For block themes (like Twenty Twenty-Two), Customizer menu item is removed and replaced with the Site Editor menu item. However, other links exist in the Dashboard's welcome panel "Customize Your Site" button and the "Customize" button in each theme listed in the Appearance > Themes interface.
This commit changes each of those remaining links to link to the Site Editor interface instead of the Customizer.
To help identify block vs non-block themes, two method methods are introduced in `WP_Theme`:
* `WP_Theme:: is_block_based()` which identifies if the theme is a block theme or not.
* `WP_Theme::get_file_path()` which is similar to `get_theme_file_path()` but uses the directories within the theme object.
Both of these new methods include test coverage including the addition of a parent and child block theme in test data.
Follow-up to [18749], [35483], [42013], [42169].
Props antonvlasenko, jameskoster, hellofromTonya, matveb, noisysocks, poena, sergeybiryukov.
Fixes#54460.
Built from https://develop.svn.wordpress.org/trunk@52279
git-svn-id: http://core.svn.wordpress.org/trunk@51871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
For certain images, `wp_exif_frac2dec()` unexpectedly returned a string instead of `int` or `float`. This can occur when an image is missing meta and calls the function with `'0/0'`. For those images, a fatal error was thrown on PHP 8.0+:
{{{
TypeError: round(): Argument #1 ($num) must be of type int|float, string given
}}}
Upon deeper review, inconsistent and unexpected results were returned from different types of input values passed to the function.
Changes are:
* Maintains backwards-compatibility for valid input values.
* Fixes handling of invalid input values by bailing out to return the documented type of `int|float` by returning `0`.
* Improves the fractional conditional check.
* Improves the calculated fraction handling to ensure (a) the numerator and denominator are both numeric and (b) the denominator is not equal to zero.
* Safeguards the behavior via tests for all possible ways code could flow through the function.
* Safeguards the backwards-compatibility of the `wp_read_image_metadata()` by adding some defensive coding around the calls to the `wp_exif_frac2dec()` function.
These changes fix the fatal error and make the function more secure, stable, and predictable while maintaining backwards-compatibility for valid input values.
Follow-up to [6313], [9119], [22319], [28367], [45611], [47287].
Props adamsilverstein, jrf, peterwilsoncc, praem90, stevegs, tobiasbg.
Fixes#54385.
Built from https://develop.svn.wordpress.org/trunk@52269
git-svn-id: http://core.svn.wordpress.org/trunk@51861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Document the structure of the `$plugin_data` array passed to the `plugin_row_meta` filter.
* Document some missing values returned by `get_plugin_data()`:
* `PluginURI`
* `AuthorName`
* Link to `get_plugin_data()` and the `plugin_row_meta` filter as the canonical sources in other various filters and actions which receive the `$plugin_data` parameter:
* `network_admin_plugin_action_links`
* `network_admin_plugin_action_links_{$plugin_file}`
* `plugin_action_links`
* `plugin_action_links_{$plugin_file}`
* `plugin_auto_update_setting_html`
* `manage_plugins_custom_column`
* `after_plugin_row`
* `after_plugin_row_{$plugin_file}`
* `in_plugin_update_message-{$file}`
* Update documentation for the `$response` parameter of the `in_plugin_update_message-{$file}` filter:
* Correct type for the `id` value. It contains a string like `w.org/plugins/[plugin-name]`, not a numeric ID.
* Update `$icons`, `$banners`, and `$banners_rtl` values to use typed array notation.
Follow-up to [8367], [8402], [12976], [16758], [26540], [30544], [34818], [51733], [52212], [52224].
See #53399.
Built from https://develop.svn.wordpress.org/trunk@52227
git-svn-id: http://core.svn.wordpress.org/trunk@51819 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This updates the filter documentation for `auto_update_{$type}` to account for the changes to default auto-update behaviors made in WordPress 5.6.
Starting in WordPress 5.6, all new installs auto-update major versions by default.
Props felipeloureirosantos, audrasjb, marybaum, davidbaumwald.
Fixes#53330.
Built from https://develop.svn.wordpress.org/trunk@52214
git-svn-id: http://core.svn.wordpress.org/trunk@51806 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Follow-up to [52165] where the `version_compare()` fails for 11.8.x versions. This commit changes the version comparison to < 11.9 for deactivating the Gutenberg plugin.
The `_upgrade_580_force_deactivate_incompatible_plugins()` function is no longer needed in 5.9. It's redundant and unnecessary as `_upgrade_590_force_deactivate_incompatible_plugins()` deactivates those versions as well.
Removing `_upgrade_580_force_deactivate_incompatible_plugins()` and moving the deactivation logic back into the `_deactivate_gutenberg_when_incompatible_with_wp()`, thus removing the new private function `_deactivate_gutenberg_when_incompatible_with_wp()` introduced in [52165].
Follow-up [51180], [51266], [52165].
Props hellofromTonya, tobiasbg, clorith, sergeybiryukov, costdev.
Fixes#54405.
Built from https://develop.svn.wordpress.org/trunk@52199
git-svn-id: http://core.svn.wordpress.org/trunk@51791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
* Make sure the `wp_delete_temp_updater_backups` event has an action associated with it when it runs.
* Check if the cron event already exists before scheduling it, to avoid scheduling duplicate events.
* Move the code for clearing the `temp-backup` directory to a standalone function.
Follow-up to [51815], [51898], [51899].
Props pbiron, johnbillion.
See #51857.
Built from https://develop.svn.wordpress.org/trunk@52192
git-svn-id: http://core.svn.wordpress.org/trunk@51784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
`get_term()` accepts a term ID, instance of `WP_Term`, or an object (i.e. `stdClass` as a result of a db query). Functions that use `get_term()` also now allow for the same data types.
Why? For consistency, removing extra processing code in consuming functions, and performance.
Functions changed in this commit are:
* `get_category_feed_link()`
* `get_term_feed_link()`
* `get_tag_feed_link()`
* `get_edit_tag_link()`
* `get_edit_term_link()`
* `edit_term_link()`
For each of consumer of these functions, changes to pass the object instead of the term ID.
Includes unit/integration tests for test coverage of these changes.
Follow-up to [6365], [9136], [9340], [14711], [15792], [15800], [18827], [32606], [36646], [37252].
Props davidbinda, johnbillion, peterwilsoncc, hellofromTonya, sergeybiryukov, mista-flo, hareesh-pillai, audrasjb, jeffpaul, chaion07.
Fixes#50225.
Built from https://develop.svn.wordpress.org/trunk@52180
git-svn-id: http://core.svn.wordpress.org/trunk@51772 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Based on follow-up research, this change was never necessary in order to use e2e tests in the media library uploader. Additionally, it created several complicated side effects. Without significant benefit, it's not valuable to pursue the change further.
Follow up to [52059].
See #54168, #54411.
Fixes#54168.
Built from https://develop.svn.wordpress.org/trunk@52171
git-svn-id: http://core.svn.wordpress.org/trunk@51763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Fix bug introduced in [50829] that caused media modal to only load the selected image. Executes `.more()` when loading the modal to ensure that the media collection is available.
Props manishamakhija, birgire, dilipbheda, afercia, hellofromTonya.
Fixes#42937.
Built from https://develop.svn.wordpress.org/trunk@52168
git-svn-id: http://core.svn.wordpress.org/trunk@51760 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Avoid a fatal error due to `WP_Theme_JSON_Schema` and potentially other classes and/or functions redeclarations when updating to WordPress 5.9 with an incompatible version of the Gutenberg plugin.
This commit uses the same strategy from 5.8. Moves the plugin deactivation code (introduced in [51266]) to a private function for reuse in 5.8, 5.9, and future major releases.
Follow-up to [51180], [51266].
Props hellofromTonya, johnbillion, jorbin.
See #54405.
Built from https://develop.svn.wordpress.org/trunk@52165
git-svn-id: http://core.svn.wordpress.org/trunk@51757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Copies Navigation Area infrastrucutre from lib/navigation.php in Gutenberg. This
allows a Navigation block to be associated with a particular area which persists
when switching theme.
Props antonvlasenko, mamaduka, spacedmonkey.
See #54337.
Built from https://develop.svn.wordpress.org/trunk@52145
git-svn-id: http://core.svn.wordpress.org/trunk@51737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When posts are edited in bulk, the `_edit_last` meta was not updated for each post. This change adds a call to update the `_edit_last` meta to the current user ID for each post the is updated.
Props calebwoodbridge, peterwilsoncc, guillaumeturpin, audrasjb.
Fixes#42446.
Built from https://develop.svn.wordpress.org/trunk@52141
git-svn-id: http://core.svn.wordpress.org/trunk@51733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Disable auto-correct for the slug field on the quick/bulk edit interface. As slugs may consist of a number of words combined in to a single string, they are unlikely to pass spell checkers.
Props swb1192, SergeyBiryukov, afragen, Clorith, desrosj, JeffPaul, sabernhardt, Boniu91, costdev, hellofromTonya.
Fixes#50499.
Built from https://develop.svn.wordpress.org/trunk@52092
git-svn-id: http://core.svn.wordpress.org/trunk@51684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previous messaging of this link was confusing given it went to an external source. This change describes more accurately that it will perform the action of taking you to the resource.
Props karmatosed, joedolson, melchoyce, hellofromTonya, afercia, sabernhardt, antpb.
Fixes#48939.
Built from https://develop.svn.wordpress.org/trunk@52033
git-svn-id: http://core.svn.wordpress.org/trunk@51625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Previously, when uploading a media item type that is not supported, the default error message claims that the reason it cannot upload is due to security reasons. This is not always true. Now the warning says that the type is not allowed, which is always true.
Props antpb, Presskopp, peterwilsoncc, desrosj, iluy, circlecube, mikeschroder.
Fixes#53626.
Built from https://develop.svn.wordpress.org/trunk@52032
git-svn-id: http://core.svn.wordpress.org/trunk@51624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
As a legacy from the old Health Check plugin, the constant `WP_LOCAL_DEV` was included in the debug data under the "WordPress Constants" section. This was incorrect, and has never been a constant used by core.
Instead, that field is now replaced by `WP_ENVIRONMENT_TYPE`, which was introduced with WordPress 5.5, and is a much more appropriate value to provide in a debug scenario.
Props johnbillion, bgoewert, sabbirshouvo.
Fixes#54340.
Built from https://develop.svn.wordpress.org/trunk@52021
git-svn-id: http://core.svn.wordpress.org/trunk@51613 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The `get_core_checksums()` and `wp_version_check()` functions call the PHP native `http_build_query()` function, the second parameter of which is the ''optional'' `$numeric_prefix` parameter which expects a non-nullable `string`.
A parameter being optional, however, does not automatically make it nullable.
As of PHP 8.1, passing `null` to a non-nullable PHP native function will generate a deprecation notice.
In this case, this function call yielded a `http_build_query(): Passing null to parameter #2 ($numeric_prefix) of type string is deprecated` notice.
Changing the `null` to an empty string fixes this without a backward compatibility break.
References:
* [https://www.php.net/manual/en/function.http-build-query.php PHP Manual: http_build_query()]
* [https://wiki.php.net/rfc/deprecate_null_to_scalar_internal_arg PHP RFC: Deprecate passing null to non-nullable arguments of internal functions]
Follow-up to [18697], [25540].
Props bjorsch, kraftbj, hellofromTonya, jrf.
See #54229.
Built from https://develop.svn.wordpress.org/trunk@52019
git-svn-id: http://core.svn.wordpress.org/trunk@51611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Changes the submit button text from "Submit" to "Save Changes".
Why? The text is more semantic and clear of what happens when activating that button.
Follow-up to [9103].
Props zodiac1978, knutsp, hilayt24, audrasjb.
Fixes#54229.
Built from https://develop.svn.wordpress.org/trunk@52014
git-svn-id: http://core.svn.wordpress.org/trunk@51605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
When viewing the listing of all comments, author links previously passed referrer information to untrusted URLs. This change adds `noreferrer` to each author link, as well as `noopener` to prevent the passing of information about the parent window.
Props cybr, adam3128, erayalakese, andraganescu, audrasjb, joedolson, sabernhardt.
Fixes#40916.
Built from https://develop.svn.wordpress.org/trunk@52007
git-svn-id: http://core.svn.wordpress.org/trunk@51596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This changes some admin-area, user-facing text, to better match the guidelines and recommendations set forth in the make/core handbook, specifically:
> the word “we” should be avoided (...) unless its made very clear which group is speaking
(There are several more usages of "we" that will receive this same scrutiny in future commits/releases.)
Props audrasjb, johnbillion, marybaum, peterwilsoncc, sergeybiryukov, shital-patel.
Fixes #46057.
Built from https://develop.svn.wordpress.org/trunk@51979
git-svn-id: http://core.svn.wordpress.org/trunk@51568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
The WordPress Events and News widget used an icon-only button to select a location. The Pencil icon alone provided insufficient context and labeling for accessibility. Add text to clearly describe button action and change icon to represent a location marker.
Props AmethystAnswers, sabernhardt.
Fixes#53311.
Built from https://develop.svn.wordpress.org/trunk@51971
git-svn-id: http://core.svn.wordpress.org/trunk@51560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Similar to the existing `role`/`role__in`/`role__not_in` query arguments, this adds support for three new query arguments in `WP_User_Query`:
* `capability`
* `capability__in`
* `capability__not_in`
These can be used to fetch users with (or without) a specific set of capabilities, for example to get all users
with the capability to edit a certain post type.
Under the hood, this will check all existing roles on the site and perform a `LIKE` query against the `capabilities` user meta field to find:
* all users with a role that has this capability
* all users with the capability being assigned directly
Note: In WordPress, not all capabilities are stored in the database. Capabilities can also be modified using filters like `map_meta_cap`. These new query arguments do NOT work for such capabilities.
The prime use case for capability queries is to get all "authors", i.e. users with the capability to edit a certain post type.
Until now, `'who' => 'authors'` was used for this, which relies on user levels. However, user levels were deprecated a long time ago and thus never added to custom roles. This led to constant frustration due to users with custom roles missing from places like author dropdowns.
This updates any usage of `'who' => 'authors'` in core to use capability queries instead.
Subsequently, `'who' => 'authors'` queries are being **deprecated** in favor of these new query arguments.
Also adds a new `capabilities` parameter (mapping to `capability__in` in `WP_User_Query`) to the REST API users controller.
Also updates `twentyfourteen_list_authors()` in Twenty Fourteen to make use of this new functionality, adding a new `twentyfourteen_list_authors_query_args` filter to make it easier to override this behavior.
Props scribu, lgladdly, boonebgorges, spacedmonkey, peterwilsoncc, SergeyBiryukov, swissspidy.
Fixes#16841.
Built from https://develop.svn.wordpress.org/trunk@51943
git-svn-id: http://core.svn.wordpress.org/trunk@51532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This change allows for external clients to supply a suggested filename via a `Content-Disposition` response header. This filename is processed through `sanitize_file_name()` to ensure it is allowable (on the server, MIME's, etc...) and `validate_file()` to prevent directory traversal.
If the suggested filename fails the above processing/checks, that suggestion is discarded and the standard temporary filename (generated by WordPress) is used.
If no `Content-Disposition` header is found in the response headers, the standard temporary filename continues to be used as per normal.
Included in this change are 6 additional PHPUnit tests with 9 assertions. These tests confirm that valid filename values are correctly saved, and invalid filename values are correctly rejected.
Props cklosows, costdev, dd32, johnjamesjacoby, ocean90, psrpinto.
Fixes#38231.
Built from https://develop.svn.wordpress.org/trunk@51939
git-svn-id: http://core.svn.wordpress.org/trunk@51528 1a063a9b-81f0-0310-95a4-ce76da25c4cd