Commit Graph

8183 Commits

Author SHA1 Message Date
hellofromTonya ce3aed3186 Administration: For block themes, link to Site Editor interface instead of Customizer in Dashboard's welcome panel and Themes interface.
For block themes (like Twenty Twenty-Two), Customizer menu item is removed and replaced with the Site Editor menu item. However, other links exist in the Dashboard's welcome panel "Customize Your Site" button and the "Customize" button in each theme listed in the Appearance > Themes interface.

This commit changes each of those remaining links to link to the Site Editor interface instead of the Customizer.

To help identify block vs non-block themes, two method methods are introduced in `WP_Theme`:

* `WP_Theme:: is_block_based()` which identifies if the theme is a block theme or not.
* `WP_Theme::get_file_path()` which is similar to `get_theme_file_path()` but uses the directories within the theme object.

Both of these new methods include test coverage including the addition of a parent and child block theme in test data.

Follow-up to [18749], [35483], [42013], [42169].

Props antonvlasenko, jameskoster, hellofromTonya, matveb, noisysocks, poena, sergeybiryukov.
Fixes #54460.
Built from https://develop.svn.wordpress.org/trunk@52279


git-svn-id: http://core.svn.wordpress.org/trunk@51871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-30 14:27:03 +00:00
hellofromTonya 677e6e5b13 Media: Fix `TypeError` and improve `wp_exif_frac2dec()` to only return `int` or `float`.
For certain images, `wp_exif_frac2dec()` unexpectedly returned a string instead of `int` or `float`. This can occur when an image is missing meta and calls the function with `'0/0'`. For those images, a fatal error was thrown on PHP 8.0+:

{{{
TypeError: round(): Argument #1 ($num) must be of type int|float, string given
}}}

Upon deeper review, inconsistent and unexpected results were returned from different types of input values passed to the function.

Changes are:

* Maintains backwards-compatibility for valid input values.
* Fixes handling of invalid input values by bailing out to return the documented type of `int|float` by returning `0`.
* Improves the fractional conditional check.
* Improves the calculated fraction handling to ensure (a) the numerator and denominator are both numeric and (b) the denominator is not equal to zero.
* Safeguards the behavior via tests for all possible ways code could flow through the function.
* Safeguards the backwards-compatibility of the `wp_read_image_metadata()` by adding some defensive coding around the calls to the `wp_exif_frac2dec()` function.

These changes fix the fatal error and make the function more secure, stable, and predictable while maintaining backwards-compatibility for valid input values.

Follow-up to [6313], [9119], [22319], [28367], [45611], [47287].

Props adamsilverstein, jrf, peterwilsoncc, praem90, stevegs, tobiasbg.
Fixes #54385.
Built from https://develop.svn.wordpress.org/trunk@52269


git-svn-id: http://core.svn.wordpress.org/trunk@51861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-29 19:36:05 +00:00
Sergey Biryukov 7cbc31f7c0 Docs: Remove inaccurate part of the `screen_settings` filter description.
The filter is called for all admin screens, not just the Widgets screen.

Follow-up to [27256].

Props Starbuck.
Fixes #54524.
Built from https://develop.svn.wordpress.org/trunk@52257


git-svn-id: http://core.svn.wordpress.org/trunk@51849 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-27 02:07:00 +00:00
Sergey Biryukov 70f43f261b External Libraries: Update getID3 to version 1.9.21.
The latest version includes preliminary PHP 8.1 support, as well as a variety of bug fixes.

Release notes: https://github.com/JamesHeinrich/getID3/releases/tag/v1.9.21

A full list of changes in this update can be found on GitHub:
https://github.com/JamesHeinrich/getID3/compare/v1.9.20...v1.9.21

This commit also includes:
* Setting the `$options_audiovideo_quicktime_ReturnAtomData` property (now `false` by default) to `true` in `wp_read_video_metadata()` and `wp_read_audio_metadata()` in order to get the `created_timestamp` value.
* PHPCS adjustments previously made for a passing PHP Compatibility scan.

Follow-up to [47601], [47737], [47902], [48278], [49621], [50714].

Props jrf, SergeyBiryukov.
Fixes #54162.
Built from https://develop.svn.wordpress.org/trunk@52254


git-svn-id: http://core.svn.wordpress.org/trunk@51846 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-26 03:06:03 +00:00
Sergey Biryukov fe2a2ef0e4 Docs: Improve consistency of some DocBlocks in `wp-admin/includes/post.php`.
Follow-up to [52249].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@52251


git-svn-id: http://core.svn.wordpress.org/trunk@51843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-26 00:28:03 +00:00
audrasjb b0743f17e1 Docs: Miscellaneous DocBlock corrections in `wp-admin/includes/post.php`.
See #53399.

Built from https://develop.svn.wordpress.org/trunk@52249


git-svn-id: http://core.svn.wordpress.org/trunk@51841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-25 20:39:00 +00:00
audrasjb f69b6a04fb Media: Replace some array keys with their numeric equivalent.
This change replaces `['0']` with `[0]` which brings better consistency, readability and performance.

Props chintan1896, adamsilverstein, costdev.
Fixes #53540.

Built from https://develop.svn.wordpress.org/trunk@52245


git-svn-id: http://core.svn.wordpress.org/trunk@51837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-25 08:35:09 +00:00
Sergey Biryukov dfdbbb4e62 Docs: Miscellaneous DocBlock corrections.
See #53399.
Built from https://develop.svn.wordpress.org/trunk@52242


git-svn-id: http://core.svn.wordpress.org/trunk@51834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-24 23:59:59 +00:00
audrasjb c66d278da5 Docs: Document the globals used in some Privacy API methods.
See #53399.

Built from https://develop.svn.wordpress.org/trunk@52239


git-svn-id: http://core.svn.wordpress.org/trunk@51831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-24 11:41:03 +00:00
John Blackbourn 92f0b0cb48 Docs: Various docblock corrections and improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@52236


git-svn-id: http://core.svn.wordpress.org/trunk@51828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-23 21:37:01 +00:00
Sergey Biryukov 742cd201e6 Docs: Update documentation for the `$plugin_data` parameter of various hooks:
* Document the structure of the `$plugin_data` array passed to the `plugin_row_meta` filter.
* Document some missing values returned by `get_plugin_data()`:
 * `PluginURI`
 * `AuthorName`
* Link to `get_plugin_data()` and the `plugin_row_meta` filter as the canonical sources in other various filters and actions which receive the `$plugin_data` parameter:
 * `network_admin_plugin_action_links`
 * `network_admin_plugin_action_links_{$plugin_file}`
 * `plugin_action_links`
 * `plugin_action_links_{$plugin_file}`
 * `plugin_auto_update_setting_html`
 * `manage_plugins_custom_column`
 * `after_plugin_row`
 * `after_plugin_row_{$plugin_file}`
 * `in_plugin_update_message-{$file}`
* Update documentation for the `$response` parameter of the `in_plugin_update_message-{$file}` filter:
 * Correct type for the `id` value. It contains a string like `w.org/plugins/[plugin-name]`, not a numeric ID.
 * Update `$icons`, `$banners`, and `$banners_rtl` values to use typed array notation.

Follow-up to [8367], [8402], [12976], [16758], [26540], [30544], [34818], [51733], [52212], [52224].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@52227


git-svn-id: http://core.svn.wordpress.org/trunk@51819 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-20 02:23:02 +00:00
Sergey Biryukov 966c7376b4 Docs: Restore [51733], accidentally reverted in [52212].
Document some more `$response` values in the `in_plugin_update_message-{$file}` filter:
* `banners_rtl`
* `requires_php`

Follow-up to [51733], [52212].

Fixes #40006.
Built from https://develop.svn.wordpress.org/trunk@52224


git-svn-id: http://core.svn.wordpress.org/trunk@51816 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-19 22:16:58 +00:00
desrosj 9d86fba4db Docs: Remove instances of the “eg.” abbreviation in favor of “example” or “for example”.
See #53330.
Built from https://develop.svn.wordpress.org/trunk@52215


git-svn-id: http://core.svn.wordpress.org/trunk@51807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-19 14:44:01 +00:00
desrosj b0b9e23c70 Upgrade/Install: Improve the accuracy of the `auto_update_{$type}` filter docblock.
This updates the filter documentation for `auto_update_{$type}` to account for the changes to default auto-update behaviors made in WordPress 5.6.

Starting in WordPress 5.6, all new installs auto-update major versions by default.

Props felipeloureirosantos, audrasjb, marybaum, davidbaumwald.
Fixes #53330.
Built from https://develop.svn.wordpress.org/trunk@52214


git-svn-id: http://core.svn.wordpress.org/trunk@51806 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-19 14:19:59 +00:00
audrasjb 9f91a2a245 Docs: Add missing parameters in `in_plugin_update_message-{$file}` filter.
Follow-up to [51733].

Props costdev, audrasjb, SergeyBiryukov.
Fixes #40006.

Built from https://develop.svn.wordpress.org/trunk@52212


git-svn-id: http://core.svn.wordpress.org/trunk@51804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-18 23:19:08 +00:00
John Blackbourn 40626108d0 Docs: Corrections relating to types used in inline documentation for comment ID and site ID proprties.
Includes a correction for a typo introduced in [52204].

See #53399

Built from https://develop.svn.wordpress.org/trunk@52205


git-svn-id: http://core.svn.wordpress.org/trunk@51797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-18 13:57:01 +00:00
John Blackbourn c9746ab584 Docs: Various corrections and improvements relating to types used in inline documentation.
See #53399

Built from https://develop.svn.wordpress.org/trunk@52204


git-svn-id: http://core.svn.wordpress.org/trunk@51796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-18 13:50:05 +00:00
audrasjb 03b59ce449 Posts, Post Types: Increment `post_count` option value only on multisite installations.
Avoid the `post_count` option to be created on single-site installations.

Follow-up to [52201].

Props dlh, henry.wright.
Fixes #54462.

Built from https://develop.svn.wordpress.org/trunk@52202


git-svn-id: http://core.svn.wordpress.org/trunk@51794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-18 00:20:59 +00:00
audrasjb cbac37d16d Posts, Post Types: Increment `post_count` option value during blog creation.
Previously, the `post_count` option value was not incremented when the default "Hello world!" post is inserted during blog creation on a multisite installation.

Props henry.wright.
Fixes #54462.
See #53443.

Built from https://develop.svn.wordpress.org/trunk@52201


git-svn-id: http://core.svn.wordpress.org/trunk@51793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-17 23:08:03 +00:00
hellofromTonya d4b3deddda Upgrade/Install: Remove 5.8 function and fix deactivate Gutenberg plugin version compare < 11.9.
Follow-up to [52165] where the `version_compare()` fails for 11.8.x versions. This commit changes the version comparison to < 11.9 for deactivating the Gutenberg plugin. 

The `_upgrade_580_force_deactivate_incompatible_plugins()` function is no longer needed in 5.9. It's redundant and unnecessary as `_upgrade_590_force_deactivate_incompatible_plugins()` deactivates those versions as well.

Removing `_upgrade_580_force_deactivate_incompatible_plugins()` and moving the deactivation logic back into the `_deactivate_gutenberg_when_incompatible_with_wp()`, thus removing the new private function `_deactivate_gutenberg_when_incompatible_with_wp()` introduced in [52165].

Follow-up [51180], [51266], [52165].

Props hellofromTonya, tobiasbg, clorith, sergeybiryukov, costdev.
Fixes #54405. 
Built from https://develop.svn.wordpress.org/trunk@52199


git-svn-id: http://core.svn.wordpress.org/trunk@51791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-17 17:45:00 +00:00
Sergey Biryukov 8a5e1aa0b3 Upgrade/Install: Correct the weekly cron event for clearing the `temp-backup` directory:
* Make sure the `wp_delete_temp_updater_backups` event has an action associated with it when it runs.
* Check if the cron event already exists before scheduling it, to avoid scheduling duplicate events. 
* Move the code for clearing the `temp-backup` directory to a standalone function.

Follow-up to [51815], [51898], [51899].

Props pbiron, johnbillion.
See #51857.
Built from https://develop.svn.wordpress.org/trunk@52192


git-svn-id: http://core.svn.wordpress.org/trunk@51784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-16 22:19:59 +00:00
hellofromTonya c5518c2f11 Taxonomy: Allow `get_*_*_link()` and `edit_term_link()` functions to accept a term ID, `WP_Term`, or term object.
`get_term()` accepts a term ID, instance of `WP_Term`, or an object (i.e. `stdClass` as a result of a db query). Functions that use `get_term()` also now allow for the same data types.

Why? For consistency, removing extra processing code in consuming functions, and performance.

Functions changed in this commit are:
* `get_category_feed_link()`
* `get_term_feed_link()`
* `get_tag_feed_link()`
* `get_edit_tag_link()`
* `get_edit_term_link()`
* `edit_term_link()`

For each of consumer of these functions, changes to pass the object instead of the term ID.

Includes unit/integration tests for test coverage of these changes.

Follow-up to [6365], [9136], [9340], [14711], [15792], [15800], [18827], [32606], [36646], [37252].

Props davidbinda, johnbillion, peterwilsoncc, hellofromTonya, sergeybiryukov, mista-flo, hareesh-pillai, audrasjb, jeffpaul, chaion07.
Fixes #50225.
Built from https://develop.svn.wordpress.org/trunk@52180


git-svn-id: http://core.svn.wordpress.org/trunk@51772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-16 14:57:02 +00:00
joedolson 3b1d5aec7c Media: Revert media uploader input change in [52059].
Based on follow-up research, this change was never necessary in order to use e2e tests in the media library uploader. Additionally, it created several complicated side effects. Without significant benefit, it's not valuable to pursue the change further.

Follow up to [52059].

See #54168, #54411.
Fixes #54168.
Built from https://develop.svn.wordpress.org/trunk@52171


git-svn-id: http://core.svn.wordpress.org/trunk@51763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-15 23:22:02 +00:00
joedolson dbc8d76a9f Taxonomy: Display update notices when adding terms.
Display notice and announce to screen readers when a new term is added. 

Props manishamakhija, birgire, dilipbheda, afercia, hellofromTonya.
Fixes #42937.

Built from https://develop.svn.wordpress.org/trunk@52170


git-svn-id: http://core.svn.wordpress.org/trunk@51762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-15 22:24:01 +00:00
joedolson 06e7a012b1 Commit Standards: Revert [52168] to correct commit message.
Used incorrect commit message..

Follow up to [52168].

See #42937.
Built from https://develop.svn.wordpress.org/trunk@52169


git-svn-id: http://core.svn.wordpress.org/trunk@51761 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-15 22:18:00 +00:00
joedolson b07f107447 Media: Featured image modal loads only selected image.
Fix bug introduced in [50829] that caused media modal to only load the selected image. Executes `.more()` when loading the modal to ensure that the media collection is available.

Props manishamakhija, birgire, dilipbheda, afercia, hellofromTonya.
Fixes #42937.
Built from https://develop.svn.wordpress.org/trunk@52168


git-svn-id: http://core.svn.wordpress.org/trunk@51760 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-15 21:55:00 +00:00
hellofromTonya 1f608d5d5c Upgrade/Install: Deactivate the Gutenberg plugin if its version is 11.8 or lower.
Avoid a fatal error due to `WP_Theme_JSON_Schema` and potentially other classes and/or functions redeclarations when updating to WordPress 5.9 with an incompatible version of the Gutenberg plugin.

This commit uses the same strategy from 5.8. Moves the plugin deactivation code (introduced in [51266]) to a private function for reuse in 5.8, 5.9, and future major releases.

Follow-up to [51180], [51266].

Props hellofromTonya, johnbillion, jorbin.
See #54405.
Built from https://develop.svn.wordpress.org/trunk@52165


git-svn-id: http://core.svn.wordpress.org/trunk@51757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-15 19:59:03 +00:00
noisysocks 93d4851bbf Editor: Add Navigation Area infrastructure
Copies Navigation Area infrastrucutre from lib/navigation.php in Gutenberg. This
allows a Navigation block to be associated with a particular area which persists
when switching theme.

Props antonvlasenko, mamaduka, spacedmonkey.
See #54337.

Built from https://develop.svn.wordpress.org/trunk@52145


git-svn-id: http://core.svn.wordpress.org/trunk@51737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-12 03:55:01 +00:00
davidbaumwald 00403bc675 Posts, Post Types: Update `_edit_last` meta when posts are edited in bulk.
When posts are edited in bulk, the `_edit_last` meta was not updated for each post.  This change adds a call to update the `_edit_last` meta to the current user ID for each post the is updated.

Props calebwoodbridge, peterwilsoncc, guillaumeturpin, audrasjb.
Fixes #42446.
Built from https://develop.svn.wordpress.org/trunk@52141


git-svn-id: http://core.svn.wordpress.org/trunk@51733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-11 19:09:00 +00:00
desrosj 1dac2cdae7 Themes: Twenty Twenty-Two is now the default theme.
It's Friday night, and I feel alright. The party is here in the block theme.

See #54318.
Built from https://develop.svn.wordpress.org/trunk@52093


git-svn-id: http://core.svn.wordpress.org/trunk@51685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-10 00:41:00 +00:00
Peter Wilson 951ec3905d Quick/Bulk Edit: Disable auto-correct for slugs.
Disable auto-correct for the slug field on the quick/bulk edit interface. As slugs may consist of a number of words combined in to a single string, they are unlikely to pass spell checkers.

Props swb1192, SergeyBiryukov, afragen, Clorith, desrosj, JeffPaul, sabernhardt, Boniu91, costdev, hellofromTonya.
Fixes #50499.


Built from https://develop.svn.wordpress.org/trunk@52092


git-svn-id: http://core.svn.wordpress.org/trunk@51684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-10 00:02:59 +00:00
Sergey Biryukov 878c7c0486 Coding Standards: Use strict comparison in `wp-admin/includes/ms.php`.
Props davidbaumwald, audrasjb.
Fixes #47422.
Built from https://develop.svn.wordpress.org/trunk@52086


git-svn-id: http://core.svn.wordpress.org/trunk@51678 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-09 23:06:01 +00:00
antpb 975f56e42b Media: Change upload button to a file input for better e2e targeting.
Changes the media library upload button to `input type="file"` for better end to end testing capabilities.

Props  justinahinon, joedolson, sabernhardt, audrasjb.
Fixes #54168.


Built from https://develop.svn.wordpress.org/trunk@52059


git-svn-id: http://core.svn.wordpress.org/trunk@51651 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-08 22:49:00 +00:00
John Blackbourn 2a3ad7c430 Docs: Various docblock improvements and corrections.
See #53399

Built from https://develop.svn.wordpress.org/trunk@52035


git-svn-id: http://core.svn.wordpress.org/trunk@51627 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-08 10:48:59 +00:00
antpb 3dc76d614a Media: Adjust alt text info link text.
Previous messaging of this link was confusing given it went to an external source. This change describes more accurately that it will perform the action of taking you to the resource.

Props karmatosed, joedolson, melchoyce, hellofromTonya, afercia, sabernhardt, antpb.
Fixes #48939.


Built from https://develop.svn.wordpress.org/trunk@52033


git-svn-id: http://core.svn.wordpress.org/trunk@51625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-08 00:22:57 +00:00
antpb c1f6817cad Media: Remove security messaging in media upload failures.
Previously, when uploading a media item type that is not supported, the default error message claims that the reason it cannot upload is due to security reasons. This is not always true. Now the warning says that the type is not allowed, which is always true.

Props antpb, Presskopp, peterwilsoncc, desrosj, iluy, circlecube, mikeschroder.
Fixes #53626.


Built from https://develop.svn.wordpress.org/trunk@52032


git-svn-id: http://core.svn.wordpress.org/trunk@51624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-07 23:29:56 +00:00
Clorith 44f50060eb Site Health: Add the constant `WP_ENVIRONMENT_TYPE` for debug data.
As a legacy from the old Health Check plugin, the constant `WP_LOCAL_DEV` was included in the debug data under the "WordPress Constants" section. This was incorrect, and has never been a constant used by core.

Instead, that field is now replaced by `WP_ENVIRONMENT_TYPE`, which was introduced with WordPress 5.5, and is a much more appropriate value to provide in a debug scenario.

Props johnbillion, bgoewert, sabbirshouvo.
Fixes #54340.
Built from https://develop.svn.wordpress.org/trunk@52021


git-svn-id: http://core.svn.wordpress.org/trunk@51613 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-05 21:05:00 +00:00
hellofromTonya b9d15392bf Code Modernization: Pass correct default value to `http_build_query()` in `get_core_checksums()` and `wp_version_check()`.
The `get_core_checksums()` and `wp_version_check()` functions call the PHP native `http_build_query()` function, the second parameter of which is the ''optional'' `$numeric_prefix` parameter which expects a non-nullable `string`.

A parameter being optional, however, does not automatically make it nullable.

As of PHP 8.1, passing `null` to a non-nullable PHP native function will generate a deprecation notice.

In this case, this function call yielded a `http_build_query(): Passing null to parameter #2 ($numeric_prefix) of type string is deprecated` notice.

Changing the `null` to an empty string fixes this without a backward compatibility break.

References:
* [https://www.php.net/manual/en/function.http-build-query.php PHP Manual: http_build_query()]
* [https://wiki.php.net/rfc/deprecate_null_to_scalar_internal_arg PHP RFC: Deprecate passing null to non-nullable arguments of internal functions]

Follow-up to [18697], [25540].

Props bjorsch, kraftbj, hellofromTonya, jrf.
See #54229.
Built from https://develop.svn.wordpress.org/trunk@52019


git-svn-id: http://core.svn.wordpress.org/trunk@51611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-05 12:18:58 +00:00
hellofromTonya 9036739acc Administration: Make dashboard widget control submit button text more clear.
Changes the submit button text from "Submit" to "Save Changes".

Why? The text is more semantic and clear of what happens when activating that button.

Follow-up to [9103].

Props zodiac1978, knutsp, hilayt24, audrasjb.
Fixes #54229.
Built from https://develop.svn.wordpress.org/trunk@52014


git-svn-id: http://core.svn.wordpress.org/trunk@51605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-04 23:30:58 +00:00
davidbaumwald 2e249395de Comments: Add `noopener noreferrer` to author links in list table.
When viewing the listing of all comments, author links previously passed referrer information to untrusted URLs.  This change adds `noreferrer` to each author link, as well as `noopener` to prevent the passing of information about the parent window.

Props cybr, adam3128, erayalakese, andraganescu, audrasjb, joedolson, sabernhardt. 
Fixes #40916.
Built from https://develop.svn.wordpress.org/trunk@52007


git-svn-id: http://core.svn.wordpress.org/trunk@51596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-03 20:02:02 +00:00
Sergey Biryukov 3ab8d52d78 Media: Use `WP_Query::get()` method to retrieve the `posts_per_page` value in `wp_ajax_query_attachments()`.
This avoids a PHP notice and ensures that a default value is always provided if none is set by the user.

Follow-up to [51145], [51485].

Props davidwebca, mukesh27.
Fixes #54129.
Built from https://develop.svn.wordpress.org/trunk@51982


git-svn-id: http://core.svn.wordpress.org/trunk@51571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 18:30:02 +00:00
johnjamesjacoby 6d451fb64b Admin/UI-Copy: reword some "we" usages.
This changes some admin-area, user-facing text, to better match the guidelines and recommendations set forth in the make/core handbook, specifically:

> the word “we” should be avoided (...) unless its made very clear which group is speaking

(There are several more usages of "we" that will receive this same scrutiny in future commits/releases.)

Props audrasjb, johnbillion, marybaum, peterwilsoncc, sergeybiryukov, shital-patel.

Fixes  #46057.
Built from https://develop.svn.wordpress.org/trunk@51979


git-svn-id: http://core.svn.wordpress.org/trunk@51568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-02 17:37:57 +00:00
joedolson 67779da49f Widgets: Use a text-based button to select location.
The WordPress Events and News widget used an icon-only button to select a location. The Pencil icon alone provided insufficient context and labeling for accessibility. Add text to clearly describe button action and change icon to represent a location marker. 

Props AmethystAnswers, sabernhardt.
Fixes #53311.
Built from https://develop.svn.wordpress.org/trunk@51971


git-svn-id: http://core.svn.wordpress.org/trunk@51560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-01 22:54:57 +00:00
John Blackbourn c274d3c520 Docs: Miscellaneous docblock improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51957


git-svn-id: http://core.svn.wordpress.org/trunk@51546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 20:17:01 +00:00
Sergey Biryukov 4459eaf392 Docs: Further update the `debug_information` filter description per the documentation standards.
Specifically, this ensures that the DocBlock follows the line wrapping recommendations.

Follow-up to [44986], [45156], [45259], [51949].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@51956


git-svn-id: http://core.svn.wordpress.org/trunk@51545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-30 13:41:02 +00:00
John Blackbourn 6babc3833b Docs: Miscellaneous docblock improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@51955


git-svn-id: http://core.svn.wordpress.org/trunk@51544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 23:13:05 +00:00
Sergey Biryukov 0e2f9ad5b6 Coding Standards: Correct alignment in `WP_Site_Health::get_test_update_temp_backup_writable()`.
This fixes an `Equals sign not aligned with surrounding assignments; expected 1 space but found 6 spaces` WPCS warning.

Follow-up to [51815].

See #51857, #53359.
Built from https://develop.svn.wordpress.org/trunk@51951


git-svn-id: http://core.svn.wordpress.org/trunk@51540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 16:52:57 +00:00
John Blackbourn a0d8a60547 Site Health: Correct and improve the documentation for the `debug_information` hook.
This corrects the structure of the documentation so it accurately reflects the array elements contained within.

See #53399.

Built from https://develop.svn.wordpress.org/trunk@51949


git-svn-id: http://core.svn.wordpress.org/trunk@51538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-29 15:35:00 +00:00
Pascal Birchler a225165010 Role/Capability: Add support for capability queries in `WP_User_Query`.
Similar to the existing `role`/`role__in`/`role__not_in` query arguments, this adds support for three new query arguments in `WP_User_Query`:

* `capability` 
* `capability__in`
* `capability__not_in`

These can be used to fetch users with (or without) a specific set of capabilities, for example to get all users
with the capability to edit a certain post type.

Under the hood, this will check all existing roles on the site and perform a `LIKE` query against the `capabilities` user meta field to find:

* all users with a role that has this capability
* all users with the capability being assigned directly

Note: In WordPress, not all capabilities are stored in the database. Capabilities can also be modified using filters like `map_meta_cap`. These new query arguments do NOT work for such capabilities.

The prime use case for capability queries is to get all "authors", i.e. users with the capability to edit a certain post type.

Until now, `'who' => 'authors'` was used for this, which relies on user levels. However, user levels were deprecated a long time ago and thus never added to custom roles. This led to constant frustration due to users with custom roles missing from places like author dropdowns.

This updates any usage of `'who' => 'authors'` in core to use capability queries instead.

Subsequently, `'who' => 'authors'` queries are being **deprecated** in favor of these new query arguments.

Also adds a new `capabilities` parameter (mapping to `capability__in` in `WP_User_Query`) to the REST API users controller.

Also updates `twentyfourteen_list_authors()` in Twenty Fourteen to make use of this new functionality, adding a new `twentyfourteen_list_authors_query_args` filter to make it easier to override this behavior.

Props scribu, lgladdly, boonebgorges, spacedmonkey, peterwilsoncc, SergeyBiryukov, swissspidy.
Fixes #16841.

Built from https://develop.svn.wordpress.org/trunk@51943


git-svn-id: http://core.svn.wordpress.org/trunk@51532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 18:43:57 +00:00
johnjamesjacoby 7a0a07d691 Admin/HTTP API: add suggested filename support to `download_url()`.
This change allows for external clients to supply a suggested filename via a `Content-Disposition` response header. This filename is processed through `sanitize_file_name()` to ensure it is allowable (on the server, MIME's, etc...) and `validate_file()` to prevent directory traversal.

If the suggested filename fails the above processing/checks, that suggestion is discarded and the standard temporary filename (generated by WordPress) is used.

If no `Content-Disposition` header is found in the response headers, the standard temporary filename continues to be used as per normal.

Included in this change are 6 additional PHPUnit tests with 9 assertions. These tests confirm that valid filename values are correctly saved, and invalid filename values are correctly rejected.

Props cklosows, costdev, dd32, johnjamesjacoby, ocean90, psrpinto.

Fixes #38231.
Built from https://develop.svn.wordpress.org/trunk@51939


git-svn-id: http://core.svn.wordpress.org/trunk@51528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 15:00:01 +00:00