Commit Graph

1535 Commits

Author SHA1 Message Date
Jeremy Felt 246a70bdbf Media: Improve verification of MIME file types.
Built from https://develop.svn.wordpress.org/branches/5.0@43988


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43820 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-12 23:01:47 +00:00
Drew Jaynes 2f515c6db0 Docs: Link to the "Conditional Tags" article in the Theme Developer Handbook from the descriptions for a variety of core conditional tag functions.
These notations largely serve to direct consumers (of both the source and the parsed code reference) to extended information on individual and related conditional tags throughout WordPress. The changeset also standardizes corresponding DocBlock summaries to use third-person singular verbs.

Notations have been added for the following functions:

* comments_open()
* email exists()
* has_excerpt()
* has_post_thumbnail()
* has_tag()
* in_category()
* in_the_loop()
* is_404()
* is_active_sidebar()
* is_active_widget()
* is_admin()
* is_admin_bar_showing()
* is_archive()
* is_attachment()
* is_author()
* is_blog_installed()
* is_category()
* is_comments_popup()
* is_date()
* is_day()
* is_dynamic_sidebar()
* is_feed()
* is_front_page()
* is_home()
* is_local_attachment()
* is_main_query
* is_month()
* is_multi_author
* is_new_day()
* is_page()
* is_page_template()
* is_paged()
* is_plugin_active()
* is_plugin_active_for_network()
* is_plugin_inactive()
* is_plugin_page()
* is_post_type_archive()
* is_preview()
* is_rtl()
* is_search()
* is_single()
* is_singular()
* is_sticky()
* is_tag()
* is_tax()
* is_taxonomy_hierarchical()
* is_time()
* is_trackback()
* is_user_logged_in()
* is_year()
* pings_open()
* post_type_exists()
* taxonomy_exists()
* term_exists()
* username exists()
* wp_attachment_is_image()
* wp_script_is() 

Merges [42710] to the 5.0 branch.

Props janalwin.
Fixes #43254.

Built from https://develop.svn.wordpress.org/branches/5.0@43827


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-26 07:38:26 +00:00
Sergey Biryukov 269fb1276f Docs: Convert `@see` reference in `wp_checkdate()` DocBlock to `@link`.
Props WiZZarD_.
Merges [43599] to the 5.0 branch.
Fixes #44866.
Built from https://develop.svn.wordpress.org/branches/5.0@43703


git-svn-id: http://core.svn.wordpress.org/branches/5.0@43532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-11 03:56:22 +00:00
Sergey Biryukov 1fadf698a1 Streams: Return early from `wp_is_stream()` for paths that aren't streams.
Some versions of PHP appear to have a memory leak that is occasionally triggered by calling `stream_get_wrappers()`. In order to avoid calling this, we can return early from `wp_is_stream()` when `$path` doesn't contain `://`.

Props pbiron, JPry, dontstealmyfish.
Merges [43466] to the 4.9 branch.
Fixes #44532.
Built from https://develop.svn.wordpress.org/branches/4.9@43484


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 15:20:26 +00:00
Sergey Biryukov 227534fae8 Streams: When checking in `wp_is_stream()` escape the stream wrapper names for PCRE to avoid PHP warnings when invalid stream wrappers are registered.
Props dd32.
Merges [42432] to the 4.9 branch.
Fixes #43054.
Built from https://develop.svn.wordpress.org/branches/4.9@43483


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43310 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 15:19:24 +00:00
John Blackbourn b564da95fb Media: Limit thumbnail file deletions to the same directory as the original file.
Built from https://develop.svn.wordpress.org/branches/4.9@43393


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-05 14:45:31 +00:00
Andrew Ozz f4a436c522 Privacy: Rename exports folder to avoid deleting other files.
Previously, personal data exports were stored in `wp-content/uploads/exports`, which is generic enough that it's likely there are existing folders with that name, either created by plugins or manually by administrators. If that folder were reused by Core, then `wp_privacy_delete_old_export_files()` would delete all of the existing files inside it, which is almost certainly not what the site owner wants or expects.

To avoid that, the folder is being renamed to include a specific reference to Core, and a more verbose description of its purpose. With those factored in, it's very unlikely that there will be any conflicts with existing folders.

The `wp_privacy_exports_dir()` and `wp_privacy_exports_url()` functions were introduced to provide a canonical source for the location, and the `wp_privacy_exports_dir` and `wp_privacy_exports_url` filters were introduced to allow plugins to customize it.

Props johnjamesjacoby, allendav.
Merges [43284] to the 4.9 branch.
Fixes #44091.
Built from https://develop.svn.wordpress.org/branches/4.9@43285


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-15 20:32:26 +00:00
Andrew Ozz f149d8fabc Privacy: Replace intrusive policy update notice with menu bubbles.
Previously, when a plugin updated its suggested privacy policy text, an admin notice was shown on all screens in the Administration Panels. That was done in order to make sure that administrators were aware of it, so that they could update their policy if needed. That was a very heavy-handed and intrusive approach, though, which leads to a poor user experience, and notice fatigue.

An alternative approach is to use bubble notifications in the menu, similar to when plugins have updates that need to be installed. That still makes it obvious that something needs the administrator's attention, but is not as distracting as a notice.

The notice will still appear on the Privacy page, though, since it is relevant to that screen, and provides an explanation of why the bubble is appearing.

Props azaozz, xkon, iandunn.
Merges [43223] to the 4.9 branch.
Fixes #43954. See #43953.
Built from https://develop.svn.wordpress.org/branches/4.9@43225


git-svn-id: http://core.svn.wordpress.org/branches/4.9@43054 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 20:08:26 +00:00
Andrew Ozz 80159017d2 Privacy: Return before scheduling cron during install to avoid error.
r43046 introduced wp_schedule_delete_old_privacy_export_files() to schedule the wp_privacy_delete_old_export_files cron job, but it did not check to make sure it wasn't running in the context of the install process. When it did run in that context, it created a database error, because the necessary database tables don't exist at that point.

Checking the current context and returning early during the installation phase avoids that issue.

Props helen, timothyblynjacobs, iandunn.
Merges [43162] to the 4.9 branch.
Fixes #43952.
Built from https://develop.svn.wordpress.org/branches/4.9@43163


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 21:15:26 +00:00
Sergey Biryukov 5247520fe2 Media: Add `aac` to the list of allowed file types.
Props desrosj.
Merges [42697] and [43135] to the 4.9 branch.
Fixes #42919.
Built from https://develop.svn.wordpress.org/branches/4.9@43136


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 06:42:25 +00:00
Sergey Biryukov c7ac8db6e4 Privacy: add a postbox that is shown when editing the privacy policy page, and where plugins and core will output suggested content and additional privacy info. First run.
Props melchoyce, azaozz.
Merges [42980] to the 4.9 branch.
See #43620.
Built from https://develop.svn.wordpress.org/branches/4.9@43101


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 02:59:25 +00:00
Sergey Biryukov df15be7cf9 Privacy: Include `wp-admin/includes/file.php` to avoid fatal error.
`list_files()` is defined in `wp-admin/includes/file.php`, which is not included by `wp-cron.php`, so it needs to be included by the caller in order to avoid a fatal PHP error.

This bug was not detected during testing because the file _is_ included when executing jobs via `wp cron event run`.

Props mikejolley, iandunn.
Merges [43059] to the 4.9 branch.
See #43546.
See https://wordpress.slack.com/archives/C9695RJBW/p1525190405000860.
Built from https://develop.svn.wordpress.org/branches/4.9@43097


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 02:38:25 +00:00
Sergey Biryukov 06dd3449e9 Privacy: Add cron to delete expired export files to protect privacy.
The primary means of protecting the files is the CSPRN appended to the filename, but there is no reason to keep the files after the data subject has downloaded them, so deleting them provides an additional layer of protection. Previously this was done from `wp_privacy_generate_personal_data_export_file()`, but that does not guarantee that it will be run regularly, and on smaller sites that could result in export files being exposed for much longer than necessary.

`wp_privacy_delete_old_export_files()` was moved to a front end file, so that it can be called from `cron.php`.

This introduces the `wp_privacy_export_expiration` filter, which allows plugins to customize how long the exports are kept before being deleted.

`index.html` was added to the `$exclusions` parameter of `list_files()` to make sure that it isn't deleted. If it were, then poorly-configured servers would allow the directory to be traversed, exposing all of the exported files.

Props iandunn, desrosj.
Merges [43046] to the 4.9 branch.
See #43546.
Built from https://develop.svn.wordpress.org/branches/4.9@43095


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 02:33:26 +00:00
Sergey Biryukov b433465f15 Privacy: add helper function for anonymizing data in a standardized way.
Props jesperher, allendav, iandunn, birgire, azaozz, joemcgill.
Merges [42971] and [43081] to the 4.9 branch.
Fixes #43545.
Built from https://develop.svn.wordpress.org/branches/4.9@43082


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 00:49:26 +00:00
Sergey Biryukov a91c3fbdc0 General: Replace `Cheatin’ uh?` with friendlier error messages.
While intended as a playful error message, `Cheatin’ uh?` can be interpreted as insulting or accusatory in an already stressful situation. This replaces Cheatin’ with more meaningful error messages, depending on the error that occurs.

Props ElectricFeet, EricMeyer, karmatosed, dd32, BandonRandon, melchoyce, kristastevens for language; dmsnell for original patch; peterwilsoncc.
Merged [42648] and [42719] to the 4.9 branch.
Fixes #38332.
Built from https://develop.svn.wordpress.org/branches/4.9@42811


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-09 00:15:42 +00:00
Sergey Biryukov 08aa0f52f9 Filesystem API: Avoid an infinite loop in `wp_mkdir_p()` when trying to determine the parent folder with `open_basedir` restriction in effect.
Props soulseekah, 1265578519-1.
Merges [42801] to the 4.9 branch.
Fixes #43417.
Built from https://develop.svn.wordpress.org/branches/4.9@42804


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-08 19:45:41 +00:00
Sergey Biryukov 8662725a4b Email: Don't send notifications for site or network admin email address change to the default 'admin_email' value.
Props tigertech, MattyRob, seanchayes.
Merges [42570] to the 4.9 branch.
Fixes #42693.
Built from https://develop.svn.wordpress.org/branches/4.9@42571


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-01-23 13:47:40 +00:00
Sergey Biryukov 84bd75ea88 Media: Add `flac` to the list of allowed file types.
Props blobfolio.
Merges [42451] to the 4.9 branch.
Fixes #42225.
Built from https://develop.svn.wordpress.org/branches/4.9@42452


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-01-15 22:24:41 +00:00
John Blackbourn b4a3edc859 Hardening: Remove the ability to upload JavaScript files for users who do not have the `unfiltered_html` capability.
Merges [42261] to the 4.9 branch.

Built from https://develop.svn.wordpress.org/branches/4.9@42267


git-svn-id: http://core.svn.wordpress.org/branches/4.9@42096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-29 16:12:18 +00:00
John Blackbourn 2f3e91028a Filesystem API: Add more specificity to the rules for valid files in `validate_file()`.
This now treats files containing `./` as valid, and also treats files containing a trailing `../` as valid due to widespread use of this pattern in theme and plugin zip files.

Adds tests.

Props Ipstenu, borgesbruno, DavidAnderson, philipjohn, birgire
Fixes #42016, #36170

Built from https://develop.svn.wordpress.org/trunk@42011


git-svn-id: http://core.svn.wordpress.org/trunk@41845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-24 23:15:49 +00:00
John Blackbourn 4812370aab Docs: Improve the docs for `validate_file()` and `validate_file_to_edit()`.
See #42016, #36170, #41017

Built from https://develop.svn.wordpress.org/trunk@42007


git-svn-id: http://core.svn.wordpress.org/trunk@41841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-24 22:50:49 +00:00
Sergey Biryukov bcdedf7f4a Formatting: Make sure `wp_allowed_protocols()` is filterable until `wp_loaded` has fired.
Fixes the issue with plugins not being able to use the `kses_allowed_protocols` filter if `esc_url()` was called too early.

Props turtlepod, SergeyBiryukov.
Fixes #36033.
Built from https://develop.svn.wordpress.org/trunk@41990


git-svn-id: http://core.svn.wordpress.org/trunk@41824 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-24 13:25:55 +00:00
Sergey Biryukov a891bc6c92 Docs: Fix typo in `path_is_absolute()` description.
Props octalmage, birgire.
Fixes #42317.
Built from https://develop.svn.wordpress.org/trunk@41983


git-svn-id: http://core.svn.wordpress.org/trunk@41817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-23 22:51:46 +00:00
Felix Arntz e4550efbb7 Multisite: Return `get_current_blog_id()` value instead of hard-coded 1 in `get_main_site_id()` for non-multisite environments.
See #41936.

Built from https://develop.svn.wordpress.org/trunk@41862


git-svn-id: http://core.svn.wordpress.org/trunk@41696 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-14 22:46:48 +00:00
Felix Arntz 5ea3d62192 Multisite: Take `WP_Network::$blog_id` into account in `get_main_site_id()`.
When the `WP_Network::$blog_id` property is set manually, for example in the multisite bootstrap process, `get_main_site_id()` should use that value instead of running its own logic. The main logic for the function was therefore moved into the internal `WP_Network::get_main_site_id()` method, which is now being accessed by the function through the magic property handling for `WP_Network::$blog_id` (and its equivalent `WP_Network::$site_id`).

Props spacedmonkey, jeremyfelt.
Fixes #41936.

Built from https://develop.svn.wordpress.org/trunk@41861


git-svn-id: http://core.svn.wordpress.org/trunk@41695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-14 22:42:54 +00:00
John Blackbourn 50948669eb Users: Revert [41613], [41614], and [41623] as this feature needs some more work.
See #38741

Built from https://develop.svn.wordpress.org/trunk@41753


git-svn-id: http://core.svn.wordpress.org/trunk@41587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 22:17:46 +00:00
John Blackbourn f9a5f5485d I18N: Allow the login screen language to be specified via a `wp_lang` query variable, and use this for the interim login modal.
This allows users who are using the admin area in a language other than the site language to read the notice on the login screen
(which explains that they need to log in again) in their chosen language.

Props Nikschavan, swissspidy

Fixes #40205

Built from https://develop.svn.wordpress.org/trunk@41692


git-svn-id: http://core.svn.wordpress.org/trunk@41526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 23:21:47 +00:00
Gary Pendergast 0028a9555e Database: Don't quote placeholders in queries going through `$wpdb->prepare()`
To bring Core into line with the changes to `$wpdb->prepare()` in WordPress 4.8.2, query placeholders shouldn't be quoted.

Props jrf, johnjamesjacoby.
Fixes #41983.


Built from https://develop.svn.wordpress.org/trunk@41628


git-svn-id: http://core.svn.wordpress.org/trunk@41463 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-28 04:32:46 +00:00
John Blackbourn 255658fa31 Users: There is not, in fact, 12345 users on every WordPress installation.
Props spacedmonkey

See #38741

Built from https://develop.svn.wordpress.org/trunk@41614


git-svn-id: http://core.svn.wordpress.org/trunk@41449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 13:07:46 +00:00
John Blackbourn 807bc5a6c9 Users: Introduce the concept of a large site in order to speed up the Users screen when there are many users.
Calling the `count_users()` function is expensive, regardless of the counting strategy that's used, and it gets
slower the more users there are on a site. In order to speed up the Users screen in the admin area, calling
`count_users()` can be avoided entirely while still displaying the total count for users.

This introduces some new functions:

* `wp_is_large_user_count()`
* `wp_get_active_user_count()`
* `wp_update_active_user_count()`

A corresponding `wp_is_large_user_count` filter is also introduced.

Props tharsheblows, johnbillion

Fixes #38741

Built from https://develop.svn.wordpress.org/trunk@41613


git-svn-id: http://core.svn.wordpress.org/trunk@41448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-27 13:04:47 +00:00
Weston Ruter 3abea17301 Customize: Add `wp_is_uuid()` validation function with optional second `$version=4` parameter to enforce v4 random UUIDs.
Props jonathanbardo.
Fixes #39778.

Built from https://develop.svn.wordpress.org/trunk@41388


git-svn-id: http://core.svn.wordpress.org/trunk@41221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-18 23:04:44 +00:00
Felix Arntz f2d9abd022 Multisite: Introduce `get_main_site_id()`.
This function can be used to easily get the main site ID of a given network via the optional `$network_id` parameter, which defaults to the current network. The existing `is_main_site()` now uses the new function internally and now accepts an optional `$network_id` parameter as well.

The main purpose of the new function at this point is to ensure that the `WP_Network::$blog_id` property is always set. Magic getters in the class have been adjusted to auto-fill the property when it is accessed and empty. Furthermore the function encapsulates logic that was previously part of `ms_load_current_site_and_network()` and has been replaced with a call to the function now.

Props spacedmonkey, jeremyfelt, johnjamesjacoby, flixos90.
Fixes #29684.

Built from https://develop.svn.wordpress.org/trunk@41380


git-svn-id: http://core.svn.wordpress.org/trunk@41213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-15 11:15:52 +00:00
Peter Wilson 06bd0b40f9 General: Remove error screen padding for Internet Explorer.
The inline styles added to the `wp_die()` handler since [18534] increase file size of the error screen enough to prevent Internet Explorer from displaying a generic error page.

Props rfair404.
Fixes #37551.


Built from https://develop.svn.wordpress.org/trunk@41369


git-svn-id: http://core.svn.wordpress.org/trunk@41202 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-11 05:31:42 +00:00
John Blackbourn 28eda6f4bc General: Improve terminology used when referring to installations of WordPress and its extensions.
"Install" is not a noun, and while it might be acceptable to use the verb as a noun, it is not correct. Using the correct
noun, "installation", increases clarity, especially for non-native English speakers.

This change fixes the usage in user-facing text and in developer documentation.

Fixes #41620

Built from https://develop.svn.wordpress.org/trunk@41289


git-svn-id: http://core.svn.wordpress.org/trunk@41129 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-22 11:52:48 +00:00
Weston Ruter 300894da61 Customize: Prevent `_delete_option_fresh_site()` from hitting DB if `fresh_site` flag already cleared.
Amends [38991].
Props dlh, westonruter.
Fixes #41039.

Built from https://develop.svn.wordpress.org/trunk@41244


git-svn-id: http://core.svn.wordpress.org/trunk@41084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-13 00:57:43 +00:00
John Blackbourn ed60c36fb8 Formatting: Add the `$number` and `$decimals` arguments to the `number_format_i18n` filter.
Props alpipego

Fixes #41505

Built from https://develop.svn.wordpress.org/trunk@41199


git-svn-id: http://core.svn.wordpress.org/trunk@41039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-01 14:38:48 +00:00
John Blackbourn 6a16d726ef Options, Meta APIs: Fix a typo introduced in [41164].
See #39117

Built from https://develop.svn.wordpress.org/trunk@41167


git-svn-id: http://core.svn.wordpress.org/trunk@41007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 03:12:44 +00:00
John Blackbourn b9b4776800 Options, Meta APIs: Send a notification to the old admin email address when the site admin email or network admin email address is changed.
This reduces the chances of a site compromise going unnoticed, in the same way that the same notifications for user account email address changes reduces the chances of a user account compromise going unnoticed.

Props MatheusGimenez, johnbillion

Fixes #39117

Built from https://develop.svn.wordpress.org/trunk@41164


git-svn-id: http://core.svn.wordpress.org/trunk@41004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 02:24:42 +00:00
Sergey Biryukov 118dba300e Docs: Add `@staticvar` entries for `$cache` and `$tested_paths` in `wp_upload_dir()`.
Props ajayghaghretiya1.
Fixes #41395.
Built from https://develop.svn.wordpress.org/trunk@41113


git-svn-id: http://core.svn.wordpress.org/trunk@40953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-21 10:15:44 +00:00
Sergey Biryukov 058c2c5ca4 Docs: Fix typo in `wp_suspend_cache_invalidation()` description.
Props euthelup, milana_cap.
Fixes #41301.
Built from https://develop.svn.wordpress.org/trunk@41031


git-svn-id: http://core.svn.wordpress.org/trunk@40881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-12 21:26:44 +00:00
Sergey Biryukov 11bae4ded3 Docs: Add a `@global` entry for `$post` variable in `wp_post_preview_js()`.
Props avinapatel.
Fixes #41194.
Built from https://develop.svn.wordpress.org/trunk@40959


git-svn-id: http://core.svn.wordpress.org/trunk@40809 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-28 12:55:43 +00:00
Sergey Biryukov e441ee48d2 I18N: Add `@global` entry for `$wp_locale` in `wp_maybe_decline_date()`.
Props Dency.
Fixes #41046.
Built from https://develop.svn.wordpress.org/trunk@40911


git-svn-id: http://core.svn.wordpress.org/trunk@40761 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-15 12:24:41 +00:00
Joe McGill efab6e06ca Media: Improve handling of non-image files in wp_get_image_mime.
This prevents non-image fileypes from returning a mime type of
"application/octet-stream" when `exif_imagetype()` returns `false`.

Props blobfolio.
Fixes #40017.

Built from https://develop.svn.wordpress.org/trunk@40397


git-svn-id: http://core.svn.wordpress.org/trunk@40304 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-09 22:44:43 +00:00
Joe McGill 87ad9e31ab Media: Reduce failing uploads following 4.7.1.
[39831] introduced more strict MIME type checking for uploads, which
resulted in unintetionally blocking several filetypes that were
previously valid. This change uses  a more targeted approach to MIME
validation to restore previous behavior for most types.

Props blobfolio, iandunn, ipstenu, markoheijnen, xknown, joemcgill.
Fixes #39550, #39552.
Built from https://develop.svn.wordpress.org/trunk@40124


git-svn-id: http://core.svn.wordpress.org/trunk@40061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-02-25 16:08:44 +00:00
Sergey Biryukov 8f855f46b0 Media: In `wp_unique_filename()`, use explicit type casting when incrementing `$number`.
This prevents the "non-numeric value encountered" warning in PHP 7.1, caused by trying to increment an empty string on the first loop iteration.

Props drrobotnik for initial patch.
Fixes #39774.


Built from https://develop.svn.wordpress.org/trunk@40039


git-svn-id: http://core.svn.wordpress.org/trunk@39976 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-02-03 20:58:42 +00:00
Peter Wilson c957e3acb0 Feeds: Prevent empty feeds from returning 404 errors.
Partial revert of [38929].

This reverts the source code from the commit for #30210 to prevent valid but empty feeds from returning 404 file not found errors for the home and custom feeds.

The tests in the commit that remain applicable are retained.

Props pavelevap for reporting, stevenkword for initial patch.
See #30210.
Fixes #39157.

Built from https://develop.svn.wordpress.org/trunk@40030


git-svn-id: http://core.svn.wordpress.org/trunk@39967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-29 23:09:41 +00:00
Sergey Biryukov b75023ee1a Docs: Add missing `@param` type for `wp_cache_get_last_changed()`.
Props afzalmultani, Soean.
Fixes #39571.
Built from https://develop.svn.wordpress.org/trunk@39900


git-svn-id: http://core.svn.wordpress.org/trunk@39837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-13 14:16:44 +00:00
Sergey Biryukov 11d81ecc7c Media: Use a consistent error message for file type errors on uploading.
Props pavelevap, jackreichert.
Fixes #33242.
Built from https://develop.svn.wordpress.org/trunk@39891


git-svn-id: http://core.svn.wordpress.org/trunk@39828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-12 06:29:43 +00:00
Joe McGill 52897df8cd Media: Fix exif_imagetype check in wp_get_image_mime
This is a follow up to [39831].

Props gitlost.
See #11946.
Built from https://develop.svn.wordpress.org/trunk@39850


git-svn-id: http://core.svn.wordpress.org/trunk@39787 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 16:36:39 +00:00
Joe McGill 8eff927823 Media: Improve image filetype checking.
This adds a new function `wp_get_image_mime()` which is used by
`wp_check_filetype_and_ext()` to validate image files using
`exif_imagetype()` if available instead of `getimagesize()`.

`getimagesize()` is less performant than `exif_imagetype()` and is
dependent on GD. If `exif_imagetype()` is not available, it falls back to
`getimagesize()` as before.

If `wp_check_filetype_and_ext()` can't validate the filetype, we now return
`false` for ext/MIME values.

See #11946.
Built from https://develop.svn.wordpress.org/trunk@39831


git-svn-id: http://core.svn.wordpress.org/trunk@39769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-11 13:08:44 +00:00