changes in [46370] and [46465].

See #47863.
Built from https://develop.svn.wordpress.org/trunk@46554


git-svn-id: http://core.svn.wordpress.org/trunk@46351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-15 19:36:02 +00:00
Sergey Biryukov cf1c5e1b54 Docs: Adjust `@since` note in `shortcode_parse_atts()` for consistency with similar notes.
See #47863.
Built from https://develop.svn.wordpress.org/trunk@46465


git-svn-id: http://core.svn.wordpress.org/trunk@46263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-12 02:50:03 +00:00
whyisjake d30053446b Shortcodes: Improve handling from `shortcode_parse_attts()`.
Ensure consistency between `shortcode_parse_attts()` when being used directly.

Props mauteri, birgire, SergeyBiryukov, kadamwhite, whyisjake.
Fixes #47863.


Built from https://develop.svn.wordpress.org/trunk@46369


git-svn-id: http://core.svn.wordpress.org/trunk@46168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-01 03:42:58 +00:00
John Blackbourn e36d1bcbd8 Docs: Docblock corrections and improvements, mostly related to various `pre_*` filters.
See #47110

Built from https://develop.svn.wordpress.org/trunk@46232


git-svn-id: http://core.svn.wordpress.org/trunk@46044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-21 17:41:57 +00:00
Sergey Biryukov e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation.
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
Sergey Biryukov 8e85299a00 General: First pass at replacing Codex URLs with a corresponding HelpHub or DevHub article.
Props ianbelanger, tobifjellner, SergeyBiryukov.
See #47771.
Built from https://develop.svn.wordpress.org/trunk@45674


git-svn-id: http://core.svn.wordpress.org/trunk@45485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-25 22:45:57 +00:00
Sergey Biryukov 70bc51e46f Docs: Correct parameter name in `strip_shortcodes_tagnames` filter DocBlock.
Props uttam007.
Fixes #44691.
Built from https://develop.svn.wordpress.org/trunk@43549


git-svn-id: http://core.svn.wordpress.org/trunk@43378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-02 15:13:27 +00:00
Sergey Biryukov 4d47bfce41 Coding Standards: Fix code indent in `unescape_invalid_shortcodes()`.
Props joelcj91, GaryJ.
Fixes #43346.
Built from https://develop.svn.wordpress.org/trunk@42738


git-svn-id: http://core.svn.wordpress.org/trunk@42568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-25 16:36:30 +00:00
Gary Pendergast aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Gary Pendergast 882db52bdd General: Add inline PHPCS options to leave regex indentation.
We have a handful of super long regexen that are written over multiple lines, as a collection of strings concatenated together. Each string is indented appropriately for the regex, but PHPCS doesn't recognised this, so defaults to removing the extra whitespace.

Disabling the `Squiz.Strings.ConcatenationSpacing.PaddingFound` rule for these blocks stops the extra whitespace from being removed.

See #41057.


Built from https://develop.svn.wordpress.org/trunk@42249


git-svn-id: http://core.svn.wordpress.org/trunk@42078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-28 04:24:57 +00:00
Gary Pendergast c90cfa3b50 General: Fix some precision alignment formatting warnings.
The WPCS `WordPress.WhiteSpace.PrecisionAlignment` rule throws warnings for a bunch of code that will likely cause issues for `wpcbf`. Fixing these manually beforehand gives us better auto-fixed results later.

See #41057.


Built from https://develop.svn.wordpress.org/trunk@42228


git-svn-id: http://core.svn.wordpress.org/trunk@42057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-26 23:57:55 +00:00
Drew Jaynes 1770cc7b87 Docs: Fix a typo in the DocBlock description for `add_shortcode()` introduced in [41281].
Props grapplerulrich.
See #37222.

Built from https://develop.svn.wordpress.org/trunk@41286


git-svn-id: http://core.svn.wordpress.org/trunk@41126 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-20 20:38:42 +00:00
Drew Jaynes 15373a020d Docs: Clarify that the second parameter passed to a shortcode callback is the shortcode content or null, rather than the content the shortcode was found in.
See #37222.

Built from https://develop.svn.wordpress.org/trunk@41283


git-svn-id: http://core.svn.wordpress.org/trunk@41123 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-20 19:56:45 +00:00
Drew Jaynes b2b6f48127 Shortcodes: Rename the `$func` parameter for `add_shortcode()` to `$callback` to improve clarity.
See #37222. See #41017.

Built from https://develop.svn.wordpress.org/trunk@41282


git-svn-id: http://core.svn.wordpress.org/trunk@41122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-20 19:48:45 +00:00
Drew Jaynes 33997cc66c Docs: Improve documentation for `add_shortcode()` by:
* Removing inline examples already listed in the Code Reference
* Improving the summary and description to explain how tag conflicts are handled
* Supplement the docs for the `$func` parameter by describing the three arguments passed to a shortcode callback.

Props grapplerulrich for the initial patch.
Fixes #37222.

Built from https://develop.svn.wordpress.org/trunk@41281


git-svn-id: http://core.svn.wordpress.org/trunk@41121 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-20 19:44:42 +00:00
Sergey Biryukov a545745a54 Shortcodes: Allow using single quotes for empty value attributes.
Props enrico.sorcinelli.
Fixes #37304.
Built from https://develop.svn.wordpress.org/trunk@41026


git-svn-id: http://core.svn.wordpress.org/trunk@40876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-11 00:54:41 +00:00
Drew Jaynes 4c60260c29 Docs: Fix alignment of the `$output` parameter in the hook doc for the `do_shortcode_tag` filter.
See #41017.

Built from https://develop.svn.wordpress.org/trunk@40937


git-svn-id: http://core.svn.wordpress.org/trunk@40787 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-25 07:06:22 +00:00
Dion Hulse 5eb2277dce Shortcodes: Clarify the docs for `pre_do_shortcode_tag` and `do_shortcode_tag`.
Props dhanendran.
Fixes #39294.

Built from https://develop.svn.wordpress.org/trunk@39665


git-svn-id: http://core.svn.wordpress.org/trunk@39605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-03 04:00:18 +00:00
Drew Jaynes a7ddf24f3d Docs: Add a missing changelog entry for the point where the `$tagnames` parameter was added to `get_shortcode_regex()`.
Props keesiemeijer.
Fixes #38914.

Built from https://develop.svn.wordpress.org/trunk@39351


git-svn-id: http://core.svn.wordpress.org/trunk@39291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-23 17:35:32 +00:00
Aaron Campbell 3a761adbd7 Shortcodes: Add new `strip_shortcodes_tagnames` filter.
With the new `strip_shortcodes_tagnames` filter you can specify which shortcodes are stripped by `strip_shortcodes()`. The default is all registered shortcodes.

Props DylanAuty, orvils, swissspidy.
Fixes #37767.


Built from https://develop.svn.wordpress.org/trunk@38877


git-svn-id: http://core.svn.wordpress.org/trunk@38820 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-23 14:25:31 +00:00
Gary Pendergast 2d76b94be8 Shortcodes: Add a `do_shortcode_tag` filter.
The addition of the `pre_do_shortcode_tag` in [38506] allows plugins to short-circuit the shortcode execution process, which is particularly helpful for caching expensive shortcodes.

The `do_shortcode_tag` is the corresponding part of that system - when a shortcode hasn't been executed previously, there needs to be a clean method of populating the cache.

Props flixos90.
Fixes #32790.


Built from https://develop.svn.wordpress.org/trunk@38713


git-svn-id: http://core.svn.wordpress.org/trunk@38656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-04 00:39:37 +00:00
Gary Pendergast 75c1875587 Shortcodes: Add the `pre_do_shortcode_tag` filter.
This filter allows the shortcode generation process to be short-circuited, so expensive short codes can be cached and returned immediately.

Props ideag.
Fixes #37906.


Built from https://develop.svn.wordpress.org/trunk@38506


git-svn-id: http://core.svn.wordpress.org/trunk@38447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-02 00:10:28 +00:00
Jeremy Felt 6f3f00ea97 Multisite: Change `WP_Network` `id` property to an integer.
For consistency and developer sanity.

Props flixos90.
Fixes #37050.

Built from https://develop.svn.wordpress.org/trunk@37870


git-svn-id: http://core.svn.wordpress.org/trunk@37811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-26 14:26:29 +00:00
Drew Jaynes 9cb5247392 Docs: Standardize filter docs in remaining wp-includes/* files to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37518


git-svn-id: http://core.svn.wordpress.org/trunk@37486 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:50:28 +00:00
Dion Hulse 2038a29352 Shortcodes: `=` is a reserved character in shortcode names, mark it as such.
This allows for shortcodes such as `[shortcode=attribute]` to work, which while never intentionally supported were widely used in the pre-shortcode days.

Props aaroncampbell.
Fixes #34939 for trunk.

Built from https://develop.svn.wordpress.org/trunk@36097


git-svn-id: http://core.svn.wordpress.org/trunk@36062 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-26 04:46:28 +00:00
Drew Jaynes d5a9811f02 Docs: Add a missing summary, parameter, and return notations to the DocBlock for `strip_shortcode_tag()`.
Introduced in [18952].

See #32246.

Built from https://develop.svn.wordpress.org/trunk@35982


git-svn-id: http://core.svn.wordpress.org/trunk@35947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-16 23:23:26 +00:00
Sergey Biryukov a7e305b06f Use correct placeholders in translator comments added in [35542].
See #34249.
Built from https://develop.svn.wordpress.org/trunk@35543


git-svn-id: http://core.svn.wordpress.org/trunk@35507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-05 21:05:25 +00:00
Drew Jaynes 48f4b7cfc3 I18N: Add translator comments to three `_doing_it_wrong()` messages added for 4.3 and 4.4.
Also adds a full-stop to an invalid taxonomy message introduced in [34745] and later modified in [35428] for `wp_insert_post()`.

Props pavelevap.
Fixes #34249.

Built from https://develop.svn.wordpress.org/trunk@35542


git-svn-id: http://core.svn.wordpress.org/trunk@35506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-05 20:56:32 +00:00
Gary Pendergast 44fb83dc0b Shortcodes: Tweak the error messages added in [34745].
See #34090.


Built from https://develop.svn.wordpress.org/trunk@35428


git-svn-id: http://core.svn.wordpress.org/trunk@35392 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-29 10:32:26 +00:00
John Blackbourn 7b230cafab Abstract the shortcode attribute parsing regex into its own function, update the JavaScript counterpart, and introduce a test to ensure they do not diverge again.
Fixes #34191
Props miqrogroove, johnbillion

Built from https://develop.svn.wordpress.org/trunk@34933


git-svn-id: http://core.svn.wordpress.org/trunk@34898 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 03:12:24 +00:00
Helen Hou-Sandí cd3367d942 Shortcodes: Pass the name as context for `shortcode_atts_{$shortcode}`.
props mattheu.
fixes #34167.

Built from https://develop.svn.wordpress.org/trunk@34868


git-svn-id: http://core.svn.wordpress.org/trunk@34833 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 14:34:24 +00:00
Scott Taylor 7a0f8602f3 Shortcodes/Formatting: Add PCRE Performance Testing
* Move pattern from `wptexturize()` into a separate function.
* Move pattern from `wp_html_split()` into a separate function.
* Beautify code for `wp_html_split()`.
* Remove unnecessary instances of `/s` modifier in patterns that don't use dots.
* Add `tests/phpunit/data/formatting/whole-posts.php` for testing larger strings.
* Add function `benchmark_pcre_backtracking()`.
* Add tests for `wp_html_split()`.
* Add tests for `wptexturize()`.
* Add tests for `get_shortcode_regex()`.

Props miqrogroove.
Fixes #34121.

Built from https://develop.svn.wordpress.org/trunk@34761


git-svn-id: http://core.svn.wordpress.org/trunk@34726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-02 04:26:25 +00:00
Scott Taylor 99347fd96e Shortcodes: Fix PCRE performance bugs in `get_shortcode_regexp()` and related to `wptexturize()`, `do_shortcode()`, and `strip_shortcodes()`
Alters unit tests.

Props miqrogroove.
Fixes #33517.

Built from https://develop.svn.wordpress.org/trunk@34747


git-svn-id: http://core.svn.wordpress.org/trunk@34712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-01 18:05:25 +00:00
Scott Taylor d8179a2a1f Shortcodes: prevent registration of invalid shortcode names.
Adds unit tests.

Props miqrogroove.
Fixes #34090.

Built from https://develop.svn.wordpress.org/trunk@34745


git-svn-id: http://core.svn.wordpress.org/trunk@34710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-01 17:34:24 +00:00